The SEC’s Office of Compliance Inspections and Examinations has published its Core Initial Request for Information for Investment Adviser Examinations.
The initial phase of an examination includes a review of the firm’s business and investment activities, its organizational affiliations and its corresponding compliance policies and procedures. The staff will request information and documents and speak with the firm’s employees to ensure an understanding of the firm’s business and investment activities and the operation of its compliance program. Using the information obtained, the staff will assess whether the firm’s compliance policies and procedures appear to effectively address the firm’s compliance risks. This work includes testing the firm’s compliance program in particular areas.
The following points provide an overview of the core information the staff requests:
- Certain general information to provide an understanding of the firm’s business and investment activities, including organizational charts, demographic and other data regarding advisory clients, and a record of all trades placed for its clients (trade blotter).
- Information about the compliance risks that the firm has identified (e.g., an inventory of compliance risks) and the written policies and procedures the firm has established and implemented to address each of those risks to provide an understanding of the firm’s compliance risks and corresponding controls.
- Documents relating to the results of and output from the various transactional (quality control) and period (forensic) testing conducted to provide an understanding of how effectively a firm has implemented its compliance policies and procedures. This includes the results of any compliance reviews, quality control analyses, surveillance, forensic or transactional tests the firm has used to determine if activities have been performed as expected and to identify activities or transactions that have fallen short of or breached related policies and procedures.
- Information regarding the results of any tests and follow-up actions taken by the firm to address shortfalls or breaches revealed by such tests to provide an understanding of steps taken by the firm to address the results of compliance reviews, quality control, forensic or transactional tests conducted. This information might include, for example, warnings to or disciplinary action of employees, changes in policies or procedures, redress to affected clients, or other measures.
- Information to perform testing for compliance in various areas.