Frequently Asked Questions
RIA Compliance Manual

On February 5, 2004, the United States Securities and Exchange Commission adopted SEC Rule 206(4)-7 of the Investment Advisers Act of 1940 requiring SEC registered investment adviser firms to adopt and implement a RIA compliance manual which outlines the investment adviser’s compliance policies and procedures and to designate a chief compliance officer to administer its compliance policies and procedures.

The requirement of whether a state registered investment adviser must maintain a RIA compliance manual varies from state to state. All investment advisors, without regard to SEC or state registration, are required to establish, maintain and enforce written policies and procedures that are reasonably designed to prevent the misuse of material non-public (“insider”) information. Many states have requirements for state registered investment advisers similar to the SEC’s requirements for federally registered investment advisers regarding a RIA compliance manual. A state registered investment adviser will need to review its state’s investment advisor rules and regulations to make this determination. However, regardless of your investment adviser’s state requirements, the maintenance of a RIA compliance manual is a good business practice. It helps to create a strong culture of compliance within your firm, which is something the regulators will analyze when conducting a regulatory examination of your investment adviser.

If your investment adviser is registered with the SEC or with a state securities regulator that requires written supervisory and compliance policies and procedures, your investment adviser is required to maintain such policies and procedures regardless of the number of employees or investment adviser representatives, if any, affiliated with the investment adviser. However, securities regulators have stated that these policies and procedures need to be written to cover the compliance considerations relevant to the operations of each particular registered investment adviser. It is expected that most smaller-sized registered investment advisers without conflicting business interests could utilize much simpler supervisory and compliance policies and procedures than larger-sized registered investment advisers that may have multiple conflicts of interest.

SEC Rule 206(4)-7 states that an SEC registered investment adviser’s chief compliance officer (“CCO”) should be competent and knowledgeable regarding the Investment Advisers Act of 1940 and should be empowered with full responsibility and authority to develop and enforce appropriate policies and procedures for the investment adviser. A registered investment adviser’s chief compliance officer should have a position of sufficient seniority and authority within an investment adviser’s organization to compel others to adhere to the supervisory and compliance policies and procedures. For SEC registered investment advisers, the designated chief compliance officer should be disclosed on the investment adviser’s Form ADV, Schedule A.

With respect to a state registered investment adviser, the individual designated as primarily responsible for compliance should be disclosed on Form ADV Part 1B. Similar to the SEC’s requirements of a chief compliance officer, an individual holding such a position with a state registered investment adviser should have sufficient experience, knowledge and authority to hold such a role.

SEC Rule 206(4)-7 indicates that a registered investment adviser’s compliance policies and procedures must be reasonably designed to prevent violation of the Investment Advisers Act of 1940 by the investment adviser or any of its supervised persons. A registered investment adviser must consider and incorporate its fiduciary and regulatory obligations. Each investment adviser must adopt policies and procedures that take into consideration the nature of the investment adviser’s operations. The compliance policies and procedures should be designed to prevent violation of the Investment Advisers Act of 1940 from occurring, detect violations that have occurred, and correct promptly any violations that have occurred.

A SEC registered investment adviser must identify conflicts and other compliance factors creating risk exposure for the investment adviser and its clients in light of the firm’s particular operations. An investment adviser must then design policies and procedures that address those risks. Although SEC Rule 206(4)-7 does not define everything that must be covered in a RIA compliance manual, SEC Rule 206(4)-7 states that an investment adviser’s compliance policies and procedures, at a minimum, should address all of the following issues to the extent that they are relevant to the investment adviser:

• Portfolio management processes, including allocation of investment opportunities among investment advisory clients and consistency of portfolios with clients’ investment objectives, disclosures by the adviser, and applicable regulatory restrictions;
• Trading practices, including procedures by which the investment adviser satisfies its best execution obligation, use of client brokerage to obtain research and other services (“soft dollar arrangements”), and allocates aggregated trades among investment advisory clients;
  Proprietary trading of the investment adviser and personal securities trading (“PST”) activities of supervised persons;
• The accuracy of disclosures made to investors, clients, and securities regulators, including account statements and advertisements;
• Safeguarding of investment advisory clients’ assets from conversion or inappropriate use by advisory personnel;
• The accurate creation of required records and their maintenance in a manner that secures them from unauthorized alteration or use and protects them from untimely destruction;
  Marketing investment advisory services including the use of solicitors;
  Processes to value investment advisory client holdings and assess investment adviser fees based on those valuations;
• Safeguards for the privacy protection of investment advisory client records and information; and
  Business continuity plans.

