What can SEC examinations teach me about third party due diligence?
IMDDA hosted a webinar “How Understanding SEC Examinations Can Inform the Due Diligence Process”. We’ve pulled a few of the key takeaways from the presentation to form a series of tips you can apply right away.
Reviewing Examination Summary Letters & Responses
Your optimal situation here is to have a copy of both the original SEC Examination Summary letter and also a copy of the firm’s response to that letter. What you’re looking to do is analyze both for evidence to feed into your third-party due diligence process.
1. The Summary Letter
Look for how many of the issues highlighted fall into your pre-defined areas of risk that are more important for your firm.
Assess the severity of each issue against your own points-based risk assessment.
Consider what the “big picture” is, does the letter give the impression of a firm with a healthy attitude to risk? Or one with a risk appetite that matches your own organization’s?
What positives are highlighted that provide assurances to questions/investigation areas that you’ve highlighted as part of your third-party due diligence process?
2. The Response
Any response should cover each comment from the SEC’s letter, with nothing ignored, missed out or dismissed without due consideration.
Where an issue is highlighted, the response should provide detailed steps taken to correct those deficiencies.
The response, both in tone and content, should demonstrate that the firm ‘gets it’ and take issues seriously.
If economic harm to clients was found you need to ascertain that there is an explanation of restitution made (both that it happened and what it consisted of).
You should also assess the rationale for any comments where the firm disagrees with the SEC, as this will give you a useful insight into the firm’s attitude to compliance and risk.
When Might You Not See The Full Picture?
Responses by counsel may have the additional privilege and therefore not provided.
You may not get to see the actual letter (but you can always question what the contents were).
Various state regulations require different levels of transparency of information gathered.
Firms cannot favor one investor or client over another.
What Does an SEC Exam Actually Mean?
The fact that a firm had an exam doesn’t mean it’s all clear or that it’s all bad. You need to go deeper than the fact of the exam itself and look at the findings and response in detail as part of your third-party due diligence.