Now that you’ve seen what ACA Insight has to offer, don’t be without it. Subscribe now!

The weekly news source for investment management legal and compliance professionals

Current subscribers - please log in to the website in the upper right-hand corner

News October 17, 2011 Issue

OCIE Speaks – Mavis Kelly Describes A Revamped Program

OCIE has been busy this year. The development of a national examination program is only part of the program overhaul that has been taking place. OCIE undertook a top-to-bottom self review, and has since been revamping its operations based on the reviewís results.

OCIE assistant director Mavis Kelly talked about the significant changes in OCIE at the Investment Adviser Association Fall Compliance Workshop in Washington, DC last week. She described the changes OCIE has undergone and continues to implement in its exam program.

Changes in OCIE

If there is a substantial change in your firmís leadership, your market, or your business, that is the time to take a more expansive view of your operations, said Kelly. Thatís similar to what OCIE is going through now.

The evolution for OCIE is a complete transformation of what we do, how we do it, and who does it. OCIE has experienced a change in leadership, weíve seen a significant change in the markets, and the Dodd-Frank Act has brought about change in the laws. As a result, OCIE has undergone a very, very expansive self-review.

OCIE has been working with its operational units, and has sought the input of the Divisions. OCIE has initiated project teams, and much of the staff has contributed to developing policies and procedures for OCIE. Staff participation is critical Ė it produces more buy-in for the changes, and offers an increased perspective on what really will work and how it will work for everybody.

What are we doing now?

OCIE has made a number of changes to its governance structure.

  • OCIE now has an executive committee that approves the strategic plan. Prior to the establishment of the committee, OCIE had to go through GAO review.
  • OCIE has developed specialized working groups in key areas. The working groups develop ways for targeting examination candidates, and refine our expertise. The specialized working groups are:

- Equity Market Structure and Trading Practices

- Fixed Income and Municipal Securities

- Marketing and Sales Practices

- Valuation

- Performance Advertising

- Microcap Fraud

- New and Structured Products

  • OCIE has implemented reporting line changes. OCIE has taken the branch chief role and recast it as "examination managers." Examination managers supervise exams in the field and report to the assistant directors.
  • OCIE has developed a comprehensive examination manual. Previously, guidance could vary among SEC offices. Now OCIE has worked to centralize the process and has created one manual for everyone to use. It is not publicly available yet, but when completed, OCIE hopes to post it on the SECís website similar to the Division of Enforcementís manual. As the examination manual is put into practice, "I hope you see greater consistency," said Kelly.

There are other changes that are behind the scenes within OCIE, that will not be directly evident, she said. The ultimate goal is to improve efficiency and effectiveness of exams, and to assign staff to a team with expertise appropriate for your firm. OCIE expects to capitalize on available resources and its inventory of expertise. OCIE will be collaborating more with interested parties, and will align its program for greater national consistency.

Top Common Deficiencies

One thing you will see, she said, is change in the deficiency letter process. OCIE will reduce the volume of whatís presented in deficiency letters, such as legal background information, and will expand factually what the exam team found, and what practices it has observed that the firm is engaging in.

What is OCIE finding in exams?

As for the deficiencies themselves, "the pecking order might change from year to year, but generally the findings, the categories, donít change from year to year," she said.

The top deficiencies involve:

  • Compliance and supervision; and
  • Information disclosure Ė always the top two deficiencies, she said.
  • Performance advertising and marketing;
  • Personal trading; and
  • Safety of client funds and assets.

As part of evaluating deficiencies, an exam team will look to see if the firm detected the problem, corrected the problem, whether firm personnel properly escalated the matter if that was warranted, and whether the problem was disclosed properly, if required. "Weíre going to look at whatís there and what you did as a result," said Kelly.

Here, she said, are some of OCIEís common findings in deficiency letters:

The firm did not adopt adequate compliance policies and procedures.

Typically weak areas are found in connection with portfolio management processes, allocation of investment opportunities, conflicts of interest, and marketing. OCIE has observed instances where firms have neglected a business line, a branch office or a division in their compliance program.

The compliance manual does not reflect actual firm practices.

