Annual Updating Reminder

Each state and federally registered investment adviser must file an annual updating amendment to its Form ADV Part 1A and Part 2A (the Brochure). The annual amendment must be filed within 90 days of the adviser’s fiscal year end via the Investment Adviser Registration Depository. This means that an adviser with a December 31 fiscal year end must file by March 30, 2016.

In addition, within 120 days of its fiscal year end, each adviser must deliver to clients the updated Brochure. Alternatively, an adviser may deliver a summary of material changes accompanied by an offer to provide the updated Brochure free of charge.

Uncertainty Among Chief Compliance Officers

The Securities and Exchange Commission appeared to place increased scrutiny on Chief Compliance Officers in 2015. Specifically, the SEC brought three noteworthy enforcement actions this year where the CCO was personally held liable for failing to create and implement compliance policies and procedures that should have detected the alleged fraud occurring at the firms.[1] Realizing that the recent enforcement actions had CCOs feeling uneasy, two SEC Commissioners released public statements in support of CCOs and acknowledged the important role they play in investor protection. One Commissioner stressed that the SEC does not bring enforcement actions against CCOs “who take their jobs seriously and do their jobs competently, diligently, and in good faith to protect investors.”[2]

Even with the SEC’s attempts to reassure CCOs, it is hard not to take note of the three enforcement actions this year. In the midst of such uncertainty, advisers and their CCOs should continue to review their policies and procedures and ensure such policies and procedures are tailored to their advisory business model. Additionally, as part of the annual review, advisers and their CCOs should confirm that all of the written policies and procedures are actually being implemented and that such implementation is being documented.

Exam Priority Heading into New Year: Cybersecurity

Since 2014 the Office of Compliance Inspections and Examinations has issued multiple risk alerts regarding cybersecurity. In 2015 the Division of Investment Management joined the OCIE by issuing a cybersecurity guidance update. So, it should come as no surprise that the SEC recently brought its first cybersecurity-related enforcement action. In September, the SEC settled charges with an adviser for failure to establish the required cybersecurity policies and procedures in advance of a breach that comprised the personally identifiable information of clients. The firm responded promptly and there was no indication of financial harm to the firm’s clients, however, the SEC still brought the enforcement action which resulted in a $75,000 penalty. The SEC has made its expectations clear: it expects, advisers to have written cybersecurity policies and procedures in place that are tailored to each adviser’s business.

[1] In the Matter of SFX Financial Advisory Management Enterprises, Inc. and Eugene S. Mason, Advisers Act Release No. 4116 (June 15, 2015); In the Matter of Blackrock Advisors, LLC and Bartholomew A. Battista, Advisers Act Release No. 4065 (Apr. 20, 2015); In the Matter of Fenway Partners, LLC, Peter Lamm, William Gregory Smart, Timothy Mayhew, Jr., and Walter Wiacek, CPA, Advisers Act Release No. 4253 (November 3, 2015).

[2] Commissioner Daniel M. Gallagher, Statement on Recent SEC Settlements Charging Chief Compliance Officers with Violations of Investment Advisers Act Rule 206(4)-7, (June 18, 2015), available here. Luis A. Aguilar, The Role of the Chief Compliance Officers Must be Supported, (June 29, 2015), available here.