Let’s face it, the abundance of proposed and adopted SEC rules being announced can feel overwhelming. With approximately 30 proposals on the docket, two new rules recently adopted and who knows what else to come, compliance professionals are running a full-sprint marathon every day of the week.
All of which likely leaves you wondering: what can I do to keep up? For any firm, the first step to mitigating and managing risk is understanding what risk you face.
During a recent webinar COMPLY experts Chris DiTata and John Gebauer polled the audience of compliance professionals serving financial advisory firms and asked if a risk assessment had been conducted for their firm in 2023. The results?
- Yes – 54%
- No – 46%
Why conducting a risk assessment is an essential step to meeting SEC rule requirements
2022 marked one of the busiest regulatory years in recent times, as noteworthy cases and important judgments sent shockwaves through the financial advisory sector, with effects which are expected to persist for years to come. And 2023? Looks to be following in the same footsteps, with the SEC’s regulatory agenda marked by significant proposed SEC rules such as the new Custody Rule. Which isn’t even to mention ongoing enforcement actions, which have been underscored by the SEC recently issuing the highest Whistleblower award in history.
While the rapid pace of new SEC rules being proposed can seem insurmountable, it is important for firms to go back to the basics:
• Conduct a risk assessment.
• Focus on highest risk areas.
• Pay close attention to exam priorities, risk alerts and additional guidance.
Top tips to conduct a successful risk assessment
By conducting an audit of your highest risk areas, your firm can gain a clear understanding of what is working and what may need to be updated…especially as proposed rules become adopted rules.
To conduct a thorough risk assessment, your firm should:
1. Identify areas of operational risk: When conducting a risk assessment, the CCO should start by identifying a list of operational and compliance risks within your specific firm.
2. Involve your entire firm: Consider adding an all-hands meeting to the team calendar specifically for discussing potential compliance risks. Give your employees a heads-up so they have time to ruminate on the topic beforehand.
3. Stay up to date with SEC risk alerts: Firms should be aware that the SEC will likely take a closer look at those categories named in risk alerts during audits.
As you are implementing new policies and procedures to address your highest risk areas, pay close attention to exam priorities, risk alerts and additional guidance. You may need to change your risk assessment based on a new risk alert that applies to you and reprioritize your tasks.
CCOs and compliance professionals face the ever-challenging task of mitigating risks and navigating complex regulations. To help your firm manage risk despite the fluctuations in the market, we have released 2023 edition of COMPLY’s CCO Playbook, which outlines the sophisticated risks and red flags that will affect regulatory compliance in the next year.