This content is from: Practice Management

For RIAs an Audit Need Not Be a Dreaded, Stomach-Churning, ‘Giant Monster in the Closet’

How to ensure a stress-free audit.

Regulatory audits are the great equalizer. They can wreak havoc on RIAs that have just one advisor as well as firms with a team of advisors and support staff in place. 

Christina Empedocles, founder of California-based Insight Personal Finance, had heard all the horror stories about firm audits and had a palpable sense of dread once notified that her firm was due for its first SEC audit. 

“The whole process loomed like a giant monster in the closet, and I thought they would be asking for a lot of things I couldn’t deliver,” she says. 

To keep in the good graces of regulators, new advisors are told to document their entire existence, from every social media musing to the most minute of client details. And the whole business must be shrouded within an impenetrable industrial-grade cyber barrier.

Fail to get everything right, and auditors will entangle you in an extended bureaucratic knot. Or so Empedocles thought. 

As it turns out, the audit turned out to be a lot less stressful than she feared. Auditors provided a heads up on the various pieces of information they wanted to see a week or so in advance, which included detailed records on around 10 random clients. Covered topics included risk tolerance questionnaires, invoicing, and completed financial plans, all of which were subsequently reviewed in an hour long phone call.

“It was a very time-consuming process (Empedocles estimates she put in 12 hours of prep time), but there was nothing really hard or scary about it,” says the advisor. 

Still, looking back, the process can seem a bit opaque.

“They asked a lot of questions but didn’t give a lot of feedback,” says Empedocles. And at the end of the process, they failed to directly answer her most pressing question: When will she hear from then again?

Auditors like the element of surprise, so they wouldn’t tell her if her next audit will be in a matter of months, or many years from now.

Todd Sakoda, a compliance consultant with The Consortium, a national compliance management firm based in Portland, OR, suggests that audits are less likely to occur with great frequency if the audit went smoothly and didn’t generate a laundry list of firm-wide deficiencies to correct. 

The Consortium serves RIA clients of all sizes, but mid-sized firms with about $70 million to $500 million are something of a target market for compliance experts like him. Solo advisor firms often have a hard time justifying the compliance retainer fees, which can exceed $1,200 per month. Large firms with many advisors under one roof tend to have a full-time compliance person in-house.

How do compliance consultants earn their keep? Sakoda says his firm helps clients lift the burden of compliance with hands-on support by helping them establish best practices to maintain on an ongoing basis, even when auditors don’t come knocking.

Still, Sakoda says that some clients will contact his firm only after they’ve been notified of a deficiency letter. Addressing the issues raised can be a challenge for the inexperienced, and compliance consultants can help create a framework to fix the items that were flagged in the audit. They ensure that clients will be well-prepared for the next audit. And come they will. 

“The biggest issue that examiners have is with recidivism,” says Sakoda. He adds that “if you’ve been written up about an issue, and the same problem exists in the next audit, that really bugs them.”

“It’s not enough to tell an examiner that you completed a compliance task.  You need to support it with documentation and evidence. If you can’t produce documentation showing that something was done, examiners typically interpret that to mean it wasn’t done,” says Sakoda.

For advisors like Empedocles, audits are less invasive when assets aren’t being managed. Audits become more complex, however, once client funds are involved.

Sakoda says that auditors are especially concerned about advisors that have business models that “have the greatest potential for risk to the public and their clients.” He adds that auditors will pay close attention to type of investment assets being managed. Your everyday mutual funds and exchange-traded funds are less likely to merit deep scrutiny.

“But any advisors pursuing complex investment strategies which use leverage and options, deploy funds in real estate investment trusts (REITs), limited partnerships and other exotic instruments can expect greater scrutiny,” says Sakoda. 

And if you have custody of assets, you can forget about an over-the-phone audit. “If I had been managing assets, they would have insisted on a site visit,” says Empedocles.

For solo advisors, it’s possible to get help with policies and procedures, cyber defense tests and more with the help of a low-cost firm such as Entreda. That firm, for example, has monthly fees starting at just $15 per month, per employee.

Now that she’s been battle-tested, Empedocles is confident enough to handle future audits.

“I now know that it’s something I can tackle myself,” she says. 

Yet for advisors who lack tech savvy or tremble at the thought of a regulatory audit, a retainer relationship with a specialist may represent money well spent. 

David Sterman, CFP, is President of New Paltz, NY-based Huguenot Financial Planning



Related Content