As Marc mentioned last time, the SEC’s Division of Examinations’ (EXAMS) has made it a priority in 2021 to review the steps that firms take to ensure information security and operational resiliency. For robo-advisers, given that they conduct so much of their operations online, these steps are of paramount importance.

In its report, EXAMS noted that it will scrutinize whether advisers have implemented appropriate measures to oversee vendors and service providers and manage the cybersecurity and privacy risks inherent in those relationships.  So what does the agency expect to see from you?

Luckily, the SEC already tipped its cards.  The agency published guidance in 2020 that indicates its view that vendor management policies and procedures should address due diligence for selecting vendors, monitoring and overseeing them, requiring appropriate contract terms, and understanding how vendors protect client information.

Here are some practices observed by the SEC that illustrate those expectations:

  • Vendor management programs. The agency noted firms had established vendor management programs that set standards for vendors’ information security practices, ensured safeguards were in place, used questionnaires to evaluate potential vendors, required the review of third party reports (such as SOC 2 reports), mandated independent audits, and established procedures for terminating and replacing vendors.
  • Understanding vendor relationships. The SEC found that advisers (and their personnel) demonstrated that they understood privacy and cybersecurity related contract terms, understood risks associated with vendor outsourcing, and effectively managed those risks.
  • Vendor monitoring and testing.  The agency observed that companies took demonstrable steps to monitor each vendor relationship to make sure the vendor continued to meet security requirements and ensure that advisers were alerted to changes in the vendor’s services or personnel.

Want some more advice?  Be ready for data breaches caused by your vendors.  A common misconception is that if you share sensitive information with a vendor and that vendor gets hacked, the vendor is the one with legal obligations relating to the breach.  That’s not true.  State laws put the onus on the adviser who collected information from the consumer in the first place, and they often limit the responsibility of vendors to promptly informing you that something happened.  So what do you do? Ensure your contract with any vendor that handles your clients’ information specifies what must be done if a breach occurs, who must do it, how fast it must be done, and how the costs will be allocated.

Want even more advice?  For a fulsome discussion of the steps you can take to manage the privacy and cybersecurity risks of your service providers, I encourage you to check out our webinar available here.  That’s all for now – please be sure to return for our next post where Josh will discuss the importance of maintaining effective access rights and controls in your organization.


We continue our discussion of the SEC’s Division of Examinations’ (EXAMS) 2021 Priorities (see here) with an overview of information security and operational resiliency.  The daily drumbeat of cyber-intrusion incidents is certain to keep cybersecurity at the top of EXAMS’ focus.

In light of the pandemic forcing a shift to remote work, EXAMS has announced its focus on information security issues including: endpoint security, data loss, remote access, third-party communication systems, and vendor management.  EXAMS will assess firms’ reasonable efforts to:

(1) prevent account intrusions, focusing on customer identity;

(2) oversee vendors and service providers;

(3) address malicious email activities;

(4) respond to incidents, specifically ransomware attacks; and

(5) manage operational risk created by remote working.

EXAMS expects to focus these reviews on firms’ policies and procedures for platform investor information security and electronic maintenance of books and records, both by firms and their vendors. The pandemic also provides EXAMS an opportunity to review the sufficiency of disaster recovery and business continuity plans. For those who remember post-Hurricane Sandy sweep exams, these will look familiar. Have you improved since then?

EXAMS also encourages market participants to actively and effectively engage regulators and law enforcement in identifying and addressing vulnerabilities and attacks. We recommend soliciting the appropriate advice to assess your preparedness and assist in incident and remediation reporting.

EXAMS signaled its focus on this topic last year in published guidance (see here), which is useful to governance and risk considerations.  The SEC has stated that effective governance of cybersecurity begins with demonstrated commitment from the top.  This includes boards and executives articulating cyber policies and priorities; performing enterprise risk assessments to identify, manage and mitigate risks unique to the enterprise; and developing methodologies for risk assessments that include when employees are away from the office.

