August 31, 2015

CCO Series (2015) - Financial Statements

The financial statements that you maintain for your RIA firm, which include income statements, balance sheets, statements of cash flows, are powerful tools. Apart from the fact that they are a required to be maintained for books and records purposes, the data that they contain hold the key many other critical regulatory and practice management activities.

RIA Financial Statements In a Nutshell

Maintaining complete and accurate financials on your business simply makes good business sense. However, our primary purpose here is the maintenance of financial statements for compliance purposes, which may include:

  • Balance Sheet and Income Statement
  • Cash Journals - Documentation including cash receipts and disbursements, records, and any other records of original entry forming the basis of entries in any ledger
  • Banking Information - All checkbooks, bank statements, cancelled checks and cash reconciliations for your firm
  • Business Expenses - All bills or statements (paid or unpaid) relating to the business of your firm
  • Other Financial Statements - All trial balances, financial statements, and internal audit working papers relating to the business of the firm

While maintaining proper financial statements is required in order to avoid regulatory sanctions, it can also be a useful tool for RIAs. Creating and reviewing financial statements on a regular basis can prove to be an indicator of the health of the firm. The financial statements can demonstrate that the firm is performing as intended and disclosed, or act as a tool to show areas where it can improve. Ensuring financial stability of a firm is an important step in gaining client and regulatory confidence. Proving to be solvent and possess secure financials could be the difference between gaining and losing clients, or spending more time with regulators during an exam.

State Specific Requirements

Many of the regulations regarding financial statements for RIAs are dependent on the advisor’s principal state of business. Along with SEC Regulators requiring specific actions regarding financial statements, each state also has specific requirements on the issue. As an advisor it is important to recognize your specific state’s requirements in order to avoid unnecessary regulatory issues. Currently, there are states that require audited financial statements to be sent to their state regulatory agency each year. This applies only if the firm is registered with the state, and does not apply to SEC firms.

It is important to stay updated on your specific state’s requirements in order to avoid unnecessary regulatory issues. Depending on the state, there may be minimum net worth requirements that are to be demonstrated through the financial statements. Where applicable, your firm’s books and records archive should contain the necessary financial statements and audit results.

Custody’s Additional Burdens

When an advisor claims custody of their clients’ assets, there are additional rules and regulations to be aware of in regards to Financial Statements. Advisors that also act as Custodians may be required to submit an audited balance sheet at the end of the their fiscal year. This balance sheet must be prepared in accordance with generally accepted accounting principles (GAAP), and audited by a certified public accountant (CPA). The audit must also include the accountant’s opinion and other qualified notes regarding the firm’s financials. Custodian advisors must also provide clients with a quarterly account statement that outlines all of the activity of their funds in the given period.

Through the Regulator's Eyes

Regulators expect RIA firms to maintain updated financial statements that are created in accordance with generally accepted accounting principles (GAAP). Regulators have put an emphasis on monitoring the financial statements of newly-registered advisors. If they are not completed correctly, it is a sign that a further examination is needed. Compliant financial statements prove to the regulators that the firm is running effectively. Proper maintenance and submission, if required, of updated financial statements is one key way to avoid regulatory sanctions.

CCO Best Practices

  • Do not approach financial statements as just a way to avoid regulatory sanctions. They are important at spotting financial irregularities which might benefit you.
  • Utilize financial statements as a powerful tool to indicate advisory effectiveness and compliance.
  • Always stay informed of specific state requirements, which may differ from SEC and other states’ regulations, for example:
    • Alabama and New York require audited financial statements regardless of custody.
    • If the firm claims custody, the following states require annual audited financial statements: Arizona, Arkansas, California, Washington D.C, Florida, Hawaii, New Mexico and Oregon.
    • Other states may not require financial statements to be submitted at all.
  • Maintain accurate financial statements, in accordance with generally accepted accounting principles (GAAP).
  • Claiming custody of clients’ assets will require an audit by an independent public accountant registered with, and subject to regular inspection by, the PCAOB.

