To give a high-level perspective, the SEC’s priorities list covered:
- Private funds and the rapid increase in Registered Investment Advisers (RIAs)
- Cybersecurity otherwise known as data security
- What the move towards a more decentralized financial ecosystem means for future regulations and exams
- ESG and the prevention of greenwashing
- Continued standard of conduct focus for RIAs and Broker Dealers
- Anti-Money Laundering
- LIBOR Implications
And of course, examinations of all varieties – from RIA to Broker Dealers to MSRB.
However, one area of the priorities report that hasn’t seemed to garner nearly as much media hype? The SEC’s commentary on “several commonalities of resilient compliance programs.”
How to Execute on a Successful Compliance Program in 2022
While words like “resilience” and “change management” may have had a place in the world of compliance prior to 2020, in today’s regulatory environment, such classification has become the difference between successful programs and ones that fumble at the first fork in the road.
In their opening commentary for the 2022 priorities report, the SEC noted three aspects that, together, make up a cohesive and successful compliance program.
“Inclusivity: The primary responsibility to develop and maintain a compliance program may be with the Chief Compliance Officer and others in a compliance department, but for most firms the foundation of a resilient compliance program requires participation and input across all business and operational lines.”
Change Management: A well thought out and well-designed compliance program will be flexible enough to adjust to known variables in operations and business, but will also have established processes in place to monitor effectiveness and to pivot or be updated when appropriate.
Reviews and Testing: Periodic review and testing of policies and procedures is necessary to ensure the on-going adequacy and effectiveness of a compliance program.”
Why is this insight so important? While the annual priorities provide documentation of what the SEC will be examining and focusing on for the next 12 months, they don’t necessarily provide clarity pertaining to how a compliance program functions successfully day-after-day and month-after-month.
However, with this short, but powerful note, the SEC has given compliance programs a proverbial nugget of gold – offering three core pillars that should always be incorporated into your compliance strategy.
What do each of these areas look like in practical application? Let’s break down each of the pillars into a few activities that could differentiate active compliance from the apathetic variety.
- Inclusivity:
- Onboarding that dives into the who, what, where, and why of your compliance strategy
- Regular training and continued education designed to keep your team members up-to-date and in-the-know
- Contextualized communications
- Change Management:
- Integrated technologies that streamline processes and allow for more cohesive focus
- A strategic vision, aligned across the org, which provides room for proactive and reactive measures
- Strong leadership driving a dynamic, agile compliance program from the top down
- Reviews and Testing:
- Personalized policies and procedures that address your firm’s compliance challenges
- Regularly scheduled tests throughout the year…and not just at FY end
- Annual reviews which aggregate and analyze all testing information done throughout that calendar year
Realistically, while the SEC’s priorities help to guide your program’s focus, they shouldn’t completely upend it. In fact, a successful program incorporates proactive and reactive measures which adapt to the ebb and flow of the changing regulatory landscape, ensuring any new challenges (or SEC priorities) don’t cause a complete compliance malfunction.
Download our full SEC 2022 Exam Priorities infographic to get a breakdown of the critical items to have on your compliance agenda this year.