Managing your RIA compliance program can be a full-time job. Whether you have a chief compliance officer (CCO) on staff or are working with an RIA compliance consultant, it’s important to make sure your firm’s ducks are in a row. Here are four compliance points for newly registered RIA firms to consider.
Create a policies and procedures manual for RIA compliance
Having a solid, policies and procedures manual—and a plan to implement it—protects your newly registered RIA firm when state or federal regulators come knocking on your door. This manual should be specific to your firm; do not use a boilerplate version. Make sure your owners and managers review and understand your firm’s policies and procedures manual, and that your CCO or RIA compliance consultant updates it annually. No one wants to find out their firm’s manual isn’t being followed when regulators come in and ask for it.
Properly maintain and update Form ADV
Form ADV is used to register your RIA firm with both the SEC and state securities authorities. The roughly 20-page, two-part form contains information about your firm and its business operations, as well as to disclosures about disciplinary events involving key personnel and conflicts of interest. It’s a public form, meaning anyone can access it. Your Form ADV must kept up to date to reflect any changes within your firm—you can guarantee regulators will look at it.
Conduct an annual compliance review
Your annual compliance review is the cornerstone of your compliance program. This is where having a compliance consultant can be especially beneficial. Whereas your CCO will complete the review as a staff member, your RIA compliance consultant will approach it as an outside reviewer. Many consultants will come in and conduct a mock audit, so you’re ready when it really happens.
Per the Safeguards Rule of Regulation S-P, your RIA firm’s privacy policies and procedures should include administrative, operational, and physical safeguards for the protection of client records and data. These should establish a standard setting for security controls and configurations for network storage. Additionally, your firm should set sufficient supervisory processes in place to ensure compliance with the Safeguards Rule.
Make compliance a non-issue for your RIA firm.
Registered investment adviser compliance issues can be complicated to manage, especially for new registered RIA firms. If you’re struggling to keep up with this area of your business, Elevate can help. We maintain a robust network of RIA compliance consultants and can connect you with the right one for your RIA firm. Contact us today.