The AdvisorAssist CCO Series is a collection of blog posts that cover each of the elements of your RIA's compliance program.  Each post will provide an overview of one compliance topic, including our insights on how regulators view each topic as well as some practical steps to help Chief Compliance Officers address this topic. As always, we would welcome your comments and thoughts.

Michael Conlon

CCO Series (2015) - Voting Client Proxies

The right to cast votes on certain corporate matters is an important power given to shareholders of publicly traded companies and mutual funds. Your RIA firm is expected to address its role with respect to voting proxies on behalf of clients. You may agree to take on the responsibility to vote proxies on securities they own, or you may elect to not vote their proxies. In each instance, regulators expect you to have clearly defined and communicated policies and procedures related to this vital aspect of corporate governance so clients understand if and how their votes are cast.

Advisor Proxy Voting In a Nutshell

Shareholders of publicly traded companies and mutual funds have the right to express their opinion on certain business matters that impact the value of the securities they own. Board of director elections, mergers and acquisitions and changes in fee schedules (in the case of mutual funds) are examples of decisions that are delegated to shareholders.

Since most shareholders do not attend annual meetings in person, their opinions on these matters are communicated by casting a ballot either electronically or via mail.

Custodians and broker-dealers normally receive and transmit notices of upcoming proxy votes, meeting and record dates and other information on upcoming corporate actions by companies in which their client’s are shareholders.

Accepting this responsibility for your clients is a significant undertaking, so it is important to consider the pros/cons of doing so. On one hand, clients may appreciate that you serve as their voice in significant matters that affect the value of their investments. But agreeing to vote client proxies requires a significant amount of process monitoring and record keeping.

For this reason, most RIA firms elect to not vote proxies.

Your firm’s policies on voting proxies should be disclosed and clearly described in:

  • Form ADV Part 2A, Item 17 - Voting Client Securities
  • Advisory Agreements, either in the section that describes your investment discretion authority or in a standalone section

Note: If you have discretionary investment authority over client accounts and your ADV and agreements remain silent on this topic, it is assumed that you do vote proxies.

If your firm does not vote proxies

If your firm does not intend to vote proxies, and you do not intend to advise clients on how to vote proxies, you must disclose this in Form ADV and communicate to clients that they retain the authority and responsibility for voting their own proxies.

If a client reaches out with questions regarding a particular proxy vote, you may assist them in understanding the background and intent of the proxy, but your guidance must not influence their voting decision. In doing so, your firm should remind them that they assume the responsibility for ultimately making the voting decision of making the contractual decision of their voting shares, and that you are prohibited from providing the service of that advice.

In this instance, your clients will receive proxy statements directly from the Custodian. They should not be sent to you.

If your firm does vote proxies

If you do intend to vote proxies, you are required to do so in the best interest of your clients. When setting up new client accounts at your custodian, you should request that they forward proxy statements to you directly instead of your client.

In addition, you must:

  • Develop and implement policies and procedures that are reasonably designed to ensure that your firm votes proxies in the best interest of its clients,
  • Describe your firm’s proxy voting policy to clients (via Form ADV 2A and advisory agreements) and provide copies to clients upon request, and
  • Disclose how clients can obtain information on how your firm voted their proxies.

In fact, regulators consider it fraudulent for advisors to exercise proxy voting authority without fulfilling these three requirements.

Through the Regulator's Eyes

When it comes to proxy voting, regulators simply expect that you clearly communicate your policy on voting proxies for your clients. When you do accept this responsibility, you are expected to exercise this duty in the client's best interest, avoid and disclose any conflicts of interest that may come up in these corporate matters and maintain proper books and records that demonstrate that you are fulfilling this duty in accordance with the Advisers Act.

A copy of the SEC’s final rule on advisors voting proxies can be found here.

