Memo #
33158

The SEC's Division of Examinations Publishes its 2021 Examination Priorities
| Print

[33158]

March 4, 2021 TO: ICI Members
Investment Company Directors
ICI Global Members
Chief Compliance Officer Committee
Internal Audit Committee
International Internal Audit Advisory Committee
SEC Rules Committee
Transfer Agent Advisory Committee SUBJECTS: Anti-Money Laundering
Compliance
Cybersecurity
Exchange-Traded Funds (ETFs)
Fixed Income Securities
Investment Advisers
Operations RE: The SEC's Division of Examinations Publishes its 2021 Examination Priorities

 

Overview of the Division of Examinations’ 2021 Priorities

For the ninth year in a row, the SEC office responsible for conducting inspections of registrants, the Division of Examinations,[1] has published its examination priorities for the coming year.[2] The Division’s priorities for 2021 are grouped into the following nine areas:

  • Retail investors, including seniors and individuals saving for retirement;
  • Information security;
  • Financial Technology (FINTECH) and Innovation, including Digital Assets;
  • Anti-Money Laundering;
  • The LIBOR Transition;
  • Additional Focus Areas Involving Registered Investment Advisers and Investment Companies;
  • Additional Focus Areas Involving Broker-Dealers and Municipal Advisors;
  • Market infrastructure (including Transfer Agents); and
  • Focus on FINRA and MSRB.[3]

Before discussing each of these areas, the Priorities have a “Message from the Division’s Leadership Team.” Among other things, this Message discusses: the Division’s growth; its observations on the global pandemic and its impact; the importance of compliance; the Division’s statistics for fiscal year (FY) 2020 and how they compare to those for FY 2019; risk, technology and industry trends; and the Division’s work, in light of other countries’ data privacy laws, to obtain records from those advisers that are registered with the SEC but located outside the US. The relevant portions of the Message from the Division’s Leadership Team are briefly summarized next.

Message from the Division’s Leadership Team

The Division’s Growth

The Message from the Division’s Leadership Team begins by noting that 2021 marks the 25th anniversary of the section of the SEC now known as the Division of Examinations. During these 25 years, the Division has grown in size and share of the SEC’s workforce to become the second largest office or division at the SEC. It now has more than 1,000 employees across the SEC’s headquarters and regional offices. 

The Pandemic

With respect to the pandemic, the Message notes that, “while there certainly were challenges” and adjustments to many registrants’ processes, “overall, the delivery of financial services continued in the pandemic environment as it should have and as investors and market participants have come to rely and depend on.” 

With respect to the Division’s activities, during the pandemic, it “pivoted to focus on the most pressing risks – including examining whether registered firms’ business continuity plans were updated, operational and effective, and addressing increased cybersecurity risks facing firms and investors.” The Division also published a COVID-19 Risk Alert to share its observations from these examinations.[4] 

The Importance of Compliance and CCOs

As with last year’s Priorities, this year’s Priorities again expressly emphasize that “the compliance programs, CCOs, and other compliance staff play critically important roles at firms” and “culture and tone from the top are key.” In the Division’s view, hallmarks of effective compliance programs include: compliance’s active engagement in most facets of firm operations; early involvement in important business developments; a knowledgeable and empowered CCO with full responsibility, authority, and resources to develop and enforce policies and procedures; and a commitment to compliance from C-level and similar executives to set a tone from the top that compliance is integral to the organization’s success.

The Division’s Statistics

In terms of the Division’s statistics, according to the Priorities:

  • In the last five years, the number of registered investment advisers (RIAs) the Division oversees has increased from about 12,000 to almost 14,000 and the advisers’ assets under management have increased from approximately $67 trillion to $97 trillion;
  • There are more than 3,900 RIAs that each manage over $1 billion in assets. More than 60% of RIAs are affiliated with other financial industry firms and approximately 11% provide advisory services to a mutual fund, exchange-traded fund, or other registered investment company;
  • In FY 2020, the Division completed 2,952 examinations, which was a 4.4% decrease from FY 2019;
  • The Division examined 15% of RIAs in FY 2020;
  • Examinations of investment companies remain “a core focus” of the Division’s examinations and during 2020 they conducted 100 such examinations. In addition to these examinations, the Division conducted “hundreds” of outreach calls to assess the impact of the pandemic;
  • The Division issued more than 2,000 deficiency letters in 2020 – which was identical to the amount issued in 2019;
  • The Division verified assets in over 4.8 million investor accounts holding over $3.4 trillion in assets. In 2019, these figures were 3.1 million accounts holding $1.5 trillion in assets. 

