SEC exam prep: What to expect in second half 2015

The U.S. Securities and Exchange Commission's (SEC's) 2015 examination priorities (PDF) are very different in scope and structure from those of previous years. For instance, they are considerably more concise and less detailed. As we head into the second half of the year, below are a few reminders of the scope of the 2015 priorities advisers should be cognizant of in preparation for a possible examination by the SEC.

Download in PDF Form

Unlike previous years, the 2015 priorities are no longer broken down into a general part discussing initiatives applicable to all financial institutions, followed by a sector ­specific section for market participants. Instead, the SEC focused on three thematic areas relevant to all participants across the board, as well as a fourth area of "other" initiatives containing a number of disparate priorities of importance to the SEC. The three thematic areas are:

  • Protection of retail investors, including their participation in liquid alternatives
  • Market risks, including most prominently cybersecurity and
  • The use of data analytics. Other initiatives include proxy voting, private equity fees and expenses, and never ­before examined registered investment companies.

In the first half of the year, we have seen significant movement on some of the topics highlighted in the 2015 priorities. In particular:


On April 28, 2015, the SEC's Division of Investment Management released new guidance regarding cybersecurity (PDF) for registered investment advisers and investment companies. It encouraged registrants to:

  • Conduct a periodic assessment of their needs
  • Create an incident response plan to prevent, detect, and respond to cybersecurity threats Adopt written policies and procedures, as well as training programmes, to inform their employees about prevention and detection and
  • Assess the operations and cybersecurity protections of their service providers.

Importantly, the SEC identified the legal basis for the obligation of investment advisers to protect their systems. They include Regulation S­P on data privacy protection and Regulation S­ID on identity theft red flags.

Laying down the legal premises for an adviser's obligation to fend against a cybersecurity attack could signal the beginning of enforcement actions in this area, especially if a breach occurs and consumers are harmed. In late­ February 2015, at the annual SEC Speaks conference, David Glockner, the director of the SEC's Chicago Regional Office, said that "cyber security... is an area where we have not brought a significant number of cases yet, but is high on our radar screen."

There is a new wave of exams coming up, as well. In an April 2014 Risk Alert (PDF), the SEC set forth a set of questions that it expected advisers and broker ­dealers to be able to answer in an examination. It subsequently conducted 100 sweep exams based on those questions.

The SEC intends to perform a second phase of the initiative in the summer of 2015, including onsite visits. Last year's sweep did not feature such visits, so this is a new component of the program.

Investment Companies

Alternative investment companies (also called "liquid alts") have grown exponentially during the last year and have attracted the SEC's attention. Currently, liquid alts account for one third of the inflows in the entire mutual fund industry and were the focus of several high ­profile SEC speeches last year, as well as an exam sweep. This initiative mimics prior ones from mid­ 2014, and their focus areas are based squarely on protections afforded under the Investment Company Act of 1940.

To be prepared, current mutual fund companies and those advisers considering adoption of the structure are well advised to consider their funds from top­ to ­bottom. Funds must examine their capital structures and borrowing limits, while advisers should remember that the Investment Company Act custody rule is strict regarding the segregation of fund assets. Offerors of liquid alts should confirm the extent and clarity of disclosure for all possible alternative investments used, limits, and all potential risks.

Fees and Expenses

Fees and expenses are another important exam priority for 2015, especially for private equity firms. Deficiencies in this area were first highlighted last year in the highly ­publicized speech on "Spreading Sunshine in Private Equity" by Andrew Bowden, the former director of the SEC's Office of Compliance Inspections and Examinations (OCIE).

Showing just how priority ­focused the SEC is, the commission has recently taken notable enforcement actions (PDF) against firms for participating in questionable billing practices. The Enforcement Division has also clearly stated that fees and expenses will be a top priority and that more actions are to be expected.

Additionally, acting OCIE Director Marc Wyatt recently reiterated some of the issues highlighted by Bowden. "One of the most common and often cited practices in this area involves shifting expenses away from parallel funds created for insiders, friends, family, and preferred investors to the main co­mingled, flagship vehicles," Wyatt said in a speech to Private Equity International.

"Frequently, operational expenses, broken deal expenses, and even the formation expenses of the side ­by ­side vehicle are borne by investors in the main fund. Some of these expense items are small, but some, such as the broken deal expenses of an active fund, can be quite large. This practice can be a difficult one for investors to detect but easy for examiners to test."

Never-­before-­examined investment companies

Importantly, the SEC also released a risk alert (PDF) in April 2015, which announced its intention to conduct risk ­based examinations of never-before-­examined registered investment companies (RICs).

If a firm is affiliated with an RIC that has never been examined, it is now considered a high priority for SEC examiners.

We expect the above focus areas to be at the center of the SEC's mind in the second half of 2015, and firms should take a fresh look to ensure their policies and procedures are adequately addressing these topics.


Get the latest compliance news and insights - delivered weekly. The SEC3 Communique covers all compliance topics. CCO3 focuses on CCO topics.
tip: check both to keep informed!


