Touch Points from the SEC’s 2021 Examination Priorities

The Securities and Exchange Commission (SEC) recently unveiled its much-anticipated examination priorities for 2021.

While many focus areas remain unchanged from prior years, the SEC identifies several new ”foci”, including climate-related risk and environmental, social, and corporate governance (ESG) issues.

“This year, the Division is enhancing its focus on climate and ESG-related risks by examining proxy voting policies and practices to ensure voting aligns with investors’ best interests and expectations, as well as firms’ business continuity plans in light of intensifying physical risks associated with climate change,” Acting Chair Allison Herren Lee said in a press statement. “Through these and other efforts, we are integrating climate and ESG considerations into the agency’s broader regulatory framework.”

The SEC’s Division of Examinations (formerly the Office of Compliance Inspections and Examinations (“OCIE”)) publishes its annual priorities each year. The SEC’s examination process and analysis are grounded in four main pillars: promoting compliance; preventing fraud; identifying and monitoring risk; and informing SEC policy.

Below are key takeaways from the 2021 Examination Priorities:

• Cybersecurity: The SEC remains concerned about the uptick in cyberattacks during the COVID-19 pandemic. The report specifically notes that the increase in remote operations during the pandemic has increased concerns about, endpoint security, data loss, remote access, use of third-party communication systems, and vendor management. Accordingly, the Division of Examinations will review whether firms have taken appropriate measures to: (1) safeguard customer accounts and prevent account intrusions, by verifying an investor’s identity to prevent unauthorized account access; (2) oversee vendors and service providers; (3) address malicious email activities, such as phishing or account intrusions; (4) respond to incidents, including those related to ransomware attacks; and (5) manage operational risks as a result of dispersed employees in a work-from-home environment. Focus will also relate to controls surrounding (i) online and mobile application access to investor account information, and (ii) electronic storage of books and records and personally identifiable information maintained with third-party cloud service providers, and adequacy of firms’ policies and procedures to protect investor records and information
• Climate-Change: Citing the substantial disruptions to normal business operations in the past year, the Division of Examinations will continue its review of registrants’ business continuity and disaster recovery plans (“BCP”). Citing growing climate-change risks, examiners will evaluate whether such plans, particularly those of “systemically important registrants”, account for the growing physical and other relevant risks associated with climate change. According to the report, the scope of these examinations will be similar to the post-Hurricane Sandy work of the Division and other regulators, with a heightened focus on the maturation and improvements to these plans over the intervening years.[1]
• FinTech: Examinations in this area will focus on evaluating whether registrants operate consistently with their representations, are handling customer orders in accordance with their instructions, and review compliance with trade recommendations made in mobile applications.  Examinations of market participants engaged with digital assets will continue to assess the following: whether investments are in the best interests of investors; portfolio management and trading practices; safety of client funds and assets; pricing and valuation; effectiveness of compliance programs and controls; and supervision of representatives’ outside business activities.  
• Regulation BI: The Division of Examinations will prioritize examinations to assess compliance with Regulation Best Interest (“Reg BI”), which established a new standard of conduct for broker-dealers that became effective in 2019.  Examinations previously undertaken focused on the processes broker-dealers relied on to implement Reg BI. In 2021, the Division will expand the scope of examinations to focus on assessing whether broker-dealers are making recommendations that they have a reasonable basis to believe are in customers’ best interests and evaluating each firm’s processes for compliance and whether alterations were made to product offerings. Enhanced transaction testing will be conducted, and will evaluate firm policies and procedures designed to meet additional elements of Reg BI such as:  recommendation of rollovers and alternatives considered, complex product recommendations, assessment of costs and reasonably available alternatives, how sales-based fees paid to broker-dealers and representatives impact recommendations, and how broker-dealers identify and address conflicts of interest.
• Customer Protection Rule:  Examinations will continue to focus on compliance with the Customer Protection Rule and the Net Capital Rule, including the adequacy of internal processes, procedures, controls, and compliance with requirements for borrowing securities from customers. Broker-dealer examinations will also focus on compliance with best execution in a zero commission environment, recently amended Rule 606 order routing disclosure rules, and market-maker compliance with Reg SHO.  

The Division of Examinations also flagged areas of concern unique to registered investment advisers (RIAs) and investment companies. Citing that RIAs are increasingly offering investment strategies that focus on ESG factors, the Division of Examinations plans to focus on products in these areas that are widely available to investors including open-end funds and ETFs, as well as those offered to accredited investors such as qualified opportunity funds. According to the Division, it will “review the consistency and adequacy of the disclosures RIAs and fund complexes provide to clients regarding these strategies, determine whether the firms’ processes and practices match their disclosures, review fund advertising for false or misleading statements, and review proxy voting policies and procedures and votes to assess whether they align with the strategies.” Additionally, the SEC will prioritize examinations of mutual funds or ETFs that have not previously been examined or have not been examined recently and will focus on fund compliance programs and financial condition, particularly where funds have instituted advisory fee waivers. 

Required “Readiness Steps” for Regulated Firms

The SEC report should be considered a “must-read” for compliance, technology and operational professionals at investment advisers, investment companies, broker-dealers, transfer agents, and clearing agencies. After reviewing the examination priorities for the coming year, it is essential that firms perform an in-depth self-evaluation to determine whether changes to the firms’ policies, procedures and business activities are necessary to address any potential compliance deficiencies, followed by planning and implementation of required changes. 

If you have questions, please contact us

If you have any questions or if you would like to discuss these issues further,
please contact Paul A. Lieberman or the Scarinci Hollenbeck attorney with whom you work, at (201) 896-4100.

---

[1] “As climate-related events become more frequent and more intense, we will review whether systemically important registrants are considering effective practices to help improve responses to large-scale events,” the Division of Examinations’ report states.