OCIE’s Top 5 RIA Deficiency Letter Topics

The Five Most Frequent Compliance Topics Identified in OCIE Examinations of Investment Advisers


On February 7, 2017, the U.S. Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) released a Risk Alert discussing the five most frequent compliance topics identified in deficiency letters sent to over 1,000 SEC-registered investment advisers during the last two years. Included within each topic are a few examples of typical deficiencies discussed and issues that examiners commonly identified.

Compliance Rule

Rule 206(4)-7 makes it unlawful for an adviser to provide investment advice unless it (1) adopts and implements written policies and procedures reasonably designed to prevent violation by the adviser and its supervised persons, of the Advisers Act and the Rules adopted under the Act; (2) reviews, no less frequently than annually, the adequacy of its policies and procedures, and the effectiveness of their implementation; and (3) designates a Chief Compliance Officer responsible for administering the compliance policies and procedures.


  • Compliance manual are not reasonably tailored to the adviser’s business practices. For example, compliance programs did not take into account important individualized business practices such as the adviser’s particular investment strategies, types of clients, trading practices, valuation procedures and advisory fees. Some advisers use “off-the-shelf” compliance manuals that have not been tailored to the adviser’s individual business practices.
  • Annual reviews are not performed or did not address the adequacy of the adviser’s policies and procedures. Advisers did not conduct annual reviews of the policies and procedures; conducted annual reviews that did not address the adequacy of their policies and procedures and the effectiveness of their implementation; or advisers did not address or correct problems identified in their annual reviews.
  • Adviser does not follow compliance policies and procedures. For example, not performing certain internal reviews of their practices as required by their compliance manual or advisers did not adhere to certain practices related to marketing, expenses, or employee behavior required by their compliance manual.
  • Compliance manuals are not current. Certain compliance manuals contained information or policies that are no longer current, such as investment strategies that were no longer pursued or personnel no longer associated with the adviser and stale information about the firm.

Regulatory Filings

Advisers are obligated to timely file accurate regulatory filings such as Form ADV at least annually within 90 days of the end of their fiscal year; advisers to one or more private funds with fund assets of at least $150 million must file Form PF, and generally Rule 503 under Regulation D of the Securities Act, requires issuers to file Form Ds, advisers typically file on behalf of private fund clients.


  • Inaccurate disclosures. Inaccurate disclosures were found on either ADV Part 1A or in Form ADV Part 2A brochures, such as inaccurately reporting custody information, regulatory assets under management, disciplinary history, types of clients, and conflicts.
  • Untimely amendments to Form ADVs. Advisers did not amend their Form ADVs when certain information became inaccurate or timely file their annual updating amendments.
  • Incorrect and untimely Form PF filings. Form PF was not accurate or complete.
  • Incorrect and untimely Form D filings. Form D was not accurately completed and timely filed.

Custody Rule

An adviser has custody of client cash or securities if it or its related person holds, directly or indirectly, client funds or securities or has any authority to obtain possession of them.  For example, an adviser that serves as the general partner, managing member or other comparable position of a pooled investment vehicle generally has custody of client assets because the position typically gives legal ownership or access to client funds and securities. An adviser also has custody if it has an arrangement under which it is authorized or permitted to withdraw client funds or securities.


  • Advisers did not recognize that they may have custody due to online access to client accounts. Online access to client accounts may meet the definition of custody when it provides the adviser the ability to withdraw funds and securities from the client accounts. Custody as a result of access to online accounts using clients’ personal usernames and passwords may not have been properly identified.
  • Advisers with custody obtained surprise examinations that do not meet the requirements of the Custody Rule. Advisers failed to provide independent public accountants performing surprise examinations with a complete list of accounts over which the adviser had custody or or didn’t provide information to accountants to permit for the timly filing of accurate Form ADV-Es. Staff also observed indications suggesting that the surprise examinations were not conducted on a “surprise” basis (e.g., exams were conducted at the same time each year.)
  • Advisers did not recognize that they may have custody as a result of certain authority over client accounts. Advisers did not recognize that they may have custody over client accounts as a result of having (or related persons having) powers of attorney authorizing them to withdraw client cash and securities. Other examples include when advisers or related persons served as trustees of clients’ trusts or general partners of client pooled investment vehicles.

Code of Ethics Rule

Advisers are required to adopt and maintain a code of ethics which must contain a number of requirements which include (1) establish a standard of business conduct for all supervised persons; (2) “access” persons to periodically report their personal securities transactions and holdings; and (3) require access persons to obtain the advisers pre-approval before investing in an IPO or private placement. An adviser must also provide each supervised person with a copy of the code of ethics and any amendments, and require supervised persons to acknowledge its receipt in writing. Advisers must also describe the code of ethics in its Form ADV part 2A brochure and indicate that it is available to any client or prospective client upon request.


  • Access persons not identified. Access persons (e.g., certain employees, partners or directors) were not identified for purposes of reviewing personal securities transactions.
  • Codes of ethics missing required information. Code of ethics did not specify review of the holdings and transactions reports, or did not identify the specific submission timeframes, as required by the Code of Ethics Rule.
  • Untimely submissions of transactions and holdings. Access persons submitted transactions and holdings reports less frequently than required by the Code of Ethics Rule.
  • No description of code of ethics in Form ADVs. A description of the code of ethics was missing from Part 2A of Form ADV and did not indicate that the code of ethics was available to any client or prospective client upon request.

Books and Records Rule

Advisers are required to make and keep certain books and records relating to their investment advisory business, including typical accounting and other business records as required.


  • Did not maintain all required records. Not all documents were maintained as required by the Books and Records Rule, such as trade records, advisory agreements and general ledgers.
  • Books and records are inaccurate or not updated. Staff observed errors and omissions in adviser books and records, such as inaccurate fee schedules and client records or stale client lists.
  • Inconsistent recordkeeping. Advisers maintained contradictory information in separate sets of records.


Risk Alert ›



Comments are closed.