Compliance Solutions Strategies (CSS) is now part of Confluence
Titelbild

Blog Masonry Full Width

We're quite the bloggers
Januar 31, 2020

Key Takeaways from 2020 OCIE Exam Priorities

On January 7, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued its exam priorities for 2020 and reiterated its focus on protecting retail investors, particularly seniors and those saving for retirement. Here are some key takeaways from the exam priorities:

Retail Investors

OCIE will continue to focus on recommendations and advice provided to retail investors. In addition to seniors and retirement accounts, teachers and military personnel will also be a focal point for examiners, which is no surprise after we saw the SEC launch a broad investigation of compensation and sales practices in 403(b) school plans in 2019. Examinations will focus on conflicts of interest and disclosures related to fees and expenses, as well as whether firms are meeting their fiduciary duties to clients. Conflicts related to revenue sharing arrangements and other forms of direct and indirect compensation to advisory personnel for executing client transactions were specifically noted as areas of concern. RIAs can also expect OCIE to review fee billing processes as it relates to the aggregation of client accounts when calculating fee discounts, and that fee billing practices are consistent with the firm’s disclosures.

Higher risk products sold to retail investors, such as private placements, complex and high fee products, and products issued or sponsored by an affiliate, will also be scrutinized. OCIE also intends to focus on more traditional securities sold to retail investors, including mutual funds and ETFs, municipal and other fixed-income securities, and microcap securities. RIAs and broker-dealers should review any financial incentives they receive that may influence the selection of a particular mutual fund share class, as well as any mutual fund fee discounts, breakpoints and graduated fee schedules.

Standards of Care

The Interpretation Regarding Standard of Conduct for Investment Advisers has already been incorporated into the examination program for investment advisers.  Broker-dealers should expect examiners to focus on the progress of implementation of Regulation Best Interest, including policies and procedures regarding conflicts disclosures. Content and delivery of the new Form CRS was also noted as a focus for both investment advisers and broker-dealers.

Information Security

OCIE will continue to prioritize information security in each of its five examination programs. RIA examinations will focus on, among other things:

  • Governance and risk management
  • Access controls
  • Data loss prevention
  • Vendor management
  • Training
  • Incident response and resiliency

As it relates to third-party and service provider risk management, oversight practices, including those leveraging cloud-based storage, will be a particular area of focus for examiners.

Financial Technology, including Digital Assets and Electronic Advice

Firms that use alternative data and technologies as part of the investment decision-making process have been put on notice that they will be a target for examinations. As it relates to digital assets, examinations will assess: (1) investment suitability, (2) portfolio management and trading practices, (3) safety of client funds and assets, (4) pricing and valuation, (5) effectiveness of compliance programs and controls, and (6) supervision of employees’ outside business activities. OCIE will also continue to focus on robo-advisers.

Other Priority Areas for RIAs
  • RIA Compliance Programs – Examinations of dual-registrants and affiliated RIAs/BDs will be a high priority to OCIE, especially as it relates to risks associated with best execution, prohibited transactions, fiduciary advice and disclosure of conflicts related to such arrangements.
  • Never Before and Not Recently-Examined RIAs – If your firm has never been examined or it has been quite some time since your last examination, 2020 may be the year it happens. Over the past five years, OCIE has continually increased its examination coverage of RIAs.
  • Mutual Funds and ETFs – Mutual funds and ETFs, and the activities of their RIAs, will continue to be an exam priority for OCIE.
  • RIAs to Private Funds – RIAs to private funds that have a greater impact on retail investors, such as firms that provide management to separately managed accounts side-by-side with private funds, were highlighted as a focus.
Other Priorities for Broker-Dealers
  • AML programs
  • Safeguarding of client funds and securities in accordance with the Customer Protection Rule and Net Capital Rule
  • Trading and risk management

We encourage all SEC registrants to review the priorities release in its entirety and start preparing for Form CRS and Regulation Best Interest. CSS has built a technological solution to help firms prepare for Form CRS. To learn more about Form CRS and our solution, please click here.