Risk, Technology, and Industry Trends

Under this heading in the Message, the Division notes that, in 2021, it will focus on, and respond to, market events and adjust its risk-based examination program accordingly. Towards this end, the Division has expanded its ability to respond to new and emerging risk areas with its newly created Event and Emerging Risks Examinations Team (EERT). The Division expects the EERT to proactively engage with registered firms and other market participants about emerging threats and current market events. EERT can quickly mobilize to provide expertise and resources to the SEC’s regional offices when critical matters arise.

The Division continues to enhance its use of “new technology and advanced data analytics” to both identify examination targets and analyze information collected during its inspections. It also continues to work with the SEC’s Division of Economic and Risk Analysis (DERA) to build upon its existing work in predictive modeling and text-based analytics in order to improve its examination processes and identify risks and outlier activities correlated with compliance and control risks.

Non-US Advisers

The Message mentions the challenge the Division has, as a result of data privacy laws outside the US, with accessing records from advisers registered with the SEC but located outside the US. It notes that the Division, along with the SEC’s Office of International Affairs, has been working through these issues. The United Kingdom’s Data Protection Authority has provided guidance that SEC-registered firms based in the UK “can rely on the public interest derogation under the local data protections laws to transfer records containing personal data to SEC staff during examinations.” The Division hopes to obtain a similar result as it works with both industry and the Division’s counterparts in other countries to address similar challenges. 

The Division’s 2020 Examination Priorities

As noted above, the Division’s 2020 examination priorities are grouped into nine categories.  The categories that would be relevant to the Institute’s members are briefly summarized below.

Retail Investors, Including Seniors and Individuals Saving for Retirement

This category is one that has long been included in the Division’s annual list of priorities. This year, the Division will focus on investments and services marketed to retail investors, “such as mutual funds and exchange-traded products, municipal securities and other fixed income instruments, and microcap securities.” Other areas of focus this year will include Regulation Best Interest compliance; whether registered advisers, as fiduciaries, have fulfilled their duties or care and loyalty; fees and expenses; risks associated with complex products; best execution; and undisclosed or inadequately disclosed compensation arrangements. Particular focus will be on the appropriateness of recommendations and advice given to retail investors who are seniors, teachers, military personnel, and individuals saving for retirement, as well as recommendations involving mutual funds, exchange-traded products, annuities, and fixed-income securities. 

Information Security and Operational Resiliency

Due to the criticality of information security to the operation of the financial markets and the confidence of its participants, the Division will continue to prioritize information security in its examinations. This year, the Division plans to review whether firms have taken appropriate measures to:

  • Safeguard customer accounts and prevent account intrusions;
  • Oversee vendors and service providers;
  • Address malicious email activities;
  • Respond to incidents, including those related to ransomware attacks; and
  • Manage operational risks as a result of dispersed employee in a remote work environment.

These reviews will focus on the controls surrounding: the electronic storage of books and  records; personally-identifiable information maintained with third-party cloud service providers; and firms’ policies and procedures to protect investor records and information. The Division will also review registrants’ business continuity and disaster recovery plans, with a focus on “whether such plans . . . account for the growing physical and other relevant risks associated with climate change.” According to the Division, “as climate-related events become more frequent and more intense, [the Division] will review whether systemically important registrants are considering effective practices to help improve responses to large-scale events.”

FINTECH and Innovation, Including Digital Assets

For the first time, the Priorities discuss “RegTech,” which it defines as “the use of technology to facilitate compliance with regulatory requirements. According to the Priorities, RegTech has experienced “immense growth in recent years.” When implemented appropriately, it may “increase the efficiency of compliance staff, reduce manual processes, and exponentially increase transaction review capabilities.” However, when it is either misused or improperly configured, it “may lead to compliance program deficiencies.” Accordingly, the Division will review the implementation and integration of RegTech in firms’ compliance programs.

With respect to alternative data – i.e., “data gleaned from non-traditional sources” – that is used by advisers to private funds and registered investment companies as part of their business and investment decision-making process, the Division will review “whether firms are implementing appropriate controls and compliance around the creation, receipt, and use of such information.” 

Anti-Money Laundering

As in previous years, the Division will continue to prioritize examining broker-dealers and investment companies for their compliance with their AML obligations. The Division will assess whether registrants have established appropriate customer identification programs and are: satisfying their SAR filing obligations; conducting due diligence on customers; complying with beneficial ownership requirements; and conducting robust and timely independent tests of their AML programs. The goal of these reviews is to evaluate whether broker-dealers and investment companies have adequate policies and procedures in place that are reasonably designed to identify suspicious activity and illegal money-laundering activities. 

