Note: This is a guest post by Cindy Cook DeRuyter who spent more than 19 years in financial compliance and operations roles for firms including RSM Wealth Management, Nuveen Investments and US Bancorp Asset Management
For compliance officers of broker-dealers and investment advisers, the threat of “failure to supervise” charges from regulators is very real. When a supervisor or compliance officer is accused of not meeting their supervisory responsibilities, the consequences can include fines and sanctions against the supervisor or compliance officer individually, in addition to potential fines and sanctions for their firm.
While these types of charges sometimes seem appropriate and may make sense for front-line supervisors who should have been in a position to oversee activities and prevent rule violations by employees, the danger for compliance officers is that they could be held liable for something over which they had no, or very little, direct control.
In a June 2015 public statement, SEC Commissioner Luis Aguilar addressed these concerns, and sought to reassure compliance officers of investment advisory firms that the fear of fines or sanctions for failure to supervise representatives was unwarranted.
In that statement, Aguilar reported that out of 130 enforcement cases brought by the SEC in 2014, only eight of them (6%) targeted compliance officers. Stating that the commission and staff of the SEC recognize that CCOs are responsible for many areas of risk that are continuing to grow in number and scope, Aguilar reiterated other regulatory communications stating that compliance officers need to be supported from the highest levels of their firms:
CCOs, of course, should not be expected to do it alone. To state the obvious, an effective compliance program must necessarily start at the top. A company’s senior leadership should be strong advocates for a robust and enduring culture of compliance; such a culture fosters an environment where everyone understands the firm’s core values of honesty and integrity. CCOs are an essential and integral part of this process—but they cannot be expected to do it alone and need to be supported.
Needing such support, but with limited resources, one of the best tools compliance officers can implement is automated compliance workflows. While implementing workflows alone will not mean a compliance officer is immune to “failure to supervise” allegations, workflows can formalize processes and provide needed documentation that can help compliance officers demonstrate their commitment to compliance. Workflows can also free up valuable resources, resources that can be directed to providing additional or deeper oversight of other activities.
The SEC’s analysis of its own enforcement data from 2009 – 2014, as provided in the 2015 public statement referenced above, showed that enforcement actions for failure to supervise and violating the SEC’s “compliance rule” included several types of egregious misconduct. Here are three of those areas, along with some commentary on how implementing automated workflows can be beneficial for compliance officers:
Failure to design and implement policies and procedures
Automated workflows won’t help you with the “design” piece; your policies and procedures need to be tailored to fit your business. However, once you have designed the procedures you expect your employees to follow, workflows can:
- Act as both a central repository for the most up-to-date version of policies and procedures, so employees aren’t relying on an outdated paper manual; and
- Allow you to track employee acknowledgements, so you have documentation from personnel stating they have received, read and understand various policies and procedures. This documentation, when provided to regulators as part of an audit or enforcement investigation, can serve as valuable armor for compliance officers.
Failure to conduct annual reviews
Broker-dealers are required to conduct and memorialize annual reviews, and investment advisers are also required to conduct annual policy and procedure reviews.
As any compliance officer could likely attest, this can be an onerous and overwhelming process, especially if inquiries and requests are sent and tracked manually through multiple email messages and spreadsheets.
Automated workflows can help compliance officers conduct reviews by routing and re-routing document requests and approvals, and keeping a permanent record of review activities conducted.
With today’s workflow tools offering easily customizable forms, workflow rules and real-time reporting capabilities, compliance personnel can breathe a little bit easier knowing they can produce documentation of their reviews upon request.
Conflict of interest issues
Conflicts of interest need to be taken seriously in financial services, and rightfully so. After all, if a firm or employee has a personal interest in the outcome of any specific relationship or activity, clients could be impacted.
Not all conflicts are prohibited; some potential conflicts may be perfectly acceptable as long as they are disclosed appropriately. However, firms can get into hot water by failing to report, monitor or disclose conflicts. Compliance officers, then, run the risk of being charged with failure to supervise if their firms lacked adequate methods for reporting, review and disclosure of potential conflicts.
Without a system to handle, report, approve and document conflict review and approval, firms and their compliance officers run the risk of regulatory scrutiny and possible claims of supervisory failures.
That’s where automated workflows can come in. By using custom-designed forms, workflows and approval processes, compliance officers will have a better handle on areas of potential conflict and will be able to better design supervisory policies and procedures to address or mitigate those risks.
Compliance officers are busy, and often wear multiple hats within their organizations. While automated compliance workflow implementation alone will not provide immunity against “failure to supervise” charges for compliance officers, they can provide invaluable support by formalizing processes, maintaining appropriate documentation for regulators, and streamlining various submission and approval tasks. The resources freed up by moving to automated workflows can then be better put to use monitoring sales and marketing activities.
While there is no guaranteed protection from enforcement actions, compliance officers who are genuinely trying to do the right thing owe it to their firms, and to themselves, to explore how automated workflows can be a powerful component of the compliance toolbox.