Posts in

Compliance Insights

Compliance 101 for Banks
Dec 2, 2020

The purpose of compliance in banking is to detect and prevent any abnormality, criminality, and noncompliance in the bank’s functioning. Banks must operate with integrity and follow regulations, internal policies, and applicable laws.


Every bank should have a compliance division. The division will make sure that the bank cooperates with all the laws and helps in upholding the reputation of the bank. The division should begiven the duty to oversee the bank’s actions, recognize and examine the areas of risk, evaluate the bank’s plans and strategies' suitability, and provide the remedy to risks.

The compliance functions should ensure that the bank’s transactions are transparent and in conformance with the policies. They should have checks in place to prevent any non-compliant acts, especially legal issues, and identify compliance risks and ways to mitigate them.

Banking Laws and Regulations

The United States has a dual banking structure. Dual banking structure means that the United States banks can be regulated by one of the 50 states or by the federal government. Every bank must have a federal manager. The United States has a complex administrative system that has several federal administrative offices.

Here are two bank administrative offices:

The Board of Governors of the Federal Reserve System: This is the main banking structure of the United States and manages the U.S. pecuniary plan.


The Federal Deposit Insurance Corporation: This is the main administrator for those state-chartered banks who are not apart of the Federal Reserve System.


Here are some of the banking acts that were passed to manage regulatory aspects:

VComply Editorial Team
Read More
What Do the New Advertising Regulations Mean for RIAs?
Dec 2, 2020

If the recent proposal for amending the RIA advertising rules becomes a reality, RIAs (Registered Investment Advisers) can start using testimonials and third-party ratings in their advertisements very soon! Just like how lawyers woo their prospects using their clients' stories of million-dollar settlements in their favor, investment advisers can soon advertise testimonials of how their clients have benefitted through their services.

What are the significant changes on the horizon?

Let's look at the background of the rule and the reforms proposed by the Securities and Exchange Commission.


The advertising rule was first adopted in 1961, and it has mostly been the same since then. The rule prohibits investment advisers from using testimonials or third-party endorsements. The rule also prohibits references to specific recommendations that the investment adviser has made in the past.

The SEC has recognized that technology advancements have changed how consumers interact with investment advisers and evaluate the financial products. Today's customers rely on information and reviews on the internet before buying any products. After analyzing the market changes, the SEC has proposed reforms and adopted a principle-based approach instead of prohibiting testimonials completely. In November 2019, the Securities Exchange Commission formally released a proposal for replacing it sage-old advertising rules.

The New Proposal  

In the new proposal, the SEC has suggested broadening the definition advertisement as "any communication" disseminated by or on behalf of investment advisers to obtain or retain clients. However, the definition does not include 1) live oral communication that is not broadcast, 2) responses to some unsolicited request for specific information 3) advertisements or sales literature about mutual funds covered by other SEC rules. 4) information to be contained in statutory or regulatory notice or filing.

The proposed rule would permit testimonials, endorsements, and third-party ratings subject to some restrictions and conditions in reverse from the current rule's restriction on testimonials in advertisements.

The restrictions include:

  • Advertisements should not contain untrue statements.
  • Advertisements should not contain unsubstantiated claims.
  • Advertisements should not give rise to materially untrue implications.
  • Any implication of the benefits of the advertisement's services should be accompanied by discussions on associated risks and limitations.
  • References to past investment picks and or investment performances should be portrayed "fair" and "balanced" in advertisements.
  • Advertisements should not be materially misleading.

Regarding the advertisements showing retail and non-retail persons, SEC has distinguished between "retail" and "non-retail persons", and advertisements for "retail persons" will be subject to heightened requirements.

The new rule proposal was subject to the 60 days "comment" process where the public could register their comments about the proposed amendments. The public comment period ended on 03 January 2020; SEC is reviewing the comments. It is expected that SEC will announce the updated versions of the rule sometime before this year's end.

Closing Note

The proposed reforms are beneficial to investment advisers and customers alike. Using testimonials in advertisements can help future clients understand what type of clients the investment advisers have worked with and their experiences. The business becomes competitive, and both individual advisers and firms can leverage these reforms and advertise for growing their business. They might have to incur some additional costs and, chances are there that this can turn out to be more beneficial for big investment adviser firms.