LIBOR Transition

Due to the significant impact that the cessation of LIBOR may have on financial markets and the material risk it may present to registered advisers, investment companies, and transfer agents, among others, the Division plans to review issues related to LIBOR. Its focus will be on registrants’ exposure to LIBOR, their preparation for its expected discontinuation, and their transition to an alternative reference rate. 

Additional Focus Areas Involving RIAs and Investment Companies

Registered Investment Advisers

With respect to RIAs, the Division will continue to evaluate the effectiveness of registered advisers’ compliance programs, including whether they have sufficient resources to perform core compliance responsibilities. The Division will prioritize examination of those advisers that have not been examined for a number of years; those that have never been examined; and those offering investment strategies focused on sustainability. In reviews of the latter, the Division will focus on: the consistency and adequacy of the disclosures provided to clients; whether the firms’ processes and practices match their disclosures; whether fund advertising includes false or misleading statements; and proxy voting policies, procedures, and votes, to determine whether they align with disclosed strategies. 

Registered Funds Including Mutual Funds and ETFs

During its examinations, the Division will continue to review funds’ compliance programs and governance practices, with a focus on disclosures to investors, valuation, filings with the Commission, personal trading activities, and contracts and agreements. In its review of valuation considerations, the Division will be focused on fund performance, liquidity and risk-related disclosures, particularly those related to investments in market sectors that experienced, or continue to experience, stress due to the pandemic, such as energy, real estate, or products such as bank loans and high yield corporate and municipal bonds. Other area of focus will include: funds’ and advisers’ disclosures and practices related to securities lending; mutual funds or ETFs that have not previously been examined or have not been examined in a number of years; and compliance with exemptive relief, including for the newly created non-transparent actively managed ETFs. Also, given “the high degree of customization and the diversity of data analytics practices and methodologies,” registrants’ Liquidity Risk Management Programs (LRMPs) will be a focus of the Division. The Division plans to review whether registrants’ LRMPs are reasonably designed to assess and manage the funds’ liquidity risk as well as the implementation of the required liquidity classifications, particularly in light of the recent stresses in the market due to the pandemic. Finally, given the importance of money market funds to investors, the Division plans to review such funds’ compliance with stress-testing requirements, website disclosures, and board oversight.

Market Structure: Transfer Agents

Transfer agents will be within the scope of the Division’s review of Market Structure issues. In particular, the Division will continue to examine transfer agents’ core functions, including: the timely turnaround of items and transfer, recordkeeping and record retention, and safeguarding of funds and securities. In light of COVID, the Division will also review transfer agents’ business continuity and disaster recovery programs, their cybersecurity measures, and account takeover precautions. In determining examination targets, the Division will prioritize those transfer agents that: present the greatest possible risks to investors and investment channels; service microcap or municipal bond issues; use technological applications (e.g., blockchain or online crowdfunding portals); or engage in significant paying agent activity. 

Conclusion

Like last year’s, this year’s Priorities concludes by welcoming comments and suggestions regarding how the Division can better fulfill its mission to promote compliance, prevent fraud, identify and monitor risk, and inform SEC policies. It also encourages persons who suspect or observe activity that may violate the federal securities laws, or otherwise operate to harm investors, to notify the SEC staff.

 

Tamara K. Salmon
Associate General Counsel
 

endnotes

[1] On December 17, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) was renamed as the “Division of Examinations.”   

[2]  See 2021 Examination Priorities, Division of Examinations, US Securities and Exchange Commission (March 3, 2021) (the “Priorities”), which is available at: https://www.sec.gov/files/2021-exam-priorities.pdf

[3]  With the exception of LIBOR, each of these were areas of focus for the Division in their 2020 priorities. The 2021 Priorities in these areas that are relevant to mutual funds and their investment advisers are briefly summarized in Part III of this memo.

[4]  This Risk Alert is available at: https://www.sec.gov/files/Risk%20Alert%20-%20COVID-19%20Compliance.pdf. In addition to this Risk Alert, in 2020, the Division published Risk Alerts on: Top Compliance Topics Observed in Examinations of Investment Companies and Observations from Money Market Fund and Target Date Initiatives; Examinations that Focus on Compliance with Form CRS; Examinations that Focus on Compliance with Regulation Best Interest; LIBOR Transition Preparedness; Observations from Examinations of Investment Advisers Managing Private Funds; Ransomware; and Safeguarding Client Accounts Against Credential Compromise. Each of these is available on the Division’s webpage at: https://www.sec.gov/exams.