Last October I spoke at a compliance conference on the subject of SEC investment adviser examinations.  The article below is a summary of the presentation, updated with information from yesterday’s release of the SEC’s 2020 Examination Priorities.

The Examination Program.  The SEC’s examination of investment advisers – conducted by the Office of Compliance Inspections and Examinations (referred to as “OCIE”) – is in many ways a model of what financial regulation should be.  The examination program comes pretty close to striking the right balance between cooperative regulation that helps advisers to comply with regulatory requirements, on one hand, and punitive regulation through uncovering violations for enforcement action, on the other.  What is often not appreciated is that the examination program meets its investor protection objective primarily by providing individual advisers and the industry generally with guidance in complying with regulatory requirements.  Of course OCIE’s examinations are also designed to and do uncover situations where a referral to enforcement is appropriate, but referrals to enforcement are not the primary purpose of examinations and they occur in only a small percentage of examinations (fewer than 5% in 2019).

While most advisers do not view a visit by examiners as a “cooperative” exercise, the reality is that the vast majority of issues identified by examiners are essentially suggested improvements where a simple correction or procedure enhancement is all that is required.  In fact, if an adviser ignored the majority of an examination’s findings it is likely that nothing serious would come of it (this is to illustrate a point – I don’t recommend doing this).  Also, while no one wants to receive a deficiency letter following an examination, the overwhelming majority of deficiency letter comments are not referred to enforcement.  Rather, most comments highlight issues the adviser should improve or minor violations that can easily be fixed.  Another way in which the program is cooperative is through its publications and outreach programs.  OCIE publishes an annual list of exam priorities for the upcoming year, giving advisers notice of the issues that will be examined so advisers can review and improve those areas before they are examined.  OCIE also published periodic risk alerts, which highlight the areas where the examiners are seeing a high rate of deficiencies in their field examinations.  Finally, each year OCIE holds dozens of regional and national compliance seminars.  In other words, advisers are provided with the benefit of knowing what issues OCIE plans to focus on, the common issues the examiners are seeing in the field, and guidance on creating an effective compliance program – all to help advisers improve their compliance programs.

Yes, it remains true that some examinations take too long, involve too many document requests, and result in incorrect or trivial deficiency comments.  However, these tend to be the exceptions and in any large program there will always be some variability in quality and outcomes.  On the whole, the program should be commended for its transparency, calibrated responses to issues identified in examinations, improved industry knowledge, and increased efficiency.

Exam Scope.  While there remain sweep exams and targeted “for cause” exams that focus on a single or small number of issues, most exams are general reviews of an adviser’s business.  That said, the examiners are increasingly tailoring their initial requests for documents to the specific nature of the adviser’s business.  In addition, it is becoming more common at the outset of an examination for the examiners to ask for a slide deck to be prepared that outlines the adviser’s business.  The slide deck is then sometimes reviewed on a conference call with the adviser before the on-site examination begins, which may result in a follow up document request focusing on the higher risk areas identified.  Likewise, the on-site examinations appear to be influenced by the initial review, with the scope adjusting to focus on areas identified as higher risk unique to the particular adviser.  This is very similar to the process financial statement auditors employ, devoting the majority of their time on the higher risk areas of a financial statement and adjusting scope as warranted.

Exam Areas.  Chairman Clayton has been quite clear over the past few years that the SEC will be focusing closely on matters affecting retail investors, and the SEC’s examinations are certainly following that directive.  Indeed, OCIE’s focus on retail investors predates Chairman Clayton as retail issues have been an examination priority every year since 2015.  The issues under the broad umbrella of “retail” include conflicts disclosures, fee calculations and disclosures, elder fraud, branch office supervision, disciplinary disclosures, and cybersecurity.  While some of these topics are less relevant to private fund advisers, others such as conflicts disclosures and cybersecurity are quite relevant and private fund advisers should expect to be carefully scrutinized in these areas.  Other current exam areas relevant to private fund advisers include valuation, expense allocations, investment allocations, third party data providers (“alt data”), insider trading policies, and ESG investing disclosures.

As noted, an aspect of OCIE’s program is to be transparent with respect to issues OCIE intends to focus on during exams as well as common deficiencies that it is seeing in the course of its examinations.  The examination priorities are published annually, toward the end of the calendar year or the beginning of the new.  The 2020 priorities were published on January 7, 2020, and can be found here.  The 2019 priorities can be found here.  OCIE also publishes periodic risk alerts and there were six in 2019, with four being most relevant to private fund advisers: Regulation S-P privacy issues (April), cloud data storage (May), issues related to disciplinary matters (July), and principal and agency cross transactions (September).

The examination priorities for 2020 most relevant to private fund advisers include information security (cybersecurity), adequacy of compliance programs, adequacy of disclosure of ESG and other new strategies, disclosures and preparations relating to the transition away from LIBOR as a reference rate, examinations of advisers who have never before or not recently been examined, issues with managing separate accounts side-by-side with private funds, use of “alternative data,” insider trading controls, conflicts of interest, disclosures of fees and expenses, and issues related to affiliates of advisers providing services to funds.

Exam Process.  The most notable recent process development is the attempt to make examinations more targeted and efficient through an early understanding of an adviser’s business (the slide-deck process, discussed above).  In theory, targeting high risk areas unique to a particular adviser should be a much more efficient approach to an examination.  Whether that is borne out in actual practice and this approach becomes common practice remains to be seen.  For some time now advisers have themselves made an initial presentation of their business to the examiners to help focus the exam on areas most relevant to the adviser’s actual operations and risk.  If the examiners do not request an initial overview of the business, it generally remains a good idea for an adviser to make such an initial presentation on the first day of the on-site exam.

Interviews of employees during the exam is a subject that generates a fair share of concern.  However, there is generally no reason why the interviews need to be treated like a deposition and there is rarely a reason to have counsel present.  On the other hand, it is common to have counsel speak with employees about the interview process and to have a member of compliance sit in on the interviews.  To put the best foot forward, employees should be honest and direct with the examiners, and stick to what they know.  Of course, this is a topic where the particular circumstances matter and advisers should consult with counsel when there is a request to conduct interviews.

Remediation of issues that arise during the examination is also a common question.  During the examination it may become apparent that the examiners have identified a potential deficiency.  If the adviser’ review shows that an issue exists, it should almost always be corrected immediately.  While every situation is different and an adviser should consult with counsel before acting, it is generally better to act promptly to address deficiencies – and the concern that any correction is an admission of wrongdoing is generally overblown (or outweighed by the benefit of prompt remediation).  Similarly, if a deficiency is identified during the exit interview and the adviser agrees with the observation, better that it is corrected before the deficiency letter arrives (in fact, it may be prudent to inform the examiners of the correction before the deficiency letter is even written).

Deficiency Letter Responses.  Many advisers are inclined to reflexively agree with the examiners’ findings and adopt any remedial steps suggested by the staff.  Certainly there are many times when the deficiency letter comments and suggested improvements are spot on, and adopting the staff’s suggestions is the correct course of action.  In other instances, however, the staff may be incorrect or not have all of the facts and so politely disagreeing with their conclusions (and explaining why) is entirely correct.

How to prepare for an OCIE examination?  As ever, the best preparation for an SEC exam is to create and maintain an effective compliance program tailored to the particularities of your business.  As for areas to prioritize in reviewing and strengthening your program, taking a look at the Exam Priorities and Risk Alerts from the past few years is certainly a good place to start.