Another perspective on there form is that the principle-based approach to advertising rule makes it open to more than one interpretation. If the rules are too broad, then the same standards may not be followed by all. The proposal's wordings and statements' ambiguity make it difficult for compliance officers and lawyers to make clear decisions and advise companies on any legal impact. And they hope that when rules become a reality, SEC comes up with more precise standards, definitions, and descriptions.

While the new rule might help clients pick up an investment adviser from a google search review result, it might create a new burden for compliance officers as they might need to review each advertisement for its due diligence. For more information on SEC's recent proposed changes, read the complete proposal here.

VComply is an intuitive and intelligent platform that empowers businesses to monitor and manage their compliance and risk initiatives. The team at VComply is dedicated to empowering customers to create and manage powerful, risk, compliance, and governance programs. Contact us to learn more about how VComply can help you meet your compliance and governance goals.

VComply Editorial Team
Read More
An Introduction to Compliance for Registered Investment Advisors (RIAs)
Oct 7, 2020

What is RIA Compliance 

As financial planners and money managers for wealthy individuals and corporations, registered investment advisors or RIAs are required to comply with a set of rules and regulations laid down by the Securities and Exchange Commission (SEC). 

First, some basic housekeeping: Advisers handling small-scale accounts must register with the state securities authorities, while those who handle more than $100 million worth of assets must register with the Securities and Exchange Commission (SEC).

According to the Investment Advisers Act of 1940, the Registered Investment Advisers (RIAs) have to set up plans and strategies that will comply with the rules established by the Securities and Exchange Commission (SEC). Note the Investment Advisers Act has been modified twice, once in 1996, and later in 2010. As per the new amendments, only advisers with at least $100 million under management must register with the SEC. Essentially, abiding by the rules and regulations put forth by the SEC is known as RIA compliance.

RIA Compliance has many different aspects such as the Investment Advisers Act, the Securities and Exchange Commission (SEC) Examination Priorities, Form ADV, Compliance Officers (CCOs), Funds & Assets, and Code of Ethics. The Advisers Act exists along with the SEC’s rules to prevent any breach of the law. The SEC’s rules are constantly changing in order to be up-to-date with evolving technology. 

RIA compliance can present a few challenges to investment firms such as valuation, cybersecurity and theft, custody of assets, and foreign tax compliance which we’ll review in depth in this article. 

Before we move on to discuss RIA compliance in detail, we’d also like to shine a light on the basic differences between RIAs and broker dealers. It's common for professionals to confuse the two. However, they vary not just in their scope of work, but also in the laws they must follow and the way they earn a living. 

Difference between RIAs and Broker Dealers

A broker dealer helps in carrying out investing deals. Think advisors that tell you which shares to buy and which ones to sell. Broker dealers collect a small percent of the transaction as commission. Unlike RIAs, they are not bound by fiduciary rules. What does this mean? They generally focus on the deals that are most beneficial to them, as opposed to those which are best for the client

Registered brokers work for full-service broker dealers, where they have to follow a set of guidelines when it comes to recommending stocks, suggesting investments, and carrying out their business.  

On the other hand, independent broker dealers have more legroom when it comes to suggesting investments. For instance, they can also advise clients to invest in hedge funds, IPOs, and nonqualified plans. 


Here are some differences between broker dealers and RIAs: 

  • Compensation: Broker dealers charge commission based on each product they suggest and sell, while RIAs charge fees for advice or a percentage of assets under management. 
  • Standards: Broker dealers provide advice according to the suitability standard which means that they provide advice which is suitable for the customer’s personal needs, but not necessarily the best for them. 

On the contrary, RIA’s provide advice according to the fiduciary standard which means that they provide advice which is best for the customers needs. The fiduciary standard is stricter than the suitability standard.


