Many Asset Managers, B/Ds Don’t Trust Compliance Programs

In addition, many are not confident in their firm’s cybersecurity.

A large percentage of senior executives in financial services do not believe their firms would adequately survive the scrutiny of a regulatory exam, according to the results of a survey released by Cipperman Compliance Services (CCS).

The survey of executives at asset managers, alternative managers and broker-dealers (B/Ds) also revealed widespread concerns over cybersecurity protections.

Forty-three percent of alternative managers, such as hedge or private equity funds, do not believe their compliance programs are up to exam standards; an additional 32% of B/Ds and 25% of asset managers are concerned they might not pass an exam.

Results show nearly half (48%) of asset managers indicate they spend more on legal counsel than on compliance programs. Among alternative managers, 71% spend more on legal counsel, and among B/Ds, 73% spend more on legal counsel. “The survey results raise significant questions about the effectiveness of increased spending in recent years on internal compliance resources,” CCS says.

When asked their attitudes toward compliance, 61% of respondents view the function as a part of doing business, such as meeting regulatory requirements or attracting and retaining clients. This equates to an 18% upswing from 43% in 2016.

“Because compliance has become so important to protecting the franchise, firms need to bring in third-party experts in the same way they have traditionally retained outside lawyers and auditors.  One bad exam and penalty could do irreversible damage to the reputations these managers have built,” says Todd Cipperman, founding principal of CCS.

Cybersecurity remains a large concern, despite increased media and regulatory focus. Nearly two-thirds (64%) of B/Ds reported they are not confident in their firm’s cybersecurity, and 43% of alternative asset managers said the same. While more than half (51%) of asset managers indicated they are confident in their firm’s cybersecurity, still one-quarter said they are not.

“Internal compliance officers might not have the comprehensive skills to address the technical requirements of an adequate cybersecurity program,” says Robert Prucnal, president of CCS.  “Firms should consider bringing in experts who can take a more objective view of the IT environment.”

Full survey results may be found at A free sign-up is required.