The SEC has proposed a new rule that, if adopted, will impose new requirements on RIAs that outsource certain functions to service providers with respect to the selection, monitoring and continued engagement of such service providers
The Proposed Rule does not distinguish between affiliated service providers and unaffiliated service providers
As currently drafted, the Proposed Rule does not provide any carve-outs for service providers that are otherwise subject to Federal securities laws (e.g., SEC-registered broker-dealers and other RIAs, including sub-advisers)
Exempt reporting advisers are not subject to the Proposed Rule, but may be impacted in their capacity as sub-advisers to any investment adviser subject to the rule
On Oct. 26, 2022, the Securities and Exchange Commission (“SEC”) proposed rule 206(4)-11 (the “Proposed Rule”), a new rule under the U.S. Investment Advisers Act of 1940 (“Advisers Act”) that, if adopted in its current form, will impose new requirements on investment advisers that are required to be registered with the SEC (“RIAs”) with respect to outsourcing certain Covered Functions to Service Providers (each as defined below).
These requirements include performing due diligence before retaining a Service Provider, periodic monitoring of the selected Service Provider and subsequent analysis of the continued appropriateness of retaining such Service Provider, as well as related recordkeeping requirements.
The Proposed Rule defines “Covered Function” as:
“…a function or service that is necessary for the adviser to provide its investment advisory services in compliance with the Federal securities laws, and that, if not performed or performed negligently, would be reasonably likely to cause a material negative impact on the adviser’s clients or on the adviser’s ability to provide investment advisory services.”
Determining whether an outsourced function is a Covered Function subject to the Proposed Rule will generally be subject to a facts and circumstances analysis with respect to the nature of each subject RIA’s business, as the manner in which investment advisers provide investment advisory services varies. Thus, certain functions may fall into the category of being “Covered Functions” for one RIA but not for another. Examples of potential Covered Function enumerated in the Proposed Rule include: (i) Adviser / Sub-adviser; (ii) Client Services; (iii) Cybersecurity; (iv) Investment Guideline or Restriction Monitoring Services; (v) Investment Risk Analysis; (vi) Portfolio Management (excluding Adviser / Sub-adviser relationships); (vii) Portfolio Accounting; (viii) Pricing Services (though common market data providers providing publicly available data will be excluded); (ix) Reconciliation; (x) Regulatory Compliance; (xi) External Trading Desks; (xii) Trade Communication and Providers of Trade Allocation; and (xiii) Valuation Agents.
In general, clerical, ministerial, utility, or general office functions or services are excluded from the definition of “Covered Function” under the Proposed Rule.
“Service Provider” is defined by the Proposed Rule as a person or entity that performs one or more Covered Functions and is not an adviser’s supervised person (as such term defined in the Advisers Act). As with Covered Functions, certain persons or entities that perform functions on behalf of investment advisers may be a “Service Provider” with respect to one adviser but not for another.
Due Diligence and Monitoring
Under the Proposed Rule, before engaging a Service Provider to perform a Covered Function, RIAs would be required to perform due diligence to determine that it would be appropriate to select such Service Provider to perform the particular Covered Function, by considering:
- The nature and scope of the Covered Function(s);
- Potential risks resulting from the Service Provider performing the Covered Function(s), including procedures to mitigate and manage such risks;
- The Service Provider’s competence, capacity, and resources necessary to perform the Covered Function(s);
- The Service Provider’s subcontracting arrangements related to the Covered Function(s) (if any);
- Coordination with the Service Provider with respect to Federal securities law compliance; and
- Whether the Service Provider will be able to provide for the orderly termination of its performance of the Covered Function(s).
RIAs would also be required to periodically monitor the Service Provider’s performance and reassess the engagement of that certain Service Provider, including evaluating whether it is necessary to modify the RIA’s approach to outsourcing the applicable Covered Function(s). The Proposed Rule does not provide explicit guidance on the definition of “periodically.”
In addition, if adopted, the Proposed Rule will revise the Advisers Act books and records rule (“Rule 204-2”) to require RIAs to make and keep certain books and records related to their obligations under the Proposed Rule, generally for the duration of the engagement plus a period of five years after such engagement is terminated. The revised rule will cover written agreements with the Service Provider (which should explicitly stating that the function or service provided is a Covered Function), as well as memorandums or similar documentation of the RIA’s initial due diligence and ongoing, periodic monitoring of each Service Provider. Such records are generally expected to assist the SEC in evaluating RIAs’ outsourcing of Covered Functions to Service Providers, and compliance with the Proposed Rule.
In addition, under the Proposed Rule, each investment adviser that outsources a Covered Function to a Service Provider and relies on such Service Provider to make and/or keep books and records as required by Rule 204-2 will be required to obtain reasonable assurances that the Service Provider will be able to:
- Adopt and implement internal processes and/or systems for making and/or keeping records that meet the requirements of Rule 204-2 applicable to the adviser in providing services to the RIA;
- Make and/or keep records that meet all of the requirements of Rule 204-2 applicable to the RIA;
- Provide access to electronic records; and
- Ensure the continued availability of records if the Service Provider’s operations cease or the relationship with the RIA is terminated.
These requirements are intended to prevent required records from being lost, altered, or destructed, therefore ensuring that such records continue to be accessible to the RIA (and the SEC staff, if requested).
The SEC also proposed amendments to Form ADV Part 1A, Item 7.C of Schedule D, which will require RIAs to provide information about Service Providers that perform Covered Functions. Such information will include the legal name and primary business address of the Service Provider, the legal entity identifier (if any), disclosure of whether the identified Service Provider is a related person of the adviser and the date the Service Provider was first engaged, as well as a classification of the Covered Functions or services the Service Provider is actively engaged in providing.
As currently drafted, these requirements will apply to both affiliated Service Providers and unaffiliated Service Providers, which will make publicly available a large amount of information about the use of affiliated Service Providers to prospective clients as well as the broader market. These proposed amendments to Item 7.C are designed, according to the SEC, (i) to enable advisory clients to make better informed decisions, and (ii) to improve the SEC’s ability to identify outsourced functions and the Service Providers that perform these functions and address risks related to outsourcing and to oversee RIAs’ use of Service Providers. The SEC may use this information to identify problematic Service Providers and to focus on the investment advisers that have engaged them.
Compliance and Comment Period
The SEC has asked whether existing arrangements should be exempted from compliance with the Proposed Rule. To the extent that existing arrangements fall within the scope of the Proposed Rule, if enacted, RIAs that have existing engagements with Service Providers that perform Covered Functions may need to renegotiate existing engagement agreements to meet the new requirements.
The public comment period with respect to the Proposed Rule will remain open for 30 days after the date of publication in the Federal Register or December 27, 2022, whichever period is later.
If adopted, RIAs will be required to be in compliance with the final rule beginning ten months from the rule’s effective date.