The Different Aspects of RIA Compliance

RIA compliance has a lot of different aspects such as:

  • Investment Advisers Act: This is a U.S. Government law that shapes, explains, and conveys the duties of a Registered Investment Advisor. The Securities and Exchange Commission is given the authority by the Advisers Act to observe advisers, ease resource development, and maintain just, organized and structured markets. The Advisers Act defines precisely what counts as an investment advice and who needs to enroll with the SEC before providing that advice.
  • SEC Examination Priorities: Annually, a list of specific policies, goods or services, that are of high risk to the investors or the market, is issued by the SEC’s Office of Compliance Inspections and Examinations (OCIE). This list is an attempt to prepare the public and encourage transparency. SEC examiners look at this list while preparing the examinations of RIA’s. The advisers can also refer to this list while preparing for the examination.
  • Form ADV: This is a quintessential document for a Registered Investment Advisor. It is an annual form that must be filled out for the company to stay compliant. Form ADV has two parts. The first part requires details about a company, assets under management, and so on. The SEC uses these details to evaluate and impose rules. The second part is a brochure that can be distributed to clients and prospective customers. It is required that a firm discloses all it's activities in this form, in plain English simple English, a narrative format, and disclose their obligations as a fiduciary. 
  • Chief Compliance Officer (CCO): The SEC needs every company to appoint a CCO to look after RIA compliance plans and strategies. Many owners take up the role of a CCO in order to save costs in the short run. However, this can be detrimental in the long run. Savvy companies know must hire a CCO in order to let the owner concentrate on the profit-making activities. The CCO helps the company to keep up a tradition of compliance and ensures all duties, documentation, and procedures are duly fulfilled.

RIA Compliance: Things to Keep in Mind 

Here are some of the common challenges that registered investment advisors can face with compliance:

  • Time and cost intensive: Without support from a professional, RIAs can be at a loss when it comes to managing compliance. The rules of the SEC can be complex and wide-ranging, taking up several hours a week for RIAs to simply keep up with developments. Compliance administration can also lead to heavy expenditure for RIAs. Those who do not spend resources on compliance run the risk of getting under the scrutiny of the SEC. 

A better and faster way for RIAs to manage their compliance is using an automated system such as VComply, that helps them receive alerts, automate their calendar, and assign responsibilities. 

  • Cybersecurity - ID theft is a major concern for advisors. If a customer’s private details or assets are stolen, it can land an RIA firm in deep trouble. In recent years, various cybersecurity specialists have confirmed that the protective barriers used by the advisory companies are fragile and can be hacked by a group of hacking specialists.

In order to safeguard their organization from cybersecurity thefts, advisors must run their cybersecurity measures through framewowkrs such as CIS, PCI, NIST, and SOC 2, to deteremine if their security measures are appropriate. 

  • Custody of assets - Advisors require more than just cybersecurity to safeguard their customer’s details and assets. They also have to safeguard other customer assets such as security documents, money, cheques, and account files. To prevent physical assets from being stolen, advisors must implement better procedures and also educate customers on keeping their assets safe. 

  • Marketing - Owing to investment scandals and scams, new rules are constantly being introduced to avoid firms from promoting dubious schemes. RIAs must keep a constant tab on changing regulations around marketing. For example, mortgage providing advisors need to follow the advertising rules in the Truth-In-Lending Act. Advisors who advertise other goods and services must be sure that they are adding necessary disclaimers and their advertisements are truthful.


Compliance for RIAs is not straightforward, and with ever changing regulations, CCOs are forced to balance budgets as well as ensure compliance. As the organization grows larger, it becomes even more cumbersome to track and map regulations. 

The best option for RIAs to ensure compliance as well as data security is to opt for an automated system for compliance. To reduce the cost of noncompliance, streamline documentation, and keep risks at bay, RIAs can take a look at VComply, an automated governance and compliance software. 

VComply Editorial Team
Read More
RegTech- The marriage of Regulation and Technology and its effects
Dec 13, 2019

Regulatory Technology or RegTech, as its name suggests, helps organizations achieve compliance. It is being hailed as the “the new FinTech” and rose to prominence in 2015, from total obscurity.

The coming together of regulation and technology is by no means a new concept. However, it is becoming increasingly valuable. As regulation becomes more widespread, complex organizations and individuals need to find efficient ways to comply. RegTech helps businesses to be organized with their compliance, keep current records and meet regulations efficiently. This is done by organizing data quickly and effectively, making it easy for organizations to maintain transparent records.

Regualtion Technology can be said to be the coming together of three main elements-regulation, people and data. This congregation enables firms to establish a culture of compliance. Technology brings these three factors together in a way to empower and enlighten both the institutions as well as their respective regulators.

The main objectives of RegTech include enhancing transparency and consistency and to standardize regulatory processes as well as to deliver concrete interpretations of ambiguous regulations. It aims to primarily provide higher levels of quality at relatively lower cost. It increases the speed with which reports can be developed, therefore, reducing the time required for compliance processes to be implemented.

