The Securities and Exchange Commission's compliance rule requires that compliance policies and procedures be reviewed at least annually to determine adequacy and effectiveness. Rule 206(4)-7 applies to SEC registered investment advisers. If you have not already conducted your annual review, you should begin the process now. Compliance policies and procedures are a key area of review in SEC examinations.
The review must be overseen by the firm's chief compliance officer. It should cover compliance matters that arose during the past year, changes in the firm's business activities, and any changes in the law that might suggest a need to revise the policies or procedures. Testing is also an important part of the annual review process. These tests should seek to determine whether the procedures are being followed, and whether they are effective in preventing or detecting misconduct.
This process of analyzing the firm's business and related risks reinforces the notion that your compliance policies and procedures should be tailored to your specific advisory business. The firm should not rely on a boilerplate compliance manual. Indeed, last year, the SEC sanctioned a firm for using a “boilerplate” compliance manual.
Firms with strong compliance controls are more likely to prevent problems and to detect and correct any problems that do occur. SEC Staff has stated that such firms should be subject to less examination attention. Thus, one of the easiest ways to prevent a prolonged examination by the SEC is to establish and implement solid compliance policies and procedures designed to address the risks associated with your particular firm.
The SEC requires that firms maintain any records documenting the annual review for at least five years. Documenting the review, however, poses many challenges. Indeed, the results of the review may contain sensitive information. Due to recordkeeping and other obligations, it may be difficult or impossible to preserve the confidentiality of documents evidencing the annual review. As a result, in seeking to preserve confidentiality, particularly of sensitive information, it is important to discuss with counsel the availability of the attorney client privilege to preserve confidentiality.
The SEC has also suggested that firms conduct an interim review where significant business, compliance or regulatory issues arise. Overall, your review process should be done with an eye toward building an overall “culture of compliance” at your firm.
This memorandum has been prepared for general information purposes only and is not intended as legal advice. If you should have any questions about your firm’s annual compliance review, or other legal matters pertaining to investment adviser compliance, please contact Greg Gribben at 585-987-2875 in the firm’s Investment Management Practice Group.