401k Retirement, Investment and Practice Management News for Financial Planners

5 Tips to Supercharge Your Annual Review Process

Chris DiTata
RIA annual review process

Image credit: © Iryna Drozd | Dreamstime.com

While the “annual review” process is one of the most begrudged activities for advisors, it doesn’t have to be. The requirement sounds simple enough: review your compliance policies and procedures at least annually; in practice, compliance with the requirement is far more difficult than the language indicates.

It is clear that the SEC expects RIAs to engage in substantially more than a cursory review of the compliance manual. In fact, RIAs must be able to demonstrate a variety of compliance responsibilities: a comprehensive process for identifying and assessing compliance risks applicable to the firm; a protocol for transactional testing (day-to-day operations), and forensic testing (assessments to spot unusual patterns over a longer period); material violations and resulting corrective actions; employee training and more.

Chris DiTata, Esq.

At first glance, Rule 206(4)-7 itself appears to be relatively straightforward. If you are an advisor registered or required to be registered under Section 203 of the Investment Advisers Act of 1940 (Advisers Act), you must:

  1. Adopt and implement written customized policies and procedures reasonably designed to prevent violations of the rules under the Advisers Act;
  2. Designate a Chief Compliance Officer who is responsible for administering the policies and procedures; and
  3. Review, at least annually, the adequacy of the policies and procedures and the effectiveness of their implementation.

In its November 19, 2020, Risk Alert, the SEC listed the following themes among annual review deficiencies:

One of the challenges the Rule presents for RIAs is that it does not provide detailed guidance on how annual reviews are to be conducted, the date by which they must be completed, who should conduct them, and how they are to be documented. What was intended to create flexibility for RIAs to conduct annual reviews tailored to the business practices of each firm has instead resulted in many RIAs conducting one-size-fits-all, check-the-box reviews that do not comport with the intent and spirit of the Rule.

With the above in mind, I’d like to offer some helpful tips for RIAs to remember when designing and implementing annual reviews:

  1. The annual review should address issues that arose during the year, regulatory developments, and changes to the firm’s business. To help make the process easier, we suggest that firms make a habit of documenting any issues that arise in real-time. This will ease the end-of-year burden.
  2. The annual review must be based on testing of a firm’s policies and procedures, which should be designed to prevent, detect and correct compliance violations. This cannot be crammed into a day or two at year-end; rather, this testing should be an ongoing process throughout the year. The annual review is the culmination of this testing process, not a replacement of it.
  3. Issues identified in a firm’s compliance program should be addressed as soon as possible; identifying violations without correcting them is a common mistake that will result in an SEC examination deficiency or worse. For example, discovering that a client’s investment profile information is outdated and then failing to promptly update that information compounds the initial problem by delaying the corrective action.
  4. RIAs are required under Rule 204-2 (the Books and Records rule) to keep records documenting the annual review for five years. Although the Rule does not contain a list of required documents, RIAs should retain records of the policies and procedures reviewed and any changes that were made to the policies as a result of the review, in addition to any testing, training, violations, and corrective actions. Remember: performing the review is not enough; you must be able to document it.
  5. Annual reviews must be conducted at least annually, but there is no specified timeline. Some RIAs will choose to schedule the review to coincide with other required reviews, such as the annual retrospective review required by the DOL as part of its PTE 2020-02 Fiduciary Advice Exemption. Other RIAs will try to schedule the review during a relatively slow period for the firm. Regardless of timing, it is important to ensure that there are no gaps in the review periods.

While the text of the annual review requirement is deceptively simple, it is crucial that RIAs are not lulled into a false sense of security. Failing to conduct a thorough annual review or failing to correct any issues discovered during the review can result in a deficiency or enforcement action.

Given this scrutiny and upcoming regulatory changes, RIAs should take immediate action to determine whether annual reviews are being conducted with the rigor and comprehensiveness the SEC expects and whether they have allocated sufficient time and resources to do so.

The annual review is one of the cornerstones of a RIA’s compliance program, reflecting the firm’s culture of compliance. Seek guidance from an experienced compliance consultant or attorney who can assist with your annual reviews and help bolster your compliance program.

Christopher DiTata, Esq. is RIA in a Box’s Vice President and General Counsel. A former associate of Goodwin Procter, LLP and Babchik & Young, LLP, he brings a business law background to the company, with specialized knowledge in corporate governance and compliance. He holds a JD from NYU School of Law and a BA in Economics from the University of Pennsylvania. For more information, please visit www.riainabox.com.

SEE ALSO:

• Top Focus of 401k Plan Sponsors in 2022? Reviewing Fees

• How to Seize Opportunity With Annual 401k Plan Reviews

• Year-End 401k Plan Compliance Checklist

Exit mobile version