Investment Managers Share Steps They Take for Compliance

A survey finds cybersecurity is registered investment advisers' (RIAs) highest concern.

For the sixth year in a row, cybersecurity has been the biggest compliance concern at registered investment adviser (RIA) firms, according to the 2019 Investment Management Compliance Testing Survey, conducted jointly by the Investment Adviser Association (IAA) and ACA Compliance Group. Eighty-three percent of RIA firms said that cybersecurity is their biggest compliance concern, and 70% said that their firm has increased compliance testing in this area in the past year.

The survey also found that 66% of chief compliance officers (CCOs) handle other functions, with 18% acting in some legal capacity.

“Now in its 14th year, our survey continues to be a valuable resource for compliance professionals to benchmark their practices against others in the industry,” says IAA President and CEO Karen Barr. “Among the many key takeaways of this year’s survey—beyond the continued importance of cybersecurity—is that firms continue to strengthen their compliance programs.”

Following security, 28% of compliance professionals said that issues related to advertising and marketing are important. IAA and ACA Compliance Group say this is not surprising, given the fact that the Securities and Exchange Commission (SEC) has said it might amend its Advertising Rule. Compliance professionals’ next concern is data privacy, with 23% citing this issue.

As to how they oversee advertising and social media, 71% of firms require their CCO to approve this content before publishing it. Ninety-three percent of firms have written rules regarding advertising and social media policies. Seventy-six percent of firms review their firm’s website, and 65% review newly created documents.

In response to the SEC’s guidance on custody in 2017, 26% of firms have adopted additional controls. However, 57% said they have not had to change disclosure as a result of the guidance.

As for the SEC’s position on trading practices that are not processed or settled on a delivery versus payment basis, 24% have maintained a list of authorized personnel who can give instructions on the movement of client money. Twenty-three percent have separated personnel responsibilities, 22% have kept their custodians informed of authorized persons, and 17% periodically reconcile transfer activity.

Eighty-eight percent of RIA firms evaluate best execution with respect to equities (88%), fixed income (51%), derivatives (19%), mutual funds (18%) and foreign currency (15%). Although 63% do not recommend mutual funds, among those that do, 18% look to see if a lower-cost share has become available.

As to how they maintain their code of ethics, 77% have someone other than the CCO to review the CCO’s trading activity. Sixty-eight percent certify that the firm received all trading information on a quarterly basis, and 57% use electronic data feeds.

Eighty-five percent have rules on gifts and entertainment in their code of ethics, with the most common thresholds being $100 and $250.

Nearly half of respondents said they do not manage or look to manage state or local money. Thirty percent restrict activities to avoid lobbying registration requirements.

Eighty-seven percent look to see whether or not clients are billed in accordance with their agreements, 70% look to see whether Form ADV is accurate, and 68% look to see that the assets under management on which their advisory fee is charged is accurate. Fifty-two percent look to ensure that expenses are accurately disclosed, 52% want to be sure they are in line with their agreements, and 43% want to be sure they are in line with their offering documents.

The full results of the survey can be viewed here.