Regulatory Update

2022 SEC Exam Priorities: Increased Need for Compliance Resources and Support

April 07, 2022by Tiffany Magri
SUBSCRIBE TO BLOG

Subscribe to the Smarsh Blog Digest

Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

While compliance professionals anxiously await the release of the SEC’s exam priorities every year, what I found most interesting this year went beyond the primary areas of focus. For me, the most interesting part of the report was that the SEC pointed out an increased need for compliance resources and support.

Compliance teams must prioritize risks and are often asked to “do more with less” when adjusting and evolving our compliance programs. The last two years have pushed us into new areas — or areas we have been historically slow to adopt — by forcing the use of collaborative platforms for business, a dramatic increase of retail investors entering the market, and a demand for new ways to communicate with investors.

We must examine our compliance programs and figure out how to integrate these new practices in ways that are resilient yet flexible.

Compliance teams must prioritize risks and are often asked to “do more with less” when adjusting and evolving our compliance programs.

Emerging technologies and crypto-assets

I was not surprised to see that emerging technologies and crypto-assets were among the SEC’s significant focus areas. We’ve seen several comments from the regulators regarding the use of mobile apps, Finfluencers, and digital engagement practices over the last several months. The SEC highlighted a need for firms to ensure that business practices in these areas are consistent with disclosure and regulatory obligations.

Firms should also ensure that they meet the standards of conduct owed to investors when using these practices — particularly when providing advice and recommendations. I would add that you should consider how you’ve:

  • Integrated Regulation Best Interest (Reg BI) practices, where applicable, into these activities
  • Documented how you will fulfill your obligations
  • Addressed how you will capture and record communications
  • Updated how you supervise these communications

Make sure that you’re adequately considering the appropriate investment strategies and risk tolerance for your investors and consider how you record and retain records for proof.

We’ve been monitoring the regulatory developments around digital assets as well. As digital assets continue to transform the financial services industry, we anticipate more regulatory oversight in this area. The SEC has noted that firms should pay particular attention to their compliance practices, risk disclosures, operational resiliency, education and duty of care when participating in these markets.

As the use of digital communications platforms and tools continues to evolve, consider routinely reviewing, updating, and enhancing your compliance practices in this area. It will be important for firms to include robust risk disclosures around digital assets to ensure transparency and education with investors. Due to the escalating need for cybersecurity regarding digital assets, make sure to enhance your operational resiliency practices.

Recommended Reading: "5 Tips to Prepare for the Unpredictable Regulatory Future of Cryptocurrency"

Private funds

The SEC has increased its scrutiny of private funds with new and proposed rules over the last year. As the SEC seeks to enhance transparency, protect against conflicts of interest, and increase accountability for private fund advisers, the list of new obligations to firms is long. That trend is set to continue into 2022 with exam priorities noting an increased focus on:

  • Compliance programs
  • Conflicts of interest
  • Risk disclosures
  • Material nonpublic information controls
  • Potential for preferential treatment of certain investors
  • Valuation
  • Calculations of fees and expenses

The SEC also intends to look at conflicts and disclosures around portfolio strategies, risk management, and investment recommendations and allocations. With the recent increase of Special Purpose Acquisition Companies (SPACs), the SEC will be reviewing how private funds invest in and interact with these companies.

Private fund compliance teams should remain aware of their new obligations under these regimes so they can accurately comply with, supervise and retain records where required.

Standards of Conduct: Regulation Best Interest, Fiduciary Duty, and Form CRS

As all firms should put the interest of their investors above their own, it’s almost expected that Reg BI, Form CRS, and Fiduciary Duty are represented on the SEC’s list. We saw this highlighted on the FINRA Exam Priorities for 2022, naming several enforcement actions and failures regarding Reg BI and Form CRS.

Firms should review the effectiveness of their compliance programs, testing practices, and training for employees, particularly around:

  • What’s considered a recommendation under the rule
  • When a recommendation occurs
  • How these records are being maintained
  • Procedures for complying with these rules

Also, consider your current supervisory program to ensure that you’ve documented your procedures, you’re capturing and supervising these activities, and address how you follow up on any red flag behaviors.

supervision ad review queue 700

Information security and operations resiliency

The last few years and the current landscape have highlighted a need for firms to address business interruptions and disaster recovery. How your firm is applying controls around information security should be a focus as failures can significantly harm your investors and disrupt business operations.

The SEC has highlighted customer safeguards, vendor oversight, incident response, detection of identity theft, and workforce dispersion as key exam areas. It is worth noting that firms should consider the proposed rules related to cybersecurity risks, which can help enhance cybersecurity preparedness.

Multiple new regulations on cybersecurity have indicated that information security should be a key priority for firms this year. Make sure you’re reviewing regulatory resources for requirements and best practices, conducting testing of your practices, detecting and monitoring cyber incidents, integrating vendor oversight, and staying on top of new risks in this area.

Environmental, Social, and Governance (ESG) Investing

With the growing popularity of ESG investing, it is no surprise it made it onto the SEC’s exam priority list this year. Firms should be particularly aware of how they educate investors and incorporate risk disclosures regarding ESP investments so that they do not unintentionally mislead or omit material information that investors would consider when making investment decisions.

With a lack of terminology and a variety of approaches to ESG investing, firms should remain transparent regarding their investment approaches. Be sure to maintain accurate records on how these decisions are made as well as controls around the advertisement and marketing of these products.

Are you prepared?

It may be time to ask yourself, have your policies and procedures kept up with how we do business since the pandemic? As compliance programs and written policies and procedures significantly affect the way firms do business, it’s become more important in the last few years that firms design their WSPs in a way that is resilient and can adjust to a range of business and market changes.

featured-webinar-icon

FEATURED WEBINAR

Regulatory Quarterly Update: Why Cyber & Hybrid Work Can't Go Unsupervised

Watch On Demand

Share this post!

Tiffany Magri

Latest posts by Tiffany Magri (see all)

Smarsh Blog

Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.

CONTACT US

FEATURED CONTENT

Ready to enable compliant productivity?

Join the 6,500+ customers using Smarsh to drive their business forward.

watch it work
CONTACT SALES

More Resources

Regulatory Updates 2020 Roundup
From Hypothetical Performance to Real Consequences: SEC's Message to Advisers
by Tiffany Magri
on April 15, 2024
Read more
smarshconnect feat img
Strategic Partnerships Highlighted at SmarshCONNECT 2024
by Smarsh
on April 15, 2024
Read more
featured img ai computer brain
Managing AI to Ensure Compliance with Data Privacy Laws
by Bill Tolson
on April 03, 2024
Read more

Get a Quote

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Contact Us

Tell us about yourself, and we’ll be in touch right away.