Januar 29, 2020

Pathway to Reg BI Compliance: Have You Started Your Conflict of Interest Assessment?

As the June 30, 2020 compliance date for the SEC’s Regulation Best Interest (“Reg BI”) draws near, broker-dealers are scrambling to design and implement a comprehensive solution to ensure compliance with Reg BI. In short, Reg BI requires that broker-dealer recommendations be in the retail client’s best interest, creates a broad disclosure obligation, and compels broker-dealers to mitigate certain conflicts of interest. Clearly, identifying and mitigating conflicts of interest is a key part of ensuring your firm’s compliance with Reg BI.

CSS provides solutions for Reg BI & Form CRS. Click to download the brochure.

Identifying Conflicts of Interest

So how do you identify and mitigate conflicts of interest? For starters, it’s always prudent to take a “follow the revenue” approach, as conflicts of interest typically result from financial incentives related to transactions that benefit the firm and/or its registered persons. As pointed out in FINRA’s “Report on Conflicts of Interest” issued in October 2013; “Conflicts of interest can arise in any relationship where a duty of care or trust exists between two or more parties, and, as a result, are widespread across the financial services industry.” As part of your firm’s exercise to identify conflicts, it’s critical to establish a framework to identify, assess, monitor and control conflicts. Some guidance in this regard can be gleaned from the SEC’s adopting release for its investment adviser compliance program rule, where the SEC provides conflict of interest guidance for advisers that is also applicable to broker-dealers:

“Each adviser, in designing its policies and procedures, should first identify conflicts and other compliance factors creating risk exposure for the firm and its clients in light of the firm’s particular operations, and then design policies and procedures that address those risks.”

Conflicts of Interest Examples

First, some high-level guidance from FINRA, as reflected in its conflicts of interest report, where FINRA noted that the objective of the report “… is to focus on firms’ approaches to identifying and managing conflicts in three critical areas:

  • Enterprise-level frameworks to identify and manage conflicts of interest
  • Approaches to handling conflicts of interest in manufacturing and distributing new financial products
  • Approaches to compensating their associated persons, particularly those acting as brokers for private clients.

More recently, FINRA’s Reg BI checklist provides some examples of business practices that create material conflicts of interest, including:

  • Offering proprietary products
  • Payments from third parties, revenue sharing
  • Compensation arrangements
  • Principal trading
  • Payment for order flow

The SEC’s enforcement action against Commonwealth Equity Services, LLC, a registered investment adviser and broker-dealer also provides an illustration of a conflict of interest. In this case, the SEC  charged the firm with failing to disclose material conflicts of interest related to revenue sharing Commonwealth received for certain client mutual fund investments.

The SEC’s Complaint alleges that Commonwealth breached its fiduciary duty to its clients by failing to disclose the conflicts of interest created by its receipt of compensation through the revenue sharing agreement.

Action Items

So, as firms prepare for Reg BI, what are some practical steps that a broker-dealer can take to address conflict of interest concerns?

  • Conduct an enterprise-wide, conflict assessment as a key first step in identifying conflicts of interest
  • Determine the scope of the conflict assessment focus with a view to ensuring that it encompasses all business units/products
  • Interview key business stakeholders as part of this assessment
  • Gather, analyze and document conflict assessment findings
  • Out of this exercise, develop a conflicts checklist that ties to procedures to reflect how risks are mitigated
  • Based upon the findings, implement changes to written policies and procedures, disclosures and surveillance systems designed to identify, eliminate, mitigate or manage conflicts
  • Utilize technology to assist with monitoring of client and employee transactions to identify and mange conflicts
  • Perform an annual review of internal controls for identifying and mitigating conflicts;
  • Cover conflicts of interest in training programs
Januar 28, 2020

SEC Releases More Cyber Best Practices, Including Surprise Additions

In advance of National Data Privacy Day today, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) has just released a new summary of cybersecurity best practices it has observed over the course of thousands of examinations it has conducted over the past few years. In its Cybersecurity and Resiliency Observations, OCIE recognizes that while there is no universal approach to cybersecurity, there are several notable practices firms can strive for to safeguard against an increasingly sophisticated cybercriminal and to become more operationally resilient.

