Top 6 SEC Compliance Deficiencies

Did you know?



Approximately 60% of all deficiencies identified by SEC Staff during examinations of registered investment advisers fall into merely six (6) categories.


1. Compliance Rule

2. Disclosure

3. Fiduciary Duty

4. Code of Ethics

5. Advertising Rule

6. Custody Rule


This fact was presented by the SEC’s Office of Compliance Inspections and Examinations’ (OCIE’s) assistant director, Renee Esfandiary, at an industry compliance conference in February 2016 and is consistent with what we’ve seen when recently conducting Mock SEC Exams.  But within each of these compliance areas, several potential deficiencies exist.  We’ve identified the more common ones below.


Compliance Rule

Common Deficiencies

  • No written policies and procedures
  • Inadequate policies and procedures
  • Written policies and procedures do not correspond with actual practices (i.e., written P&P is not being followed)
  • Claiming to have conducted annual reviews or other testing of policies and procedures, but unable to provide documentation to support that claim

Our Perspective

Keep your P&P simple – write only what you actually do, not what you think you should do nor what you want to do in the future.


Rule 206(4)-7 requires that every Registered Investment Adviser (“RIA”) must:

  • Adopt and implement written policies and procedures reasonably designed to prevent violation of the Investment Advisers Act of 1940 and the rules promulgated thereunder;
  • Review the adequacy of those policies and procedures and the effectiveness of their implementation, no less frequently than annually; and
  • Designate a supervised person to be responsible for administering the policies and procedures (“the CCO”).



Common Deficiencies

  • Not providing Form ADV Part 2A to prospective clients
  • Answers to Form ADV Part 1A and information on Part 2A are inconsistent
  • Inaccurate information on the Form
  • Inconsistencies between the Form and the written P&P
  • Not notifying clients of a material change.

Our Perspective

This is probably the single most important document to be filled out accurately.  We suggest that it be reviewed by every member of the firm.


Rule 204-3 states that RIAs have an obligation to provide information to clients and prospective clients about the firm and how it operates. This is done:

  • Initially, by providing the required information in Form ADV Part 2 (aka firm brochure) and delivering it to each client, prior to or at the time of the signing of the contract.
  • Annually, by either providing an updated Form ADV Part 2 or providing a summary of material changes with an offer to provide an updated Form ADV Part 2.
  • Every time there is a material change, by notifying the client of that material change.


Fiduciary Duty

Common Deficiencies

  • Favoring one client or the firm over another client, especially when in violation of the firm’s own policies and procedures
  • Failure to disclose conflicts of interest

Our Perspective

The requirement is not to treat each client equally, but to treat each client fairly. Taking advantage of a client though an undisclosed conflict of interest is an easy way to change a deficiency into an enforcement case. Disclose, disclose, disclose.


Section 206 of the Investment Advisers Act has been interpreted by the Supreme Court to mean that RIAs have an obligation to act in the client’s best interest, and must be able to demonstrate that they have done so.


Code of Ethics

Common Deficiencies

  • Late or missing filing of required reports by Access Persons
  • Lack of documentation of review by the CCO
  • Access Persons having personal trading accounts not being disclosed to the firm, and therefore filing false reports with the firm. (This is a more serious violation.)

Our Perspective

If the firm has adopted and implemented written policies and procedures reasonably designed to prevent violations of the federal securities laws, and the CCO diligently follows those policies and procedures, despite whether an access person conceals a brokerage account for trading in violation of those laws, and lies when filling out reports for the firm, the fault should lie with the individual breaking the law, and not the firm nor the CCO.


Rule 204A-1 requires that RIAs inform supervised persons about and enforce a code of ethics that:

  • describes its standards of business conduct
  • includes a requirement to comply with federal securities laws
  • describes the policies and procedures of the firm with respect to personal trading, and
  • requires access persons to report their personal securities holdings and transactions to the Firm.

The rule also requires that the Firm review the trading of Access Persons, which is typically done by the CCO.


Advertising Rule

Common Deficiencies

  • False or misleading statements,
  • Materials that contain any untrue statement of fact
  • Inadequate disclosure to prevent statements from being misleading
  • Claiming performance returns that you cannot document

Our Perspective

This has been one of the SEC’s most commonly cited deficiencies for 30 years!  Tell the truth, the whole truth, and nothing but the truth.

Learn more about Marketing & Advertising: Staying SEC & GIPS® Compliant.


Rule 206(4)-1 specifically prohibits advertisements that include:

  1. Testimonials
  2. Past Specific Recommendations
  3. Graphs, charts, or formulas that imply securities to buy or sell
  4. Representations that imply something is free that isn’t
  5. False or misleading statements


Custody Rule

Common Deficiencies

  • Not having a surprise examination of client securities
  • Having a surprise examination that is not a surprise
  • Not ensuring that clients are receiving custodial reports on at least a quarterly basis
  • Not disclosing on Form ADV Part 2 that the firm has custody
  • Not realizing that you have custody! This is the most common Custody Rule deficiency.  If you don’t know you have it, you can’t disclose it to clients.

Our Perspective

If you don’t have possession or the ability to touch client assets, it’s okay to say that: “Even though we don’t have physical possession of your assets, because we have your permission to collect our management fees from your brokerage account, we are deemed to have custody.”

Check out our webinar, Clarifying Custody Rule Misunderstandings.


Rule 206(4)-2 states that Advisers are deemed to have custody of client assets if they have possession of or access to those client assets and requires that specific steps be taken to eliminate or mitigate the risk of misappropriation.


Our Final Thoughts

While this article was brief, an entire article could have been written on each of these potential deficiencies.  Each can be avoided with an understanding of the rules and requirements and a reasonable amount of due diligence.  Focus 1 is happy to help with either of those!



One Response to “Top 6 SEC Compliance Deficiencies”

  1. Cynde Lee

    Great summary and reminder on staying compliant.

Comments are closed.