(The news featured
below is a selection from the news covered in the Federal Securities Law Reporter,
which is distributed to subscribers of SEC
Today.)
SEC Official Discusses Results of
First Annual Compliance Reviews
John Walsh, the associate director and chief counsel in the
SEC's Office of Compliance Inspections and Examinations, reviewed the lessons to
be learned from recently completed fund and broker-dealer compliance reviews at
the NRS spring compliance conference on April 18. He said that funds and
broker-dealers should consider what they have learned from their compliance
reviews and how to implement any necessary changes in response to their
findings. Walsh noted that some entities ended their compliance reviews with
separate checklists of possible risks and of compliance policies and procedures.
He reminded them that the policies and procedures must be designed to address
the risks that they identified.
Walsh said the staff is still finding firms that have no
written policies and procedures. This most commonly arises with
multiple-registered entities within a complex, he explained, and some of them
get overlooked. He suggested that firms create an inventory of registered
entities to ensure that all of them have written policies and procedures. Some
firms have policies and procedures but have overlooked issues such as market
timing, conflicts of interest when voting client proxies and subadvisers.
Another problem area is the failure to enforce the written policies and
procedures, according to Walsh.
Walsh noted that funds must obtain the approval of their
boards for their policies and procedures based on a finding that they are
reasonably designed to prevent violations of the securities laws. The
examination staff has found circumstances in which the board has been
overwhelmed with documents and others where the board has been given very
general information. Boards may rely on summaries, he said, but the summaries
must be sufficient to inform the board of how the compliance program addresses
significant compliance risks.
Walsh reviewed the level of testing that is needed to
ensure that the policies and procedures will detect violations. Some firms
conducted no tests, he reported, while others failed to test for specific
problems that could have been detected. The staff also found a number of
creative tests that will search for patterns over time. For instance, the staff
has seen tests that compare brokerage allocations to sales of fund shares, tests
that take a long-term look a personal trading, tests that compare aggregate IPO
allocations over time and tests that compare the performance of similarly
managed accounts over time.
Walsh advised that the SEC set very high expectations for
the chief compliance officer when it adopted the compliance rules. He noted that
there is a lot of discussion about whether it is preferable to have an inside
CCO or an outside CCO. Whichever a firm chooses, Walsh said there are potential
conflicts of interest or operational issues that may arise. The key for the CCO
is to be careful not to be too far inside or too far outside, he said, to be
sure that he or she has the authority and influence needed to do the job.
During examinations of broker-dealers, Walsh said the staff
has found cases where firms failed to document how the CCO will handle
compliance issues. Another deficiency that continues to arise is the use of
"canned" written supervisory procedures that do not fit their
operations. Others have gaps such as the failure to review outside employment or
the approval of outside employment based on a vague work description. Annual
compliance meetings also pose problems, he said, ranging from the lack of a
meeting altogether to the failure to document attendance.
The most common problem in the sales practice area for
broker-dealers is sloppy adherence to their own procedures, according to Walsh.
Other problem areas include the failure to supervise sales to the elderly and
the switching of variable products. Walsh also emphasized the importance of
identifying and responding to red flags. While electronic exception reports are
beneficial, Walsh said they must be used carefully. If their parameters are not
set correctly, they could miss important red flags.
If firms found some of these issues during their
reviews or testing, Walsh said now is the time to fix them. He outlined a list
of agenda items for meetings with executives, starting with whether the firm met
all of its regulatory deadlines. The agenda should include any unique compliance
risk exposures that were identified and how they should be addressed. Walsh said
firms should consider whether their written policies and procedures accurately
reflect real practices. His proposed agenda also suggests a review of the
compliance tests that were run, the worst red flags that were identified and any
serious compliance issues that remain open. The executives should be informed if
anyone was unresponsive or tried to block the compliance staff from doing its
job, he said. Senior executives should consider what they can do to follow up on
the review in a productive way to ensure a lasting and positive impact on the
organization, he advised.
|