OCIE categorizes these strong practices into not only the six key risk areas it has commonly used for its cybersecurity examination initiatives, but also adds Mobile Device Security as its own category and expands Incident Response to include a focus on resiliency: (1) Governance and Risk Management, (2) Access Rights and Controls, (3) Data Loss Prevention (DLP), (4) Mobile Security, (5) Incident Response and Resiliency, and (6) Vendor Management, and (7) Training and Awareness.

Among the highlighted best practices are several controls previously identified by OCIE, as well as an expanded discussion of some newer focus areas. Similar to past risk alerts, OCIE’s focus on governance stems from a theme that cybersecurity is a risk that impacts the entire firm and cannot be effectively mitigated in a silo. Rather, organizations are better prepared if they have recognized cybersecurity as a firm-wide risk and addressed it with buy-in from senior management through a commitment to devote the necessary resources to conduct cyber risk assessments, enhance cyber policies, and regularly conduct cyber testing. Likewise, OCIE’s focus on access rights and controls reiterates the importance of strong access provisioning, change management, and termination procedures for staff and vendors, as well as a better understanding of who has access to what data and why.

Notably, OCIE’s observations in the DLP realm seem to focus more on detection capabilities – from identification of network vulnerabilities through scanning and penetration testing to controls combatting insider threats. While firms of all sizes can readily implement encryption and develop an inventory of systems without much cost, some DLP controls identifying suspicious behaviors can be more costly to implement in practice. Rules-based DLP systems require a lot of fine-tuning, and while they may catch data leakage of account numbers by email, there are many ways to circumvent such detection and they seem better suited to blocking the unintentional transmission of an account number rather than intentional activity. Multifactor Authentication (MFA) is noted by OCIE as a strong practice, and it does make it more difficult for hackers to access your data, but even MFA can be exploited by skilled hackers.

Mobile Security is a novel addition to OCIE’s list, including an expectation that firms are addressing the use of mobile devices, including Bring Your Own Device (BYOD) environments, through policies, procedures, and software solutions that enable the ability to remotely wipe sensitive data from mobile devices of terminated staff.

Yet another new addition is the inclusion of “Resiliency” in OCIE’s focus on Incident Response. Here, OCIE sets a clear expectation that a strong incident response program not only provides for tackling incidents when they occur, but is proactively designed with risk mitigation in mind and maintained to take changes in data privacy regulations and reporting requirements into consideration.

There are a number of ways to test one’s incident response plan that do not involve intentionally releasing malware onto one’s network. Tabletop exercises simulating incident scenarios are an effective method to ensure roles and responsibilities are understood, and proactive phishing testing can help identify opportunities for increased staff awareness of susceptibility to causing an incident at one’s firm. Although OCIE notes that the best practices it has observed are not a one-size-fits-all solution, unfortunately the centralized logging and log analysis capabilities identified by OCIE as a best practice are generally controls that only larger organizations will have the budget and internal resources to implement.

As OCIE notes in the preamble to its guidance, cybersecurity threats “are significant and increasing,” and are “becoming more aggressive and sophisticated” – so it is therefore no surprise that OCIE has recognized cybersecurity as a key priority for the past eight years, with no end in sight. The apparent goal: through a continued focus and through the release of updated guidance on how industry peers are tackling such issues, to help raise the collective bar in combating cybersecurity risks.

If you need more help, CSS offers Shield, a a cyber solution designed to take the worry of securing firm and client information off your plate. Or for a deep dive on the important topic, consider joining us at our upcoming Spring Compliance Conference in Sarasota, Florida.

