At ACA, we understand that preparation is key, especially when facing the complexities of SEC examinations. Our new AdviSEColumn provides insights from former SEC examiners and co-heads of ACA’s SEC Mock Exams team, Robert Baker and Michele Foldenauer, to provide you with perspective into the regulator’s exam process.
Dear ACA, what are some common misconceptions firms hold regarding SEC examinations?
Robert Baker: The biggest one is risk scoping, that is, assuming the SEC looks at every possible issue on an exam. If the firm isn’t sure about a particular practice being an issue, it must not be an issue if it wasn’t identified as a deficiency or even a topic during the exam. For a variety of reasons, even routine exams only scope in about 3-5 risk areas (e.g., marketing, custody, fees and expenses) based on extensive background research. None of this is to say examiners don’t send broad document requests and cover a broad range of issues in the field, so they can understand a firm and its risks. Also, it’s not uncommon to add scope areas based on issues that come up in document review or fieldwork interviews. SEC exams are not intended to look at literally everything, so it’s entirely possible the same exam team writes up a deficiency for conduct at one firm and not the same deficiency for almost identical conduct at another firm. They may just not have scoped the issue and evaluated it. With the recent 15% attrition in the Division of Examinations, there is a strong possibility of even more narrowly scoped exams.
Additionally, many firms don’t understand that most examinations involve asset verification, which is the process of verifying that a firm actually manages the assets it claims it manages (think Madoff). For private funds, this often involves talking directly with an auditor to, among other things, verify the figures in audited financial statements produced by a firm. (e.g., There is a documented case in which a firm made up fake audited financial statements). To do this, firms need to sign a consent for staff to talk to the auditor. We get a lot of calls from firms that receive the form consent and are wondering if this is a problem—it’s routine. In separately managed account exams, the SEC is reaching out to brokers and other custodians to verify figures. Firms may not even be aware that it’s happening.
Michele Foldenauer: Firms may assume that exams will only focus on the current year’s “risks” listed in the published examination priorities. This misconception can result in not allocating sufficient resources to other risk areas, as firms focus more on what they perceive as potential exam areas rather than adopting an integrated approach to managing risks.
Another misconception arises when a no further action letter is received. It can be presented to boards and investors as a sign off of no deficiencies in the compliance program, when in fact, exam teams may have only conducted a limited-scope review or specific risk areas for a limited period of time. Subsequent exam teams have sometimes viewed this as a misleading representation to investors.
Additional Insights are Available
Do you have questions about SEC exams, compliance best practices, or how to prepare your team? Our SEC Mock Exam experts are here to help, with insights grounded in real regulatory experience.
Reach out today and let’s talk about how we can support your firm’s compliance journey.