Effective governance also includes routine review of access controls and data loss prevention processes including practices such as penetration testing, software testing, patch management and appropriate encryption and access segmentation.  For digital advisors, which exist almost exclusively in this realm, each of these risks are magnified. Demonstrating resiliency in cybersecurity, then, involves developing a plan and identifying personnel to address incidents, a process for measuring the scope of the vulnerability and risk, and a protocol for elevation and reporting.

When regulators come knocking, it is published guidance, like the above, that they look to in answering whether “you knew or should have known” about the risks, and the “reasonableness” of your cybersecurity practices and procedures. In Source Code’s next post, Craig will discuss managing cybersecurity and privacy risks posed by the vendors your firm works with.


The market for investment products and services is very competitive. Consumers now look to their advisers to not only provide return on their investment but to do so in a way that is consistent with their personal ethos. To meet this demand, many investment advisers have turned to incorporating environmental, social, and governance (“ESG”) factors into their investment strategies. Arguably there is no hotter topic at present in the broader investment community than ESG, or, as it is sometimes called, socially responsible investing. But before your firm begins to include ESG in its investment approach, you should first consider the SEC’s increased scrutiny and subsequent guidance on the subject.

As Marc previously discussed, the SEC recently published its Division of Examinations’ priorities for 2021. Prevalent among these priorities was an enhanced focus on ESG. Moreover, the SEC also published an Investor Bulletin in February 2021 discussing ESG investing and an April 2021 Risk Alert highlighting areas of concern noted from SEC examinations of investment advisers pertaining to ESG investing.

So, what should you take from all of this SEC guidance? For one, if your firm provides ESG investment strategies, you should expect that to be a focus of any SEC examination of your firm. But more broadly, you might read the SEC’s guidance to state that ESG investing should be more than a marketing tool to attract clients (meaning you need to think about how incorporating ESG investing affects clients and what you need to tell them). To that end, below are the key points your firm should focus on when developing and maintaining your ESG program:

  • Portfolio management practices must be consistent with ESG disclosures – This is not a unique concept to ESG. The way your firm manages a client’s account must be consistent with the client’s expectations and your firm’s disclosures. For example, if your website indicates that your algorithm will exclude investments in certain industries (e.g., tobacco or alcohol), you must ensure that the client’s portfolio has been filtered in accordance with this disclosure. You should also review your Form ADV and any marketing materials to ensure that consistent disclosure related to ESG investing is used.
  • Accurate ESG Disclosure – As with all investment strategies, ESG investing contains risks. The SEC will expect your ESG related disclosures to be free from unsubstantiated or misleading statements. Statements such as “our strategy will only invest in companies with high employee satisfaction” must be substantiated by evidence. If your ESG investment process involves screening out certain investments, your disclosure should indicate that such process may result in lower returns due to the potential for higher performing securities to be screened out.
  • Your compliance program must include adequate policies and procedures to monitor and address ESG issues – Adding an ESG component to your firm’s investment offerings means additional compliance responsibilities. The SEC will expect your compliance program to adequately address how your firm will monitor and test for ESG. This should include policies and procedures to periodically review client portfolios to ensure adherence to client stated preferences. For example, if your client intake process allows a client to indicate preferences, such as the exclusion of companies engaged in weapons manufacturing, your compliance program should include a procedure to test for the client’s intended screen. The SEC would also expect policies/procedures around making sure your algorithm is working as expected (i.e., ESG screens being applied appropriately).

While the above bullets are the key highlights from the SEC’s guidance on ESG, you should review the entirety of the guidance at the above links and consult with a legal or compliance professional before implementing your ESG program.

Thank you, as always, for your continued readership. Please check back next time when Marc will continue our series discussing the SEC’s 2021 examination priorities.

