How to Survive Today’s SEC Exams: Giachetti

Is there an SEC rule to encrypt documents and emails? "It depends," he said, "if you've got identifying numbers — like a tax return with Social Security numbers." If so, not encrypting could be an identity theft issue. Commission examiners are also "really coming down" on advisors' need to protect client passwords.

Wrap fee programs are also subject to heightened scrutiny by SEC examiners, he reported, along with asset-based pricing. The SEC will also ask you to "show me your due diligence" on private investment funds and separately managed accounts.

SEC examiners are "getting into the weeds," he said, primarily wanting to know about custody, "if a client's money is where it's supposed to be," and that you are protecting clients' identity. While some examiners are asking about a firm's succession planning, he said bluntly that there is "no legal requirement" to have one, but "the SEC doesn't care." There are three documents all advisors must have to prepare for an SEC exam, said Giachetti, who writes the monthly Compliance Coach column for Investment Advisor magazine. The three are a written risk assessment, covering all of the firm's branches and employees; a calendarized checklist for all new clients (and new employees) that is customized to fit your own business; and the annual chief compliance officer's review.

Performing a mock audit before the examiners arrive is a good policy, he said, though you should have a lawyer do it, "so it's privileged." The SEC is "looking hard at fee consistency" at RIA firms, and while a firm can charge more or less depending on the assets managed at the firm, "you can discriminate, but you need clear disclosure" of said discrimination.

Finally, Giachetti recommended that advisors review their errors and omissions insurance policies, "make sure you're covered," he said, but also "go to the exclusions pages" to see what isn't covered.

— Check out Giachetti's latest column, Don't Be Complacent About Compliance, on ThinkAdvisor.