Alaric Compliance Alert: SEC Observations and Alaric Practices Regarding Outsourcing the Role of the Chief Compliance Officer
As you may have seen, on Monday, November 9, 2015, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert regarding the Examinations of Advisers and Funds that outsource their Chief Compliance Officers. 1 In the Risk Alert, the SEC affirmed that registered investment advisers and registered investment companies can outsource the Chief Compliance Officer (“CCO”) role to a third-party. 2 However, OCIE emphasized that it remains the adviser or funds’ responsibility to adopt and implement an effective compliance program, and to be comfortable that the CCO has the sufficient knowledge, support and experience to fulfill the responsibilities associated with the applicable compliance rules and regulations and to be aware of the risks should this not be the case.
At Alaric Compliance Services, LLC (“Alaric”), we believe that outsourcing the role of CCO, if done correctly, can bring many benefits to an adviser or fund registered with the SEC, FINRA and/or the NFA/CFTC. The better outsourcing firms offer CCO’s that bring substantial industry experience and expertise. They can take on even complex assignments in a cost effective and timely manner without the registrant incurring the significant costs of developing and maintaining a compliance infrastructure that is entirely self-supported. Outsourcing to a third-party service provider is a benefit “because of the inherent independence that comes with a CCO who has no ties or affiliation to the management organization.”3 This independent oversight can be significant in a contentious regulatory environment. A CCO that is independent, free from undue influence, incentives or conflicts is in a position of strength. Furthermore, as a premier service provider we back up each assigned CCO by providing access to the expertise of a team of compliance professionals and the full resources of the Alaric organization.
In the Risk Alert, OCIE also discussed their observations with respect to the strength and effectiveness of certain sweep-examined registrants’ programs and emphasized the elements necessary for an effective outsourced CCO program. We agree with the characteristics set forth by the SEC and believe these same elements are necessary for all CCO’s, whether this critical role is filled by outsourced or in-house personnel. The Alaric CCO model meets the best practices cited here. These include:
- Communication – the CCO frequently and personally interacts with the staff of the advisor or the fund versus exclusively relying on electronic interaction to build relationships and gain a better understanding of the registrant’s businesses.
- Resources – the CCO is assigned clients based upon their ability to effectively administer the compliance program and their specific work history, experiences and specialties.
- Empowerment – the CCO is granted the authority by management of the advisor or Fund to perform their role and has the experience and knowledge needed.
- Customization – the CCO creates tailored, risk-based compliance solutions, including policies and procedures, check lists, risk matrixes, and testing protocols based upon the specific requirements of the client.
- Risk Assessments – the CCO has sufficient knowledge and experience to conduct meaningful risk assessments that properly identify the risks in the business, operations, conflicts and other compliance factors and can create an effective compliance program with policies and procedures that are designed to mitigate or address these risks.
- Policies and Procedures – the CCO follows the policies and procedures that are in place, and revises them as regulatory changes occur or the needs of the business evolve.
Since its inception, Alaric has placed a strong emphasis on hiring seasoned professionals. Alaric compliance consultants and CCO’s bring years of financial services compliance, legal and/or operations experience to our clients from their prior positions at prominent financial institutions, including: JP Morgan-Chase; Voya; Prudential; Bear Stearns; HSBC; IBT; Bank of America; and Pershing. In some cases, their backgrounds also include past employment with the SEC, FINRA, DOL, and the CFTC. Some have served as state legislators, JAG Officers, and expert witnesses to the SEC’s Enforcement Division. They know how to effectively budget their time to provide a level of service that seeks to attain the ideals of the SEC. They are assigned clients based upon their work history, experiences and specialties, and when assigned as CCO, have a limited number of CCO roles. They create customized risk-based compliance programs that are focused upon the core requirements of the client in addition to regulatory mandates.
As highlighted by the SEC in the Risk Alert, Alaric CCO’s provide regular in-person communications with their clients; establish and maintain strong relationships with the management and other members of their client firms; utilize direct access to clients’ systems, documents and information; maintain expertise regarding regulatory requirements that pertain to their assigned clients’ businesses and the know how to apply these requirements in a practical and effective manner; are current on industry best practices; and are able to draw upon their experiences from other engagements and from the collective experiences of their Alaric peers. Our model provides us with the flexibility to be selective about the firms we choose to work with. We have and will continue to separate from clients by terminating engagements and we will not accept prospective clients that we feel do not share our vision about the needed culture of compliance.
If you would like to learn more about the benefits of outsourcing, or have any questions about OCIE’s recent Risk Alert, please contact me.
Guy F. Talarico
CEO and Founder
Alaric Compliance Services, LLC
1 National Exam Program Risk Alert, “Examinations of Advisers and Funds That Outsource Their Chief Compliance Officers,” (November 9, 2015) available here.
2 Id. At * page 3, “During these examinations, the staff observed instances where the outsourced CCO was generally effective in administering the registrant’s compliance program, as well as fulfilling his/her other responsibilities as CCO.”
3 Independent Directors Council of the Investment Company Institute, Board Oversight of Fund Compliance, page 8, September 2009.