Preparing for an SEC Exam: Best Practices 


A Compliance Officer's Best Tools and Tips for the SEC Exam Process

On September 13, MyComplianceOffice co-hosted a webinar with Milne Legal. Our presenters Dustin Milne, Charles Lerner and Laetitia Mantel discussed what an investment advisory firm outside of the US needs to consider when dealing with the US. This included discussions on what defines a US person, when to register with the SEC, how to handle a SEC exam and what sort of compliance program you should have in place.

 You can download a full copy of the slides from this webinar.


Full video transcript available below:

This brings us now to the last point on the agenda, preparing for an SEC examination. I'm handing the mic to Charles Learner.

Thank you. I'm going to focus on three areas. One is what to do before an examination, notice before the examiners come to you. Secondly, how you deal with the examination itself, and thirdly delve into a couple of the issues that are more hot button issues.

Before the SEC comes in, they try to do some sort of risk analysis to determine what advisers to look at. In the case of a non-U.S. adviser, I think they would look at a couple things. One, your size, whether you have an office in the United States, number of employees, your potential conflicts ... Do you have a custodian that's affiliated? Potential conflict. Do you have an affiliated broker dealer? Potential conflict. To see what those potential conflicts are.

They may come in for looking at a specific issue. They may get it from a news story or an area. There are a number of things. One of the other things to point out is to be prepared. The SEC publishes, and they're available many places on the internet, document request lists. The most expansive one has maybe 50, 60 items. You want to get that list, you want to go through that list. I have clients who put it in an excel spreadsheet. Where is that item and who is responsible for it? If they want to know a list of employees, your journals, your checks, marketing material, emails ... Where are those documents so that you don't have to scramble around?

The other thing is I would have it on a ready opening presentation materials, like a PowerPoint slide. The same kind of thing that you might do for a client. In the introduction, you're going to want to use this.

In the examination itself; there are various kinds. There can be a Sweep: they look at a topic. A short form one, which is Presence. Specifically looking at a Cause, an area to come in. Maybe looking at insider trading. Or a Full one, an up, the down, looking at the place.

They'll call you, let you know, give you two weeks to produce the documents to a secure server. They'll come on site. What you'll do is give them a tour of the office. You'll use that opening presentation materials and it should be presented by the most senior people in your firm. The most senior people in the firm. It shows that you take the examination seriously and you're showing due respect.

I had a client where the two main partners did the presentation. The examiners that were there for five weeks. They never spoke to those two people again. They talked to other people in the firm; they thought they had got enough from that.

The keystone is the CCO. Setting good tone of openness with the examiners, touching base with them, do they have what they need? There'll be interviews. At the end of each interview there'll be document quests that will flow out of that, very natural as they delve into more materials.

I realize I'm going quickly over some of these things due to time. We can go over ... If people have questions, they want to know more information.

At the end there's a closing meeting in which they'll talk about what they see as the deficiencies. Then they will send a deficiency letter. 90% of the time there is a deficiency letter. Sometimes it can be as minor as being too many superlatives in the marketing material, you don't produce your emails fast enough ... Those kinds of issues.

When they come in, they're going to expect to see certain policies and procedures like the manual prepared specifically. What they're going to want to see - the next left bullet - is a written annual compliance review report

A number of the people who voted earlier said they had not done an annual compliance review and additionally some had said they'd had a compliance review but it wasn't in writing. It is essential that there be one and it is essential that it be in writing.

The compliance rule, which is 20647 says three things. One, there has to be a Chief Compliance Officer. Two, they have to have adequate policies and procedures. Three, there must be an annual compliance review. You can do it internally, you can do it externally. I obviously have a bias for an external review because that's something we do. Partially because a Chief Compliance Officer does not know what they don't know. When you come in and do a review either by your internal audit from another part of the organization or externally, they will be able to show you issues and areas and procedures that others used.

Charles, just quickly, you referenced a risk matrix. When a firm's developing a risk matrix, who should be participating in that and what you see being a part of that matrix?

While it's led by compliance or risk department if you have it, it really must involve the business people as well. The way you do it, you want to determine what are the risks of your firm, both regulatory and otherwise? What is the regulation that applies to it? What is the control you have for that? What kind of testing are you going to do? The SEC is going to want your policies and procedures designed to fit with your risk. They will expect to see a risk matrix.

I'm going to skip to the next slide. It goes into certain hot button issues. That's slide 25. A couple of things when the SEC comes in. They use this term Culture of Compliance which is an elusive term. What it really means ... Who is the CCO? Are they educated on compliance? Do they have a senior enough role in the firm in order to effectuate a compliance program? How is management involved in the compliance program to show what that culture of compliance.

One of the ways I try to demonstrate it is to ensure that there's some sort of regular meetings between compliance and senior management. Some people call it the risk operations committee. It should meet maybe quarterly. The presentation could be what are things that have come up, we're filing an ADV, re-instituting new policies and procedures, we're changing the manual, issues that have come up, what's happening in the regulatory world? It demonstrates there's a regularity and that senior management is involved.

The other one I want to mention is Wrap Fees. That seems to be somewhat prevalent in the non US situation where an affiliated bag custodian will have an affiliated advisor, or another situation where there is a wrap fee involved. The client pays one fee and gets the adviser who services the custody and brokers execution. The SEC has focus on this as a hot button issue. Consider a couple things. One, is a wrap fee really appropriate for that client? If they don't do enough transactions, why are they paying for the many transactions in a wrap fee? 

Secondly, are they getting best execution? One of the ways is an adviser related or using a number of custodians and they're doing the trade and want security; you'll be able to see what the executions were at the various brokerage firms. If there's a consistent bad execution, a not good execution, compared to the others, you may want to do something about it, do some disclosure or take some sort of action.

The other thing, insider trading, is always an issue. We need to always be attentive to that and pay responsibility

This webinar was co-hosted with Milne Legal. To learn more visit 

Find out how MCO can help

Request a demo today to learn how MyComplianceOffice puts you in command of your compliance program, synchronizing your business needs with regulation. 

Request a Demo



Download our four page Portfolio of Solutions to learn about;

  • Personal Trade Monitoring
  • Gifts & Entertainment
  • Political Contributions
  • Third Party vendor risk management
  • Trade surveillance
  • And more

Brochure Download