Insight

SEC Focus on CCO Outsourcing

A Way Forward

SEC Focus on CCO Outsourcing
DM

Don Andrews & Michael Manley

December 30, 2016 12:00 AM

There has been increasing regulatory scrutiny about the trend of outsourcing the chief compliance officer (CCO) function to third parties. Late last year, the SEC published findings of approximately 20 examinations as part of an Outsourced CCO Initiative that focused on SECregistered investment advisers that outsource their CCOs to unaffiliated third parties.1

THE SEC INITIATIVE RE: OUTSOURCED CCOS

The initiative was conducted by the Office of Compliance Inspections and Examinations (OCIE) of the SEC.

In the SEC’s Risk Alert, the staff shared certain observations regarding effective outsourced CCOs and restated their first principles and long-standing guidance on the role and importance of a CCO. The staff reiterated that (i) an adviser’s CCO should be “competent and knowledgeable regarding the Advisers Act and…empowered with the full responsibility and authority within the organization to compel others to adhere to the compliance policies and procedures” (citing the Adopting Release for Rule 206(4)-7 of the Advisers Act), and (ii) the CCO “should have a position of sufficient seniority and authority to compel others to adhere to the compliance policies and procedures”2 (Adopting Release, Sections II.C.1).

During the examinations, the staff focused on registrants that had outsourced the CCO function and assessed the effectiveness of outsourced CCOs by evaluating a number of factors, including whether:

• The CCO was administering a compliance environment that addressed and supported the goals of the Advisers Act (compliance risks were appropriately identified, mitigated, and managed);

• The compliance program was reasonably designed to prevent, detect, and address violations of the Advisers Act, Investment Company Act, and other federal securities laws, as applicable;

• The compliance program supported open communication between service providers and those with compliance oversight responsibilities;

• The compliance program appeared to be proactive rather than reactive;

• The CCO appeared to have sufficient authority to influence adherence to the registrant’s compliance policies and procedures, as adopted; and

• Compliance appeared to be an important part of the registrant’s culture.

In reviewing these factors, the staff noticed instances where certain service providers did not have adequate resources to perform compliance duties for their clients, “especially given the disparate and dispersed nature of the registrants that the CCO serviced.” In addition, there were concerns expressed about the nature of the annual reviews performed by outsourced CCOs, especially given that some of the registrants had the ability to “selectively provide records to the outsourced CCO that … may have affected the accuracy of these registrants’ annual reviews.”3

A. MEANINGFUL RISK ASSESSMENTS

Compliance and risk have been increasingly identified as critical components of an effective enterprise risk management program. In the Adopting Release for 206(4)-7 and 38(a) (1),4 the staff observed that “an effective compliance program generally relies upon, among other things, the 'correct identification of a registrant’s risks in light of its business, operations, conflicts, and other compliance factors.’” Whether because of resource or access constraints, the staff observed that certain CCOs relied upon standardized or generic checklists that did not appear to “fully capture the business models, practices, strategies, and compliance risks that were applicable to the registrant.”5 In certain cases, the risks described by the registrant’s principles were different from the risks described by the outsourced CCO. The result was predictable: such registrants did not have the policies, procedures, and/or disclosures in place to adequately address certain risks.

B. COMPLIANCE POLICIES AND PROCEDURES

During the examinations, the staff identified instances of compliance policies and procedures that were not tailored to the registrant’s businesses or practices. In certain instances, outsourced CCO templates resulted in critical risks not being identified, inconsistent policies in relation to the advisers’ businesses and operations, and the failure to perform critical control procedures. Rule 206(4)-7 requires that the CCO certify that an adviser has adopted and implemented policies and procedures that are designed to detect and prevent violations of law. Clearly, using a service provider’s unmodified, “off-the-shelf” templates will rarely result in a system of policies, procedures, controls, and risk assessments tailored to the business practices of a specific adviser.6

C. ANNUAL REVIEW OF THE COMPLIANCE PROGRAMS

The staff’s harshest criticism concerned the annual review of the Compliance Programs, which is a central element of Rule 206(4)-7. The staff observed that “certain outsourced CCOs infrequently visited registrants’ offices and conducted only limited reviews of documents or training on compliance-related matters while on-site.” In addition, the staff noted, “such CCOs had limited visibility and prominence within the registrant’s organization to, among other things, improve adherence to compliance with policies and procedures.” In sum, the staff concluded that “advisers and funds with outsourced CCOs should review their business practices … to determine whether these practices comport with their responsibilities as set forth in the Compliance Rules.”

