This Sidley Update highlights selected investment adviser guidance that the Securities and Exchange Commission (SEC) staff published in the first quarter of 2017 and supplements Sidley’s annual summary of developments for investment advisers published on February 17, 2017.1 The recent guidance addresses certain obligations of investment advisers under the Investment Advisers Act of 1940 (Advisers Act) and the rules thereunder.
Three-Part Guidance on the Custody Rule
On February 21, 2017, the SEC’s Division of Investment Management (IM) issued three separate forms of guidance describing certain circumstances in which SEC-registered investment advisers (RIAs) may have custody of client assets for purposes of Advisers Act Rule 206(4)-2 (Custody Rule). The additional guidance includes an IM Guidance Update, an SEC staff no-action letter and an update to a response in the SEC’s Custody Rule frequently asked questions (FAQs). This guidance was published shortly after the SEC’s Office of Compliance Inspections and Examinations (OCIE) revealed in a February 2017 Risk Alert (described below) that noncompliance with the Custody Rule was one of the five most common compliance topics identified in deficiency letters to RIAs over the last two years.2 These findings show that the Custody Rule continues to be a common source of confusion and noncompliance, even after the staff has made it an examination and enforcement priority for several years.3
Notably, each of the IM Guidance Update and the no-action letter reaffirms that an RIA’s authority to conduct authorized trading — i.e., the authority to issue instructions to a broker-dealer or a custodian to effect or settle trades — does not constitute “custody” under the Custody Rule.
IM Guidance Update on Inadvertent Custody
The SEC staff clarified in a new IM Guidance Update (Guidance Update) that an RIA may inadvertently have custody of client funds or securities because of provisions in a separate custodial agreement between its advisory client and a qualified custodian to which the RIA is not a party.4 According to the Guidance Update, a custodial agreement permitting the qualified custodian to accept instructions from an RIA to disburse or transfer funds or securities from the custodial account, other than to effect or settle trades, will establish the RIA’s custody of client assets, even if the conferral of such authority conflicts with the provisions of the advisory agreement between the RIA and the client. The staff reasoned that this approach best promotes the cornerstone interest of the Custody Rule in safeguarding client assets, as the definition of custody turns on whether the adviser is authorized to “withdraw” client funds or securities “upon instruction to the qualified custodian.”5 Further, the staff noted that a qualified custodian (i) may not be aware of a bilateral agreement between the RIA and the client and (ii) is likely to rely on an authorization in the custodial agreement if instructed by the adviser to release client funds or securities.
The Guidance Update notes some relief from the Custody Rule requirements for an RIA where a custodial agreement is structured narrowly. The custodial agreement must permit the qualified custodian to disburse cash from the account upon the adviser’s instruction only if the custodian in good faith believes the instruction to be in connection with or in accordance with (i) securities trading or (ii) the deduction of advisory fees from the custodial account. In such situations, an RIA may be deemed to have custody due to its authority to deduct advisory fees but would not be subject to the Custody Rule surprise examination requirement if it complies with Rule 206(4)-2(b)(3). This relief from the surprise examination requirement is available, under certain circumstances, to an RIA with limited custody due to its authority to deduct its fees.
RIAs should beware of the possibility of becoming inadvertently subject to the Custody Rule based on provisions in custodial agreements. According to the Guidance Update, one way an RIA can avoid having custody due to such provisions is to draft a letter (or other document) addressed to the qualified custodian that limits the RIA’s authority to “delivery versus payment,” notwithstanding any provisions in the custodial agreement. To be effective, the client and qualified custodian must acknowledge the letter (or other document) by written consent.
No-Action Letter on Custody Established by Asset Transfer Authorization
In a no-action letter to the Investment Advisers Association, the SEC staff indicated that, in connection with a standing letter of instruction or other similar asset transfer authorization (SLOA) established by an RIA’s client with a qualified custodian, the RIA generally has access to, and custody of, the client’s assets in the following circumstance:
- The SLOA authorizes the qualified custodian to transfer the client’s assets,
- Upon the RIA’s instruction to the qualified custodian,
- To one or more third parties as specified by the client,
- For any purpose other than authorized trading.6
The Investment Advisers Association had requested no-action relief on the basis that such SLOAs (i) are written authorizations directly addressed from the client to the qualified custodian, (ii) grant a limited authorization to the adviser to act as the client’s agent for a specific purpose and (iii) allow the client to retain full power to change or revoke the arrangement. In its response, the staff concluded that such an authorization nonetheless grants an adviser “authority to obtain possession” or “withdraw” client funds — authority the Custody Rule was designed to address. The staff explained that, under these circumstances, an RIA to whom a client grants such authority has custody of the client’s assets and is subject to the Custody Rule surprise exam requirement.
