The new year is here and with it, financial advisory firms must prepare for Securities and Exchange Commission (SEC) examinations. Whether the regulatory body visits your firm for a sweep examination, cause inspection or routine examination, you must be prepared to provide evidence which supports your compliance with all regulatory requirements.
In this blog, we’ll break down what we view as the top three areas of focus for SEC exams in 2023.
Compliance with the new Marketing Rule
If financial advisory firms weren’t on notice before, they are now. With the release of the Sept. 19, 2022 risk alert, the SEC made their intentions crystal clear: they will be focusing on Marketing Rule compliance in their upcoming exams and they expect firms to have updated all compliance program functionalities to reflect the new standards.
Within the risk alert, the SEC stated initial exams would focus on:
- Marketing Rule policies and procedures.
- Substantiation requirements.
- Performance advertising requirements.
- Books and records as they relate to the Marketing Rule.
Regulatory cybersecurity awareness and risk mitigation
Over the past few years, cybersecurity has remained on of the top focus areas for regulatory bodies. As it should, given the complexity and sophistication of attacks and the potential harm cyber-attacks can cause both firms and their clients.
As stated in the 2022 SEC Exam Priorities, the SEC examines financial firms in regards to whether they:
- Have taken appropriate measures to safeguard customer accounts and prevent account intrusions.
- Oversee vendors and service providers.
- Address malicious email activities, such as phishing or account intrusions.
- Respond to incidents, including those related to ransomware attacks.
- Identify and detect red flags related to identity theft.
- Manage operational risk as a result of a dispersed workforce.
Meeting books and records compliance requirements
In late 2022, the SEC charged 16 firms with recordkeeping violations. The fine? A whopping $1.1 billion.
The takeaway? Firms which lack sufficient policies and procedures to meet books and records requirements, even in “off-channel” communications, must act now or risk the penalties.
“These actions deliver a straightforward message to registrants: You are expected to abide by the Commission’s recordkeeping rules,” said Sanjay Wadhwa, Deputy Director of Enforcement. “The time is now to bolster your record retention processes and to fix issues that could result in similar future misconduct by firm personnel.”
While not a holistic view of SEC exam priorities, this list highlights the very real and active role the SEC took in 2022, and is likely to take in 2023. For deficient firms, the time to act is now, before a compliance regulator comes to examine your firm and note potential violations.
Learn more about how the COMPLY portfolio of firms can help prepare your for a regulatory examination today!