CCO OUTSOURCING AND SUPPORT

There are approximately 11,000 investment advisers registered with the Securities and Exchange Commission, and clearly these advisers differ greatly in terms of their investment strategies, types and number of clients, the amounts of assets under management, and internal resources. Accordingly, the staff continues to acknowledge that a “one-size-fits-all” approach would not be effective.7 Still, the staff’s recent Risk Alert has drawn attention to the fact that there may be qualitative distinctions between internally managed compliance programs utilizing third-party service providers to assist an internal compliance team and outsourcing the compliance function entirely.

The Adopting Release containing Rule 206(4)-7 clearly highlights the SEC’s expectation that a CCO (i) interact frequently with the adviser’s personnel, (ii) be intimately involved in or familiar with the operations of the adviser, and (iii) has the authority and expertise to effectively perform his or her compliance responsibilities. This Risk Alert expresses the SEC’s concerns associated with outsourcing the CCO function and the ability of such outsourced resources to meet the requirements of the Advisers Act. The staff’s concerns generally appear to be addressed when outsourced CCOs (i) frequently and personally interacted with fund and advisory employees, (ii) had sufficient resources to perform their duties, and (iii) were empowered to independently obtain records required for a meaningful and accurate annual review.8

OUTSOURCING AND SUPPORT: A WAY FORWARD

In light of the foregoing concerns and observations, one approach would be to couple an internal CCO or compliance team with an expert third-party law firm or consultant that can provide the CCO much-needed support. Internal CCOs with the authority and expertise to perform their responsibilities would typically possess the intimate knowledge of the firm’s business and operations required to effectively identify risks and manage compliance programs. However, without experienced support, CCOs typically find it difficult to effectively and consistently perform all of their compliance responsibilities.

Below is a summary of services that can be provided to support an internal compliance team, including the CCO:

• Providing independent, targeted reviews of critical areas of concern, such as new business initiatives or areas identified as requiring remediation;

• Assisting the CCO/CRO in developing risk assessments in light of regulatory guidance and industry standards;

• Working with operational heads, compliance, and legal in developing policies and supervisory guidelines that are tailored to the actual business practices of the firm;

• Using a provider as an “on-call” team member to provide regulatory guidance on “hot-button” issues, or complex regulatory matters;

• Providing independent training on key regulatory matters for employees, senior management, and board members;

• Providing pre-exam and on-site examination support in connection with regulatory examinations;

• Providing critical legal and compliance advice in connection with the launch of a new mutual or private fund;

• Providing critical interpretative guidance and/or assistance with implementing AML programs; and

• Conducting independent “mock” SEC exams or similar reviews.

These services can be an indispensable part of an effective compliance program. In utilizing the foregoing approach in conjunction with one or more of these services, CCOs can help foster a strong culture of compliance within their firms and avoid the deficiencies identified by the staff in the Risk Alert.

-----------------------------------------------

1 National Exam Program Risk Alert, Vol. V, Issue 1, November 9, 2015 (Risk Alert), p. 1.
2 See SEC, Compliance Programs of Investment Companies and Investment Advisers, Release Nos. IA-2204 and IC-26299 (December 17, 2003) ("Adopting Release").
3 Risk Alert, p. 4.
4 See Adopting Release.
5 Risk Alert, p. 4.
6 The staff noted, “Some standardized risk checklists utilized by outsourced CCOs were generic and did not appear to fully capture the business models, practices, strategies, and compliance risks that were applicable to the registrant.” Risk Alert, p. 4
7 The staff, in its concluding remarks, stated that “each registrant is ultimately responsible for adopting and implementing an effective compliance program and is accountable for its own deficiencies.” Accordingly, they should “evaluate whether their business and compliance risks have been appropriately identified, their policies appropriately tailored in light of their business and associated risks.” Risk Alert, p. 7.
8 Risk Alert, p. 3.

