The SEC’s Division of Examination’s (formerly OCIE) annual announcement of its exam priorities is always noteworthy. It provides helpful insight into this division’s thinking and can serve as a roadmap for regulated entities to focus their compliance and supervision planning. The announcement of these priorities is even more important following a change in the presidential administration and the changes at the Commission that inevitably follow. Not surprisingly, the recently announced Division of Examination priorities for 2021 (summarized below) align with the Biden Administration’s policy priorities and key trends in the financial landscape.
Closing out 2020, the SEC’s Division of Examinations (OCIE) issued a Statement on Recent and Upcoming Regulation Best Interest Examinations. There the Division of Examinations announced its intention “to begin its next phase [of Reg BI examinations] by conducting more focused examinations … beginning in January 2021.”
In an unprecedented move, the U.S. Securities and Exchange Commission (SEC) released guidance on several platforms in a 30-day period in 2020 regarding certain views on the important role and potential liability risks of chief compliance officers (CCOs). The SEC’s focus on the role of compliance is not new but sometimes the SEC’s support for compliance has not appeared to extend beyond the SEC’s Office of Compliance Inspections and Examinations (OCIE). In this article, we analyze the guidance provided by each source.
Continue reading “The SEC’s CCO Guidance Month”
Reg BI has passed its compliance date of June 30, 2020. The SEC and FINRA have commenced examinations to test brokerage firms’ good faith compliance with Reg BI and Form CRS disclosure satisfaction. Our article “Have No Fear, Reg BI Is Finally Here” provides a brief overview of Reg BI and deciphers its implications for brokers and broker-dealers. It also provides an overview of a recent Risk Alert drafted by the SEC’s Office of Compliance Inspections and Examinations (OCIE), and examines the SEC’s and FINRA’s review of Reg BI compliance.
The SEC has issued guidance addressing the Form CRS. The first is a Risk Alert from the Office of Compliance Inspections and Examinations (OCIE) indicating that OCIE will be looking for good faith compliance when it conducts examinations after the June 30, 2020 Form CRS compliance date. The second includes additional FAQs providing clarification on delivery and filing requirements along with several other topical areas. We discuss the examination guidance and the FAQs in more detail in an alert on our website for those looking for more in-depth analysis. Also, note that the CRS Risk Alert was issued concurrently with a similar Alert on Reg BI examinations in general, which is the subject of a separate post on this site.
As SEC Chairman Clayton previously indicated, the compliance date of Form CRS will not be extended, but the “initial” examinations will focus on whether firms made “a good faith effort to implement Form CRS.” While emphasizing that the Risk Alert is not intended to serve as an explanation of Form CRS requirements, OCIE explains that its initial examinations may include assessment of compliance with the following areas:
On April 7, 2020, the Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert providing guidance for the SEC’s post–June 30, 2020, examinations of firms’ compliance with Regulation Best Interest (Reg BI). This guidance is covered more fully in our Client Alert of April 13, 2020.
In an effort to present transparency in its prospective examination for Reg BI compliance, OCIE’s Risk Alert includes a three-page Appendix that provides an example of an OCIE Reg BI examination document and information request list. OCIE encourages firms to use the documents listed in the Appendix to assess their implementation plans for Reg BI. Firms should study this exemplar request list closely.
The SEC’s OCIE recently issued a Risk Alert focusing on compliance issues related to Regulation S-P, the primary SEC rule governing compliance practices for privacy notices and safeguard policies for investment advisers and broker-dealers. The Risk Alert summarizes the OCIE’s findings from two-year’s worth of issues identified in deficiency letters to assist investment advisers and broker-dealers in adopting and implementing effective policies and procedures for safeguarding customer records and information pursuant to Regulation S-P.
In this alert, partner Jim Lundy outlines the Regulation S-P requirements, the OCIE’s Regulation S-P findings and key takeaways for SEC registrants.
Last month the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued its “2019 Examination Priorities.” The release of OCIE’s 2019 Priorities this year was earlier than in years past. In retrospect, the date of issuance being the last day before the vast majority of the SEC staff was furloughed may just be coincidental, but the federal government shutdown allowed the industry more time to study OCIE’s 2019 Priorities for compliance planning for the upcoming year. Another impact of the shutdown and furloughs in an area directly related to OCIE’s first priority is that the SEC’s efforts and the timing of the finalization of the Reg BI proposals have very likely been slowed as well. The recent ending of the SEC furloughs and OCIE’s continuing prioritization of retail and retirement regulatory issues presents us with an opportune time to re-visit these important topics.
In August 2017, the SEC’s Office of Compliance Inspection and Examinations (OCIE) issued a Risk Alert outlining observations from its “Cybersecurity 2 Initiative,” which was built upon its 2014 “Cybersecurity 1 Initiative.” Notably, this alert offered a rare industry compliment, describing “an overall improvement” in cybersecurity practices and processes since the Cybersecurity 1 Initiative. Below we summarize the OCIE staff’s observations, certain criticisms and their descriptions of robust policies, procedures and practices.
Continue reading “The SEC’s 2017 Cybersecurity Alert and New Cyber Unit”