Risk Alert: Examinations that Focus on Compliance with Regulation Best Interest
- Source: sec.gov
Treliant Takeaway:
We work with many clients who are now starting the final step in the long journey of preparing for and implementing Reg BI. If you have any questions about the industry standards in response to the Risk Alert, Treliant can help.
We previously wrote an article about preparing for the implementation of the new Regulation Best Interest (Reg BI) requirements for broker-dealers. The world has since changed dramatically. Over the past year, firms have implemented many changes to both their business models and compliance programs in response to Reg BI. The implementation date has now passed, so what comes next? This Treliant Takeaway will concentrate on examination readiness and testing.
Article Highlights:
In April 2020, the Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert addressing their Reg BI examination plans. The Risk Alert outlined the timing and approach that would be used for examinations commencing after the implementation date, and, most importantly, provided an outline of the examination initial document request lists. OCIE addressed six key characteristics of their examination approach:
- Timing and Overall Approach – The Risk Alert states that the examinations will commence during the first year after the rule effective date (June 30, 2020) and notes that OCIE’s stated goal is to assess the firm’s overall Reg BI compliance program. OCIE indicates that the standards for the review will be whether or not the firm has made a good faith effort to implement the regulation and whether or not the firm’s program has made reasonable progress toward implementation. It further defines four focus areas, representing the critical implementation points, in which OCIE plans to conduct interviews, review documentation, and perform testing during the exam.
- Disclosure Obligations – The first testing area will focus on the firm’s duty to disclose in writing all material facts related to the scope and terms of the relationship, as well as the conflicts of interest related to any recommendations, to all retail clients and prospects. The examination will additionally analyze a number of specific disclosures previously outlined. Furthermore, the SEC highlights that it will review both the timing and process of disclosure delivery, as well as specific disclosure documents including: fee and expense schedules; compensation models; account review procedures; proprietary product information; disclosures; and other related documents.
- Duty of Care Obligations – The duty of care obligation is the second testing area, focusing on the broker-dealer’s duty to exercise skill, diligence, and care in making recommendations to retail clients. Where the initial area focuses primarily on the disclosure documents, this testing area will focus on both documents and process to address whether or not the recommended product characteristics, costs, risks, and return profiles match the clients’ documented profiles. Client account documentation and processes for making recommendations will carry significant attention.
- Conflict of Interest Obligations – Where the first testing area refers specifically to the retail client disclosures of conflicts of interest, this area applies to the broader obligation to develop a program to identify, mitigate, and disclose conflicts related to the retail customer recommendations. OCIE will test policies and procedures documenting the overall conflict process, with specific emphases on salesperson incentive conflicts, product and service limitations, and sales incentive programs and contests. Additionally, OCIE will test conflict identification processes, as well as elimination and mitigation strategies.
- Compliance Programs – Finally, OCIE’s focus will shift to the compliance program, with an eye on written policies and procedures. Firms should take a broad view of this item and firms should be prepared to look beyond the compliance manual to written supervisory procedures, training materials, products, and other business or functional policies and procedures.
- Initial Request List – In the appendix, the Risk Alert provides a sample initial document request list, which is comprehensive in the data, documents, and information the OCIE will be requesting in each of the above testing areas.
While we expect that the SEC, in response to questions from various industry working groups, will be providing more clarity over the coming months, rarely do we get such transparency from the examiners into not only the “where” and “when” of examinations, but the “what” of the exams. So now that we have this advanced copy of the final exam what should firms be doing with it. Three ideas come to mind:
- Document Review and Exam Readiness – Firms should utilize the initial request list to identify what documents and information are responsive and locate where they are maintained. Since this will be a significant aspect of the next exam, firms should get ahead of the request and prepare the documents in advance. Once a firm knows which documents will be produced, the firm should review them for material issues, which may help to avoid potential flaws in the exam.
- Testing – Now that the program is up and running, does it really work the way it was designed? Once again, independent validation is critical to the identification of material issues. Completing a validation early enough to identify and remediate any issues is critical.
- Mock Interviews and Presentations – Finally, how is the firm presenting the program? Ensuring that business units including Sales, Product Risk, Compliance, and even Legal can present the program and speak to recent accomplishments is critical to preparing for the next exam. Firms should consider conducting mock exams of their staff and developing presentations to tell the story of what the firm has done. Both these steps can ease the burden of the next exam. Additionally, these steps can even be critical to firms to whom this does not apply, by explaining the reasons why it is not applicable.