The Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) recently published its 2018 examination priorities letter. The priorities reflect certain practices and products the examiners believe may present potentially heightened risk to investors or the integrity of the U.S. capital markets. This year’s examination priorities are organized around five themes: (1) retail investors, (2) market Infrastructure, (3) Financial Industry Regulatory Authority (FINRA) and Municipal Securities Rulemaking Board (MSRB), (4) cybersecurity; and (5) anti-money laundering (AML) programs. The OCIE noted that the priorities list is not exhaustive and that examiners remain flexible to add priorities to cover emerging risks to investors and the marketplace.

Retail Investors

Protecting retail investors remains a key priority, particularly for seniors and those saving for retirement. Examiners will focus on, among other things, investment recommendations, sales of variable insurance products, and the sales and management of target date funds. OCIE will also review financial professional disclosures and calculation of fees and expenses charged to investors. Examiners will review the supervision of representatives selling products and services to investors. OCIE will continue to examine municipal advisors for compliance with registration, recordkeeping, and supervision requirements. In recognition of the growing and developing cryptocurrency market, OCIE will monitor the role of broker-dealers and investment advisors in the sale and exchange of cryptocurrency, specifically “whether financial professionals maintain adequate controls and safeguards to protect these assets from theft or misappropriation, and whether financial professionals are providing investors with disclosure about the risks associated with these investments…” OCIE will continue to evaluate “robo-advisors,” or investment advisors and broker-dealers that offer automated investment advice.  Examinations will focus on registrant’s compliance programs, including the oversight of algorithms that generate recommendations.

Market Infrastructure

OCIE will continue to examine clearing agencies, national securities exchanges, and transfer agents to ensure the agencies are following the rules. The transfer agent examination will focus on transfers, recordkeeping, and the safeguarding of funds and securities.

FINRA and MSRB

OCIE will continue its heightened oversight of FINRA and focus examinations on regulatory programs, including the quality of its broker-dealer and municipal advisor examinations. OCIE will also examine the MSRB to evaluate the effectiveness of select operational and internal policies, procedures, and controls.

Cybersecurity

Cybersecurity continues to be an area of focus, with an emphasis on governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response. The SEC will continue to work with firms to identify and manage cybersecurity risks and to encourage market participants to actively engage in this effort. The SEC recently issued new guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents.

Anti-Money Laundering

OCIE stated that AML remains a priority. The examiners will review for compliance with applicable AML requirements, including whether firms are appropriately adapting their AML programs to address their regulatory obligations. The reviews will include customer due diligence requirements, accurate and timely filing of suspicious activity reports (SARs), and whether entities are conducting independent testing of their AML programs.

Takeaway:

Regulators are becoming more aggressive and increasing examinations. Last year, the SEC examined 15% of all advisors, up from 8% five years ago. The agency plans to increase advisor examinations and boost exam funding by nearly $20 million in 2019. The SEC released its fiscal year 2019 budget requesting a total of $1.658 billion, up 3.5 percent from its $1.602 billion request for fiscal year 2018. The budget includes an increase for its National Examination Program from $346 million to nearly $366 million. It’s likely FINRA and MSRB will also increase examinations because of the SEC’s heightened oversight.

The best way to prepare for examinations is to know which regulations apply to your firm. Start by addressing the most basic issues to ensure regulatory compliance. All financial firms must capture and retain all business-related electronic communications – not just email. This includes modern instant message and collaboration tools such as Slack, Workplace by Facebook, and text messaging. It’s important to select a compliant technology solution that can quickly produce all electronic communications content when required by regulators.

Firms should dedicate time and resources to assessing their policies, procedures, and internal controls. Every advisory firm must adopt and implement written policies and procedures reasonably designed to prevent violations. These policies must be specific to your firm’s practices and address current regulations. Firms must also designate a Chief Compliance Officer (CCO) to supervise and administer these policies and procedures.

Monitoring electronic communications can be incredibly effective in supervising and administering  policies. Utilize your archiving platform to automatically flag messages that contain risk keywords or phrases likely to warrant review. You can create lexicons focusing on areas such as fraud, sales practices, and AML issues. Lexicon policies can automatically find scenarios in which a senior is exploited, or an advisor makes risky mutual fund recommendations. AML lexicon examples include: “an offshore account,” “a tax haven,” and “money was illegal.” Lexicon policies greatly enhance your supervisory control policies and help meet regulatory requirements.

The SEC examination priorities along with the recently released FINRA 2018 Priorities Letter should be incorporated for an effective regulatory program and preparation for an upcoming exam. Advisors may also consider our recent FINRA Noteworthy Takeaways identifying areas of focus and recommended best practices. Test, remediate, and enhance any suspected deficiencies related to the recent regulatory priorities. Take all actions necessary before becoming the subject of a regulatory examination.