The SEC's Office of Compliance Inspections and Examinations (OCIE) published its annual examination priorities for 2020.
On January 7, 2020, the Office of Compliance Inspections and Examinations (OCIE) for the Securities and Exchange Commission (SEC) published its examination priorities for 2020. The priorities generally reflect practices, products, and services that OCIE believes may present heightened risk to investors and the integrity of the US capital markets. OCIE's 2020 priorities span over seven topics:
Retail investors, including seniors and those saving for retirement (see Retail Investors).
Before the June 30, 2020, compliance date for Regulation Best Interest and Form CRS, OCIE will engage with broker-dealers during examinations on their progress in implementing the new rules and assist with questions. After the compliance dates, OCIE will assess implementation of the requirements of Regulation Best Interest and the content and delivery of Form CRS. The Interpretation Regarding Standard of Conduct for Investment Advisers has already been integrated into the OCIE's Investment Adviser-Investment Company program.
Examinations will focus on proper configuration of network storage devices, information security governance generally, and policies and procedures related to retail trading information security.
Specific to investment advisers, OCIE's information security examinations will focus on:
Governance and risk management.
Data loss prevention.
Incident response and resiliency.
OCIE will also focus on:
Regarding third-party and vendor risk management, oversight practices relating to certain service providers and network solutions, including those using cloud-based storage.
Compliance with Regulations S-P and S-ID.
Controls surrounding online access and mobile app access to customer brokerage account information.
Safeguards around the proper disposal of retired hardware that may contain client information or network information that could create a cyberattack vulnerability.
Fintech and Innovation
OCIE is focused on keeping up-to-date with the rapid developments in financial technologies, methods of capital formation, market structures, and investor interfaces, including the use of new sources of data that may drive investment decision-making. OCIE examinations will focus on the use of data sets and technologies used to interact with and provide services to investors, firms, and other service providers. In addition, OCIE examinations will focus on:
Electronic investment advice.
OCIE will continue to examine SEC-registered market participants engaged in the sale of digital assets, assessing:
Portfolio management and trading practices.
Safety of client funds and assets.
Pricing and valuation.
Effectiveness of compliance programs and controls.
Supervision of employee outside business activities.
Electronic Investment Advice
OCIE will also continue to focus on investment advisers providing services through automated investment tools (also called robo-advisers), including in the areas of:
In addition to those referenced above relating to retail investors, OCIE will have additional focus on certain areas involving registered investment advisers and investment companies.
Investment Adviser Compliance Programs
OCIE will continue to review compliance programs of investment advisers, prioritizing examinations of investment advisers that are dually registered as, or are affiliated with, broker-dealers, or have supervised persons who are registered representatives of unaffiliated broker-dealers. Areas of focus will include:
Firms that utilize the services of third party asset managers to advise clients' investments to assess the extent of these investment advisers due diligence practices, policies, and procedures.
OCIE will also have particular interest in the accuracy and adequacy of disclosures provided by investment advisers offering clients new types or emerging investment strategies, including sustainable investing that incorporates environmental, social, and governance (ESG) criteria.
Never-Before or Not Recently-Examined Investment Advisers
OCIE will continue to conduct risk-based examinations of:
Investment advisors that have never been examined, including newly-registered investment advisors as well as those registered for several years but that have yet to be examined.
Investment advisors that have not been examined for a number of years and may have substantially grown or changed business models.
Mutual Funds and ETFs
OCIE will continue to assess industry practices and regulatory compliance in several areas, including:
Investment advisers that use third-party administrators to sponsor the mutual funds they advise or are affiliated with.
Mutual funds or ETFs that have not previously been examined.
Investment advisers to private funds that also manage a registered investment company with a similar investment strategy.
Investment Advisers to Private Funds
OCIE plans to focus on investment advisers to private funds that have a greater impact on retail investors. OCIE will also review investment advisers to private funds to assess compliance risks and conflicts of interest.
Broker-Dealers and Municipal Advisors
In addition to areas focusing on sales practices referenced above, broker-dealer examinations will focus on financial responsibility and risk management.
Broker-Dealer Financial Responsibility
Examinations of broker-dealers will continue to focus on compliance with the Customer Protection Rule and Net Capital Rule, including the adequacy of internal processes, procedures, and controls.
Trading and Broker-Dealer Risk Management
OCIE will also examine broker-dealers' trading and risk management practices, including:
Trading and other activities in odd lots.
Controls around the use of automated trading algorithms.
The use of internal procedures, practices, and controls to manage trading risk.
OCIE will continue to conduct examinations of municipal advisors, concentrating on whether these municipal advisors have satisfied their registration requirements and professional qualifications as well as continuing education requirements. OCIE will also prioritize whether municipal advisors provided the appropriate disclosures regarding their conflicts of interests and compliance with new MSRB Rule G-40 concerning advertisements.
Anti-Money Laundering Programs
OCIE will continue to prioritize examining broker-dealers and investment companies for compliance with their anti-money laundering (AML) obligations, including whether they have established appropriate customer identification programs and are:
Satisfying their suspicious activity reports (SARs) filing obligations.
Conducting due diligence on customers.
Complying with beneficial ownership requirements.
Conducting robust and timely independent tests of their AML program.
OCIE plans to conduct examination initiatives related to:
National securities exchanges.
Regulation Systems Compliance and Integrity (SCI) entities.
Clearing agencies can expect their examination to focus on:
Compliance with the SEC's Standards for Covered Clearing Agencies and other federal securities laws applicable to registered clearing agencies.
Whether clearing agencies have taken timely corrective action in response to prior examinations.
Other areas identified in collaboration with the SEC's Division of Trading and Markets and with other regulators.
OCIE will also examine governance, legal, compliance and risk management frameworks by reviewing these entities’ efforts to escalate deficiencies identified by OCIE and internal auditors and whether they have taken timely and appropriate action to correct those deficiencies and mitigate associated risks.
National Securities Exchanges
OCIE will examine:
The operations of national securities exchanges, especially how they react to market disruptions.
How national securities exchanges monitor member activity for compliance with federal securities laws and rules, focusing on exchange efforts concerning abusive, manipulative, and illegal trading practices.
Regulation SCI Entities
OCIE will continue to examine SCI entities to evaluate whether they have effectively implemented written policies and procedures required by Regulation SCI. In addition, OCIE will focus on:
IT inventory management.
Third-party vendor management.
Whether SCI entities have taken appropriate action in response to past examinations.
Transfer agents can expect OCIE examinations to focus on:
Transfers, recordkeeping, and the safeguarding of funds and securities.
The requirement for transfer agents to annually file a report by an independent accountant concerning the transfer agency's system of internal accounting controls.
Focus on FINRA and MSRB
OCIE will continue conducting risk-based oversight examinations of FINRA, inspections of FINRA's major regulatory programs and oversight examinations of FINRA's examinations of certain broker-dealers and municipal advisors in order to make recommendations to improve FINRA's programs, risk assessment processes, and future examinations.
OCIE will continue examining the effectiveness of MSRB's policies, procedures, and controls.