The first step to determine what areas should be covered in an investment adviser’s RIA compliance manual is to perform a risk analysis of the investment adviser. This means that the registered investment adviser should identify conflicts of interest, business practices, arrangements, and other compliance factors creating risk exposure for the investment adviser and its clients in relation to its operations. Once this has been done, the investment adviser should begin developing RIA compliance manual that specifically address those risks and conflicts of interests and the controls that the investment adviser will put in place to supervise and mitigate those areas of concern. In many regulatory audits of registered investment advisers, one of the first items that the securities regulator will ask for is the investment adviser’s risk analysis.

Off-the-shelf RIA compliance manuals are an excellent starting point for a registered investment adviser. However, a registered investment adviser cannot expect to just purchase an off-the-shelf compliance manual and assume that the investment adviser now has sufficient written compliance policies and procedures for the investment adviser. These documents are typically written at a very high level to cover many areas that the typical or average investment adviser must consider when developing its own manual customized to its unique business model and circumstances. For a registered investment adviser that is utilizing an off-the-shelf compliance manual, it is imperative that the investment adviser thoroughly review all of the content of the off-the-shelf version of the compliance manual and then revise the compliance manual so that it reflects the actual operation of the investment adviser and meets any unique rules or regulations of the applicable securities regulator(s).

The first step that should be taken after developing a RIA compliance manual is to provide all employees of the investment adviser with a copy or access to a copy. The investment adviser should require all investment adviser representatives (“IAR”) and employees to review the supervisory and compliance policies and procedures and have each investment adviser representative and employee sign an acknowledgement indicating that he or she has read this compliance manual, understands it and agrees to abide by the investment adviser’s written supervisory and compliance policies and procedures. (Although a signed acknowledgement is not a requirement, it is a good business practice.) A registered investment adviser should provide its investment adviser representatives and employees with on-going training of its supervisory and compliance policies and procedures. An investment adviser must also notify investment adviser representatives and employees when revisions are made to their policies and procedures and should require an acknowledgement on an annual basis.

An investment adviser and its supervised persons need to be aware that the compliance manual is a living document, and the compliance manual should not be treated as something that the investment adviser can assume is done and forget about by putting it in a drawer or on a shelf. At a minimum, an SEC registered investment adviser must conduct an annual assessment of its supervisory and compliance policies and procedures. This annual assessment must review the adequacy of the supervisory and compliance policies and procedures and the effectiveness of their implementation within the investment adviser. When conducting an assessment, an investment adviser should consider any violations, any regulatory deficiencies and any changes in the investment adviser’s business structures or manner in which business is conducted. An investment adviser must then review its supervisory and compliance policies and procedures to make any revisions to address these changes or areas of concern in order to prevent any future problems. Although SEC Rule 206(4)-7 only requires an annual assessment, a SEC registered investment adviser should consider reviewing its compliance policies and procedures and making revisions or developing new supervisory and compliance policies and procedures any time a violation, deficiency or change occurs rather than waiting to do so annually.

A SEC registered investment adviser is required to maintain those records documenting its annual assessment of its supervisory and compliance policies and procedures. Additionally, an SEC registered investment adviser must maintain current copies of its supervisory and compliance policies and procedures as well as any revised supervisory and compliance policies and procedures during the past 5 years.

Yes, RIA Compliance Consultants has an online software tool, RIA Express – Compliance Manual Drafter, which allows an investment adviser firm to self-customize a Code of Ethics and Compliance Manual.  For additional details, please visit our RIA Compliance Manual Drafting Services webpage and RIA Express webpage.