SEC exam priorities for 2016 will strike a familiar chord for financial services firms. Similar to 2015 priorities, at the top of the regulator’s list this year are protection of retail investors (especially those investing for retirement), assessment of market-wide risks, and use of the SEC’s data analytics to identify potentially illegal activity.

What can you do to prepare for 2016 SEC examinations?

1. Take action to ensure your policies and procedures are in line with industry standards. It’s clear the SEC is especially interested in looking at how firms provide services for clients who are investing for retirement, among other types of investors. The SEC has indicated it will look at:

• A firm’s basis for client recommendations, and whether they are reasonable
• Any conflicts of interest related to firm operations
• Supervision and compliance controls
• Marketing and disclosure policies and practices, to make sure they aren’t misleading or deceptive

To address the items above, review the policies and procedures your firm has in place. Are yours detailed enough? Are policies enforced? How do you enforce them? How can you demonstrate your supervision and policy enforcement practices to the SEC? Get everything related to policies, procedures, enforcement, and supervision reporting in top shape.

Related Content

• The Financial Advisor’s Guide to Social Media Regulations
• The 2015 Electronic Communications Compliance Survey Report

2. Guard against market-wide risks. The SEC plans to continue and advance its examination efforts around cybersecurity, having introduced its second initiative to examine broker dealer and investment advisor cybersecurity compliance and controls in September 2015. In addition to cybersecurity assessment, your actual implementation of cybersecurity controls and procedures may be tested by the SEC in 2016.

3. Pay attention to the overlap between SEC and FINRA exam priorities for 2016. The themes shared between FINRA and SEC examination priorities for 2016 are important, because they may point to the things firms should be well-prepared to address. Both regulators are highly focused on the following:
   • Firms demonstrating substantial progress in implementation f risk management practices
   • Mitigation (preferably avoidance) of conflicts of interest
   • Protection of vulnerable (older) investors and/or those investing for retirement
   • Cybersecurity practices. FINRA is particularly focused on cybersecurity governance, risk assessment, technical controls, incident response, data loss prevention and staff training. As part of its examinations, FINRA will continue to look for compliance with Regulation S-P and Rule 17a-4(f), which pertains to standards for the retention of electronic records.

To prepare for SEC and FINRA exams, perform annual, thorough assessments of your firm’s legal, compliance, cybersecurity and other operational risks. In addition, document your findings, along with corrective actions that were taken if necessary.