SEC Announces 2023 Examination Priorities

By Suma Chander, Michael Corcione, Rachel DiDio, Jay Monaghan and Matthew Orrell

The U.S. Securities and Exchange Commission’s (SEC) Division of Examinations (the Division) recently released its 2023 Examination Priorities. With the SEC’s overriding objective being to safeguard investors, the Division intends to pay particular attention to the subject matters in this paper. We want our readers to know where the regulators intend to concentrate their inspection efforts. 

As you read the salient points in this paper, we want to emphasize that you don’t have to tackle these items alone. Our professionals have deep experience in all these areas from your side of the desk and beyond. Our team consists of a former PCAOB regulator, chief financial officers, chief risk officers, chief operating officers, chief technology officers, traders, internal auditors and global professionals in the financial services space. We feel confident saying a five-minute read of our thoughts below followed by a 30-minute conversation with our subject matter experts will provide valuable feedback to help you be prepared for an examination.

Compliance with Recently Adopted Rules

In an effort to drive efficiency in the capital markets and to modernize rules for the current economy and technologies, the SEC recently adopted several new rules for broker-dealers and investment advisors. The most notable rules include the following:

• Advisers Act Rule 206(4)-1 (Marketing Rule) – The Division will assess if investment advisors have adopted and implemented written policies and procedures that are designed to prevent violations of the Marketing Rule.
• Investment Company Act Rule 18f-4 (Derivatives Rule) – If the company is subject to the Derivatives Rule, the Division will assess whether policies and procedures have been adopted that are reasonably designed to manage derivative risk and to prevent violations. Those subject to the Derivatives Rule should also adopt a derivative risk management program, board oversight and disclosures regarding derivative use.
• Investment Company Act Fair Valuation Rule 2a-5 – The Division will assess compliance with new requirements for determining fair value and will review if adjustments have been made to valuation methodologies, compliance policies and procedures, governance practices, service provider oversight and reporting/recordkeeping.

Protecting Retail Investors

The Division will continue its focus on whether broker-dealers and investment advisors have acted in the best interest of their retail investors, including investments offered, such as derivatives and leverage exchange-traded products, high cost and illiquid products, firm positions and microcap securities. Given the focus on retail investors, firms should review their procedures related to marketing and advertising to ensure they meet the requirements outlined by regulators.

The Division will also focus on compliance with Form CRS. It is likely that this form will be requested during the Division’s 2023 examinations.

Environmental, Social and Governance (ESG) Investing

The Division continues its focus on ESG-related advisory services and investment products and will typically assess whether RIAs and registered funds are:

1. 1. accurately disclosing their ESG investing approaches and have adopted appropriate policies and procedures in this regard;
   2. voting client securities in accordance with proxy voting policies and procedures and whether the votes align with their ESG-related disclosures and mandates;
   3. overstating or misrepresenting the ESG factors considered or incorporated into portfolio selection, such as in their performance advertising and marketing.

Additionally, the Division will assess whether ESG products are appropriately labeled and whether recommendation of such products for retail investors are made in the investors’ best interest.

Information Security and Operational Resiliency

The cyber threat landscape is more ominous than ever. Tensions around the globe have increased cyberattack threats on the U.S. financial system and the risk of market disruption due to a cyberattack is greater than ever. The Division’s core purpose is to ensure investor confidence in U.S. markets. The Division will review RIAs and broker-dealer’s ability to maintain critical systems and protect investor information, records and assets. Reviews will also include a focus on third-party vendors and related cybersecurity issues including the integrity of their products and services and authorized use. The third-party “supply- chain” has many links and they all need to be equally strong and resilient. 

Crypto Assets and Emerging Financial Technology

The Division’s opening comments cite “evolving technologies and new forms of risk” are a key focus to protecting investors. The recent series of monumental losses in crypto assets and new technologies being used to perpetrate traditional fraud schemes are core reasons for the need to focus on these areas. The Division will specifically focus on “registrants offering the sale, recommendation of, or advice regarding trading in crypto-related assets and include whether the firm (1) met and followed their respective standards of care when making recommendations, referrals or providing investment advice; and (2) routinely reviewed, updated and enhanced their compliance, disclosure and risk management practices.” The Division continues to pledge on keeping its efforts and risk-based approach current with emerging technologies.

Focus Areas Relating to Investment Advisor and Investment Companies 

• Investment Advisors to Private Funds: Advisors to private funds will continue to be subject to examinations from the Division. The Division will focus on investment advisors to private funds with risk characteristics including, but not limited to, those that are highly leveraged, use affiliated companies, hold illiquid or hard-to-value securities, including crypto and invest in SPACs. These examinations will focus on disclosures to investors regarding risk and liquidity, valuation, compliance, filings with the SEC and conflicts of interest.
• Investment Advisor Compliance Programs: The Division will continue to review compliance programs of investment advisors and prioritize examinations of investment advisors that have not previously been examined or have not been examined in several years. The review will include whether programs, policies and procedures are reasonably designed, implemented and maintained and will also see how these compliance programs have been updated for the current environment. Areas of focus include disclosures in core areas as well as review for conflicts and oversight of the approval process for fees and expenses.
• Registered Investment Companies, Including Mutual Funds and ETFs: The Division will prioritize the examination of mutual funds or ETFs that have not previously been examined or have not been examined in a number of years. The examination will focus on fiduciary obligations which includes compliance and procedures to assess and approve advisory and other fees. The Division will focus on funds with characteristics that include, among other things, mutual funds which converted to ETFs, loan-focused funds and funds that have experienced turnover.

