For the sixth year in a row, cybersecurity remains the biggest compliance concern at registered investment adviser firms, with 83 percent calling it the “hottest” compliance topic and more than 70 percent indicating that they increased compliance testing in this area over the past year, a new survey says.
More than 80 percent of advisors reported testing to see if hackers could penetrate their systems, compared with 73 percent last year, and 75 percent conducted email phishing testing, up from 66 percent last year. A majority reported having cyber insurance, according to the joint survey of 369 RIA firms by the Investment Advisers Association (IAA) and and ACA Compliance Group.
“Among the many key takeaways of this year’s survey—beyond the continued importance of cybersecurity—is that firms continue to strengthen their compliance programs,” IAA President and CEO Karen Barr said in a statement.
Compliance professionals ranked issues relating to advertising and marketing as the second hottest compliance topic (28 percent) after cybersecurity—not surprising, given the SEC’s recent focus in this area, which includes potential amendments to advisors’ advertising rule. Data privacy was ranked as the third most pressing area.
Firms of all sizes responded, with 28 percent of respondents managing less than $1 billion, 46 percent managing $1 billion to $10 billion, and 25 percent managing more than $10 billion. Almost two-thirds (64 percent) reported having 50 or fewer employees, which is consistent with industry data showing that the vast majority of investment advisers are small businesses.
This year’s survey also revealed that 66 percent of chief compliance officers continue to wear more than one hat, with 18 percent also serving in some legal capacity.
These were some of the surveys other findings:
• The most common controls firms report relating to advertising are requiring formal pre-approvals by chief compliance officers (71 percent) and ensuring that materials are logged and tracked as they are prepared (64 percent).
• The top three areas for testing fee arrangements are whether clients are billed in accordance with their agreements (87 percent); if description of fee arrangements in Form ADV is accurate (70 percent); and if the amount of AUM on which the advisory fee is billed is accurate (68 percent).
• The most common features in respondents code of ethics programs are having someone other than the chief compliance officer review trading activity of the CCO (77 percent); employees/access persons certifying that the firm received all trading information on a quarterly basis (68 percent); and using electronic data feeds (57 percent).