Roadmap to Conducting Annual Compliance Reviews

The “annual” in annual review is a misnomer! That was one of the key takeaways from a session conducted at the recent 2019 NSCP National Conference that featured practical and timely tips to consider when planning and undertaking an annual review for an investment adviser or mutual fund. Panelists Tracy Abbott, CCO of Seavest Investment Group and Allison Fraser, Director, Registered Investment Company Services for CSS, cautioned attendees not to wait until year end to cram a whole year’s worth of reviews into a few days. Instead, they highly recommended that firms outline a periodic (quarterly, monthly) compliance testing plan and perform the testing throughout the year.

To illustrate their original point, they highlighted the SEC’s enacting release, which states: “although the rule requires only annual reviews, advisers should consider the need for interim reviews in response to significant compliance events, changes in business arrangements, and regulatory developments.” Ms. Fraser stressed that the review should not only look backwards, but also forwards in terms of evaluating the effectiveness of the adviser’s compliance program with respect to identifying enhancements to the compliance program.

Another point that was stressed by the panel pertained to the documentation of the review testing; as many in the compliance world can attest to, if you don’t document a review, then regulators may take the view that it wasn’t really completed. Documents that reflect the testing results can also be used to outline any remedial measures called for by the testing results. In short, one of the key takeaways from this panel is that advisers should conduct reviews continuously throughout the year and then compile the results and recommendations annually.

Who should perform your annual reviews? To address this question, the panel outlined some hands-on steps to evaluate:

  • Determine which business units or personnel will assist with conducting the review
  • Establish to whom the annual review results will be reported
  • Identify the focus areas or business functions that will be reviewed and tested
  • In addition to the focus areas identified by the SEC, consider whether any firm specific topics should be included
  • Establish a consistent process for memorializing the testing and results

Next, the panelists also tackled an often-asked question: “What issues should I include in my annual review?” They agreed it should include any compliance matters that arose during the previous year, any changes in the business activities of the adviser or its affiliates, and any changes in the Advisers Act or applicable regulations that might suggest a need to revise the policies and procedures.

If and when the SEC examines your firm, be ready to answer some questions regarding your annual review. In 2006, then-SEC OCIE Associate Director for Examinations Gene Gohlke enumerated the nine questions that SEC examiners consider. They are:

  • Who conducted the review?
  • What was reviewed?
  • When was the review conducted?
  • How was the review conducted?
  • What were the findings from the review work?
  • What recommendations were made?
  • What is the current status of implementing recommendations?
  • What documentation was created/retained to reflect the work done?
  • What was the involvement of senior management in the review?

With the reviews and testing complete, the panelists tackled the question concerning the best method to present the review results. Regarding a format for the annual review report, the panel suggested the following:

  • Executive Summary
  • Introduction
  • Description of Risk Inventory
  • Summary of Review Methodology/Types of Testing
  • Evaluation Methodology for Subject Matter Areas
  • Reliance on Third Party Independent Assessments

Finally, Ms. Abbott pointed out that the  Annual Review Report isn’t just about where your firm has been, it’s also about where it is going. She suggested spelling out, in addition to testing results, the following topics in the report: state of the union for compliance, strategic plans, future projects, new/pending regulations, and staffing and technology needs. The annual review is an ongoing process. Stay on top of it!


Need help with annual reviews or other compliance services? Check out our list of services and contact us.


Subscribe to CSS Blog

CSS frequently publishes blog posts which are written by our team from their observations in the field, at conferences and through experiences with compliance professionals. These posts are designed to further knowledge and share industry best practices. Topics run the gamut, including Form ADV, cybersecurity, MiFID II, position limit monitoring, technology challenges and more. Complete and submit the brief form below to receive notifications when we publish new content.

Latest Content

Service Provider Due Diligence – Building Effective Partnerships

In 2009, the SEC stated at its CCOutreach Program that “when a service provider is utilized, the adviser still retains its fiduciary responsibilities for the delegated services.” This philosophy is as true today as it was 10-plus years ago. Therefore, the question becomes how do you establish a due diligence oversight program for your firm’s … Continued

SEC Adopts Changes to Reporting Forms

Regulation of Derivatives Use by RICs and BDCs Recognizing the proliferation of new derivate products in our markets, the SEC voted to adopt a new regulatory framework for the use of derivatives by mutual funds, ETFs, closed-end funds, and business development companies. The SEC’s press release stated that, “The new rule and rule amendments will … Continued

Time to Use the Bat Phone: Who to Call When a Compliance Officer Needs Help?

It seems that the burden of work continues to increase for compliance professionals in the investment management industry. While also ensuring that their compliance program is effective, compliance officers must also be aware of cybersecurity threats, business continuity plans, new regulations, changes in business strategy, and more – all while doing this under a work … Continued