Focus Areas Involving Broker-Dealers and Exchanges

• Broker-Dealers: This year the Division will focus on electronic communications and related recordkeeping. In addition, examinations will continue to focus on compliance with the Customer Protection Rule and the Net Capital Rule. The Division will also review the adequacy of internal processes, procedures, controls and compliance for trading practices.
• National Securities Exchange: Examinations will continue to focus on exchange operations to monitor, investigate and enforce members and listed company compliance with the applicable exchange rules and federal securities laws.
• Security-Based Swap Dealers (SBSDs): Examinations will continue to focus on SBSD compliance with SBS rules, specifically the reporting requirements for SBS transactions.
• Municipal Advisors: The Examination will focus on if municipal advisors have met their fiduciary duty obligations to municipal entities and the disclosure of any conflicts of interest and how these conflicts are managed.
• Transfer Agents: The Division will continue to examine transfer agents’ core functions, which include the timely turnaround of transfers, recordkeeping and retention and safeguarding of funds and securities. Examinations will focus on transfer agents using emerging technology and those that transfer securities for microcap and crypto asset issuers.

Other Areas of Focus

• Clearing Agencies: The Division will examine policies and procedures related to maintain sufficient resources. This will be done by reviewing efforts to remediate deficiencies identified by the Division and internal auditors and whether timely and appropriate action to correct and mitigate the risks associated with those deficiencies have been taken.
• Regulation Systems Compliance and Integrity (Reg SCI): The Division will continue to evaluate the compliance of entities under Reg SCI supervision, which are critical market infrastructure firms, including national security exchanges, registered and certain exempt clearing agencies, FINRA, MSRB, plan processors and alternative trading systems meeting volume thresholds. Reg SCI requirements focus on ensuring critical markets systems’ capacity, integrity, resiliency, availability and security are adequate to maintain operational capability and promote the maintenance of fair and orderly markets.
  
  Reg SCI’s scope of systems is extensive and encompasses all areas of technology, operations and their governance. System criticality, dependencies and third-party relationships must all be identified and have risk ratings. Across the wide breadth of areas covered by Reg SCI, the Division will have a key focus on whether Reg SCI entities have reasonably designed, established, maintained and enforced written policies and procedures in the domains listed below:
  • Software Development Life Cycle (SDLC) and entities’ programs to review and keep current systems development and testing methodologies.
  • Third-Party Dependencies and ensuring SCI systems operated by third parties on behalf of a Reg SCI entity are adhering to the requirements for capacity, integrity, resiliency, availability and security.
  • Network Segmentation of SCI systems and assessing the security threats posed to SCI systems if a breach were to occur.
  • Application Programming Interface and the security and operational risks from the reliance on external applications, including those residing in cloud environments and with third parties and what operational risks are introduced to SCI systems.
• FINRA and MSRB: The Division will also continue its oversight of certain regulators, including FINRA and MSRB. The Division will review the quality of FINRA’s examinations of broker-dealers and will review MSRB to evaluate the effectiveness of its policies, procedures and controls.
• Anti-Money Laundering (AML) Programs: Financial institutions, registered investment advisors and broker-dealers are required to establish AML programs which should include policies and procedures reasonably designed to identify customer due diligence, monitor suspicious activity and file suspicious activity reports (SARs) when appropriate.
• The London Inter-Bank Offer Rate (LIBOR) Transition: The Division will make inquiries during their examinations with broker-dealers and investment advisors to assess their understanding of any exposure to LIBOR, a preparation for the transition away from LIBOR in mid-2023 and the transition to an alternative reference rate.

Conclusion

Promoting compliance, preventing fraud, monitoring risk and informing policy continue to be the “four pillars” of the Division and examinations are a critical component to upholding these pillars. Please reach out for a more in-depth conversation on one or more of these areas of focus. You’ll be glad you did. 

You can view the complete 2023 Examination Priorities here.

Contact Us

If you have any questions about these SEC examination priorities and if your company is publicly registered, please contact the partner in charge of your account or any of the specialists named below.

Suma Chander
Principal, Systems & Technology
schander@pkfod.com | 212.286.2600

Michael Corcione
Principal, Cybersecurity and Privacy Advisory
mcorcione@pkfod.com | 646.546.7871

Rachel DiDio
Partner, SEC Regulatory
rdidio@pkfod.com | 646.965.7780 

Jay Monaghan
Partner, Financial Reporting
jmonaghan@pkfod.com | 646.699.2887 

Matthew Orrell
Financial Services Partner, ESG & Compliance
morrell@pkfod.com | 781.226.2331