SEC Compliance Preparation for 2018

The SEC recently released its examination priorities for 2018.  So what compliance areas should firms focus on to ensure that they are in compliance with the SEC’s regulatory expectations?

Primary areas of focus should include:

  1. Risk Assessments
  2. Policies and Procedures
  3. Internal Controls
  4. Testing of Internal Controls
  5. Mock SEC Examinations

-Risk Assessment: An overview of the firm’s risks will ensure that the firm has accurately assessed all compliance risks and that the subject risks have been addressed in the policies, procedures and internal controls.  As the SEC’s examination program has become more risk based, it has required that firms’ compliance programs become more risk based in how they develop their policies, procedures and internal controls.

-Policies Procedures: A review of the firm’s policies and procedures will ensure that all compliance risks have been addressed and all policies and procedures have been accurately and completely addressed in the written supervisory procedures (“WSPs”).  The review will focus on identifying gaps in the WSPs, as well as risks that the SEC expects to be covered in the firm’s WSPs as they correlate to the firm’s risks.

-Internal Controls: A review of the firm’s internal controls ensures that the controls review and monitor all relevant risks and are being conducted as stated in the WSPs. The review will identify gaps between the compliance risks inherent to the firm and what is being captured by the internal controls, which is always a focal point for review by the SEC.

-Testing of Internal Controls: Testing of internal controls involves a sampling review of the firm’s testing of its internal controls to ensure that the firm’s testing methodology is accurately and adequately capturing exceptions and issues.  Testing will identify gaps in the methodology as well as areas of concern for the SEC.

-Mock SEC examinations: Mock exams are ideal for firms that have never undergone an SEC examination so that they are aware of what to expect and how to respond to the SEC’s initial request for information, as well an onsite examination of its compliance program.  They are also very useful for firms that have been through the SEC examination process so that they will know what to expect during a future examination, as well as what the SEC will be looking for based on any prior examination of the firm.  Mock examinations can be conducted either on or offsite.

The Examinations Priorities Compliance Review is not to replace the firm’s CCO role, but rather to enhance the firm’s current compliance oversight mechanism and to ensure that the form is prepared to meet the SEC’s regulatory expectations for the coming year, in particular the SEC’s annual examination priorities.  Additionally, firms are then prepared for any examination to which they may be subjected during the agency’s examination scope for the year.

For assistance with compliance program needs, I can be reached at 410-733-5325 or at


Posted in Uncategorized | Comments Off

2018 SEC Examination Program Priorities Overview

On February 7, 2018, the SEC released its annual examination priorities. Many of the themes from 2017 remain on the priorities list. However, there are several new areas of concerns that the SEC has highlighted as priorities for the coming examination year.

As important as the actual priorities that have been highlighted by the SEC, so are the underlying principles that drive the priorities. Firms need to keep in mind that the SEC examination program is risk driven. The SEC uses a risk-based strategy to effectively oversee market participants. And as the SEC has become more risk driven, it has also required the firms that it oversees to become more risk driven in how they oversee the compliance risks to their firm operations. For some firms, the risks can be very clear cut and apparent. But for most, a risk-based approach to compliance requires that firms, especially their legal counsel and compliance staff, adopt a risk-based approach to how they assess risk, oversee risk and comply with the securities laws. And sometimes compliance risks can emanate from unexpected areas of the firm. As a result, the risks may then reverberate across the firm, resulting in increased compliance risk, as well as magnified legal and financial risk to the firm.

Top themes for the SEC’s examination program this year are:

Cybersecurity: The SEC will continue to prioritize cybersecurity in each of their
examination programs. Examinations will focus on governance and risk assessment,
access rights and controls, data loss prevention, vendor management, training and
incident response.

Anti-Money Laundering: Examinations will continue to focus on examining whether
entities are appropriately adapting AML programs to address their obligations. Reviews
will cover the customer due diligence requirement, as well as whether entities are filing
timely, complete and accurate SARs and conducting robust and timely independent tests
of their AML programs.

Disclosure of the Costs of Investing: The SEC concern here is proper disclosure and
calculation of fees, expenses and other charges that investors pay. Examiners will be
focusing on whether fees and expense are calculated and charged in accordance with
disclosures provided to investors.

