The Securities and Exchange Commission earlier this month hit financial services firms with nearly $2 billion in fines for unauthorized texting and other “off-channel” communications. And as companies see actions such as these as a sign of a more aggressive regulator, they are investing more in compliance to keep out of the fray.
Sanjay Wadhwa, a deputy director of enforcement at the SEC, said putting the industry on notice is an intended side effect of the regulators’ recent actions.
“I believe this is the type of enforcement action that deters misconduct, ensures accountability, and positively shapes behavior by encouraging proactive compliance with the type of important regulatory requirements at issue here,” he said at an SEC event in September. “Because these requirements are important; they safeguard our ability to conduct enforcement investigations related to all types of potential misconduct.”
And, at least in this instance, it appears to be working.
More than three-quarters of U.S.-based financial services firms have increased their compliance expenditure by more than 25% over the past five years, according to a recent report by SteelEye, a compliance firm for financial regulation.
The study of senior compliance decision-makers at a total of 170 broker-dealers, banks and asset-management firms found that keeping up with regulatory change was the top barrier respondents cited in meeting regulatory requirements. Second on this list was managing business risks, followed by data consolidation.
The transition to remote work began before the pandemic but was accelerated significantly during Covid-19. And that swift change has forced regulators to action, said Gary Carrai, executive vice president for advisor business strategy at LPL Financial.
“The industry swiftly adapted to a work-from-home environment, and so did regulatory oversight. I think the increased reliance on digital communications in remote work environments makes regulatory reviews that much more essential,” he said in an email to FA-IQ.
The regulator has for a few years now touted its consumer-protection mandate, said Brian Lynch, president of SteelEye US.
Many of the actions have focused on whether companies were doing what they told investors they would and making proper disclosures when they did not, he added.
But the recent focus on less formal forms of communication adds complexity and raises new questions for firms building controls against risk.
“I’m absolutely 100% sure that a very healthy chunk of firms out there are turning a blind eye to the fact that their CEO uses WhatsApp to communicate and they just can’t get him to stop and they’re not going to be able to surveil that,” said Lynch. “There’s definitely that challenge that exists out there.”
The result is “putting a lot of onus on these firms to make sure that their compliance departments are supervising for that,” he said.
The threat of enforcement, he added, has “been a very clear driver of activity.”
Gary Gensler’s SEC is also viewed as more aggressive than its predecessor, said Kelly Haugh, partner at ACA Compliance.
“There are these rules that are going into effect, and then falling on top of that there’s the SEC activity in terms of targeted examinations, enforcement actions,” she added. “So it underscores the need for compliance with those regulations. It’s not merely the regulations, the risk of non-compliance is greater because of the examination.”
In messaging and texting cases, for example, training employees regularly on what information can and cannot be conveyed over different channels is especially important now, Haugh said. Already-on-the-calendar meetings are another useful opportunity for reminders, she said.
Carrai said greater spending on compliance will be inevitable, given the ever-changing regulatory environment, and that it will ultimately lead to higher costs of doing business.
Beyond redoubling efforts to remind employees how to stay in bounds with digital communications, recent SEC actions are also driving firms to beef up email-archiving procedures.
Dynasty Financial Partners, for example, has long talked with its network of firms about the importance of proper archiving and provided help in ensuring that firms have the systems to do so, said Sally Cates, spokesperson for Dynasty Financial Partners in an email to FA-IQ.
But in light of the recent SEC actions, some RIAs within the network are taking steps beyond the annual attestation and education sessions, she said.
“Some network firms think it’s impossible to believe that all of their employees won’t send business-related texts to clients, so they are trying to figure out various ways to abide by the recordkeeping rules.”
Part of what’s driving up the cost of compliance is the expense of added personnel as they pull outsourced functions back in-house, said Lynch.
”I’ve definitely seen a move from certain firms to pull some of that back in-house and say that we can’t have the SEC coming in investigating and saying, ‘We don’t really know, it’s done by an outside group,’” he said.
Beefing up an internal compliance team in a period of rising salaries has been challenging for many firms, though, Lynch said.
“There’s definitely been hiring issues and if you are hiring, you’re paying bigger dollar amounts,” he said. He pointed to a bifurcation between large and small shops. “I have seen a number of firms where they’ve clearly added personnel. I’ve seen smaller firms who have been running very lean who have decided they need a deputy chief compliance officer.”
But Haugh said compliance executives with experience in the field are worth the investment.
“[W]ith the regulations, as they become more nuanced and there’s more of them in development, it lends itself to requiring a [chief compliance officer] who is experienced and knowledgeable, to be able to navigate the firm through their compliance requirements and/or leverage other-party and third-party tools,” she said.
Source: Financial Advisor IQ
