An Introduction to Compliance for Registered Investment Advisors (RIAs)

What is RIA Compliance?

As financial planners and money managers for wealthy individuals and corporations, registered investment advisors or RIAs are required to comply with a set of rules and regulations laid down by the Securities and Exchange Commission (SEC).

First, some basic housekeeping: Advisers handling small-scale accounts must register with the state securities authorities, while those who handle more than $100 million worth of assets must register with the Securities and Exchange Commission (SEC).

According to the Investment Advisers Act of 1940, the Registered Investment Advisers (RIAs) have to set up plans and strategies that will comply with the rules established by the Securities and Exchange Commission (SEC). Note the Investment Advisers Act has been modified twice, once in 1996, and later in 2010. As per the new amendments, only advisers with at least $100 million under management must register with the SEC. Essentially, abiding by the rules and regulations put forth by the SEC is known as RIA compliance.

RIA Compliance has many different aspects such as the Investment Advisers Act, the Securities and Exchange Commission (SEC) Examination Priorities, Form ADV, Compliance Officers (CCOs), Funds & Assets, and Code of Ethics. The Advisers Act exists along with the SEC’s rules to prevent any breach of the law. The SEC’s rules are constantly changing in order to be up-to-date with evolving technology. 

RIA compliance can present a few challenges to investment firms such as valuation, cybersecurity and theft, custody of assets, and foreign tax compliance which we’ll review in depth in this article. 

Before we move on to discuss RIA compliance in detail, we’d also like to shine a light on the basic differences between RIAs and broker dealers. It’s common for professionals to confuse the two. However, they vary not just in their scope of work, but also in the laws they must follow and the way they earn a living. 

Difference between RIAs and Broker Dealers

A broker dealer helps in carrying out investing deals. Think advisors that tell you which shares to buy and which ones to sell. Broker dealers collect a small percent of the transaction as commission. Unlike RIAs, they are not bound by fiduciary rules. What does this mean? They generally focus on the deals that are most beneficial to them, as opposed to those which are best for the client. 

Registered brokers work for full-service broker dealers, where they have to follow a set of guidelines when it comes to recommending stocks, suggesting investments, and carrying out their business.  

On the other hand, independent broker dealers have more legroom when it comes to suggesting investments. For instance, they can also advise clients to invest in hedge funds, IPOs, and nonqualified plans. 

Here are some differences between broker dealers and RIAs: 

• Jurisdiction: A Broker dealer is an associate of the Financial Industry Regulatory Authority (FINRA) which is controlled under the Securities Exchange Act of 1934. On the other hand, RIAs must register with the Securities and Exchange Commission (SEC) which is controlled under the Investment Advisers Act of 1940.
• Compensation: Broker dealers charge commission based on each product they suggest and sell, while RIAs charge fees for advice or a percentage of assets under management. 
• Standards: Broker dealers provide advice according to the suitability standard which means that they provide advice which is suitable for the customer’s personal needs, but not necessarily the best for them. 

On the contrary, RIA’s provide advice according to the fiduciary standard which means that they provide advice which is best for the customers needs. The fiduciary standard is stricter than the suitability standard.

The Different Aspects of RIA Compliance

RIA compliance has a lot of different aspects such as:

• Investment Advisers Act: This is a U.S. Government law that shapes, explains, and conveys the duties of a Registered Investment Advisor. The Securities and Exchange Commission is given the authority by the Advisers Act to observe advisers, ease resource development, and maintain just, organized and structured markets. The Advisers Act defines precisely what counts as an investment advice and who needs to enroll with the SEC before providing that advice.
• SEC Examination Priorities: Annually, a list of specific policies, goods or services, that are of high risk to the investors or the market, is issued by the SEC’s Office of Compliance Inspections and Examinations (OCIE). This list is an attempt to prepare the public and encourage transparency. SEC examiners look at this list while preparing the examinations of RIA’s. The advisers can also refer to this list while preparing for the examination.
• Form ADV: This is a quintessential document for a Registered Investment Advisor. It is an annual form that must be filled out for the company to stay compliant. Form ADV has two parts. The first part requires details about a company, assets under management, and so on. The SEC uses these details to evaluate and impose rules. The second part is a brochure that can be distributed to clients and prospective customers. It is required that a firm discloses all it’s activities in this form, in plain English simple English, a narrative format, and disclose their obligations as a fiduciary. 
• Chief Compliance Officer (CCO): The SEC needs every company to appoint a CCO to look after RIA compliance plans and strategies. Many owners take up the role of a CCO in order to save costs in the short run. However, this can be detrimental in the long run. Savvy companies know must hire a CCO in order to let the owner concentrate on the profit-making activities. The CCO helps the company to keep up a tradition of compliance and ensures all duties, documentation, and procedures are duly fulfilled.

RIA Compliance: Things to Keep in Mind 

Here are some of the common challenges that registered investment advisors can face with compliance:

• Time and cost intensive: Without support from a professional, RIAs can be at a loss when it comes to managing compliance. The rules of the SEC can be complex and wide-ranging, taking up several hours a week for RIAs to simply keep up with developments. Compliance administration can also lead to heavy expenditure for RIAs. Those who do not spend resources on compliance run the risk of getting under the scrutiny of the SEC. 

A better and faster way for RIAs to manage their compliance is using an automated system such as VComply, that helps them receive alerts, automate their calendar, and assign responsibilities. 

• Cybersecurity – ID theft is a major concern for advisors. If a customer’s private details or assets are stolen, it can land an RIA firm in deep trouble. In recent years, various cybersecurity specialists have confirmed that the protective barriers used by the advisory companies are fragile and can be hacked by a group of hacking specialists.

In order to safeguard their organization from cybersecurity thefts, advisors must run their cybersecurity measures through framewowkrs such as CIS, PCI, NIST, and SOC 2, to deteremine if their security measures are appropriate. 

• Custody of assets – Advisors require more than just cybersecurity to safeguard their customer’s details and assets. They also have to safeguard other customer assets such as security documents, money, cheques, and account files. To prevent physical assets from being stolen, advisors must implement better procedures and also educate customers on keeping their assets safe. 

• Marketing – Owing to investment scandals and scams, new rules are constantly being introduced to avoid firms from promoting dubious schemes. RIAs must keep a constant tab on changing regulations around marketing. For example, mortgage providing advisors need to follow the advertising rules in the Truth-In-Lending Act. Advisors who advertise other goods and services must be sure that they are adding necessary disclaimers and their advertisements are truthful.

Conclusion

Compliance for RIAs is not straightforward, and with ever changing regulations, CCOs are forced to balance budgets as well as ensure compliance. As the organization grows larger, it becomes even more cumbersome to track and map regulations. 

The best option for RIAs to ensure compliance as well as data security is to opt for an automated system for compliance. To reduce the cost of noncompliance, streamline documentation, and keep risks at bay, RIAs can take a look at VComply, an automated governance and compliance software .