Is your firm Audit-Ready? Is it prepared for the incredibly involved process of performing its annual review? The demands of a CCO and compliance staff are significant, complex … and fraught with the potential for missteps for the SEC to spot during its next regulatory exam.
A recent Risk Management Update from a consulting partner, Core Compliance, outlines the detailed process required to design and implement a sound compliance program and the benefits of leveraging technology to do so.
From automating the firm’s compliance calendar, testing and risk management activities to employee training and personal trading compliance, leveraging compliance technology not only supports better books and records, but can also help firms in their efforts to overcome some of the industry’s most common examination deficiencies.
First, firms must understand and evaluate their processes surrounding the risk areas and, with the support of partners like BasisCode, take steps to strengthen their controls.
Deficiencies & Weaknesses of Compliance Programs
Through its Risk Alerts, the SEC actively communicates exam observations. In working directly with firms, BasisCode assists organizations of all sizes with overcoming these common program deficiencies and weaknesses:
- Inadequate Compliance Resources
- Failure to Tailor and Implement Procedures
- Failure to Conduct and Adequately Document Annual Review
- Failure to Supervise Adequately
- Conflicts Resulting from Wearing Multiple Hats
The Commission has been vocal in its stance on the role compliance plays within an organization, and the impact of a firm’s first impression during a regulatory inquiry.
When Chief Compliance Officers Are Not Empowered
(Paraphased from a November 2020 speech delivered by SEC Commissioner Peter Driscoll)
When CCOs are expected to create policies and procedures, but are not given the resources to hire personnel or engage vendors to provide systems to implement those policies and procedures.
When a CCO is not integrated early enough in the firm’s business processes (ie: product development strategies) there’s an inability to affect change or identify preventable issues.
When a firm puts responsibility on the CCO for a failure of an employee or an officer to follow a firm policy or procedure.
Why First Impressions are Poor, Recordkeeping Incomplete
(Paraphrased from an October 2018 speech delivered by SEC Commissioner Hester Peirce)
When a firm needs to cobble the records together after the fact to satisfy our requests, the firm is likely not holding up its end of the compliance bargain.
How can you prepare an exception report if you do not know what is exceptional? You need to know what normal looks like so that you can spot something that is not normal.
When a firm is out of compliance with the SEC’s recordkeeping rules, it creates potentially substantive problems for the firm and its clients.
Solutions to Overcome These Challenges
Download the BasisCode ebook “A Guide to Audit Readiness” to learn about the key solutions and processes to help firms overcome compliance program deficiencies and weaknesses.
Contained within the ebook, readers will understand the leadership and integrity pillars of an Audit-ready compliance program, and get our 4-Phase Audit-Ready Checklist.