Reducing compliance risk is a top priority for any Registered Investment Adviser (RIA). As the regulatory landscape becomes more stringent, it’s critical to establish robust operational movements that not only meet these requirements but also provide a structured framework to navigate the complexities of the industry. In today’s entry, I’ll look at some key operational strategies that could help you mitigate compliance risk and prepare you for the inevitable audits you will face.
Follow Along With The Financially Simple Podcast!
This week on The Financially Simple Podcast:
-
(0:52) Why do financial advisors cringe at compliance?
-
(2:50) What types of compliance risk might you have?
-
(4:08) The repercussions of non-compliance
-
(5:18) Test your processes and team for weaknesses or holes
-
(7:40) Create a compliance calendar
-
(9:44) Develop a ticketing system
-
(11:55) Build processes and structures for your compliance department
-
(14:02) Integrate compliance with operations
Mitigate Compliance Risk Through Operations
Friends, let me ask you this… If an auditor came into your office today, would you be ready for it? If not, you’re RIA is open to a huge regulatory risk. You see, when we’re discussing compliance audits, it’s not a matter of if, but when. Without proper operational strategies in place to mitigate compliance risk, you could be asking for trouble.
Now, you might be thinking, “Justin, what do operations have to do with compliance?” Well, compliance gives the rules. Operations must provide the structure to meet them. With that in mind, what are some ways you can mitigate compliance risk through your firm’s operations? Let’s take a look!
Create a Compliance Calendar
As a financial advisor, you likely have several important registration and renewal deadlines each year. If you miss any of them, it could cost you tens of thousands of dollars in lost revenue and fines. Fortunately, developing a compliance calendar is a simple way of ensuring you don’t overlook your important compliance deadlines.
Ben Henry-Moreland, Senior Financial Planning Nerd at Kitces.com says, “The annually recurring nature of ongoing RIA compliance tasks makes it highly conducive to create a compliance calendar for a solo RIA (particularly because they must manage it all themselves) which helps to systematize and manage compliance tasks, requirements, and deadlines by breaking them up into discrete steps to complete incrementally throughout the year.” Friends, regulatory compliance can be a very complex animal. Thankfully, as Henry-Moreland points out, the annual deadlines make it easy to systematize your operational compliance maneuvers.
How a Compliance Calendar Influences Operational Movements
You might be thinking, “Okay, Justin… Apart from having the important dates in a calendar, how does a compliance calendar benefit me and my firm?” The truth is a compliance calendar offers a multitude of benefits, including:
- A centralized method of spreading compliance information throughout your RIA.
- Enabling you to plan ahead for your firm’s compliance needs.
- Increased transparency so you can easily monitor progress on compliance measures across your organization.
- Providing peace of mind, knowing that you can easily prepare for compliance audits.
- Facilitating global management. This is especially useful for firms that are spread out across the country (or even multiple nations).
Each of these benefits creates opportunities for your operations team. They can use the calendar as a centralized source of truth to develop internal processes and deadlines for each regulatory requirement. Likewise, having each of your important compliance dates in one location enables you to create more efficient systems for record-keeping. This can help ensure that all materials are easily accessible for each filing or renewal.
Books and Records Requirements
Speaking of ensuring that all materials are readily available, SEC Rule 17a-4 requires that you keep archives of your books and records for at least five years. More than this, it requires you to keep them in an easily accessible space for the first two years they’re archived. This applies to all records and communications regarding performance claims, rate of return claims, and securities recommendations.
Failing to remain compliant with the SEC’s record-keeping requirements could be catastrophic to your RIA. How catastrophic? Well, in 2022, the SEC issued $1.235B in penalties across 17 firms for record-keeping violations. Additionally, each of the offending firms faced mandatory admissions of wrongful conduct and acknowledgments of the violations. So, what can your operations team do to mitigate the compliance risk posed by record-keeping requirements?
Your team could create a ticket system for your compliance department. Each time materials and communications are submitted to compliance, a ticket is generated. After a full review and approval process, the compliance officer would then archive the materials before being able to resolve the ticket. Essentially, it’s just an added step to ensure that proper review and archival procedures are being followed across the board.
Defending Against Client Complaints
Similarly, maintaining copies of all disclosure documents and amendments is essential to comply with regulatory requirements. According to SEC Rule 204-2(a)(14), RIAs are required to maintain a copy of each disclosure document and each amendment or revision to it that was given or sent to clients or prospective clients, along with a record reflecting the dates which each disclosure was given (or offered to be given) to any client or prospective client who subsequently became a client.
Strict compliance with this rule means you will have documentation to fall back on if a client ever makes a claim against you. But how can you mitigate human error to ensure your RIA remains compliant? Once again, compliance makes the rules and operations provides the structure for achieving them. Some steps your operations team can take include:
- Creating a retention schedule. This will require a multi-faceted approach. When creating a retention schedule, you must:
- Conduct an inventory of all physical and digital records.
- Develop a standardized system for record classification.
- Research all federal, state, and local requirements. This should also involve continued education to ensure that you’re keeping up to date as regulations change.
- Developing a system of written policies and procedures to achieve compliance. Uniformity and consistency are vital components of thriving records-management practices.
- Implementing standardized indexing parameters such as firm-wide file-naming conventions.
- Developing a system to securely dispose of obsolete records.
- Conducting regular internal compliance audits. This can help mitigate compliance risk by ensuring records are properly protected and preserved. However, it also helps you to monitor that inactive files are destroyed in a timely and consistent manner.
Wrapping Up…
Friends, if you want to mitigate compliance risk in your RIA, you have to get your operations team involved. Managing compliance risk is a continuous process that requires collaboration between your compliance and operations departments. I’ve said it a couple of times already… Compliance sets the rules and operations provides the structure to follow them. By mitigating compliance risk, you can grow the value of your firm, paving the way for the eight-figure exit you’ve been dreaming of.
Look, I know life is hard and compliance can be frustrating. But life is good and remaining compliant in your RIA doesn’t have to be difficult. By implementing operational strategies that drive compliant practices, you can make mitigating compliance risk at least, financially simple. Hey, let’s go out and make it a great day!
Developing the systems and processes to eliminate compliance risk can be a lengthy and complicated process. That’s time you could be spending with clients or growing your RIA. Reach out to our team to learn more about how we could help you develop systems and processes that enable you to grow the intrinsic value of your firm.