Electronic Investment Advice: This was a high priority issue for the SEC in its 2017
priorities and was heightened by the Robo-Advisers guidance disseminated in February
2017. It is highly likely that the SEC will continue to gather critical information regarding advisers’ advice programs and how they surveil their programs for compliance with the securities laws.

Wrap Fee Programs: The SEC will review whether investment advisers are acting in a
manner consistent with their fiduciary duty and whether they are meeting their
contractual obligations to clients. Focus areas will include whether 1) recommendations
to invest in a wrap fee program and to continue in the program are reasonable; 2)
conflicts of interest are disclosed in compliance with applicable regulatory requirements;
and 3) investment advisers are obtaining best execution and disclosing costs associated
with executing trades through another broker-dealer.

Never-Before- Examined Investment Advisers: The SEC will continue to make risk-
based assessments and select those investment advisers for examination that have
elevated risk profiles.

Senior Investors and Retirement Accounts and Products: Regulatory focus will remain on investment advisers and broker-dealers that offer services and products to investors with retirement accounts. Examinations will focus on investment recommendations, variable insurance products, and sales and management of target date funds.

Mutual Funds and Exchange Traded Funds (ETFs): The SEC will focus on mutual funds that have 1) experienced poor performance or liquidity in terms of their subscriptions and redemptions relative to their peer group; 2) are managed by advisers with little experience managing registered investment companies; or 3) hold securities which are potentially difficult to value during times of market stress. The agency will focus on both ETFs and mutual funds that seek to track custom built indexes to review for any conflicts the adviser may have with the index provider and the adviser’s role with respect to the selection and weighting of index components.

Municipal Advisors and Underwriters: The SEC will continue to examine municipal
advisers to evaluate their compliance with registration, recordkeeping, and supervision
requirements. Examinations will also focus on compliance with MSRB rules regarding
professional qualification requirements, continuing education requirements, and core
standards of conduct and duties of municipal advisers when engaging in municipal
advisory activities.

Fixed Income Order Execution: Examination staff will seek to conduct examinations to assess whether broker-dealers have implemented best execution policies and procedures, consistent with regulatory requirements, for both municipal bond and corporate bond transactions.

Cryptocurrency, Initial Coin Offerings (ICOs), Secondary Market Trading and
Blockchain: The SEC will continue to monitor the sale of these products, and where the
products are securities, examine for regulatory compliance. Areas of focus will include
1) whether finance professionals maintain adequate controls and safeguards to protect
these assets from theft or misappropriation, and whether finance professionals are providing investors with disclosure about the risks associated with these investments,
including the risk of investment losses, liquidity risks, price volatility and potential fraud.

As a seasoned veteran attorney of both the Federal Reserve Board’s Office of Bank Supervision(Risk), focusing on securities activities in banks, and the SEC’s Office of Compliance Inspections and Examinations, I have conducted numerous SRO, adviser, brokerage, fund company and municipal dealer examinations. As such, I am uniquely qualified to assist you in ensuring that your compliance program meets SEC requirements. Moreover, I can also assist your firm in developing compliance policies and procedures, critical routine testing of internal controls, as well as mock examination preparation for anticipated SEC, FINRA and other regulatory examinations.’

The dissemination of the SEC’s 2018 Examination Priorities makes this an appropriate time to review your current compliance policies and procedures, conduct critical testing to identify material gaps, as well as prepare for anticipated examinations by performing mock examinations.

For assistance with compliance program needs, I can be reached at 410-733- 5325 or at

Posted in Banking & Securities Law | Comments Off

The Federal Government Shutdown and Small Business Operations

The Federal Government Shutdown and Its Effect on

 Small Business Operations

We are now over a week into the federal government shutdown and many small businesses, including nonprofits, are starting to feel real pain regarding their corporate governance operations.  The effects are starting to trickle down from the federal government level and many businesses are suffering from Congress’ decision not to fund the federal government in areas such as employment and federal contracting law and lending and finance operations, as well as other areas.

  • E-Verify Checks and I-9 paperwork

E-Verify is currently unavailable due to the shutdown.  Federal law requires that
every employer and agricultural recruiter/referrer-for-a-fee hiring, or recruiting/referring for a fee, an individual for employment in the United States complete a Form I-9,
Employment Eligibility Verification Form.  Form I-9 helps to verify an employer’s identity and employment authorization.  To minimize the burden on both employers and employees while E-Verify is unavailable due to the federal shutdown, the following policies have been implemented:

  • The ‘three-day rule’ for E-Verify cases is suspended for cases affected by the
    shutdown.  E-Verify support services will provide additional guidance once E-Verify is operational again. This does NOT affect the Form I-9 requirement—employers must still complete the Form I-9 no later than the third business day after an employee starts work for pay.


