Fall Regulatory Update: Key developments to keep your eyes on
Important regulatory updates that could affect your firm. Plus, experts discuss the latest cybersecurity risks and compliance issues.
With the Department of Labor’s fiduciary rule officially dead, the SEC has proposed a new set of reforms that would hold broker-dealers and their representatives to a new best-interest standard of conduct—known as Regulation Best Interest—that’s similar but not identical to the fiduciary standard.
Find out what these reforms could mean for you, get up to speed on the newest cybersecurity risks, and discover the eight most common SEC exam mistakes.
For our fall Regulatory Update, we sat down with Steve Johnson, Schwab Vice President and Associate General Counsel, to talk about the lengthy package of proposals from the U.S. Securities and Exchange Commission (SEC), as well as the most common compliance issues related to best execution by investment advisors. Schwab’s cybersecurity experts Greg Ruppert and Adam Moseley also joined to discuss cybersecurity threats and enforcement trends. Here are some of the most pressing regulatory developments to watch in the coming months.
1. SEC moves to raise standards of conduct and enhance transparency
Over the summer, the SEC proposed a comprehensive set of reforms governing the standard of conduct for broker-dealers and investment advisors who provide retail investment advice. Johnson says advisors should pay special attention to the following areas in the coming months:
- Regulation Best Interest (Reg BI). This proposal would explicitly establish a best-interest standard of conduct for broker-dealers and their representatives, which includes:
- Acting in a retail customer’s best interest when making recommendations
- Disclosing the terms of the broker-dealer and client relationship and all material conflicts of interest before or when making a recommendation
- Creating a duty-of-care obligation that builds upon FINRA suitability standards
- Establishing and enforcing policies and procedures to prevent conflicts of interest
- Client Relationship Summary (Form CRS). This proposed standardized four-page disclosure document would supplement Form ADV and require investment advisors and broker-dealers to highlight the following at the beginning of a client engagement:
- Key differences in the principal types of services offered and the legal standards of conduct that apply to each
- Fees a customer might pay
- Certain conflicts of interest that may exist
- Interpretation of standard of conduct by investment advisors. The proposed interpretation reaffirms, and in some case clarifies, an advisor’s fiduciary duty. The SEC also requested comments on whether it should impose additional broker-dealer-like rules on investment advisors.
Schwab’s advocacy for advisors
Since the rule proposals were first introduced in April, Schwab’s leadership and legal experts have weighed in on the new developments in a number of roundtables and advocacy activities. These included submitting a 30-page comment letter backed by third-party research commissioned by Schwab to determine what retail investors think about disclosures and standards of care. Johnson says Schwab supports a higher standard for broker-dealers but also emphasizes the need to maintain investor choice—a position echoed by investors surveyed in the recently submitted research.
“Any new regulation that the SEC proposes we believe must maintain the distinction between broker-dealers and investment advisors,” Johnson says. “We urged the SEC to harmonize the standards of conduct as much as possible, but to maintain the differences in the two business models: The broker-dealer model is transactional, and the investor advisor model is an ongoing relationship.”
Specifically, Schwab opposed applying broker-dealer rules to independent advisors, pointing the SEC to the $1 billion cost to the advisor community and the disproportionate strain it would have on advisors, many of whom are small businesses.
Schwab also argued that more disclosure doesn’t mean better disclosure. Schwab urged the SEC to streamline and simplify its Form CRS to one page that would highlight only key information and include hyperlinks to more detailed information—including Form ADV—for clients who want it. To give investors the clarity they need, Schwab presented an alternative version of the disclosure to the SEC that simplifies the information in an easier-to-read format.
Johnson says advisors should stay tuned in the coming months to follow what the SEC will do next and learn how they should prepare for new regulations.
Read our comment letter to the SEC to learn more about how Schwab is advocating on your behalf.
