The SEC's Office of Compliance Inspections and Examinations (OCIE) published its annual examination priorities for 2020.
On January 7, 2020, the Office of Compliance Inspections and Examinations (OCIE) for the Securities and Exchange Commission (SEC) published its examination priorities for 2020. The priorities generally reflect practices, products, and services that OCIE believes may present heightened risk to investors and the integrity of the US capital markets. OCIE's 2020 priorities span over seven topics:
Retail investors, including seniors and those saving for retirement (see Retail Investors).
OCIE prioritizes the protection of retail investors, particularly seniors and those saving for retirement. OCIE plans to conduct examination initiatives related to:
Fraud, sales practices, and conflicts.
Retail-targeted investments.
Standards of Care.
Fraud, Sales Practices, and Conflicts
OCIE examinations will focus on:
Recommendations and advice given to retail investors, with particular focus on:
seniors, including recommendations and advice made by entities and individuals targeting retirement communities; and
teachers and military personnel.
Higher-risk products, including those that:
are complex and non-transparent;
have high fees and expenses; or
where an issuer is affiliated with or related to the registered firm making a recommendation.
OCIE will also continue to examine registered investment advisers to assess whether they have, as fiduciaries, fulfilled their duties of care and loyalty, including assessments of:
Whether investment advisers provide advice in the best interest of their clients.
The elimination, or full and fair disclosure of, all conflicts of interest that might induce an investment adviser to provide advice that is not disinterested.
Risks associated with:
fees and expenses; and
undisclosed, or inadequately disclosed, compensation arrangements.
Retail-Targeted Investments
OCIE will continue to prioritize examinations of certain securities products that pose elevated risks when marketed or sold to retail investors, including:
Before the June 30, 2020, compliance date for Regulation Best Interest and Form CRS, OCIE will engage with broker-dealers during examinations on their progress in implementing the new rules and assist with questions. After the compliance dates, OCIE will assess implementation of the requirements of Regulation Best Interest and the content and delivery of Form CRS. The Interpretation Regarding Standard of Conduct for Investment Advisers has already been integrated into the OCIE's Investment Adviser-Investment Company program.
Information Security
Examinations will focus on proper configuration of network storage devices, information security governance generally, and policies and procedures related to retail trading information security.
Specific to investment advisers, OCIE's information security examinations will focus on:
Governance and risk management.
Access controls.
Data loss prevention.
Vendor management.
Training.
Incident response and resiliency.
OCIE will also focus on:
Regarding third-party and vendor risk management, oversight practices relating to certain service providers and network solutions, including those using cloud-based storage.
Compliance with Regulations S-P and S-ID.
Controls surrounding online access and mobile app access to customer brokerage account information.
Safeguards around the proper disposal of retired hardware that may contain client information or network information that could create a cyberattack vulnerability.
Fintech and Innovation
OCIE is focused on keeping up-to-date with the rapid developments in financial technologies, methods of capital formation, market structures, and investor interfaces, including the use of new sources of data that may drive investment decision-making. OCIE examinations will focus on the use of data sets and technologies used to interact with and provide services to investors, firms, and other service providers. In addition, OCIE examinations will focus on:
Digital assets.
Electronic investment advice.
Digital Assets
OCIE will continue to examine SEC-registered market participants engaged in the sale of digital assets, assessing:
Investment suitability.
Portfolio management and trading practices.
Safety of client funds and assets.
Pricing and valuation.
Effectiveness of compliance programs and controls.
Supervision of employee outside business activities.
Electronic Investment Advice
OCIE will also continue to focus on investment advisers providing services through automated investment tools (also called robo-advisers), including in the areas of:
SEC registration eligibility.
Cybersecurity policies and procedures.
Marketing practices.
Adherence to fiduciary duty, including adequacy of disclosures.
Effectiveness of compliance programs.
Investment Advisers and Investment Companies
In addition to those referenced above relating to retail investors, OCIE will have additional focus on certain areas involving registered investment advisers and investment companies.
Investment Adviser Compliance Programs
OCIE will continue to review compliance programs of investment advisers, prioritizing examinations of investment advisers that are dually registered as, or are affiliated with, broker-dealers, or have supervised persons who are registered representatives of unaffiliated broker-dealers. Areas of focus will include:
Firms that utilize the services of third party asset managers to advise clients' investments to assess the extent of these investment advisers due diligence practices, policies, and procedures.
