The Office of Compliance Inspections and Examinations (or OCIE) recently issued a Risk Alert that identified the five most frequent compliance topics that arising from OCIE examinations. These compliance topics include the following:
- Deficient compliance programs,
- Late or insufficient filings,
- Violations of the custody rule,
- Code of Ethics compliance deficiencies, and
- Books and records.
Among other things, OCIE noted that it continues to see untailored “off-the-shelf” manuals, deficient or non-existent annual reviews, as well as the systemic failure to follow procedures. So what does this all mean?
It would certainly appear from OCIE’s analysis that firms continue to take the easy way out when it comes to compliance. There is nothing per se wrong with an “off-the-shelf” compliance manual. The impropriety comes when the firm does nothing to modify that manual to conform to its business model. Not conforming a compliance manual to your individual circumstances is no different from not having a manual.
Equally problematic are the lack of meaningful annual reviews. Any annual review must be meaningful to have any regulatory significance. A meaningful review can look differently from firm to firm, but there are a few components were noting.
First, everyone at the firm must participate in the review process. Compliance comes from the tone at the top. Second, the firm should employ a checklist of required elements, and those that may be firm specific. Third, correct any deficiencies found through this process.
Compliance is not easy. But don’t take the easy way out. Having a robust compliance program takes hard work. Do it now, or pay the SEC later.