Januar 25, 2020

Takeaways from FINRA’s Examination Priorities 2020

The much-anticipated release of the Financial Industry Regulatory Authority, Inc. (“FINRA”) 2020 Risk Monitoring and Examination Priorities Letter occurred on January 9, 2020. Why is this annual release so important to broker-dealers? In short, it serves as a roadmap to identify compliance and supervisory topics that will underpin FINRA’s examination program as 2020 unfolds. After we dig into the letter’s contents, we’ll leave you with action steps for CCOs to consider.

What’s in the FINRA letter?

In short, it highlights the areas of focus for FINRA’s risk monitoring, surveillance and examination programs for 2020 and references numerous links to Regulatory Notice to Members, FINRA Reports and other tools/resources to assist broker-dealers in complying with the examination topics. A summary of topics covered by the letter is as follows:

A. Sales Practice and Supervision

Before venturing into 2020 sales practice examination priorities, FINRA first spelled out certain areas of continued sales practice concerns noted in prior letters, including complex products, such as structured notes and leveraged ETFs,  variable annuities, private placements, fixed income mark‑up/mark‑down disclosures, and representatives acting in positions of trust or authority and senior investors.

With regards to new sales practice and supervision topics of focus, FINRA went on to cover the following:

1) Regulation Best Interest (“Reg BI”) and Form CRS will be a part of examinations throughout 2020. Prior to the June 30, 2020 compliance date for Reg BI and Form CRS,  FINRA plans to review firms’ readiness plans for Reg BI to obtain an understanding of implementation concerns. After the June 30 compliance date, FINRA will pivot to examining firms’ compliance with Reg BI, Form CRS and related SEC guidance and interpretations.

2) Communications with the public will continue to be evaluated for adherence with FINRA Rules 2210 (Communications with the Public), 3110(b)(4) (Supervision) and 4510 (Books and Records Requirements) along with Securities Exchange Act of 1934 (“Exchange Act”) Rules 17a-3 and 17a-4 (Books and Records Requirements). As part of this effort, FINRA will focus on:

  • Private placement retail related communicationswith a focus on how firms’ review, approve, supervise and distribute such communications regarding private placement securities via online distribution platforms as well as traditional channels; and
  • Digital communications will garner FINRA’s attention as they explore how firms supervise such communication channels in view of their rapid expansion (e.g., texting, messaging, social media or collaboration applications).

3) Cash management and bank sweep programs will come under scrutiny for compliance with a range of FINRA and SEC rules. While FINRA recognizes the useful features of the programs for many customers, the letter lists a number of factors that it will consider when reviewing cash sweep programs including factors addressing firms’ disclosure of the arrangements to clients. FINRA will evaluate firms’ compliance with, for example, FINRA Rule 1017 (Application for Approval of Change in Ownership, Control, or Business Operations), FINRA Rule 2010 (Standards of Commercial Honor and Principles of Trade), FINRA Rule 2210 (Communications with the Public), SEC Rule 15c3-1 (Net Capital Rule) and SEC Rule 15c3-3 (Customer Protection Rule).

4) Sales of initial public offering shares will be examined for compliance with obligations under FINRA Rules 5130 (Restrictions on the Purchase and Sale of Initial Equity Public Offerings) and 5131 (New Issue Allocations and Distributions). For example, among other areas, FINRA may review practices to detect and address potential instances of flipping.

5) Trading authorization procedures and controls will be examined to determine if supervisory systems are reasonably designed with regards to client trade authorization, discretionary account supervision of Reps and key transaction data points such as solicited versus unsolicited trades. In particular, FINRA will be on the lookout for situations where Reps are exercising discretion over client account trading without written authorization.

B. Market Integrity

1) First, FINRA outlined topics of continued focus mentioned in prior examination priority letters, including market manipulation, Trade Reporting and Compliance Engine (“TRACE”) reporting, short sales and short tenders. FINRA also reminded firms to devote sufficient resources to accuracy in Order Audit Trail System (“OATS”) reporting, along with reporting to the Consolidated Audit Trail (“CAT”) that is slated to begin for some firms in April 2020.

