2022 SEC Exam Priorities: Increased Need for Compliance Resources and Support
While compliance professionals anxiously await the release of the SEC’s exam priorities every year, what I found most interesting this year went beyond the primary areas of focus. For me, the most interesting part of the report was that the SEC pointed out an increased need for compliance resources and support.
Compliance teams must prioritize risks and are often asked to “do more with less” when adjusting and evolving our compliance programs. The last two years have pushed us into new areas — or areas we have been historically slow to adopt — by forcing the use of collaborative platforms for business, a dramatic increase of retail investors entering the market, and a demand for new ways to communicate with investors.
We must examine our compliance programs and figure out how to integrate these new practices in ways that are resilient yet flexible.
Compliance teams must prioritize risks and are often asked to “do more with less” when adjusting and evolving our compliance programs.
Emerging technologies and crypto-assets
I was not surprised to see that emerging technologies and crypto-assets were among the SEC’s significant focus areas. We’ve seen several comments from the regulators regarding the use of mobile apps, Finfluencers, and digital engagement practices over the last several months. The SEC highlighted a need for firms to ensure that business practices in these areas are consistent with disclosure and regulatory obligations.
Firms should also ensure that they meet the standards of conduct owed to investors when using these practices — particularly when providing advice and recommendations. I would add that you should consider how you’ve:
- Integrated Regulation Best Interest (Reg BI) practices, where applicable, into these activities
- Documented how you will fulfill your obligations
- Addressed how you will capture and record communications
- Updated how you supervise these communications
Make sure that you’re adequately considering the appropriate investment strategies and risk tolerance for your investors and consider how you record and retain records for proof.
We’ve been monitoring the regulatory developments around digital assets as well. As digital assets continue to transform the financial services industry, we anticipate more regulatory oversight in this area. The SEC has noted that firms should pay particular attention to their compliance practices, risk disclosures, operational resiliency, education and duty of care when participating in these markets.
As the use of digital communications platforms and tools continues to evolve, consider routinely reviewing, updating, and enhancing your compliance practices in this area. It will be important for firms to include robust risk disclosures around digital assets to ensure transparency and education with investors. Due to the escalating need for cybersecurity regarding digital assets, make sure to enhance your operational resiliency practices.
Recommended Reading: "5 Tips to Prepare for the Unpredictable Regulatory Future of Cryptocurrency"
The SEC has increased its scrutiny of private funds with new and proposed rules over the last year. As the SEC seeks to enhance transparency, protect against conflicts of interest, and increase accountability for private fund advisers, the list of new obligations to firms is long. That trend is set to continue into 2022 with exam priorities noting an increased focus on:
- Compliance programs
- Conflicts of interest
- Risk disclosures
- Material nonpublic information controls
- Potential for preferential treatment of certain investors
- Calculations of fees and expenses
The SEC also intends to look at conflicts and disclosures around portfolio strategies, risk management, and investment recommendations and allocations. With the recent increase of Special Purpose Acquisition Companies (SPACs), the SEC will be reviewing how private funds invest in and interact with these companies.
Private fund compliance teams should remain aware of their new obligations under these regimes so they can accurately comply with, supervise and retain records where required.
Standards of Conduct: Regulation Best Interest, Fiduciary Duty, and Form CRS
As all firms should put the interest of their investors above their own, it’s almost expected that Reg BI, Form CRS, and Fiduciary Duty are represented on the SEC’s list. We saw this highlighted on the FINRA Exam Priorities for 2022, naming several enforcement actions and failures regarding Reg BI and Form CRS.
Firms should review the effectiveness of their compliance programs, testing practices, and training for employees, particularly around:
- What’s considered a recommendation under the rule
- When a recommendation occurs
- How these records are being maintained
- Procedures for complying with these rules
Also, consider your current supervisory program to ensure that you’ve documented your procedures, you’re capturing and supervising these activities, and address how you follow up on any red flag behaviors.
Information security and operations resiliency
The last few years and the current landscape have highlighted a need for firms to address business interruptions and disaster recovery. How your firm is applying controls around information security should be a focus as failures can significantly harm your investors and disrupt business operations.
The SEC has highlighted customer safeguards, vendor oversight, incident response, detection of identity theft, and workforce dispersion as key exam areas. It is worth noting that firms should consider the proposed rules related to cybersecurity risks, which can help enhance cybersecurity preparedness.
Multiple new regulations on cybersecurity have indicated that information security should be a key priority for firms this year. Make sure you’re reviewing regulatory resources for requirements and best practices, conducting testing of your practices, detecting and monitoring cyber incidents, integrating vendor oversight, and staying on top of new risks in this area.
Environmental, Social, and Governance (ESG) Investing
With the growing popularity of ESG investing, it is no surprise it made it onto the SEC’s exam priority list this year. Firms should be particularly aware of how they educate investors and incorporate risk disclosures regarding ESP investments so that they do not unintentionally mislead or omit material information that investors would consider when making investment decisions.
With a lack of terminology and a variety of approaches to ESG investing, firms should remain transparent regarding their investment approaches. Be sure to maintain accurate records on how these decisions are made as well as controls around the advertisement and marketing of these products.
Are you prepared?
It may be time to ask yourself, have your policies and procedures kept up with how we do business since the pandemic? As compliance programs and written policies and procedures significantly affect the way firms do business, it’s become more important in the last few years that firms design their WSPs in a way that is resilient and can adjust to a range of business and market changes.
Share this post!
Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.
Ready to enable compliant productivity?
Join the 6,500+ customers using Smarsh to drive their business forward.