RegTech differs from other methods by being cloud-based, meaning that organizations pay exclusively for what they use. Data-driven technologies are put to use along with algorithms and rule-based engines that do all the heavy lifting which was so far done by compliance and risk officers very manually in spreadsheets and legacy system.

The collaboration of existing data sets has been made simpler with the advent of RegTech. We lived in a world of complex interconnected regulations where datasets have to be reused between different regulations. Sometimes, outputs of one set of regulations may feed another. There is, therefore, an unprecedented level of granularity and transparency required which cannot be expected from manual methods. Hence, using spreadsheets and other manual methods of doing all of this is neither suitable nor viable any longer.

Since its characteristics include scalability and flexibility, organizations have the freedom to build their own system and customize it according to their needs. Being cloud-based, it provides security by encrypting the data in use and offers unlimited storage of data. This technology works best when any data needs to be reviewed- it helps in identifying risks and at the same time fulfils the compliance requirements.

Regtech is indeed winning the race to combat regulatory compliance exposure and mitigate conduct risk-especially in digital business environments. Factors which stress its need include-

  • 50,00+ regulatory and compliance updates in 2015,
  • Rising personal liability and increased cost of compliance
  • Regulatory updates being doubled over the last 3 years

The digital age has made work easier for a lot of us. Even in compliance sectors, with RegTech, compliance officers can now do their jobs better and in a collaborative way. The advent of RegTech has successfully put all our compliance hurdles out-of-the-way and with further advancement, human effort will be reduced exponentially.

VComply Editorial Team
Read More
How crucial is a Compliance Management System in your organization?
Feb 10, 2020

“Compliance management is the process by which managers, plan, organize, control, and lead activities that ensure compliance with laws regulations & standards.” With the consequences of failing to comply with laws, regulations, and standards having such a high potential cost, compliance is clearly a very big issue for businesses.

Compliance Management might sound like a lot of extra work. But while it will certainly require commitment and some effort, there are tools you can use to make your job easier. When you get associated with a business, there are many categories of compliance that your company and its employees must uphold. “Compliance” refers to sticking to the rules i.e. you need to comply with relevant legislation, as well as any internal or external standards. Compliance Management System to an organization is all about:

1. Learning & understanding all the compliance responsibilities.
2. Making sure that the employees recognize their responsibilities.
3. Ensures that the essential requirements will be integrated into business processes.
4. Analyzing vital operations to assure that responsibilities are performed and requirements are fulfilled.
5. Makes a beneficial move and updates material as fundamental.

Compliance Management System plays a crucial role in the structure of every organization. A vivid and effective compliance management system will help check the risks relevant to an organization in administering several regulatory requirements. When correctly implemented and managed, issues within the organization that affects consumers will be efficiently resolved. Not sticking to compliance can lead to the damage done towards both the company and its customers. The compliance management system can include activities like Internal audits, Third-party audits, Security procedures and control, Preparing reports and providing supporting documentation, Developing and implementing policies and procedures to ensure compliances and many more.

Compliance Management is crucial for an organization for two purposes as it helps in:

  • Minimizing legal risks & avoiding future costs: Legal compliance is a must, Compliance Management will help your company avoid legal risks. Lawsuits and settlements can easily cost you millions of dollars. Fines and other compensatory payments can also add up. And if you have entered into formal contracts with customers, the clauses of those contracts also become legal requirements. Without adherence to the letter of the law, you face costly litigation and the potential of untold damage to your business and its reputation. Effective compliance management protects you from these risks. It’s better to practice good data security and avoid a breach altogether.
  • Compliance with other standards is also important: Rules and standards don’t just come from outside your company. They can also be internal. Your standard operating procedures would be a good example to start with. Some business organizations see managing compliance with your business rules as part of compliance management but most of them don’t.

VComply is an integrated platform that provides Compliance management as one of its solutions. VComply provides six simple steps to be followed in Compliance Management Process:

Compliance Management Process

By acting diligently and creating complete transparency within your organization, VComply makes sure your organization systematically discovers and resolves many hidden tasks, saving you and your organization from easily avoidable losses effectively & efficiently.

VComply Editorial Team
Read More