2) As the use of direct market access controls continue to grow, FINRA will examine for compliance with SEC Rule 15c3-5 (Market Access Rule) focusing on issues relevant to firms’ business activities and associated risks.

3) Best execution practices will remain on the FINRA radar with a focus on issues including potential conflicts in order routing decisions, such as the impact of recent increases in zero-commission brokerage activity; odd-lot handling; reasonableness of policies and procedures for best execution and fair pricing for U.S. Treasury securities; and option order execution pricing.

4) Disclosure of order routing information will be reviewed by FINRA for compliance with amended Regulation National Market System (“NMS”) Rule 606, which added to the requirements for broker-dealers to publish reports on their routing of held orders in NMS stocks and listed options. As discussed in the letter, “the amended rule requires broker-dealers to provide new customer-specific reports for not held orders in NMS stocks. These disclosures serve an important role in enhancing the transparency of the U.S. securities markets with respect to broker-dealers’ handling and routing practices for both institutional and retail customer orders.”

5) Pursuant to the SEC’s Vendor Display (Rule 603) FINRA will evaluate the adequacy of a broker-dealer’s controls and supervisory systems to provide their customers with the current consolidated NBBO as required by the Vendor Display Rule.

As pointed out in the letter, capturing and reporting the current consolidated NBBO assists customers in evaluating order routing decisions made by firms. Rule 603 of Regulation NMS (Vendor Display Rule) generally requires broker-dealers to provide a consolidated display of market data for NMS stocks for which they provide quotation information to customers.

C. Financial Management

1) As in prior years, FINRA will continue to review firms’ compliance with SEC Rules 15c3-3 (Customer Protection Rule) and 15c3-1 (Net Capital Rule) as well as firms’ overall financial risk management programs.

2) Additionally, FINRA will tackle some rather new and complex regulatory issues involving digital assets. The letter points out that “FINRA will work closely with the SEC to understand firms’ usage of and involvement with digital assets, corresponding compliance with applicable laws and whether a firm has filed a Continuing Membership Application to cover the activity.”

3) FINRA will continue to review firms’ controls regarding liquidity management practices. FINRA will focus on areas that have been addressed in Regulatory Notice 15-33 (Guidance on Liquidity Risk Management Practices), as well as those that may create challenges for clearing and carrying firms’ contingency funding plans.

4) Underwriting activities will be reviewed for compliance with net capital treatment under SEC Rule 15c3-1(c)(2)(viii), including firm procedures to assess moment-to-moment and open contractual commitment capital haircuts to a firm’s net capital computation.

5) Although not part of the examination program, FINRA noted in the letter that it will be engaging in the transition away from the use of the London Interbank Offered Rate (LIBOR) as a benchmark.

C. Firm Operations

1) As noted in its prior examination priority letter, FINRA will continue to focus on supervisory controls relating to SEC Rule 10b-10 and FINRA Rule 2232 (Customer Confirmations) and firms’ compliance with FINRA Rule 3310 (Anti-Money Laundering Compliance Program),

2) As cybersecurity threats become more prevalent, the importance of maintaining an effective cybersecurity program cannot be understated. Broker-dealers can anticipate that FINRA will assess whether their policies and procedures are reasonably designed to protect customer records and information consistent with SEC Regulation S-P Rule 30. As outlined in the letter, “FINRA recognizes that there is no one-size-fits-all approach to cybersecurity but expects firms to implement controls appropriate to their business model and scale of operations.”

3) As the use of technology platforms to operate most aspects of a broker-dealer’s business grows, firms must be aware of potential problems with change management practices, which can expose firms to operational failures that may compromise firms’ ability to comply with a range of rules and regulations, including FINRA Rules 4370 (Business Continuity Plans and Emergency Contact Information), 3110 (Supervision) and 4511 (General Requirements), as well as Exchange Act Rules 17a-3 and 17a-4.

