Compliance support and what a CCO needs to do the job well are in the news. Compliance Week’s Aaron Nicodemus examined the issue in a recent article. While compliance is a firm-wide concern for RIAs, there may be some businesses where compliance does not have the horsepower to cover the needs that regulators set upon them. He wrote:
“What if … a lack of resources for a compliance function, or a lack of support for compliance within a company or from company leadership, rendered a firm’s compliance division ineffective? Should the SEC still consider a CCO liable under those circumstances?
The National Society of Compliance Professionals (NSCP), a nonprofit group representing more than 2,000 compliance professionals in the financial services industry, said many of its members are worried a firm’s lack of resources and weak compliance culture can undercut a CCO’s effectiveness. Those factors shouldn’t make a CCO liable for the wrongdoing of others, the NSCP members believe.”
The NSCP detailed the matter in a 2021 brief that Nicodemus referenced. In that proposed framework, NSCP raised the concern that compliance shortcomings from staff within a firm might be wrongfully transferred to a CCO when the issue may actually be support that compliance receives overall. They wrote:
“To more effectively address the issue of CCO liability, the NSCP believes it is necessary to focus on the larger context of the compliance function within firms and to do so earlier in regulatory reviews, whether during examinations or enforcement investigations.”
This framework from NSCP listed the following recommendations, among other areas of concern, for firms, CCOs and regulators:
Firms: Firms of all sizes and structures should empower their CCOs with the full responsibility, ability and authority to develop, implement, and enforce appropriate policies and procedures. In addition, firm leadership needs to continually assess whether the compliance program has adequate resources to support a robust compliance function.
CCOs: CCOs should have clear direction and agreement from firm leadership on their roles and authority to manage compliance programs specifically tailored to their firms and reasonably designed to prevent violations of federal securities laws.
Regulators: Regulatory examination and enforcement teams should have an appropriate foundation to evaluate compliance failures identified during the course of examinations or investigations, and in particular, whether those failures rise to the level where formal charges should be referred to enforcement or brought against the CCO.
Nicodemus noted that the issue is an ongoing discussion among regulators and compliance officials, including the NSCP. It appears uncertain where that conversation will wind up in the near future.
One solution for assisting a compliance team’s operations and ability to collaborate is the addition of user-friendly software such as SmartRIA’s platform. This helps shift the onerous work of managing compliance for a compliance team, or often, a single CCO. Furthermore, such software encourages collaboration among advisers, staff, and the compliance team. That, in turn, fosters greater transparency and accountability for all parties at a firm. Compliance becomes easier to handle when more resources are available to carry the load, and SmartRIA helps make that burden manageable for RIAs and CCOs.