  • The time period during which employees may resolve TNCs will be extended. Days the federal government is closed will not count towards the eight federal
    government workdays the employee has to go to SSA or contact DHS.  E-Verify customer support services will provide additional time once it reopens.


  • For federal contractors complying with the federal contractor rule, please contact
    your contracting officer to inquire about extending deadlines.


  • Employers may not take any adverse action against an
    employee because of an E-Verify interim case status, including while the employee’s case is in an extended interim case status due to a federal government shutdown
    (consult the E-Verify User Manual for more information on interim case statuses).

Takeaway: For the duration of the shutdown, employers should continue to complete I-9 paperwork, consult with their federal contracting officer concerning compliance with the federal contractor rule and
refrain from taking adverse action against any employee who has an interim E-Verify interim case pending.


  • Small Business Loans are Delayed

Small businesses primarily obtain loans from the Small Business Administration (SBA),
which typically approves about 250 loans per day totaling roughly $93 million.    Loans that were already approved and in process will be unaffected, as will disaster loans, another type of SBA loan.  However, other loans will be delayed until SBA employees return from being furloughed.  Even if the federal government gets back to work
quickly, the SBA may still face a backlog regarding loans not made by a preferred lender that can unilaterally underwrite loans.  Olney-based Sandy Spring (NASDAQ: SASR) has about $15 million in loan applications awaiting SBA approval. That includes applications from the bank’s entire territory, which stretches from the Baltimore area to Northern Virginia. (Source: Various financing options are available in the meantime; however, business owners should proceed cautiously:


  • Conventional loans may be available to those who qualify.  Work with your bank to identify these alternative sources of funding and your company’s/organization’s ability to meet the lending criteria.


  • Interim bank loans may also be available depending upon your bank’s lending criteria.  Banks may be able to refinance certain loans made during the shutdown into loans with SBA guarantees after the government reopens.  This process can be more complex and expensive as two closing will be required and guarantee by the SBA is uncertain.

Takeaway: As a planning tool it might be good governance practice when seeking lending from financial institutions to always identify whether your organizations/business qualifies for conventional funding and whether alternative sources of funding are available.



Posted in Banking & Securities Law, Corporate Compliance & Governance, Financial Services Due Diligence and Forensic Investigation | Tagged , , | Comments Off

Why Small Businesses Should Implement Corporate Governance Policies

Corporate governance refers to the set of internal policies, rules and procedures that a company regularly follows to ensure that it operates in a fair, equitable and appropriate manner for the benefit of management, stakeholders and the organization as a whole. The objective outcome of a corporate governance policy within a small business is to empower the company to set strategic goals, appoint leadership that can attain those goals, oversee management and report to key stakeholders on the periodic progress of the organization. But aside from goal setting and management, why do small businesses need strong corporate governance policies in place?

Investment Protection

Policies and procedures protect not only the principals of the business but also investors and other associated organizations. Sound corporate governance documentation of policies and procedures provide all key parties with a roadmap of expectations as to how the organization conducts its business. And should a roadblock arise, those same policies and procedures can provide all affected parties with a way forward, as well as a dispute resolution mechanism should approaches to the roadblock prove irreconcilable.

 Foster Employee Recruitment and Retention

Employees are your most valuable asset. Strong internal corporate governance policies are not only attractive to current employees but also a strong incentive for top candidates to join your organization. Moreover, after investing in your employees’ training, retention of that investment is critical. Sound corporate governance practices can ensure that performance and executive compensation systems retain and reward the organization’s top performers and future leadership. Additionally, a corporate governance system can avoid and reduce internal conflict, demarcate executive duties from administrative ones and improve employee morale and trust in the organization’s leadership.

 Future Company Growth

Even a private company needs to have a sound corporate governance program, so as to remain attractive to potential investors and business partners. A small private company may one day decide to go public or may remain private but want to attract new investors and principals. Either way, a sound corporate governance program can make the way forward for growth smoother with formalized policies and procedures instituted early in the life cycle of the business. A culture of defined expectations readies the organization for growth, whether it remains private or expands into the public sector.