Key Action Items:

  1. After reviewing the letter, CCOs, with input from senior management, should undertake a review of their written policies and procedures and annual review focus (pursuant to FINRA rules 3120 and 3130) to ensure that compliance and supervisory concerns raised by the letter are being dealt with adequately. To illustrate, if your firm isn’t conducting surveillance for relevant sales practice concerns outlined in the letter, start now by implementing a plan to do so. Furthermore, as a best practice, broker-dealers may wish to add relevant topics covered in the letter to their risk assessment inventory, which should identify risks and how such risks are mitigated by mapping to control procedures.
  2. If you haven’t already done so, provide the letter to senior management with some talking points describing how it relates to your firm. Clearly, getting senior management buy-in for developing and maintaining a strong compliance program is key for all firms, so providing the letter will aid the process by highlighting significant topics on FINRA’s radar that are applicable to your firm.
  3. And, just as importantly, don’t forget to update your training program to reflect or expand upon issues raised by FINRA’s exam priorities. Don’t hesitate to highlight portions of the letter in your training programs to capture the attention of Registered Reps and key senior management stakeholders.

 

 

Januar 23, 2020

10 Compliance Tips for Starting 2020 Off on the Right Foot

No rest for the weary. With the new year upon us, our attention turns to new budgets, change and planning. With renewed energy as we roll into January thaw, we worry if our compliance program is ready. To give you a leg up, here are 10 tips for investment adviser and broker-dealer compliance teams for starting 2020 off on the right foot by putting your program in line with current regulatory focus:

1) Recognize the Significance of OCIE’s (Office of Compliance and Examinations) 2020 Examination Priorities on your Compliance Program

The SEC’s new rules and interpretations adopted in 2019 are the crux of 2020 examination priorities for staff, center stage for upcoming examinations, and at the forefront for new expectations regarding compliance programs.

2) Be prepared, plan and execute

Integrate the 2020 exam focus into your compliance program. Conduct a risk assessment of 2020 priorities. Specifically, incorporate:

  • New Regulation Best Interest
  • The new Form CRS Relationship Summary
  • The Standard of Care Interpretation for Investment Advisers
  • The “solely incidental” interpretation (exclusion from the definition of investment adviser under the Advisers Act for broker-dealers).

Stay up to date with these developments through ComplianceSolutionsStrategies.com and SEC.gov.

3) Adapt & update your program

OCIE’s expectations continue to be focused on key aspects of the SEC’s regulatory oversight, such as disclosures concerning services, fees and expenses; conflicts of interest; and sales practice, trading and execution quality issues for broker-dealers. And of course, cybersecurity and privacy.

OCIE and FINRA examiners will be focused on whether your compliance programs have been appropriately adapted in light of focus areas. Make sure policies and procedures cover new topics.  Consider also prior exam findings, as well as any substantial growth or change in your business model or personnel.

4) Don’t forget the basics

Assess your compliance program in the following core areas:

  • The appropriateness of account selection
  • Portfolio management practices
  • Custody and safekeeping of client assets
  • Best execution
  • Fees and expenses
  • Valuation of client assets
  • The adequacy of disclosures
  • Regulatory reporting/shareholder reporting
  • Cybersecurity, privacy and safeguarding client information
  • Governance practices

5) For firms with affiliated entities and dual registrants, and those with registered representatives of broker-dealers, tighten up policies and controls. Review supervision of outside business activities of employees and associated persons, and any related conflicts.

6) Investment Advisers, affiliate, dual registrants and broker-dealers must carefully review requirements for Form CRS.

