Insourcing vs. Outsourcing
“Our Take” LIVE
November 1, 2012
Compliance Rule (206(4)-7)
• Adopt written policies and procedures reasonably designed to prevent violations of the securities laws;
• Annually review the policies and procedures; and
• Designate a Chief Compliance Officer (a “CCO”)
2
Regulatory Requirements
• Registration/Disclosure• Fiduciary responsibility and
suitability• Solicitors• Advertising• Privacy• Client Agreement• Proxy Voting• Anti-Money Laundering• Proxy Voting• Fees
• Custody• Trading• Insider Trading• Supervision and licensing• Code of Ethics• Inspections and
Enforcement• Section 13 filings• Recordkeeping• Compliance
3
What is Compliance?• Appoint a CCO• Implement/Maintain
compliance manual• Ongoing testing of policies and
procedures• Annual review and report of
findings• Risk Assessment• Monitor operations• Training• Compliance
committee/management review• Compliance calendar
• Compliance calendar
• Certifications and notices
• Licensing
• Investigate misconduct
• Manage regulatory inquiries and exams
• Code of Ethics and preclearance
• ADV updates
• Review marketing materials
• SEC filings
• Respond to Clients/Boards
• Due diligence service providers
4
Risks of Noncompliance• Public sanction
– reputation and client risk– competitiveness
• Civil sanctions: bans from industry• Civil monetary penalties
– Rescission– disgorgement
• Criminal prosecution• Increased examination and regulatory focus
5
Compliance Programs:Enforcement Lessons• Actions against firms for weak compliance programs (In re
Asset Advisors et. al.; In re Wunderlich; In re JSK Associates; In re Alpine Woods)
• Template or incomplete compliance manuals (BD WSPs)• Inadequate testing and annual reviews• No training• Inexperienced or absent CCO• No implementing procedures• Failure to properly resource• Ignoring Code of Ethics
6
Delaying
• Canned compliance manual
• Adopt P/P but no implementation
• Add CCO responsibilities to CFO, COO, Administrator
• Hiring under-qualified
• Allocate minimal time/resources
• “We do the right thing.”
7
Insourcing vs. Outsourcing
• Regulatory Knowledge• Depth• Business Knowledge• Management• Control
• Leverage• Independence• Cost• Liability• Regulators
8
Knowledge & Depth
• Power of numbers– Compare and benefit from combined
experience– Sharing information– Industry best practices– Institutional knowledge lives after turnover
• Unique person– Firm-specific knowledge
9
Management, Control, Independence
• Hiring a firm ensures accountability and independence– 24/7/365 availability– Accountability– Easier to change firms than fire a person
• In-house CCO reports directly to management– Control vs. loss of independent perspective– Career pathing
10
Cost and Leverage
• Buying a service vs. a person– Tailor costs to firm size and needs
• Ability to leverage in-house CCO for other functions– Paying compliance dollars for non-
compliance functions
11
Liability and Regulators
• Agreement offers direct recourse• In-house CCO can only be fired• Regulators want best practices compliance
programs• Firm needs to adequately resource and
empower• In-house CCO does not shield firms from
enforcement actions
12
What to do?
• Outsourcing: Best practices, depth, independence, accountability, sharing liability, management
• Insourcing: leverage, control compliance output
13