Skip to main content
Contact Us
Careers

Search

Weaver Connect

Payment Portal Client Login MyWeaver Weaver Alumni Login
Home    /    Insights & Resources

Preparing for a SEC Exam: 4 Ways to Reduce Risk

Resource & Insights
July 31, 2017

Never miss a thing.

Reach out to our team and we'll start a conversation.

Connect

In recent years, the Securities and Exchange Commission’s Office of Compliance Inspections and Examination (OCIE) has ramped up its examination efforts. The office administers the national exam program for registered entities, with the stated purposes of promoting compliance, preventing fraud, identifying risk and informing policy. But OCIE has been shifting away from what was once a preventative function and toward more comprehensive investigations, acting as a channel for the SEC’s Division of Enforcement.

Broker-dealers and investment advisors – particularly those that have yet to be examined – should take extra caution when preparing for an OCIE examination. Added precaution and a laid-out plan can ensure that the process runs as smoothly as possible, reducing the risk of an examination turning into enforcement action. A smooth examination will also set the tone for any future examinations.

The What and Why of OCIE Exams

One of the first steps in effectively preparing for an OCIE examination is to get ahead of it: Know what OCIE’s priorities are and how they apply to your firm, and ensure that your firm’s policies, procedures and controls align with the risk areas that are on OCIE’s radar.

An OCIE examination will generally fall into one of four categories:

  • A routine exam, which follows a schedule based on a firm’s risk profile;
  • A “for cause” exam, after the SEC receives a tip regarding a potential issue;
  • A “sweep,” where OCIE conducts an investigation across a number of firms, based on a set of targeted business practices (for example, OCIE’s 2015 sweep of nearly 50 firms and their cybersecurity programs and controls); or
  • An oversight exam, generally reserved for broker-dealers that have recently been subject to a Financial Industry Regulatory Authority (FINRA) examination.

In January, OCIE issued its priority areas for 2016, which include protecting retail investors, assessing market wide risks, and making better use of data analytics to identify registrants that may be involved in illegal activity.

While these priorities largely mirror themes from 2015, there are a few areas within each that are new, including a focus on Exchange Traded Funds (ETFs) and public pension advisers.

Continued focus will be placed on cybersecurity compliance and controls, as well as Regulation Systems Compliance and Integrity (SCI) entities, liquidity controls, and broker-dealers that have become new or expanded liquidity providers. Additionally, OCIE will continue with annual examinations of clearing agencies designated as systemically important.

Turning to data analytics, OCIE will focus on a firm’s anti-money laundering (AML) programs; that is, which firms are following AML compliance procedures and which aren’t.

How to Prepare

In the event that your firm is subject to an examination – you will typically be given one-month notice –  there are a few best practices that should be applied.

  • Bring in outside counsel. Seek outside counsel early on in the process. Outside counsel’s involvement will help ensure you’re aware of your requirements before the examination starts and will also signal to OCIE that you’re taking this matter seriously. Outside counsel can walk you through a mock-up exam – without implicating general counsel – and can help you avoid common pitfalls, such as waiving attorney-client privilege or work-product protection.
  • Notify and involve staff. Your staff will play a critical role during the examination. Advise staff that an examination is happening, explain what will be required of them, and clearly identify roles and responsibilities. Any employee involved in the examination process – whether management or not – should know what to expect. This will reduce confusion during the examination, which otherwise could result in red flags for the OCIE examiners.
  • Be transparent. Openness should be your firm’s main objective throughout the examination process. Work with OCIE, not against OCIE. Make it clear to your firm that during any discussions with OCIE examiners, employees should not omit information. Should OCIE examiners become aware of omitted information, they will often turn to FINRA’s Department of Enforcement. At the same time, employees should not guess answers to an examiner’s questions. Ensure that employees understand that not knowing the answer is an acceptable response as well.
  • Document everything. Before the examination starts, document and catalog all compliance training material and records in a manner that is easy for examiners to disseminate and that demonstrates your firm’s commitment to compliance. While OCIE will likely identify areas where compliance training programs could use improvement, demonstrating a culture that takes compliance seriously will reduce the risk of violations being reported to the Department of Enforcement.

As OCIE continues to ramp up its examination efforts, firms mustn’t overlook the possibility of an examination, particularly as the industry continues to be exposed to increased risks – cyber, AML, new entrants and increased use of third-party services, to name a few. Clear identification of roles and responsibilities and a preparation plan will cut down on unnecessary confusion during the process, and reduce the risk of enforcement.