What's Wrong with Compliance Programs?
Too often investment advisers have compliance programs that are narrowly focused on requirements triggered by registration, whether at the SEC or CFTC, and are reactive not proactive.
The purpose of the compliance program is to keep you out of trouble. To achieve that end, it needs to look ahead to the problems that might occur not just those that have occurred in the past. It also needs to be comprehensive with respect to what these problems might be.
The SEC and FINRA, among other regulators, are pushing the industry in this direction. They are looking for risk ranked programs; they are looking for a new activity process. In a recent speech, Carlo di Florio, FINRA’s Chief Risk Officer and Head of Strategy (and formerly the director of the SEC’s Office of Compliance Inspections and Examinations) encouraged firms to establish “new product review processes that include perspectives independent from the business proposing products.”
There's nothing surprising in these requirements. They are basically applying the standards that have long been in place for all corporate compliance programs and which are designed to protect the firm and its staff from enforcement proceedings.
At a time when enforcement proceedings are increasingly likely, it is imperative that advisers bring their programs up to the next stage of maturity.
This means a thoughtful, proactive look at all laws that apply to the organization and a considered review of conflicts and changes in the environment. The point here is to stay clear of a problem area. It is better to prepare to avoid an enforcement proceeding then to prepare to defend one.