Robo-advisory firms often build client portfolios with exchange-traded funds (ETFs) and mutual funds.  This makes practical sense – these instruments allow advisers to efficiently meet a wide range of client investment objectives.  Nevertheless, as mentioned in our last post, the SEC’s Division of Exams (EXAMS) has made it a priority this year to focus on advisers’ recommendations of these assets.  Why?

EXAMS recognizes the widespread use of mutual funds and ETFs by advisers for retail client portfolios.  Due to this prevalence, the associated risks are, in the eyes of the Division, elevated.  Here are some of the key concerns voiced by the SEC in its 2021 Examination Priorities Report:

  • Investors may not understand the risks associated with a particular fund. The risk profiles of mutual funds and ETFs vary widely.  Some funds are widely diversified across industries and asset types, while others may be very focused.  Some funds use relatively simple strategies, and others use very complicated or technical strategies.  Robo-advisers, like all investment advisers, have a duty to ensure that investors receive adequate disclosure of the risks involved with these instruments.
  • Funds used in client accounts may not be suitable. As you might recall from Josh’s previous post, all investment advisers, including robo-advisers, must recommend investments that are suitable for a particular client based on the client’s unique financial situation and investment goals.  EXAMS noted that the Division will make it a point to review an adviser’s basis for selecting investments, highlighting that higher risk investments like niche or leveraged/inverse ETFs will be particularly scrutinized.
  • There may be financial conflicts in the selection of certain mutual fund share classes. The report emphasized the Division’s continued focus on an adviser’s selection of mutual fund share classes for retail client portfolios. As many of you remember, the SEC launched an initiative a couple years ago that resulted in settlements with nearly 80 advisers that the SEC found had (i) placed clients in higher cost mutual fund share classes (such costs generally stemming from 12b-1 fees paid to the adviser or an affiliate) when lower-cost share classes of the same fund were available and (ii) failed to adequately disclose that the higher cost share class would be selected.  EXAMS’ report notes that this practice, and the conflicts caused by it, continue to be areas of focus for the Division.

So what does this mean for your robo-advisory firm?  Now is a great time to review the risk disclosures you provide to investors in your firm brochure, on your website, and in other communications you provide to your clients.  Ensure those disclosures are clear, use plain English, and are robust.  In addition, make sure you are adequately assessing a client’s risk tolerance and investment objectives and making recommendations based on that assessment – clients with a conservative risk profile should not be served higher risk investments.  Moreover, recognize that a particular client’s risk profile is likely to change over time, so you should be making this assessment on an ongoing basis.  Finally, if your client portfolios use mutual funds, fully understand the share classes you’re using and select the one that is best for your client.

We hope you’ll join us next time, when Josh will discuss another 2021 focus for EXAMS – advisers’ use of strategies that focus on sustainability, social responsibility, and environmental, social and governance (or ESG) factors. Thanks for reading!

signOur recent posts have walked you through the SEC’s new marketing rule and discussed valuation and fee assessment. Now, with the ADV season, hopefully, in your rear-view mirror, we turn your attention to planning for the remainder of the year. Determining the most efficient use of a compliance department’s time and resources is essential. Fortunately, the SEC’s Division of Examinations (EXAMS) provides an annual publication of Exam Priorities that is extremely helpful in developing risk-based reviews.

Unsurprisingly, for 2021, the Division will be looking at how advisers have conducted business during the COVID-19 pandemic, including the execution of business continuity plans and remote-work processes.  Specifically, EXAMS will focus attention on whether advisers followed their disclosed plans during this period.  While the SEC acknowledges the extraordinary disruption COVID-19 had on operations, it will be important to have records showing how you responded to those disruptions.

The Division further highlights the following issues for its 2021 reviews that will be of key interest to robo-advisers:

  • Form CRS

EXAMS will continue its review of compliance with Form CRS, and noted that many firms failed to adequately include disciplinary disclosures. It also highlighted the importance of ensuring that Chief Compliance Officers are sufficiently funded and empowered to meet regulatory requirements. Firms are advised to include such consideration in compliance reviews.

