On September 6th, the SEC Division of Examinations (the “Division”) published a risk alert with more detail on how it selects investment advisers for examinations and its process for determining the specific risk areas and issues to address in examination. It noted that it leverages technology to conduct bulk data collection and analysis at both an industry and adviser level, as well as utilizing disclosure documents such as Form ADV and Form PF. The risk alert is the second this year to address examination practices; a March 2023 risk alert provided an examination road map for new advisers and detailed a number of observations from recent exams. Releases for the recently proposed and adopted amendments to Form ADV and Form PF, as well as the much anticipated final Private Fund Rules, have also noted the anticipated use of such disclosures and rules in examination and enforcement. While some industry watchers have observed that the staff’s focus on rulemaking has slowed examination and enforcement activity, the staff have achieved a spate of recent settlements in connection with their sweeps on Marketing Rule compliance and Custody Rule violations. This latest risk alert signals that advisers should expect continued scrutiny in these areas and additional sweep exams shortly after the compliance dates for new Private Fund Rules.[1] Advisers should take into account the recent enforcement cases and Division publications as they review their policies and procedures, disclosures, compliance controls and practices relating to the Marketing Rule and these other high priority areas for the SEC.
In this risk alert, the Division identified eleven adviser-specific risk factors that it may consider when selecting whether to examine a particular adviser: 1) prior examination observations and conduct; supervisory concerns; tips, complaints or referrals involving the firm; 4) business activities of the firm or firm personnel creating a conflict of interest; 5) the length of time since the firm’s registration; 6) material changes in a firm’s leadership; 7) indications that an adviser might be vulnerable to ongoing to financial or market stresses; 8) news or media reports that might involve or impact the firm; 9) data provided by certain third-party data services; 10) a firm’s disclosure history; and 11) whether the firm has access to client and investor asserts or presents gatekeeper or service provider compliance risks. The Division also considers which advisers otherwise meet the criteria identified in the Division’s annual priorities.
After selecting an adviser for examination, the specific scope of the examination and documents requested from the adviser will vary based on factors including 1) a specific firm’s business model; 2) associated risks; as well as 3) the original reason for conducting the examination. The risk alert also identified areas that Division staff typically cover in examinations, regardless of firm-specific and other scoping considerations. These include an advisers’ operations, disclosures, conflicts of interest, and compliance practices related to certain “core” areas, such as 1) custody and safekeeping of client assets; 2) valuation; 3) portfolio management, fees and expenses; and 4) brokerage and best execution. This means that even a “limited scope” examination as part of an industry sweep or in response to a particular Division substantive concern is likely to entail a wide ranging and significant document production. The Division included a sample initial information request list that highlights the various types of information advisers typically need to produce at the commencement of an exam, broken into four categories: 1) general information so that the staff may understand an adviser’s business and investment activities; 2) information about the adviser’s compliance risks and the adviser’s written policies and procedures adopted to address those risks; 3) information to facilitate specific testing related to trading activities; and 4) information for the staff to perform its own testing for compliance in other areas. The sample request list shows the breadth and depth of potential information that the Division may seek as part of its initial review, and compliance departments should review their recordkeeping policies to ensure they will be able to produce such information quickly and comprehensively if and when asked.
[1] As discussed in our client alert on the new Private Fund Rules, the compliance dates will vary based on the rule and, in some cases, adviser size and will be calculated based on the date of publication in the Federal Register. It is expected that the compliance deadlines will be staggered over fourth quarter 2024 into the first half of 2025.