Related Articles

CEO Acquitted of Securities Fraud Charge


by Bart Daniel

On April 19, 2017, after a two-week trial, a federal jury unanimously acquitted Revolutions Medical Corporation (RMCP) CEO Rondald Wheet on all three counts of securities fraud and false filings with the Securities and Exchange Commission (SEC).

CEO Acquitted

SEC Whistleblower Awards Are Spiraling. Could It Be Part of MeToo Movement?


by John Ettorre

The MeToo movement has had an unexpected impact on SEC-related whistleblower cases, and many are receiving substantial payouts for the financial fraud they are reporting.

Rise in Whistleblowing a Result of MeToo

All Together With Pride: The Best Lawyers Team Volunteers During Pride Month


by Megan Edmonds

Offering time, muscle power, donations and more, the Best Lawyers team supports local advocacy groups’ events.

The Best Lawyers Team Volunteers During Pride

Announcing the 2022 Best Lawyers in Japan


by Best Lawyers

The results include an elite field of top lawyers and firms.

Announcing the 2022 Best Lawyers in Japan

Hey, Big Lender


by Catherine M. Brennan and Latif Zaman

A contentious proposed federal rule would establish “true lender” guidelines for banks and third parties. Does Colorado show the way forward?

Financial Institution

A Decade of Excellence


by Joseph Begonis

Nine firms weigh in on issues that will shape the legal industry in 2020.

2020 Best Law Firms® "Law Firm of the Year"

A Global Approach to Settlement


by Bradley A. Klein, Gretchen M. Wolf, Mayra C. Suárez and Peter Y. Cheun

The Department of Justice, in pursuit of companies whose transgressions cross borders, increasingly credits other countries’ fines to avoid “piling on.”

A Global Approach to Settlement

Property Rights...and Wrongs


by Chad Cooper and Steven S. Kaufman

Winning a legal battle often boils down to finding and targeting the weakest part of an opponent’s case. Four recent real estate disputes in northeast Ohio are good examples.

Strategies for Real Estate Litigation

Uninsured Flying Objects


by Claire O'Rourke, Laura Beth Cohen and Marialuisa S. Gallozzi

As drones and other “unmanned aerial vehicles” increasingly crowd the skies, the law—and insurance policies—will have to figure out how best to bring them back safely to terra firma.

Insurance Regulations for Drones

A Sea Change on Land


by Linda A. Klein and Suneel Gupta

Autonomous vehicles will revolutionize almost every area of the law. Here’s a look at what’s rapidly approaching.

Legal Considerations for Autonomous Vehicles

Why Stablecoins Will Be Regulated


by Mladen Milovic

In Order To See Adoption, Stablecoins Must Clear These Hurdles

Why Stablecoins Will Be Regulated

Changing for the Better


by Justin Smulison

Joseph Brophy’s Austin-based boutique firm comprises some of the most talented and experienced civil litigators in Texas.

Betting on Finance, Civil Litigation Success

Q&A with Ricardo Coelho and Júlio César Bueno of 2018 Brazilian “Law Firm of the Year” Pinheiro Neto Advogados’ Project Finance and Development Practice


by Best Lawyers

Can you tell me about the characteristics that make up your law firm and the project finance in development practice that led to being recognized as a “Law Firm of the Year”?

Q&A with Pinheiro Neto Advogados Project Fina

Sounding Out the Supreme Court of Canada on Utility


by Daphne Lainson

Supreme Court of Canada

Spoliation Allegations Spread into Arbitration


by Elizabeth Del Cid and Katherine McGrail

Spoliation into Arbitration

FinTech at the Crossroads


by Rob Scavone, Pat Forgione, Tayleigh Armstrong, and Kelly Kan

Regulating the Revolution

Fintech at the Crossroads

Trending Articles

Announcing the 2023 The Best Lawyers in America Honorees


by Best Lawyers

Only the top 5.3% of all practicing lawyers in the U.S. were selected by their peers for inclusion in the 29th edition of The Best Lawyers in America®.