  • Retail Investors

The Division will continue to examine advisers to assess whether they have fulfilled their fiduciary duties to retail investors including reviewing fees and expenses, best execution, and compensation arrangements.

  • Mutual Funds and ETFs

As many digital advisers offer ETFs, this EXAMS priority deserves particular attention. The Division will focus on financial incentives that pose potential conflicts of interest in recommending investments, and the adequacy of disclosures regarding such conflicts.

  • Information Security and Operational Resiliency

The Division will review whether firms have taken appropriate measures to: (1) safeguard customer accounts, including identity verification methods; (2) oversee vendors and service providers; (3) address malicious email activities; and (4) manage operational risk in a work-from-home environment, particularly for online access to firm systems.

Firms are advised to document responses to breaches and attempted breaches, and have a well-reasoned analysis of risks posed by remote working.

  • Roboadvisors

Division staff will focus on automated tools and platforms, and whether they perform as described in their disclosures. Firms are well advised to compare policies with procedures long before a regulator comes knocking.

EXAMS remains committed to reviewing all facets of adviser operations. Firms are encouraged to utilize the Exam Priorities publication as a roadmap for compliance, and to seek legal advice to ensure that risks of examination and enforcement are appropriately minimized.

Our next series of posts will take a deeper dive on these examination priorities.  We invite you to join us next time when Craig will take a closer look at the issues highlighted by EXAMS with respect to two particular investments commonly used by robo-advisers, mutual funds and ETFs.

calculatorOver the last three posts to the blog (overview, performance, promoters), we’ve interrupted our previous schedule to provide insight into the U.S. Securities and Exchange Commission’s (“SEC”) recently adopted changes to the rules governing investment adviser marketing and advertising. In today’s post, we resume our previous topic thread focusing on the necessary components of an investment adviser’s compliance program. Specifically, we’re going to examine valuation and fee assessments.

We’ve previously discussed that Advisers Act Rule 206(4)-7 (the “Compliance Rule”) requires that every investment adviser adopt and implement written policies and procedures reasonably designed to prevent violations of the Investment Advisers Act of 1940, as amended and its rules. One of the requirements noted in the adopting release for the Compliance Rule was that all advisers must adopt policies and procedures to value client holdings and assess fees based on those valuations.

As a robo-adviser, you may read this requirement and assume that because you don’t hold securities on behalf of your clients, valuation isn’t an issue for your firm. While this may be the case, attention is still required to ensure compliance. As noted above, your compliance program must contain policies and procedures related to the valuation of client holdings. Your firm’s policy may simply recite that it does not hold client securities and that those securities are valued by the appropriate client account custodian. Attention to valuation may be especially important if your firm provides investment advice on hard to value asset classes, such as cryptocurrency or asset-backed securities. If you are in this situation, we highly recommend working with a legal or compliance professional to draft your policies and procedures.

The second aspect of this necessary compliance component is fee assessment. Fee assessment is tied to valuation because the fee a client is paying to most robo-advisory firms is derived from the value of the client’s assets under management at the firm. Any instance in which a client is paying for investment advisory services carries a high potential for SEC regulatory scrutiny. While there may be a variety of fee arrangements utilized by robo-advisory firms, the key is that your compliance program contains policies and procedures that require regular and reliable testing of your fee arrangement to ensure that clients are accurately charged in accordance to the terms of their agreement with your firm.

We hope you’ve enjoyed our series on critical compliance components. In our next blog, Marc will begin a new chapter in which we review the SEC Division of Examinations’ 2021 exam priorities and their applicability to robo-advisory firms. We thank you for your continued readership and hope that you’ll check back then.

Word-of-mouth is still one of the best ways to attract business.  Investors, whether new or seasoned, consistently look to the experiences of previous customers or talk to someone they trust before they hire a financial adviser.  As a result, posting great reviews and compensating others to make recommendations continues to be a key part of many robo-advisers’ marketing campaigns.