OCIE often finds that a firmís compliance manual incorrectly states the firm will do something or not conduct certain businesses when in fact they do. It is very important that a firmís compliance policies are consistent with actual practices. "Weíve also found firms that say they will do something that theyíre not doing," she said.

Failure to ensure policies and procedures are tailored adequately to the adviserís business.

A firm that buys a baseline compliance manual "off the shelf," or a firm that has merged with another business, those are signals that the manual needs an overhaul, said Kelly. Changes in a methodology (whether permanent or temporary), changes in performance expectations, and other major events in the business, including natural disasters, all warrant a review of the compliance manual.

Service provider arrangements.

Something thatís a little bit new, said Kelly, is that OCIE has been commenting more on service providers, digging into the actual services that have been provided to the firm and whether those services are proper.

Uncompleted or late annual reviews.

Believe it or not, she said, OCIE still cites firms for not completing their annual review, or not completing it in a timely fashion.

Information disclosure, reporting and filing.

Untimely filings with the SEC, and untimely disclosures generally, are common deficiencies and can give rise to enforcement actions, such as in the AXA Rosenberg case. Inaccurate disclosures, such as omitting disclosure of compensation arrangements Ė especially when it involves the favorable treatment of some parties but not others Ė is another area often cited.

Custody deficiencies.

Custody problems often arise because a firm is deemed to have custody of client assets and doesnít realize it. Examples of common situations where an adviser overlooks deemed custody include:

  • An advisory principal is a managing member of a fund or on a board;
  • The adviser serves as general partner to private funds it manages;
  • An adviser principal serves as trustee for an estate;
  • The adviser holds stock certificates for a client; or
  • The adviser temporarily deposits client assets in a comingled account.

Custody-related deficiencies include situations where audited financials for private fund investments were not provided to clients for years, or were not prepared in accordance with GAAP. OCIE has seen significant issues where an adviserís records are in disarray, or where the records of certain issuers donít match firm records. When a firm canít validate that its assets are what it says they are, thatís a problem, said Kelly.

What is "significant" to OCIE?

Number one is finding misconduct, she said. Inadequate follow through by a firm will also be viewed by OCIE as significant. If a firm has pledged to do something to correct a problem or in response to a prior deficiency letter but doesnít do it, OCIE goes back and checks that sort of thing.

What conduct does OCIE refer to Enforcement?

Among other more obvious or specific matters, we would refer a firm to Enforcement for poor overall compliance controls, said Kelly.

A word on risk-based exams.

Leveraging available resources has always been a feature of OCIEís examination program, and never more so than now. Under the tips, complaints, and referrals system, time frames have been established to either examine an identified entity or refer the matter to a more appropriate area, such as Enforcement.

OCIE has four immediate goals:

  • Enhance collaboration;
  • Implement Dodd-Frank Act changes to the examination program;
  • Implement the changes identified in OCIEís self-assessment; and
  • Expand our risk targeting process.

OCIE coordinates with the divisions as well. For example, in the promulgation of the temporary principal trading rule, findings from OCIE examinations are actually in the adopting release, said Kelly. The Divisions of Investment Management and Trading and Markets will conduct training on new rules under the Dodd-Frank Act and pay to play. In a joint review of abberational performance with Enforcement, the Division of Risk, Strategy, and Financial Innovation conducted the analytics, and then the Division of Enforcement undertook review of the data for unregistered advisers and OCIE undertook review of the data for registered advisers.

What is OCIEís focus for 2012?

  • Complex and/or rapidly growing entities will be of interest to OCIE.
  • With the registration of private fund advisers, those newly registered advisers will warrant a closer look.
  • Expect international examinations to increase. About one third of the assets under management by SEC-registered advisers are international, and are expected to grow exponentially.
  • Aggressive marketing to seniors is "always a staff favorite."
  • Due diligence for private funds.
  • Compliance programs and fund governance.
  • Compliance breaches and processing issues.
  • Performance advertising.

And Kellyís parting thoughts?

We also find that if your culture of compliance isnít high, it increases the likelihood that a breach goes undetected and isnít handled properly, she said.