CCO Best Practices

  • Consider whether or not your clients would gain a material benefit by your advising their proxy voting responsibilities, and if that benefit would be worth the related compliance burden.
  • If your firm does not vote client proxies:
    • Review client activities to ensure that your firm has not voted proxies for any clients.
    • Review any exceptions made to the proxy voting policy and all supporting documentation and ensure that all were properly documented and approved by the CCO.
    • If you ever choose to begin voting proxies, revise your proxy voting policy to comply with the Adviser's Act.
  • If your firm does vote client proxies:
    • Confirm that existing proxy voting policies and procedures are adequately designed to ensure that votes are consistent with client interests.
    • Conduct a forensic test by reviewing a sample of proxies voted during a particular period and confirm that each proxy was voted in accordance with your policy and that each were voted in the best interest of the client.
    • Review any exceptions made to the proxy voting policy and all supporting documentation.
    • Ensure that all exceptions were properly documented and approved by your firm’s CCO.
    • Review your firm’s books and records to confirm that for the previous five years you can produce a copy of each proxy you received, records for all proxies voted (with any related back up), a log of any proxy voting information requests by clients and your firm’s responses to those requests.

The AdvisorAssist CCO Series is a collection of blog posts that cover each of the elements of your RIA's compliance program.  Each post will provide an overview of one compliance topic, including our insights on how regulators view each topic as well as some practical steps to help Chief Compliance Officers address this topic. As always, we would welcome your comments and thoughts.

Michael Conlon

CCO Series (2015) - Business Continuity and Succession Planning

Each of us tend to either ignore or underestimate the possibility of disasters occurring in our futures. This has been proven time and again by cognitive science research and often referred to as "normalcy bias."

In our experience, RIA firms place a high importance on business continuity planning, yet often (particularly with smaller firms), either postpone or abbreviate the process of creating, testing and maintaining their BCP document.

These tendencies leave them exposed to the risk of disruptions in their ongoing responsibilities to clients.

Advisor Business Continuity Planning (BCP) In a Nutshell

We employ this framework to help RIA firms implement their business continuity planning:

  • Business Analysis. Identify the critical business processes that you must perform daily, as well as those that become critical in a typical 10-day period. Think through the possible and likely scenarios that could result in a business disruption (i.e. power outages, weather, systems failures in your office building). Take an inventory of all technologies and external partners that you rely on to run your business.
  • Plan Design. Define the scope of your plan. Ensure that the plan covers disaster recovery as well as succession planning (see the “key-man risk section” below). Your BCP must also contain:
    • firm policy/plan expectations, contingency scenarios, critical business functions (Day 1 vs. Day 10),
    • critical business systems and how to access them,
    • contact information for employees, vendors and partners, alternate work location(s),
    • back-up and restoration of critical information,
    • protection of client information, and
    • protocols for testing, updates and revisions.
  • Implementation. With the buy-in and support of your leadership, socialize and review the plan with your team and provide training (and cross-training) for key activities, data access and data protection. Ensure that your plan is accessible to everyone from a remote location (e.g. current copy at home, copy on separate secure server or Intranet).
  • Testing. Perform a "live" test at least annually by following the BCP as written. Document gaps in the plan and document deviations from the plan. Require full participation (at the same time!) and test all critical functions and systems, including, operations, vendors, and communications.
  • Maintenance. Update your plan on a real-time basis for process changes, technology enhancements, regulatory changes, and contact information. Deliver and train your team on changes.

Consider the “Key Person” Risk

Based on statements made by SEC Chairman Mary Jo White in December of 2014 regarding the potential for a “transition rule” (SEC statements); it is now critical that RIAs integrate succession into their business continuity planning. The unexpected death, incapacitation or departure of key advisory staff is an additional risk that may affect an RIA’s ability to protect client interests and fulfill their fiduciary responsibility, and it is up to advisors to take reasonable steps now to ensure their clients are relatively protected from this risk.

To protect against this risk, RIA’s should adopt management practices that mitigate their reliance on any one individual, or to allow for process continuity during planned absences like vacations. These include:

  • Establishing and documenting defined roles and responsibilities
  • Cross-training of operational processes and controls
  • Knowledge sharing (so that more than one person is familiar with the firm’s investment process and clients)

Technology will play a central role here. Active (and universal) use of a CRM will ensure that client information is centrally stored and easily accessible. Likewise, an internal website may be used to store the firm’s operations manual, which documents all critical processes and procedures. In the absence of a formal operations manual, RIAs may post a set of documents that detail their investment process, workflows and operational procedures.