As we noted in a prior post, you’ll want to be careful about using the statements of clients about their experience (testimonials) and other favorable comments.  As you’ll recall, Rule 206(4)-1 (the “Advertising Rule”) generally prohibits the use such statements.  That said, the SEC has, over time, softened that general prohibition through no-action letters and formal guidance, allowing firms to, under certain circumstances, publish content that includes testimonials or other good reviews (including third-party ratings).

In addition, as we also posted, Rule 206(4)-3 (the “Solicitation Rule”) prohibits an adviser from paying a third party solicitor to recommend prospects to the adviser, unless the adviser (i) enters into a written agreement with the solicitor that includes certain provisions, and (ii) the solicitor provides the prospect with the adviser’s firm brochure and a separate document disclosing the solicitation arrangement, which must be signed by the client.

As Marc mentioned last time, the recent amendments to the Advertising Rule will, among other things, eliminate the Solicitation Rule and cause testimonials and cash solicitation to be governed by a single rule. In addition, the no-action letters and formal guidance that have softened the prohibitions on testimonials will be, once the amendments are effective, superseded by the new rule.

So what are the changes you need to know about?  First, we have to learn some new definitions for a couple familiar words.  The new rule redefines “testimonial” to cover statements by a current client about their experience or recommending the adviser, and “endorsement” to mean statements by someone other than a current client about their experience or recommending the adviser.

With those new meanings in mind, here’s how the new rule works.  It allows (i) the inclusion of a testimonial or endorsement in advertising and (ii) an adviser to compensate someone for a testimonial or endorsement, provided the adviser:

  • discloses, or believes the person giving the testimonial or endorsement discloses:
    • whether the person is a client,
    • whether it was a paid statement (and the terms of such payment), and
    • material conflicts of interest;
  • has a written agreement with any person paid to give a testimonial or endorsement (unless there is de minimis compensation or the person is affiliated with the adviser);
  • oversees compliance with the rule; and
  • ensures that no “bad actors” act as promoters.

Importantly, the new rule applies whether the adviser uses cash or non-cash compensation, and it eliminates the requirement for the solicitor to deliver a copy of the adviser’s firm brochure and obtain a signed disclosure document.  Additionally, it specifically permits the use of third-party ratings in an advertisement, provided the adviser provides certain disclosures and satisfies specified criteria related to the preparation of the rating.

The recent amendments to rules governing advertising and solicitation are substantial.  While you still have ample time before compliance is required, we suggest you begin to think now about how your current practices, policies and procedures will be affected so that the transition to the new regime will be as seamless as possible.  We hope you’ll return next time, when Josh will discuss valuation and fee assessment.  Look forward to seeing you then!

Growth ChartToday we continue our discussion of the SEC’s recent changes to the Advertising Rule. In our last post, Josh covered the general definitional changes and prohibitions. In this entry, we will highlight the new Advertising Rule’s impact on performance advertising.

As we have discussed, the amended rule consolidates and supersedes former rules 206(4)-1 and 206(4)-3, regarding advertising and cash solicitation, respectively. Among other things, the new rule includes specific requirements and restrictions for advertisements that include performance results. This portion of the rule generally tracks SEC guidance and reflects an effort by the agency to consolidate investment performance requirements, previously prescribed by no-action letter and other agency action, in one place.

