Each week we’re giving you our weekly report highlighting the top compliance news articles from various industry news publications. We have selected the most relevant and important news articles related to registered investment adviser (RIA) compliance and regulatory issues. Check back each week for the latest list of top stories.
Here’s our top investment adviser compliance articles for the week of June 4, 2016:
- 9 Ways to Create a Culture of Cybersecurity (Author- Wes Stillman, ThinkAdvisor)
As Wes Stillman writes, “The biggest stumbling block for registered investment advisors when it comes to guarding against cybersecurity breaches is not technology-based, it’s a people problem.” As we have also previously discussed, the employees of an RIA firm play a major role in preventing a firm from becoming victim to a cyber attack. With cyber thieves continuing to show increased sophistication in regards to recent cyber attacks, it is important to always be prepared due to the frequency of the these attacks taking place. If the firm’s senior leadership take initiative to practice proper cybersecurity protocols, it is more likely such practices will become the norm across the firm. In this must read piece, Stillman lists nine things investment advisory firms can do to “start building a cyber secure culture.”
- Lack of Regulation on CRM Note-Taking Can Put Advisers in Sticky Software Scenarios (Author- Alessandra Malito, InvestmentNews)
With this second article, we stick to the technology and compliance topic, but instead take a look at author Alessandra Malito’s coverage of a recent FINRA regulatory action against an advisor that improperly backdated client notes in the firm’s client relationship management (CRM) system. As Malito writes, “regulators don’t have clear rules for how advisers should use this software and CRM vendors all approach tweaking notes differently.” However, almost all CRM systems today allow for the system administrator to prevent users from editing previously entered client notes. In addition, it’s essential that the proper audit trail is kept and that clear compliance polices and procedures are established for situations in which a previous client note needs to be updated.
- SEC Official Predicts More Cyber Enforcement Cases (Author- Stephen Joyce, Bloomberg BNA)
Returning to the topic of cybersecurity, author Stephen Joyce writes that the Securities and Exchange Commission (SEC) is planning to enforce more cybersecurity violations should a cyber attack take place. In this piece, Joyce quotes David Glockner, head of the SEC Chicago Regional Office, that recently stated, “The SEC has been quite clear that reasonableness and perfect are two different things. We expect firms to be diligent, we expect them to be thinking about this area, we expect that companies’ procedures both from a policy perspective and a technology perspective are proportional to their risk.” Joyce also notes that Glocker made it clear that “the agency intends to bring enforcement cases regarding cyber in the future.” Of particular note, Glockner also highlighted issues related to fraudulent data and money transfer requests via email. Again, as highlighted in an earlier article, managing cybersecurity risk is often more about proper staff training and policies rather than simply installing additional technology.
- Software to Make Compliance Easy For Financial Advisers (Author- Sheryl Rowling, InvestmentNews)
In this piece, author Sheryl Rowling discusses two RIA compliance software solutions that are available to investment advisers including our MyRIACompliance® solution that over 1,300 investment advisory firms use on a monthly basis. As Rowling notes, here at RIA in a Box we aim to be a “one-stop compliance offering” and what often separates our service is that we offer not just software, but also the RIA compliance logic and administrative and consulting support along with our MyRIACompliance® software platform. Most importantly, regardless of what solution an RIA firm may seek out, we agree with Rowling when she writes that “no matter which path is chosen, compliance is made easier and more effective through technology.”
- Pending AML Rules Could Jolt RIAs (Author- Dan Jamieson, Financial Advisor Magazine)
As Dan Jamieson writes, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has developed some pending anti-money laundering (AML) rules that are expected to be published this year. Once published, it’s possible that SEC-registered RIA firms will be required to develop internal policies to abide by the new rules. As it stands right now, state-registered investment advisory firms would be exempt from this new AML requirement. However, if ultimately implemented as a new rule, the AML reports will need to be filed through FinCEN’s Bank Secrecy Act (BSA) eFiling system. This is an emerging RIA compliance topic that investment advisory firms need to continue to follow in the coming months.
Don’t forget to check out last week’s top RIA compliance news articles on the biggest cybersecurity threats that investment advisers face and the BICE lite for level fee fiduciaries. Be sure to check back next Friday for next week’s top articles!