In addition to these operational controls, RIAs should consider establishing a legal agreement that govern their firm in the event the death or incapacity of an owner.

Single-Owner RIA

Single-Owner RIAs may wish to establish a “continuity agreement.” A continuity agreement is a legal contract that appoints an “alternate” registered investment adviser to assume client responsibilities in the event of the death or incapacity of an RIA. If this were to occur, the “alternate” adviser would be responsible for offering to assume the advisory role (the client has the ability, of course, to decline). The extent of the alternate adviser’s responsibilities can vary. They may be limited to interim oversight (to give clients the opportunity to seek a new RIA) or the alternate RIA may be charged with overseeing a sale of the business or acquire the advisory business themselves.

Multiple-Owner RIA

Multiple-Owner RIAs may wish to establish a “buy-sell agreement.” Buy-sell agreements establish guidelines for an orderly internal sale of the advisory firm to the other owners. Typically these owners are employees of the firm and should be familiar with the firm’s clients and investment process.

Through the Regulator's Eyes

The SEC has identified business continuity and succession planning as a requirement for RIA firms arising from their fiduciary duty. (See SEC Release IA 2204) While they require policies and procedures to address business continuity, they do not mandate specific requirements for the BCP, other than it must address the procedures to meet the fiduciary responsibility to protect client interests from being at risk as a result of an advisor’s inability to operate. Certain states have adopted formal BCP requirements for state-registered RIA firms. Given this, ensure that you take the time to check your state regulatory requirements regarding your BCP.

Regardless of the implicit or explicit requirements, all RIAs should have a formal BCP in place to demonstrate to regulators and clients that they have planned for the undisrupted performance of their fiduciary duty.

CCO Best Practices

  • Plan for the 99.5% and not the 0.5%.
  • Ensure buy-in from senior management and owners.
  • Test your plan at least annually by selecting one day to conduct business from an alternate location(s).
  • Update your plan with new/changing contact information for staff and external partners.
  • Ensure that the protection of client information is a priorities during business disruptions.
  • Leverage your BCP obligations to use as a foundation for a documented operating plan (Operating Manual) for your business.
  • Begin to integrate succession planning into business continuity planning preparation.
  • Consider establishing legal agreements that govern the firm to mitigate against the “Key Person" risk.

June 18, 2015

CCO Series (2015) - Email Archiving and Surveillance

An important and modern advancement of the SEC’s “Books and Records Rule” is the storage and review of email activity by Registered Investment Advisors (RIAs).

Emails, and their attachments, fall under the regulatory definition of “written communications” and therefore are subject to the archiving requirements defined within the Books and Records Rule. Additionally, CCOs are expected to ensure that the content of these electronic communications remain within regulatory guidelines and consistent with the fiduciary standard to which they are held by documenting periodic reviews of the archive.

Email Archiving & Surveillance in a Nutshell

Your RIA needs to ensure that email with clients is preserved in an archive and regularly reviewed for compliance concerns, specifically violations of the fiduciary duty and misleading or other inappropriate communications. The Books and Records Rule for RIAs states that “written communications” are subject to archiving requirements of all RIAs. Specifically, written messages with clients must be kept (with some exceptions) for a period of five1 years, the most recent two of which must be stored on-site or immediately accessible from your office. As is the case with all books and records, cloud-based systems that are accessible from on-site are considered "on-site" since files and information stored there can be produced without traveling to another location. Email messages that fall under the Books and Records Rule are those sent or received by employees of RIAs that fall into any of these categories:
  • Any recommendations or advice proposed or given
  • Any receipt, disbursement or delivery of funds or securities
  • Communications relating to the placing or execution of any security trade
And more generally, communications with clients regarding:
  • Compliance Program
  • Client Management
  • Trading
  • Marketing
  • Business Management
  • Potentially others, depending on your RIA’s specific business practices
For more detail on the Books and Records Rule, please see our prior blog post here, and also the text of the full Books and Records Rule 204-2 here.