The SEC focuses on six specific prohibitions that “warrant special attention” for their ability to cause “reasonable investors to make unwarranted assumptions” and, therefore, become prohibited misleading advertisements. These prohibitions include publishing:

  • gross performance, unless the advertisement also presents net performance;
  • any performance results, unless they are provided for specific time periods in most circumstances;
  • any statement that the SEC has approved or reviewed any calculation or presentation of performance results;
  • performance results from fewer than all portfolios with substantially similar investment policies, objectives, and strategies as those being offered in the advertisement, with limited exceptions;
  • performance results of a subset of investments extracted from a portfolio, unless the advertisement provides, or offers to provide promptly, the performance results of the total portfolio;
  • hypothetical performance (which does not include performance generated by interactive analysis tools), unless policies and procedures exist to ensure it is reasonably designed to be relevant to the intended audience, and includes information underlying the hypothetical performance; and predecessor performance, unless there is appropriate similarity with regard to the personnel and accounts at the predecessor adviser and the personnel and accounts at the advertising adviser. In addition, the advertising adviser must include all relevant disclosures clearly and prominently in the advertisement.

The Amended Rule’s discussion regarding the, above, prohibitions includes instructive commentary on several topics that advisers may need to consider to asses the sufficiency of advertising policies and procedures including the definitions of gross and net performance (and appropriate deduction of fees), the elimination of “representative performance” and equating “model performance” to hypothetical performance. Advisers will need to be fully familiar with the modernization of the rule to effectively promote its products, services and market performance results. Given the time of year, including such reviews as part of annual ADV disclosure amendments could provide a handy checklist for issues that require new attention this year.

Compliance departments are well advised to review policies and procedures for conformity with the new rule, including all procedures for review and approval of advertising and other outside communications, and coordinate with investment management to ensure that historical, hypothetical and benchmark performance references satisfy new rule and its record keeping requirements. For digital advisers, this may also involve reviewing data services used to generate performance and hypothetical estimating data, and should include a review of methodologies for, and disclosure of, performance and fee calculations. Robo-advisors should be particularly aware of those platform features which automatically generate model and hypothetical changes based upon a client’s change in their risk tolerance questionnaire.

Given the time of year, including such reviews as part of annual ADV disclosure amendments could provide a handy checklist for issues that require new attention this year. Our next post will continue our deep dive into amended Advertising Rule topics: Testimonials and Endorsers.

times squareWe interrupt our regularly scheduled programming to bring you this special update. Well, technically it’s the U.S. Securities and Exchange Commission’s (“SEC”) update and it pertains to the regulation of investment adviser advertising. On December 22, 2020, the SEC amended the current regulatory framework governing investment adviser advertising. In making these changes, the SEC incorporated and/or rescinded years of no-action letters that pertained to various aspects adviser advertising. These changes will become effective 60 days after publication in the Federal Register and compliance with these changes will be required 18 months after that effective date. As of the date of this blog, the changes had not been published in the Federal Register.

You may recall that we discussed investment adviser advertising in a series of previous posts beginning in October 2019. Today’s post will be the first in a new series that will detail the changes resulting from the SEC’s rulemaking. As we did when we previously discussed advertising regulation; let’s start with the basics.

The principal rule governing adviser advertising is Advisers Act Rule 206(4)-1 (the “Advertising Rule”). While the Advertising Rule remains the key regulation governing adviser marketing and promotional activities, critical aspects of the rule have changed. Perhaps the most important of these changes is the definition of what qualifies as “advertising”.

First, the definition includes any direct or indirect communication an investment adviser makes that: (i) offers the investment adviser’s investment advisory services with regard to securities to prospective clients or private fund investors, or (ii) offers new investment advisory services with regard to securities to current clients or private fund investors. This prong of the definition excludes one-on-one communications (unless they contain hypothetical performance, in which case further analysis is needed). Also excluded are: (i) extemporaneous, live, oral communications (e.g., comments made in radio and TV interviews, unscripted panel remarks, etc.); and (ii) information contained in a statutory or regulatory notice, filing, or other required communication, provided that such information is reasonably designed to satisfy the requirements of such notice, filing, or other required communication

Second, the definition generally includes any endorsement or testimonial for which an adviser provides cash and non-cash compensation directly or indirectly (e.g., directed brokerage, awards or other prizes, and reduced advisory fees). We will discuss endorsements and testimonials in further detail in a future post.

