Outsourcing the Compliance Function

Unlike the large firms that have the economies of scale that can absorb the costs associated with meeting ever-expanding federal and state regulatory obligations, smaller independent Registered Investment Advisors—even when affiliated with a broker/dealer—often find themselves having to outsource many compliance functions to a third party.

Outsourcing offers a number of advantages, including:

• More cost effective relative to hiring in-house staff to perform the same functions
• The right compliance provider offers a high level of expertise and quality
• It provides an unbiased, independent review of activities and records

There are, however, some disadvantages, such as:

• An institutional bias on the part of the Securities and Exchange Commission (SEC) that questions whether such arrangements have the necessary level of access to an advisor’s operations to effectively perform these functions
• Concerns that recommendations are less likely to be implemented when made by a third party
• Doubts that an off-site provider has adequate knowledge of the advisor’s practice

In a recent SEC Risk Alert^* on the issue of outsourcing compliance, the SEC’s concerns centered on a third-party provider’s scope of authority, its communication with staff and whether an outside compliance provider with multiple clients had the resources to sufficiently service the firm.

The SEC also identified several key risk areas:

• The use of standardized checklists by third-party providers was generic and did not fully capture a particular advisor’s business model, practices, strategies and compliance risks
• Registered advisors included incorrect or inconsistent information about the firm’s business practices, and the service provider did not have sufficient knowledge or motivation to follow up on these discrepancies
• Infrequent visits to an advisor’s office, limited reviews of documents and the lack of compliance training when such visits were made

While contracting out the compliance functions to a third-party expert may make good business sense, it is imperative that advisors recognize that the responsibility of adhering to compliance guidelines cannot be outsourced.  In the event of any gaps in fulfilling these responsibilities, the firm’s principals will have to bear the consequences.

Advisors should make sure that the designated in-house staff with the primary compliance role be given the authority to ensure that the risk exposures enumerated by the SEC are effectively managed.

Compliance is complicated, but the SEC does provide help for those assigned the chief compliance officer role.  To assist advisors in meeting their compliance responsibilities, visit the SEC compliance help page.

* https://www.sec.gov/ocie/announcement/ocie-2015-risk-alert-cco-outsourcing.pdf

See referenced disclosure (2) at https://blog-dev.americanportfolios.com/disclosures/