Gold strings and dots connecting to form US map

Announcing the 2022 Best Lawyers® in the United States


by Best Lawyers

The results include an elite field of top lawyers listed in the 28th Edition of The Best Lawyers in America® and in the 2nd Edition of Best Lawyers: Ones to Watch in America for 2022.

2022 Best Lawyers Listings for United States

2021 Best Lawyers: The Global Issue


by Best Lawyers

The 2021 Global Issue features top legal talent from the most recent editions of Best Lawyers and Best Lawyers: Ones to Watch worldwide.

2021 Best Lawyers: The Global Issue

The U.S. Best Lawyers Voting Season Is Open


by Best Lawyers

The voting season for the 31st edition of The Best Lawyers in America® and the 5th edition of Best Lawyers: Ones to Watch® in America is officially underway, and we are offering some helpful advice to this year’s voters.

Golden figures of people standing on blue surface connected by white lines

How To Find A Pro Bono Lawyer


by Best Lawyers

Best Lawyers dives into the vital role pro bono lawyers play in ensuring access to justice for all and the transformative impact they have on communities.

Hands joined around a table with phone, paper, pen and glasses

What the Courts Say About Recording in the Classroom


by Christina Henagen Peer and Peter Zawadski

Students and parents are increasingly asking to use audio devices to record what's being said in the classroom. But is it legal? A recent ruling offer gives the answer to a question confusing parents and administrators alike.

Is It Legal for Students to Record Teachers?

How Palworld Is Testing the Limits of Nintendo’s Legal Power


by Gregory Sirico

Many are calling the new game Palworld “Pokémon GO with guns,” noting the games striking similarities. Experts speculate how Nintendo could take legal action.

Animated figures with guns stand on top of creatures

The Best Lawyers in Australia™ 2024 Launch


by Best Lawyers

Best Lawyers is excited to announce The Best Lawyers in Australia™ for 2023, including the top lawyers and law firms from Australia.

Australian Parliament beside water at sunset

Inflation Escalation


by Ashley S. Wagner

Inflation and rising costs are at the forefront of everyone’s mind as we enter 2023. The current volatile market makes it more important than ever to understand the rent escalation clauses in current and future commercial lease agreements.

Suited figure in front of rising market and inflated balloon

Best Lawyers: Ones to Watch in America for 2023


by Best Lawyers

The third edition of Best Lawyers: Ones to Watch in America™ highlights the legal talent of lawyers who have been in practice less than 10 years.

Three arrows made of lines and dots on blue background

A Celebration of Excellence: The Best Lawyers in Canada 2024 Awards


by Best Lawyers

As we embark on the 18th edition of The Best Lawyers in Canada™, we are excited to highlight excellence and top legal talent across the country.

Abstract image of red and white Canada flag in triangles

8 Different Types of Criminal Defenses in Law


by Best Lawyers

Learn about the different types of criminal defenses available in law, including innocence, self-defense, insanity and more. Protect your rights today.

Silver handcuffs laying on finger printed papers

Wage and Overtime Laws for Truck Drivers


by Greg Mansell

For truck drivers nationwide, underpayment and overtime violations are just the beginning of a long list of problems. Below we explore the wages you are entitled to but may not be receiving.

Truck Driver Wage and Overtime Laws in the US

The Upcycle Conundrum


by Karen Kreider Gaunt

Laudable or litigious? What you need to know about potential copyright and trademark infringement when repurposing products.

Repurposed Products and Copyright Infringemen

Choosing a Title Company: What a Seller Should Expect


by Roy D. Oppenheim

When it comes to choosing a title company, how much power exactly does a seller have?

Choosing the Title Company As Seller

The 2024 Best Lawyers in Spain™


by Best Lawyers

Best Lawyers is honored to announce the 16th edition of The Best Lawyers in Spain™ and the third edition of Best Lawyers: Ones to Watch in Spain™ for 2024.

Tall buildings and rushing traffic against clouds and sun in sky