Compliance Annual Testing Mandate: Tactics and Considerations
For SEC registered investment advisers, the end of the year brings many opportunities and unique challenges. It’s a time to catch-up, reflect, evaluate, and plan. This blog is the second in our 2021 CCO year-end roadmap series. Have a question or topic you’d like to see covered? Contact us here.
As we look toward a new year, it is important to start developing a testing plan that fits the specific needs of your firm. Given the unpredictability of 2020 and 2021, deciding your compliance testing schedule for 2022 requires exceptional preparedness.
After the events in 2020, it was predicted that firms may fall behind in testing. However, according to the 2021 Investment Management Compliance Testing Survey (“IMCT Survey”), the majority of respondents did not decrease their compliance testing in any area. We observed a continued increase in testing for Covid-19 related Business Continuity Planning (BCP), cybersecurity, electronic communication surveillance, advertising and marketing, personal trading/code of ethics, and more.
What was most interesting is that there was a significant increase in firms indicating they had increased their Environmental, Social, and Governance (ESG) testing. In 2020, 24% of respondents noted they had increased testing in ESG compared to 2019; however in 2021, 47% of respondents noted that they had increased testing in ESG based on the testing done in 2020.
The annual testing mandate prescribed by U.S. Securities and Exchange Commission's (SEC) Rule 206(4)-7 (the "Compliance Program Rule") requires advisers to review the adequacy of the compliance policies and the effectiveness of their implementation on a yearly basis. However, while this is an annual mandate, firms of differing sizes may approach testing in a manner that best suits their firm, as the Compliance Rule does not dictate the specific methods needed to satisfy its requirements.
For instance, larger organizations tend to prefer the continuous testing approach. Given that these firms operate under strict management, continuous testing satisfies the Compliance Program Rule, but also allows for focused, periodic reviews that help ensure that programs follow all regulations and are flexible as new regulations arise throughout the year.
Work Smarter, Not Harder
A periodic testing approach can minimize the number of resources used across the organization to achieve the requirements put in place by the SEC. Consistent with the SEC’s expectations, a holistic annual review should touch all aspects of an adviser’s business. Consequently, stakeholders and process owners operating in these critical areas will need to devote time and resources to address several inquiries made by the firm’s compliance group. Considering this need for firm-wide participation, a full-scale, project-based approach implicating all business units at once can create disruptions sufficient to frustrate the purpose and timeline of the review. Alternatively, choosing a few key focus areas to test each quarter avoids placing too heavy a burden on the organization as a whole, which can result in a more efficient exercise.
Focused and Effective Evaluations
A periodic testing approach tends to drive a tighter focus and more potent analysis of each area of the organization. An annual project-based approach could dilute the amount of attention given to each area of focus, which could potentially lead to erroneous conclusions drawn from a mile-wide, inch-deep evaluation. Breaking down the scope and areas of testing into each quarter could potentially prevent any mishaps that happen during the broader annual testing. This increased level of attention could lead to a more successful outcome.
The IMCT Survey shows that personal trading was by far the most common material violation at 36% while the second most common violation was advertising at 21%. Periodic testing can focus in on these specific issues and help prevent any material or glaring violations before submitting the annual testing results to the SEC.
Move with Agility
A large organization testing frequently throughout the year, or on a quarterly basis, allows more flexibility as SEC focus areas shift. Considering that the SEC frequently communicates new areas of focus via enforcement actions, risk alerts, investment management guidance, and no action letters, firms must be nimble enough to adjust their compliance program and testing as needed to meet any changes that may come up unexpectedly. A firm pursuing periodic testing is privy to SEC priorities as they develop which and allows the firms to accommodate to the current regulatory landscape.
According to the 2021 Investment Management Compliance Testing Survey there has been significant changes in what firms consider to be area of focus for the SEC and compliance “hot topics” trends between 2020 and 2021, some even doubling in popularity. Some of these hot topics for firms include advertising and marketing at 58% for 2021, up from the 25% in 2020; ESG and sustainability at 45% in 2021, jumping from only 14% in 2020; and a dramatic change in BCP focus at 17% in 2021, down from 64% in 2020. Considering these drastic changes in trends have occurred within a year, periodic testing could help your firm move nimbly as any unforeseen events happen or as regulatory focuses shift.
Planning and executing on a continuous testing mandate to satisfy the Compliance Program Rule is a complex and resource-intensive exercise involving multiple business units and stakeholders. Difficulties and delays may cause firms to adjust their focus as more urgent needs come up, however, failing to meet testing mandates can subject a firm to regulatory exposure and invite scrutiny from regulators.
How ACA Can Help
ACA can serve as a strategic partner to help firms solve their resource challenges. We haves significant experience in helping larger managers to supplement their internal testing efforts and meet annual deadlines. Learn more about how we can assist by contacting us here.
Looking to learn how your compliance testing stacks up with your peers? Gain peer insights and benchmark your compliance program with ACA’s Compliance Leaders Network (C-LEAD). C-LEAD is a new membership-based group of compliance thought leaders, backed by ACA’s dedicated research and analytics team and staff of experienced consultants. C-LEAD members gain access to exclusive research, benchmarking, and events designed to help CCOs and senior compliance leaders make informed, data-driven decisions on top functional challenges. Sign-up here for more information.