SEC3 Newsletter

Commentary: How Compliance Officers & Firms Can Help Limit CCO Personal Liability This article originally appeared on the Thomson Reuters Regulatory Intelligence subscription service for compliance and risk professionals and is... read more »

Wishing One-and-All a Happy, Healthy and Prosperous New Year

We hope each of you found some peace and tranquility in the company of loved ones this holiday season and want to wish one-and-all a happy, healthy and prosperous New... read more »

Understanding How to Mitigate Liability and Navigate Insurance Options (Part II)

In June, we shared our thoughts around common insurance gaps and insurance riders that CCOs as well as managers should understand. One of the gaps we shared related to pre-claim... read more »

Cybersecurity - What have we learned and what have we done?

Regulatory Landscape In April 2015, the Securities and Exchange Commission ("SEC's") Division of Investment Management issued a guidance update, identifying cybersecurity as a critical issue. Several regulators are in fact focusing... read more »

Gatekeepers in SEC Crosshairs

Ever since the enforcement cases were announced as part of the SEC’s “Operation Broken Gate,” the SEC enforcement division has continued to ramp up scrutiny of gatekeepers including third-party service... read more »

Anna M. Bencrowsky, CRCP, CMFS Joins SEC3

We are pleased to announce that Anna M. Bencrowsky, CRCP, CMFS has joined SEC3 as a Senior Consultant. Prior to joining SEC3, Anna held several executive compliance positions. Anna recently retired... read more »


Upcoming Events - September & October 2017

Upcoming Events Don’t miss the opportunity to meet with us in person to discuss the topics that matter most to you. SEC3 is teaming up with industry experts in NYC to discuss...

May 23, 2017 - Webcast: WannaCry Ransomware: Were You Really Protected or Just L…

When: Tuesday, May 23rd, 2017 | Schedule: 12pm - 1pm EST Who: Paul Caiazzo, CEO and Co-Founder, TruShield Security Solutions Michael Brice, Founder, BW Cyber Services John Lukan, Managing Director, SEC Compliance Consultants, Inc. We...

June 14, 2017 - Compliance Breakfast Briefing

8:30-9:00am - Networking and Continental Breakfast 9:00-10:30am - Program Location: Willkie Farr & Gallagher LLP | 600 Travis Street | Suite 2310 | Houston, TX Barry Barbash from Willkie Farr & Gallagher LLP,...

June 13, 2017 - Compliance Breakfast Briefing

8:30-9:00am - Networking and Continental Breakfast 9:00-10:30am - Program Location: Haynes and Boone, LLP | 2323 Victory Avenue | Suite 700 | Dallas, TX 75219 Validated parking is available in the garage attached...

May 31, 2017 - Chicago

9:00-9:30 a.m - Networking and Continental Breakfast 9:30-11:00 a.m - Program Location: Baker & McKenzie LLP | 300 East Randolph Drive | Suite 5000 | Chicago, IL 60601 Kristin Gonzalez and Jerome Tomas...

May 17, 2017 (NYC WIMF)

This event is by invitation only. Please email to learn more.

May 15, 2017 (NYC Chief Compliance Officer Roundtable)

9:00-9:30am - Networking and Continental Breakfast 9:30-11:00am - Program Location: Blank Rome LLP | The Chrysler Building | 405 Lexington Avenue | New York, NY 10174 | 22nd Floor Boardroom | Phone:...

Webcast: The Most Insidious Cybersecurity Threat Is Also The Least Understood

When: Tuesday, April 25th | Schedule: 12pm - 1pm EST Who: Paul Caiazzo, CEO and Co-Founder, TruShield Security Solutions Michael Brice, Founder, BW Cyber Services John Lukan, Managing Director, SEC Compliance Consultants, Inc. Ransomware, the...

CCO Liability (Part III): Managing Liability Webinar

In this webinar, panelists discuss indemnifications and insurance as potential remedies to address the direct financial risks to a CCO. Attendees will learn: What terms and conditions should Chief Compliance Officers be...

Webinar: CCO Liability (Part III): Managing Liability: Navigating Indemnities an…

When: Tuesday, February 21, 2017 Schedule: 11:00am ET / 10:00am CT / 9:00am MT / 8:00am PT / 7:00am AT Description of Webinar: The National Society of Compliance Professionals is pleased to host...

Webcast: SEC 2017 Examination Focus Area – Cybersecurity Testing

Penetration Testing & Vulnerability Assessments - Examining the SEC & FINRA Requirements When: Wednesday, January 25th | Schedule: 12pm - 1pm EST Who: Paul Caiazzo, CEO and Co-Founder, TruShield Security Solutions Michael Brice, Founder,...

Chief Compliance Officer Roundtable: Breakfast Briefing

When: October 20, 2016 Where: Blank Rome LLP | The Chrysler Building | 405 Lexington Avenue | New York, NY 10174 | 22nd Floor Boardroom | Phone: 212.885.5000 Thomas Westle and Janaya...

Practicing Law Institute - Hedge Fund Management 2016

When: September 15, 2016 Where: New York & concurrent webcast | 1177 Avenue of the Americas | New York, NY 10036 Schedule: 9:00 am – 5:00 pm Janaya Moscony, President of SEC3 will...


When: April 13, 2016 Where: Blank Rome LLP | The Chrysler Building | 405 Lexington Avenue | New York, NY 10174 22nd Floor Boardroom Thomas Westle and Janaya Moscony, along with industry experts,...


When: November 17, 2015 Where: Convene Midtown East | 730 Third Avenue | New York, NY 10017 Janaya Moscony, President, SEC Compliance Consultants, Inc. will be moderating a...