Email Archiving
Email messages and attachments must be archived in a manner that preserves their original record state. It is the CCO's responsibility to ensure that all email records are maintained and protected from any alteration or destruction. Additionally, it is the CCO's responsibility to ensure that client communications are conducted on an email system that is being archived (that is, no personal email accounts) to ensure that future communications will be archived. The CCO should also be familiar with the email archiving system used and know how to retrieve items from it for review or to produce for regulators upon request. Similar to your other books and records, regulators allow for cloud-based, electronic storage of email messages and attachments. The key is that you can demonstrate your ability to:

  • reasonably safeguard them from loss, alteration or destruction,
  • prevent unauthorized access from individuals outside your firm, and
  • retrieve archived messages in their original recorded state based on keyword searches, employees and/or specific time frames.
Technology controls of archived email should be understood and reviewed periodically to ensure that they are reasonably configured to minimize risk of loss or destruction. Access should be reviewed as well to ensure that only those responsible for administration or review have access to edit or view the archive. Note: Your “Inbox” does not demonstrate the proper archiving standard expected by regulators because anyone who has access to that inbox has the ability to alter or destroy messages or attachments.

Email Surveillance
While the Books and Records Rule requires that you keep copies of your email communications and attachments, there is no specific language in the Adviser's Act to monitor or periodically search emails. However, CCOs are expected to follow procedures to detect risks, prevent and correct violations of the compliance program, so it is considered a best practice to conduct some level of proactive surveillance in order to demonstrate that as CCO you are providing supervision to your supervised persons regarding their adherence to the RIA's compliance program.

CCOs would therefore want to implement some periodic review of the messages that are sent and received, so as to ensure compliance with SEC (or state) regulations that impose fiduciary and supervisory duties, like adherence to your Code of Ethics and advertising constraints, among others. The frequency and depth of review should be based on the structure and complexity of your RIA's business, and the CCO's familiarity or involvement with the client communications of a particular supervised person. If the CCO works closely with one but remotely with another, it would be reasonable for the CCO to apply greater supervision of the remote person's email archive messages. Finally, the CCO should document these surveillance reviews of the email archive and capture information at least regarding the time period reviewed, the number of messages in the time period, the number of messages reviewed, whether or not issues where found, and the resolution to those issues.

Through the Regulator’s Eyes

Regulators will focus on two aspects of your email system: the quality of your archive, and your surveillance process. In their view, these tasks are designed to protect your business and clients from unauthorized access or disclosure of sensitive data, and also to ensure that your RIA is actively monitoring its supervised persons and addressing issues internally. Regulators expect you to be able to retrieve any email sent or received that may be used to substantiate your finances, support the decisions made on behalf of your clients, or validate that you are always adhering to your fiduciary duty. The documentation of your surveillance activities should reasonably demonstrate that as CCO you are applying supervision to the communications between your supervised persons and your clients.

Recently, the SEC Commissioners’ opinion has also clarified that a RIA's obligation to produce electronic records includes employees’ personal email messages, instant messages, text messages and personal computer hard drives when they are used for business purposes. This is why it is critical to ensure that approved mediums for written communications are included in your archive.

Thinking through an advisor complaint will help define the expectations that will be placed on your RIA during an examination. Regulators are required to respond to every complaint lodged against an RIA, and in that response, they may request that you produce any and all written communications, including emails, sent and received between the RIA and the client involved. As such, you want to be confident that those records exist and are ready to retrieve. A complete history of all communications through the past five1 years in a readily accessible archive will allow you to promptly respond to the regulator’s request and reach a resolution. Additionally, the regulators may wonder why it reached this point, and look to your policy and process of email surveillance and the business practices that surround them. Regulators want to ensure that you are reasonably monitoring your employee’s communications that are subject to the Books and Records Rule, to verify you have a satisfactory level of prevention to internally address potential issues before they escalate. In response, you will want to provide reports and supporting documentation of email surveillance performed by the CCO of the RIA.