Ethics Are Highly Valued in Today’s Business Environment

Whether a small or large company, recent current events show that ethics, the foundation of corporate governance, are highly sought after by the consumer. A 2002 Hill and Knowlton study found that 79% of Americans take the ethical business practices of a company into consideration when debating a product purchase. (Cuizon, Gwendolyn. “What Is Corporate Social Responsibility”) Ethical business practices and internal expectations can only increase the reputational and financial value of your organization.

Manage Legal Compliance of the Organization

Today’s regulatory environment requires businesses, both big and growing, to stay on top of regulatory requirements. Regulations such as Sarbanes-Oxley and the Dodd-Frank Wall Street Reform Act necessitate that smaller businesses and organizations be aware of the regulatory requirements and hurdles that define today’s business environment. Accounting practices and consumer protection compliance apply to most if not all businesses in some way and it is important that your organization be aware of how these regulations apply to how it conducts business.

Large corporations often opt into corporate governance structures for different reasons than that of a small business. However, the result is hugely the same; transparency, structure and equitable business practices. For a small business that aspires to growth and profitability, these reasons can only propel it towards future success.

What’s the takeaway? Small businesses, whether priming for IPOs, looking for new investors, employees and business partners or solely looking to provide their organization with formalized policies and procedures, should devote the appropriate time and attention to their company’s corporate governance structure. The benefit to your organization’s leadership strength, employee morale and reputational risk profile and business stature among its peers will be immeasurable.

Posted in Alternative Dispute Resolution, Banking & Securities Law, Corporate Compliance & Governance, Financial Services Due Diligence and Forensic Investigation, Foresnic Investigation, Uncategorized | Tagged , , , , | Comments Off

OCC Semiannual Risk Perspective, Spring 2013: Strategic Risk, Revenue Growth, Cyber-Threats, Expanding Reliance on Technology and Changing Regulatory Requirements

The Office of the Comptroller of the Currency (OCC) charters, regulates and supervises national banks and federal savings associations (banks) and supervises the federal branches and agencies of foreign banks. The OCC supervises these banks to ensure they operate in a safe and sound manner and comply with applicable laws and regulations, including those requiring fair treatment of consumers and fair access to credit and financial products.

The OCC’s Semiannual Risk Perspective addresses key issues facing banks. The OCC publishes the report twice a year, drawing upon midyear and end-year data. The spring 2013 report reflects data as of December 31, 2012. The report presents data in four main areas: the operating environment; the condition and performance of the banking system; funding, liquidity and interest rate risk; and regulatory actions.

Key Risk Themes

Strategic risk continues to increase and remains high for many banks as management searches for ways to generate acceptable returns

• Sound corporate and risk governance processes are central to planning, prioritizing and allocating resources efficiently in the current operating environment.
• New products and services may present unfamiliar risks for which some banks may lack the requisite expertise, management information systems and appropriate risk controls.

Revenue growth challenges from a slow economy continue to pressure profitability and increase the risk that banks may reach for yield

• The low interest rate environment also affects fiduciary and other asset management business lines in which revenues can significantly contribute to noninterest income. Continued risk aversion on the part of customers dampens asset management revenues and increases demand for fixed-income instruments, which in the current environment are subject to extension risk and declines in value.

Increasingly sophisticated cyber-threats, expanding reliance on technology and changing regulatory requirements are heightening operational risk

• Cyber-threats continue to increase in sophistication and require heightened awareness and appropriate resources to identify and mitigate the associated risks.
• The pace of new regulatory requirements can challenge the change-management capabilities of some banks and can lead to increased operational and compliance risks if banks do not adequately invest in control processes, systems or staff.
• Large and mid-size banks with extensive mortgage servicing operations have been making progress in remediating standards and practices, but the financial and reputational costs remain high.
• The consequences of business process engineering for lower operating costs may fall disproportionately on compliance, audit, risk management, operations or internal control mechanisms and may adversely affect a bank’s ability to identify, measure and control risks.

Source: OCC Semiannual Risk Perspective, Spring 2013


Posted in Banking & Securities Law, Corporate Compliance & Governance, Financial Services Due Diligence and Forensic Investigation | Leave a comment