Plan for processes, supervisory controls around Form CRS Conversation Starters, such as creating Conversation Starter FAQs, scripts, training. Utilize technology solutions. For more information, visit the following resources:

7) Conduct a compliance program risk assessment regarding:

  • Due diligence practices, policies and procedures related to the use of third-party asset managers
  • A conflict inventory
  • The accuracy and adequacy of disclosures for new types or emerging investment strategies, such as ESG strategies (environmental, social, and governance criteria)
  • Test recommendations and advice given to retail investors and higher risk products. OCIE indicated a particular focus on recommendations targeting retirement communities and teachers and military personnel
  • Evaluate written policies and procedures related to private placements and securities of issuers in new and emerging risk areas—such as with high fees and expenses; or where an issuer is affiliated with or related to the registered firm making the recommendation

8) Duty of Care

OCIE has indicated it will “examine advisers to assess whether, as fiduciaries, they have fulfilled their duties of care and loyalty, including whether the RIAs provide advice in the best interests of their clients…”  OCIE has indicated it will focus on risks associated with fees and expenses, compensation arrangements, revenue sharing arrangements, service providers, as well as compensation to advisory personnel for executing client transactions.

9) Inventory actual and potential conflicts of interest and risk factors.

Essential for Reg Best Interest, standard of care, and Form CRS summary relationship disclosures. OCIE stated conflicts can include products and services, compensation and funding arrangements; changes in firm leadership or other personnel; and, whether a firm has custody of client assets.

10) Conduct a Reg BI and standard of care readiness assessment.

Update your compliance program and testing with a fresh assessment. 2020 compliance program planning requires careful analysis and planning. Count on the fact that Form CRS, Reg BI, standard of care, duty of loyalty, the solely incidental interpretation, as well as core focus areas and all things retail are front and center.

______________________ 

Keeping your compliance program in line with SEC exam priorities remains a challenge. If you require additional help, check out our consulting services and contact us.

Januar 20, 2020

Compliance Solutions Strategies Launches First Form CRS Software Tool in Market

New York, 8 January 2020 – Global RegTech provider Compliance Solutions Strategies (CSS) today announces its release of Form CRS Automator, the market’s first comprehensive and fully customizable software solution designed to help firms meet the upcoming requirements of Form CRS which has been introduced by the Securities and Exchange Commission (SEC). CSS’s proprietary and Web-based tool gives regulated firms the ability to meet this new obligation and produce the required Form CRS quickly and efficiently.


On June 5, 2019, the SEC adopted new rules making all SEC-registered investment advisers (RIAs) and broker-dealers (BDs) that provide services to retail investors required to create a new Form ADV, Part 3, also known as a Relationship Summary. The resulting Form CRS plays a critical role in the SEC’s broader rulemaking efforts to protect Main Street investors and to address investor confusion over the differences between RIAs and BDs. The new regulations require RIAs and BDs to develop and deliver to retail investors two-page documents (or four pages for dual registrants and affiliates) allowing them to compare services, fees, conflicts of interest, and other key information about RIAs and BDs in “simple, easy-to-understand” language.


Facing a June 30, 2020 deadline, many RIAs and BDs are challenged to assemble compliant and accurate information while correctly interpreting the SEC’s strict Form CRS requirements. To streamline this process, CSS’s Form CRS Automator generates disclosure that is guaranteed to be consistent with existing regulatory filings, including more than 70 data points in Form ADV, Part 1A.


“We are excited to offer RIAs and BDs a custom tool for automating the creation of Form CRS,” stated Jackie Hallihan, Executive Director of Compliance Services at CSS. “Our Form CRS Automator solution supports efficient production of the form by deriving data from a firm’s Form ADV or Form BD or both.”


“Many regulated firms are understandably concerned about how they are going to digest the SEC’s 524-page Form CRS Adopting Release and 18 pages of instructions, ” added Keith Marks, Executive Director
of CSS’s Compliance Services. “CSS’s Form CRS Automator software solves this problem. Firms can use the solution to launch a simple process to complete a Form CRS that meets the SEC’s requirements.”

In addition to introducing Form CRS, the SEC’s June rulemaking also adopted Regulation Best Interest (Reg BI), which elevates the standard of care owed by BDs to their retail customers. CSS is responding by offering its BD clients new service packages to address the resulting requirements of Reg BI.

“We were really impressed seeing such an innovative, thorough solution for the investment adviser industry,” stated Debra DeVoe, the Chief Compliance Officer of Envestnet Asset Management. “CSS really delivered on this.”