OCIE will also have particular interest in the accuracy and adequacy of disclosures provided by investment advisers offering clients new types or emerging investment strategies, including sustainable investing that incorporates environmental, social, and governance (ESG) criteria.
Never-Before or Not Recently-Examined Investment Advisers
OCIE will continue to conduct risk-based examinations of:
Investment advisors that have never been examined, including newly-registered investment advisors as well as those registered for several years but that have yet to be examined.
Investment advisors that have not been examined for a number of years and may have substantially grown or changed business models.
Mutual Funds and ETFs
OCIE will continue to assess industry practices and regulatory compliance in several areas, including:
Investment advisers that use third-party administrators to sponsor the mutual funds they advise or are affiliated with.
Mutual funds or ETFs that have not previously been examined.
Investment advisers to private funds that also manage a registered investment company with a similar investment strategy.
Investment Advisers to Private Funds
OCIE plans to focus on investment advisers to private funds that have a greater impact on retail investors. OCIE will also review investment advisers to private funds to assess compliance risks and conflicts of interest.
Broker-Dealers and Municipal Advisors
In addition to areas focusing on sales practices referenced above, broker-dealer examinations will focus on financial responsibility and risk management.
Broker-Dealer Financial Responsibility
Examinations of broker-dealers will continue to focus on compliance with the Customer Protection Rule and Net Capital Rule, including the adequacy of internal processes, procedures, and controls.
Trading and Broker-Dealer Risk Management
OCIE will also examine broker-dealers' trading and risk management practices, including:
Trading and other activities in odd lots.
Controls around the use of automated trading algorithms.
The use of internal procedures, practices, and controls to manage trading risk.
Municipal Advisors
OCIE will continue to conduct examinations of municipal advisors, concentrating on whether these municipal advisors have satisfied their registration requirements and professional qualifications as well as continuing education requirements. OCIE will also prioritize whether municipal advisors provided the appropriate disclosures regarding their conflicts of interests and compliance with new MSRB Rule G-40 concerning advertisements.
Anti-Money Laundering Programs
OCIE will continue to prioritize examining broker-dealers and investment companies for compliance with their anti-money laundering (AML) obligations, including whether they have established appropriate customer identification programs and are:
Satisfying their suspicious activity reports (SARs) filing obligations.
Conducting due diligence on customers.
Complying with beneficial ownership requirements.
Conducting robust and timely independent tests of their AML program.
Market Infrastructure
OCIE plans to conduct examination initiatives related to:
Clearing agencies.
National securities exchanges.
Regulation Systems Compliance and Integrity (SCI) entities.
Clearing agencies can expect their examination to focus on:
Compliance with the SEC's Standards for Covered Clearing Agencies and other federal securities laws applicable to registered clearing agencies.
Whether clearing agencies have taken timely corrective action in response to prior examinations.
Other areas identified in collaboration with the SEC's Division of Trading and Markets and with other regulators.
OCIE will also examine governance, legal, compliance and risk management frameworks by reviewing these entities’ efforts to escalate deficiencies identified by OCIE and internal auditors and whether they have taken timely and appropriate action to correct those deficiencies and mitigate associated risks.
National Securities Exchanges
OCIE will examine:
The operations of national securities exchanges, especially how they react to market disruptions.
How national securities exchanges monitor member activity for compliance with federal securities laws and rules, focusing on exchange efforts concerning abusive, manipulative, and illegal trading practices.
Regulation SCI Entities
OCIE will continue to examine SCI entities to evaluate whether they have effectively implemented written policies and procedures required by Regulation SCI. In addition, OCIE will focus on:
IT inventory management.
IT governance.
Incident response.
Third-party vendor management.
Whether SCI entities have taken appropriate action in response to past examinations.
Transfer Agents
Transfer agents can expect OCIE examinations to focus on:
Transfers, recordkeeping, and the safeguarding of funds and securities.
The requirement for transfer agents to annually file a report by an independent accountant concerning the transfer agency's system of internal accounting controls.
Focus on FINRA and MSRB
FINRA
OCIE will continue conducting risk-based oversight examinations of FINRA, inspections of FINRA's major regulatory programs and oversight examinations of FINRA's examinations of certain broker-dealers and municipal advisors in order to make recommendations to improve FINRA's programs, risk assessment processes, and future examinations.
MSRB
OCIE will continue examining the effectiveness of MSRB's policies, procedures, and controls.