The staff noted, however, that it would not recommend enforcement action against an adviser that did not obtain a surprise examination where it acts pursuant to an SLOA under the following circumstances:
- The client provides an instruction to the qualified custodian, in writing, that includes the client’s signature, the third party’s name, and either the third party’s address or the third party’s account number at a custodian to which the transfer should be directed;
- The client authorizes the adviser, in writing, either on the qualified custodian’s form or separately, to direct transfers to the third party either on a specified schedule or from time to time;
- The client’s qualified custodian performs appropriate verification of the instruction, such as a signature review or other method to verify the client’s authorization, and provides a transfer of funds notice to the client promptly after each transfer;
- The client has the ability to terminate or change the instruction to the client’s qualified custodian;
- The adviser has no authority or ability to designate or change the identity of the third party, its address, or any other information about the third party contained in the client’s instruction;
- The adviser maintains records showing that the third party is not a related party of the adviser or located at the same address as the adviser; and
- The client’s qualified custodian sends the client, in writing, an initial notice confirming the instruction and an annual notice reconfirming the instruction.
FAQ Update on Transfers Between (or Among) a Client’s Own Accounts
The SEC staff also revised its response to an FAQ regarding whether an RIA has custody of a client’s assets if the client authorizes the RIA to transfer the client’s funds or securities between (or among) two (or more) of a client’s own accounts maintained with the same qualified custodian or different qualified custodians.7 The staff revised its previous FAQ response to indicate that a grant of authority limited to such transfers will not establish custody if (i) the client has authorized the adviser in writing to effect such transfers and (ii) a copy of the authorization, specifying the client accounts, has been provided to the sending qualified custodian(s). The client’s authorization must specify with particularity the name and account numbers on the sending and receiving accounts (including the ABA routing number(s) or name(s) of the receiving custodian(s)) such that the sending custodian has a record that the client has identified the accounts for which the transfer is being effected as belonging to the client. That authorization does not need to be provided to the receiving custodian(s).
The staff further indicated that an RIA’s authority to transfer client assets between (or among) a client’s accounts at the same qualified custodian or its affiliated qualified custodians all of whom have access to the sending and receiving account numbers and client account name (e.g., to make first-party journal entries) does not constitute custody and does not require further specification of client accounts in the authorization.
Information Update on Documenting Participating Affiliate Arrangements
The SEC staff recently issued an IM Information Update (Update)8 addressing how multinational advisory firms can document their reliance on a series of no-action letters dating back to the 1990s, often referred to as the “Unibanco letters.” In the Unibanco letters, the staff agreed not to recommend enforcement action to the SEC if a non-U.S. advisory affiliate of an RIA (participating affiliate) shares personnel with, and provides certain services to U.S. clients through, the RIA, without the participating affiliate registering under the Advisers Act.
As reiterated in the Update, the no-action relief provided in the Unibanco letters is subject to certain conditions, including: (i) the participating affiliate and the RIA are separately organized; (ii) the RIA is staffed with personnel who are capable of providing investment advice; (iii) all personnel of the participating affiliate involved in U.S. advisory activities are deemed to be “associated persons” of the RIA; and (iv) the SEC has adequate access to trading and other records of the participating affiliate and to its personnel to the extent necessary to enable it to identify conduct that may harm U.S. clients or markets.
While the Update did not alter nor add to the requirements set forth in the Unibanco letters, the staff noted that it periodically receives questions regarding what information, if any, should be submitted to the staff in connection with participating affiliate arrangements. In the Update, the staff summarized the types of documentation it generally believes address most clearly the concerns raised in the Unibanco letters regarding the staff’s ability to monitor the conduct of participating affiliates, including, among other things:
- A representation that the participating affiliate is an associated person of the RIA;
- Documentation of the appointment of an agent for service of process by the participating affiliate;
- A representation that the participating affiliate is subject to the U.S. courts for actions arising under U.S. federal or state securities laws in connection with investment advisory activities for U.S. clients provided by the participating affiliate through the RIA; and
- A representation that the participating affiliate, upon request, will provide to the staff all books and records required to be maintained in accordance with staff guidance or any other documents demanded pursuant to an administrative subpoena or request for voluntary cooperation.
It appears that advisers relying on the Unibanco letters generally maintain internal records of the representations and undertakings required by the no-action relief, and the Update does not specifically require such advisers to submit the documentation identified in the Update to the SEC. However, a note at the end of the Update indicating that the information (and any amendments to any information) can be submitted to the staff by email suggests that the staff expects advisers to do so. In any case, the Update provides useful clarity regarding staff expectations for, and may have a standardizing effect on, the documentation of participating affiliate arrangements.