Most states enforce the Books and Records requirement on RIAs in a manner consistent with the SEC, but you are under the oversight of state regulators, you’ll want to familiarize yourself with their requirements as well.

CCO Best Practices for Email Archiving & Surveillance

  • Know the different ways in which your supervised persons could exchange written communication with your clients.
  • Consider creating an approved technology and device list, so as to limit unauthorized use of written communications with clients and limit the scope of your RIA's technology usage for the purposes of monitoring and regulatory examination. For example, requiring that business communications and documents are transmitted only through company-owned computers or devices, or even applications such as email but not instant message.
  • Expect regulators will request to review personal email or messages sent, received or stored on personal devices, such as personal cell phones, so as to ensure that there is no business usage of those devices, and prepare your employees for those requests.
  • Periodically conduct email reviews of your archive, and try to focus on supervised persons or clients which with which you are less familiar in order to have a broad understanding of communications among all supervised persons and your firm's clients. Document all reviews conducted and parameters of the archive being reviewed.
  • Use keywords to try to find suspicious emails, such as by searching for keywords such as “complaint”, “guarantee”, “superior”, “great performance”, “guaranteed performance”, "disappointed", "trick", etc. Contact your email archiving vendor to see if they are maintaining a list for you to use. Here are the ten most commonly flagged fraud terms from Smarsh.
  • Don’t approach email surveillance and archiving as a compliance chore. The best practice in the long term is foster strong relationships between compliance and the individuals that are subject to your RIA's compliance program. For instance, ensure that compliance is represented in any discussions related to operational or technology changes, such as a new approved device for client communications and the related compliance components to authorize that device's use.
  • Integrate your email surveillance and archiving requirements into your RIA's technology architecture to strengthen your culture of compliance among your technology operations, and keep current with any changes in your technology policies and procedures.
  • Perform due diligence on vendors that provide your firm with applicable communication streams, such as cloud-based email archiving service providers, to verify they have appropriate physical, electronic and procedural safeguards. Document the results of this due diligence and include in your annual CCO report.

[1] The Books and Records Rule generally requires records to be kept for five or more years, from the end of the fiscal year in which an entry was last made to the record, with the most recent two years being accessible from the RIA's primary office location.


The AdvisorAssist CCO Series is a collection of blog posts that cover each of the elements of your RIA's compliance program. Each post will provide an overview of one compliance topic, including our insights on how regulators view each topic as well as some practical steps to help Chief Compliance Officers address this topic. As always, we would welcome your comments and thoughts.

Michael D. Conlon

Photo Courtesy of: http://www.flickr.com/photos/epublicist/

May 12, 2015

CCO Series (2015) - Best Execution

As an investment advisor, the duty to seek best execution arises from the core fiduciary duty and the related duties of loyalty and care for your clients. In seeking best execution for your clients, the advisor's duty focuses on your firm’s obligation to seek the best available trade execution when exercising discretion to trade on behalf of your clients. While the concept can be subjective it is an important element of the fiduciary duty owed to clients since the costs of trading have a material impact on portfolio performance, especially over years of management.

Best Execution In a Nutshell

Regulations state that as fiduciaries, registered investment advisors owe their clients a duty to seek and obtain “best execution” on securities transactions, under the circumstances of the particular transaction.

It is important to note that this does not necessarily mean “lowest trading fee” or “most favorable execution price” but rather, the best qualitative execution quality that is available to the advisor at that time.

While commission rates are certainly a component of determining best execution, the explicit “cost to trade” is just one of several factors to consider. Advisors may also consider the full range and quality of a broker’s services, including:

  • Value of research
  • Execution capability (e.g. minimizing market impact, liquidity, order size)
  • Financial responsibility or solvency (e.g financial strength of broker-dealer)
  • Responsiveness of the broker-dealer
  • Availability of price improvement
  • Cost effectiveness, including related clearing and settlement impacts

Below we describe some specific guidelines you should follow based on your firm’s specific circumstances.

