Code of Ethics: SEC Focus Shifts Radar to Retail Firms
Each investment adviser’s Code of Ethics and other compliance policies set forth the standards of business conduct to which supervised persons must adhere. The challenge can often be monitoring compliance with the policies and assisting supervised persons with understanding their responsibilities. CCOs should put themselves in the SEC’s position – review your Code of Ethics (“Code”) as if you are doing so for the first time. Read recent deficiencies from the sec.gov website and the various “Risk Alert” publications published by the SEC.
The SEC continues to see many deficiencies in fiduciary responsibilities with respect to new retirees, unsophisticated investors, and rollover IRAs, Korrine Kohm and John Gentile said during the recent conference held by CSS business unit Ascendant Compliance Management in Charleston, South Carolina. Wrap advisory programs are another focus as they are highly marketed to retail investors while bundling investment management and brokerage fees into a single fee. The fee may be as high as 2 1/2% based on the value of the account; buyer beware.
A few of the items to focus on with your Code would be:
- Access Persons vs Supervised Persons – To summarize: “Supervised Persons” include any employees, partners, officers, directors (or other persons occupying a similar status or performing similar functions) as well as any other persons that provide advice on the investment adviser’s behalf and are subject to the investment adviser’s supervision and control; “Access Persons” are any of the investment adviser’s supervised persons who have access to non-public information regarding any investment advisory client’s purchase or sale of securities, or nonpublic information regarding the portfolio holdings of any reportable fund, or any person who is involved in making securities recommendations to investment advisory clients, or who has access to such recommendations that are nonpublic. If providing investment advice is an investment adviser’s primary business, all of its directors, officers and partners are presumed to be access persons.Large organizations can more easily differentiate between Supervised Persons and Access Persons as various divisions of employees and can be physically separated by walls, floors, and separate buildings. Smaller firms may not have this luxury. The CCO needs to distinguish which employees fall into either group. Smaller firms generally code all employees as Access Persons; just be sure to document your reasoning behind your decision.
- Code Aligned with Regulations – The SEC wants to see that the CCO and firm are regularly reviewing the firm’s Code. Keeping abreast of regulatory changes is critical, and reflecting those changes in your Code is what the regulators want to see.
- Late Reporting – Annual and quarterly attestations of the Code are a requirement, and those attestations are due on specific dates after each quarter and year-end. As consultants, Ascendant has seen many instances in which employees seem to think that reporting a day or two late is no big deal. What they don’t understand is that even one day late is a violation and the SEC will usually write this up as a deficiency against the firm.
- Inaccurate Disclosures – A firm’s ADV Part 2A describes your Code. Ensure that when you update your Code that you also update the language in the Part 2A.
The rule requiring firms to have a Code is now 14 years old and basically remains the same. Of course, new requirements have been added in that time. Even with new requirements, some of the original Code rules remain “hot topics.” This is due to the fact that even after 14 years, the SEC continues to see violations of the original rules. These include:
- Reporting of 529s, 401Ks and Other Accounts — reporting securities acquired through a gift or inheritance
- Outside Business Activities — Reporting any employees’ LLCs, corporations or other entities for U4 and ADV Part 2B purposes. States are diligently reviewing the U4s and comparing to state records. Hammer in the reporting obligations of outside business activities, as doing so will mitigate risk to the employee, the client and the firm.
- Technology and Vendor Maintenance of Books and Records – Are you using a vendor? If so, are you properly maintaining your books and records? Don’t forget to document your initial and ongoing vendor due diligence.
- Political Contributions – 2017 saw SEC Enforcement action against 10 firms violating pay-to-play rules. Political contributions that triggered sanctions were relatively small, many around $500. Some Advisers voluntarily disclosed contributions and sought relief from the SEC.
- Managed accounts – Is your managed account annual attestation language adequate to meet the exemption from personal securities rules?
- Bitcoins — reportable or not reportable? Bitcoins, like equities, are traded throughout the day; do firms really want their employees trading all day?
The main takeaway from this session was to ensure, that as CCO, you have the responsibility to review and update your Code at least annually. Have the conversation before it happens, make sure company policies and reward systems drive the desired behavior, and watch for potential conflicts in contracts, business arrangements, real estate deals, compensation plans, or general guidance.