IM Guidance Update on Robo-Advisers
On February 23, 2017, the SEC staff issued an IM Guidance Update (Guidance)9 addressing certain unique considerations confronting automated advisers, or “robo-advisers.” Some firms identify themselves specifically as “robo-advisers.” However, as noted in the Guidance, other robo-advisers “are offered as digital portfolio management tools by traditional advisers that view these programs as components of their existing advisory practices.” Whereas the Guidance focuses on robo-advisers that provide services directly to clients over the internet, the staff noted that the Guidance may be helpful for other types of robo-advisers, as well as other RIAs.
Like all RIAs, robo-advisers are subject to the full scope of substantive and fiduciary obligations of the Advisers Act. The staff noted that because robo-advisers rely on algorithms, provide largely automated investment advice and may offer limited, if any, direct human interaction to clients, their unique business models may raise certain considerations when seeking to comply with the Advisers Act.
- Disclosure. The staff suggested that robo-advisers consider the most effective way to communicate the limitations, risks and operational aspects of their advisory services. In explaining its business model, an adviser might describe, for example, the assumptions and limitations of the algorithm used to manage client accounts, the risks inherent in the use of the algorithm and how the adviser uses the information gathered from a client to generate a recommended portfolio. The adviser should use reasonable care, the staff noted, to avoid creating a false implication about the scope of services provided.
- Provision of suitable advice. The staff suggested that, given the generally limited interaction clients have with advisory personnel, a robo-adviser should consider whether its online questionnaire is designed to elicit sufficient client information to support its suitability obligation.
- Effective compliance program. The staff noted that in developing its compliance program, a robo-adviser should be mindful of the unique aspects of its business model that may create or accentuate its risk exposures. Thus, in addition to addressing issues relevant to traditional investment advisers, robo-advisers should consider whether to implement policies and procedures that address such areas as the development, testing and back-testing of the algorithmic code, disclosure of changes to the algorithmic code, and the post-implementation monitoring of the algorithm’s performance.
The Five Most Frequent Compliance Topics Identified in OCIE Examinations of Investment Advisers
OCIE recently published a Risk Alert highlighting the Advisers Act topic areas most frequently associated with deficiencies identified in OCIE adviser examinations.10 Those topic areas and a summary of the illustrative deficiencies identified in the Risk Alert include:
- Compliance Program Rule (Rule 206(4)-7)
- RIAs had not reasonably tailored their compliance manuals to their respective business practices;
- RIAs did not conduct annual reviews and had not followed the requirements regarding the annual review, including failure to take steps to address or correct problems identified in the annual review;
- RIAs failed to follow their own compliance policies and procedures; and
- Compliance manuals were not current.
- Regulatory Filings
- Form ADV included inaccurate disclosures (e.g., inaccurate custody information);
- Form ADV other-than-annual amendments were not promptly filed, and Form ADV annual updating amendments were not timely filed;
- Form PF filings were incorrect or untimely; and
- Form D filings were incorrect or untimely.
- Custody Rule (Rule 206(4)-2)
- RIAs did not recognize that online access to client accounts causes an RIA to have custody when such access provides the adviser with the ability to withdraw funds and securities from the account;
- Required surprise exams did not meet the Custody Rule requirements (e.g., surprise exams were conducted at the same time every year); and
- RIAs did not recognize that they had custody due to their authority over client accounts (as a result of, e.g., having certain powers of attorney or serving as trustees of clients’ trusts or general partners of fund clients).
- Code of Ethics Rule (Advisers Act Rule 204A-1)
- “Access persons” were not properly identified for personal securities transactions review purposes;
- Codes of ethics were missing required information;
- Personal trading reports were submitted less frequently than required; and
- RIAs failed to describe their codes of ethics in their brochures or did not indicate that their codes of ethics are available to any client or prospective client upon request.
- Books and Records Rule (Advisers Act Rule 204-2)
- RIAs failed to maintain all required books and records (e.g., advisory agreements);
- Books and records were inaccurate or not updated; and
- Recordkeeping was inconsistent (i.e., maintenance of contradictory information in separate sets of records).
Updates to Form PF Frequently Asked Questions (Form PF FAQs)
In January 2017, the SEC staff updated the Form PF FAQs, which are available on the SEC’s website to assist investment advisers to private funds in complying with their Form PF reporting obligations.11The updates clarify the staff’s views on the appropriate way to interpret certain Form PF instructions or questions, such as the treatment of parallel managed accounts managed for non-U.S. persons by non-U.S. advisers, and the use of estimates in responding to Question 14 (summary of the reporting fund’s assets and liabilities), when audited financial statements are not yet available. The updates also conform or delete certain FAQs to reflect recent amendments to the Form relating to large liquidity funds.