Nevermind Zombies and Ghouls; SEC Audits are a Real Nightmare for RIAs

I think all can agree that audits are no fun. Whether on an individual or corporate level, audits can be time consuming, costly, and, overall, a pain. However, audits are in place in order to deter one from even considering any financial funny business. Because, especially these days, a person’s or company's financial indiscretions can be uncovered. Speaking of companies and organizations, audits are also in place to protect clients and consumers. However, for years, according to Wealth Management, consumer advocates have repeatedly called out the Security and Exchange Commission for its infrequent review and monitoring of registered investment advisors (RIAs). Well, in recent years, the SEC has heard the advocates pleas; and, in a real horror movie like twist, have begun to crack down on RIA’s.

Announced earlier this month, the SEC enforcement results revealed the following staggering facts:

• 868 enforcement actions were filed exposing financial reporting-related misconduct by companies and their executives and misconduct by registrants and gatekeepers.
• Among the actions, Aequitas Capital Management, was charged for concealing its diminishing financial state while continuing to raise more than $350 million from 1,500 investors.
• Among the actions, failing to disclose conflicts of interest to clients landed J.P. Morgan wealth management subsidiaries in hot water; hot water being the filing of a $267 million enforcement action. 

“By every measure the enforcement program continues to be a resounding success holding executives, companies and market participants accountable for their illegal actions,” said SEC Chair Mary Jo White. “Over the last three years, we have changed the way we do business on the enforcement front by using new data analytics to uncover fraud, enhancing our ability to litigate tough cases, and expanding the playbook bringing novel and significant actions to better protect investors and our markets.”

For businesses, particularly those operating in the financial sector, implementing effective cybersecurity measures can mean the difference between conducting business as usual or, potentially, losing everything not only for the organization; but, their clients as well. So, what the lesson here for RIA’s in regards to the SEC and the CFPB? RIA’s, now having real examples of what happens when one is not compliant both financially and regarding cybersecurity, may find it not only beneficial, but absolutely necessary to seek out experts within the sector in order to meet and exceed regulations and standards. According to ThinkAdvisor, some actions that can be taken include:

• Reach out to IT staff or vendors and find services that aim to secure and protect the company network and client information. 
• Consider purchasing insurance that covers damages as a result of a hacking or data breach. 
• Adopt a written cybersecurity policy tailored specifically to one’s business practices and information technology framework.  MORE