2. Cybersecurity risks increase along with enforcement actions
One of the SEC’s top priorities in 2018 is cybersecurity. Greg Ruppert, senior vice president and chief of Schwab’s Financial Crimes Risk Management Group, spent 17 years at the FBI, with his last assignment overseeing the bureau’s Cyber Division. Ruppert notes that over the years he has seen a persistent uptick in the sophistication and volume of cyberattacks, and that the spike in the number of people and devices connected to the internet has only created more risk. He also cites the emergence of hackers acting on behalf of nation-states and criminal groups, which has helped create an industry out of stealing and selling private data.
In an effort to protect investors, Ruppert says advisors can expect the SEC to look at the kinds of cybersecurity programs firms have in place; whether these programs are appropriate for their specific business models; and how often they update them to respond to the ever-evolving cybersecurity risks.
“The takeaway for advisors is that policies and procedures are going to be one of the easiest avenues for the SEC to inspect and examine after a breach has occurred, and it will use findings from this review to impose penalties against a firm” Ruppert says.
How should advisors prepare for increased cyber scrutiny?
Ruppert’s advice to advisors: Review and update your cybersecurity policies and practices regularly. As part of this, recognize that cyber threats are constantly evolving and that regulatory interest will span across multiple areas of a firm, including anti-fraud, senior investor, anti-money laundering, and privacy programs. As each initiative rolls out, firms will need to pay attention to the cybersecurity angle.
The SEC’s Office of Compliance Inspection and Examinations issued a Risk Alert to advisors that provides guidance on cybersecurity exams. If audited, advisors should expect a thorough assessment of their cybersecurity procedures and controls in these six priority areas:
- Governance and risk assessment
- Access rights and controls
- Data loss prevention
- Vendor management
- Training and incident response
“When the SEC performs these cybersecurity examinations, it’s incredibly well organized,” says Adam Mosely, managing director of Schwab Advisor Services Technology Consulting team. “It’s not to be taken lightly.”
Learn more about how to keep your firm and clients off the phishing hook in the Schwab Cybersecurity Resource Center, where you can review articles like, “Are You Ready for Your Cybersecurity Exam?” The Resource Center also includes the Cybersecurity Assessment and Action Plan Workbook, which was designed using the Cybersecurity Framework developed by the National Institute of Standards and Technology, and is the same framework the SEC uses for its own examinations.
3. SEC exams: Common areas of deficiency
In July, the SEC released its list of the most common issues that arise when examining an advisor’s best-execution compliance. The agency’s Risk Alert emphasized the fiduciary responsibility of advisors to seek best execution when they select broker-dealers to execute their client trades, while considering the circumstances of the particular transaction.
Here are the eight most common exam deficiencies related to advisors’ best-execution obligations identified by OCIE staff:
- Not performing best-execution reviews
- Not considering materially relevant factors during best-execution reviews
- Not seeking comparison from other broker-dealers
- Not fully disclosing best-execution practices
- Not disclosing soft-dollar arrangements
- Not properly administering mixed-use allocations
- Inadequate policies and procedures relating to best execution
- Not following best-execution policies and procedures
The alert notes that the execution of transactions must result in a client’s total costs or proceeds being the most favorable under the circumstances. And, in an advisor’s best-execution analysis, the lowest-cost commission is not always the determinative factor: Soft-dollar arrangements may be OK, as long as the 28(e) safe-harbor conditions are met.
“Advisors should have documentation to demonstrate compliance with procedures,” Johnson says.
The SEC also made it clear that the advisors, traders, and portfolio managers should be solicited for feedback in the process. “It seems sort of self-evident, but I think they found in exams that wasn’t always happening,” says Johnson. He also reminds advisors that their reviews should include qualitative and quantitative metrics.
The big picture? “The Risk Alert serves as a reminder that best execution is an important topic and one that advisors should continue to pay attention to,” he says.
Helping you navigate the regulatory landscape with confidence
As these and other regulatory issues continue to unfold, keep reaching out to your compliance contacts and legal counsel for guidance. Schwab Advisor Services™ also provides access to current news, analysis, and an extensive library of resources on our Legislative & Regulatory Affairs page.
We hope these tips help you guide your firm and clients through a fast-changing regulatory season.
If you're thinking about becoming an independent advisor, consider a custodian that invests in your success. Contact us to learn more about the benefits of a custodial relationship with Schwab.