Just as important as what’s included in the Advertising Rule’s new definition of advertising is what is included in the general prohibitions added to the rule. The Advertising Rule will prohibit the following practices:

  • making an untrue statement of a material fact, or omitting a material fact necessary to make the statement made, in light of the circumstances under which it was made, not misleading;
  • making a material statement of fact that the adviser does not have a reasonable basis for believing it will be able to substantiate upon demand by the Commission;
  • including information that would reasonably be likely to cause an untrue or misleading implication or inference to be drawn concerning a material fact relating to the adviser;
  • discussing any potential benefits without providing fair and balanced treatment of any associated material risks or limitations;
  • referencing specific investment advice provided by the adviser that is not presented in a fair and balanced manner;
  • including or excluding performance results, or presenting performance time periods, in a manner that is not fair and balanced; and
  • including information that is otherwise materially misleading.

While the changes to the Advertising Rule may seem overwhelming at first, keep in mind that the changes affect decades of regulatory framework. If you have particular questions as to how these changes impact your firm, please reach out to us and we’d be happy to assist. We continue our series on advertising next time when Marc will discuss how these changes will affect performance advertising. We hope to see you back then.

If there was ever a reason to follow Josh’s advice to involve compliance early in building out the functionality of your robo-adviser, the recordkeeping requirements of the Advisers Act are it.  As Josh mentioned in his post, Advisers Act Rule 204-2 imposes extensive recordkeeping requirements that you’ll want to be familiar with from the start.  Let’s talk about why that is.

First, while we generally don’t want to steer you away from this blog, I will, this one time, invite you to click here to take a glance at the enormity of Rule 204-2.  It’s massive.  As you can see, the rule requires advisers to keep a laundry list of records relating to internal and client-facing operations.  Mandatory books and records include journals, ledgers, transaction orders, bills, financial statements, trade tickets, client agreements, charter documents, advertisements, disclosures, client communications, political contribution records, performance calculations, and many others.  Due to the sheer number of types of records required, you’ll want to design your systems and procedures to automate the capture and retention of records as much as possible.  And if you need it, many vendors offer software solutions to assist you in getting this done.

Second, it’s not just the number and types of records you should be concerned about.  Rule 204-2 also imposes specific requirements on how long and in what form those records must be maintained.  Most records relating to a firm’s operations must be kept for a total of five years (the first two years accessible from the adviser’s office), with an exception for certain charter documents that must be kept for at least three years after the firm ceases operations.  As to format, while paper is acceptable, most robo-advisers will want to store records electronically.  If you do so, be sure that you:

  • safeguard records from loss, alteration and destruction;
  • limit access to properly authorized persons;
  • ensure that reproductions of non-electronic documents are complete, true and legible; and
  • store records in a way that allows them to be easily located, accessed and retrieved.

Finally, you should design your recordkeeping processes to ensure that records are maintained on a current basis.  What counts as “current” depends on the nature of records being kept.  For example, the SEC expects primary records of transactions (like invoices, logs, and trade confirmations) to be created concurrently with the transaction or immediately thereafter.  Doing so helps ensure accuracy.  By contrast, posting information to secondary records (like internal ledgers) can be done as frequently as the business requires and is practicable for the number of staff available.

As you can see, a robo-adviser’s recordkeeping responsibilities are substantial.  However, to the extent you’re able to automate this function from the outset, you’ll be able to focus more on other (and more fun) aspects of your business.  Of course, some human intervention will always be needed, as some records may not be suitable for automation.  Moreover, as we will discuss in a future post, you will need to periodically test the effectiveness of your policies and procedures.  But whatever mix of human and automation you settle on, putting robust procedures in place will help you meet your fiduciary responsibilities to clients and prepare you for the recordkeeping portion of your next SEC exam.

That’s all for this week (and for 2020).  We hope you’ll join us in the new year, when Josh will discuss a perennial hot topic for the SEC, valuation and fee assessment.  Stay well!