Discretion to Select Brokers vs. Recommending Brokers

If your firm has brokerage discretion (see Item 8.C.3 on your Form ADV Part 1, and Item 12 of your Form ADV Part 2A) this means that, on a trade by trade basis, your clients have given you the ability to determine which broker-dealer will execute each transaction. In this case, you will be expected to demonstrate the rationale behind broker selection for each trade, relying on factors such as those listed above.

If your firm does not have brokerage discretion but rather you recommend brokers to your clients (See Item 8.D on Form ADV Part 1), then your client is formally selecting the broker-dealer to be used for their trades, which is typically noted in the client advisory agreement. They are doing so based on your recommendation, usually because your firm has a preexisting relationship with a recommended custodian that executes and clears your client trades, based on your prior best execution diligence. In this case, your compliance duties are lighter than a situation where you have brokerage discretion, and firms are obligated to monitor and assess this broker-dealer/custodial relationship on a periodic basis, and confirm that your factors supporting the recommendation continue to remain valid.

Single vs. Multiple Brokerage Relationships?

Regardless of whether your firm uses one or multiple broker-dealers, you are required to “periodically and systematically” evaluate the quality of execution services received from each.

In either case, you are expected to monitor and review formally, at least annually, the arrangement(s) in place with your broker-dealer(s) to confirm that the total transaction costs paid continue to be competitive when compared to other alternatives available to your firm. A key point here is that the formal diligence on your best execution compliance is geared towards what is best for your client and supports your assertion that you are upholding your fiduciary duty to your clients by ensuring they receive best execution as a client of your firm.

A common misperception is that if you utilize just one broker-dealer (and your firm simply recommends that broker-dealer) then there is no evaluation or due diligence requirements. However, this is not the case, because that broker-dealer could be providing inadequate execution for your clients.

Through the Regulator's Eyes

Since the concept and determination of best execution is in many ways a qualitative one, it may be helpful to view it more as a process. Regulators need to evaluate your firm to ensure it has a process of continuously assessing the overall execution services provided to your clients, after considering the facts and circumstances that prevail, such as discretion, strategy and due diligence.

A common examination request from regulators is for a copy of trade blotters for a specific period of time that identifies the executing broker, as well as any documents created in the evaluation of brokerage arrangements and best execution.

The latter can be satisfied by providing the regulator with a copy of your Annual CCO report, which should include a section on vendor due diligence and best execution assessment.

Regulators expect your firm to be able to answer questions such as:

  1. Is our current line-up of broker-dealers the best available?
  2. Are there alternatives to this line-up that could provide our clients with a better deal?
  3. What factors are considered when evaluating a particular broker-dealer for your clients?
  4. How frequently do you perform diligence on broker-dealers and could you provide me the historical diligence documents?

CCO Best Practices for Best Execution

  • Review the “Brokerage Practices” section of your compliance manual to confirm that the policies and procedures laid out here are being followed.
  • Review the brokerage-related disclosures in your ADV Part 1 and 2A for consistency with your compliance manual and current brokerage activities.
  • Review execution performance of brokers on an ongoing basis, paying particular attention to commission rates paid and quality of execution and settlement (i.e quality execution prices, low error rate on order management and trade settlement).
  • For any brokers you recommend to clients, perform a review of your relationship of each broker at least annually, to assess the full range and quality of the services your firm receives based on best execution factors (i.e. value of research, execution quality, commission rates, financial responsibility and responsiveness) to ensure the recommended brokers would provide best execution for your clients.
  • If you have brokerage discretion, implement a process of periodically reviewing your trade blotter to monitor broker usage at the firm- and client-level, as well as by security type.
  • Document your brokerage review process in your Annual CCO Report and related assessments.
  • Review your investment advisory agreements to confirm that they are consistent with your brokerage discretion disclosures and brokerage practices.


The AdvisorAssist CCO Series is a collection of blog posts that cover each of the elements of your RIA's compliance program.  Each post will provide an overview of one compliance topic, including our insights on how regulators view each topic as well as some practical steps to help Chief Compliance Officers address this topic. As always, we would welcome your comments and thoughts.

Michael Conlon