Oct 06 2009 Stuart Gittleman Essential
Compliance changed forever in 2008, John Walsh, acting director of the Securities and Exchange Commission Office of Compliance Inspections and Examinations, said Monday at the National Society of Compliance Professionals conference in Philadelphia.
Not only did the profession change dramatically, but so did OCIE, its primary regulator, Walsh said, adding that compliance officers should expect a top-to-bottom review at OCIE once a permanent director is appointed.
The changes were spurred by the recent report and recommendations by SEC Office of Inspector General on the failure of OCIE and the SEC Division of Enforcement to identify and stop the massive scheme perpetrated by confessed fraudster Bernie Madoff.
In addition to implementing the OIG recommendations, OCIE will conduct a self-evaluation and will identify internal change agents to lead the national staff and train examiners in better, more proactive practices, because the report showed that:
1. OCIE needs more expertise to keep up with the businesses it oversees. Sweep exams are good ad hoc learning and training tools, but the office also needs senior specialized examiners with specific expertise and enhanced training programs, internally, externally and in conjunction with other divisions and agencies.
2. OCIE needs to prepare to collaboratively deploy the right expertise at the right time. The OIG report showed that bifurcated exams can fail if they do not account for firms that are or should be dual registrants, or work through affiliates or unaffiliated entities. OCIE should periodically review exam results to determine whether cross-training or using multidisciplinary teams on an ad hoc basis could have helped eliminate silos that prevent information and expertise from going to where it could have been best used.
3. OCIE needs to routinely verify assets and valuations through third parties, including clients, custodians and counterparties, and subject this information to forensic testing as needed. There should be no stigma attached to these requests, and firms should alert their third parties that the SEC may request this information and ask them to respond honestly.
4. OCIE must not let its staff be bullied, intimidated or controlled by registrants or their agents. Just as it established a hotline to protect registrants from seemingly overbearing examiners, OCIE will set up a hotline to protect its staff from bullying. Chief compliance officers should still ask tough questions and push back against unfair production requests, but examiners may consider improper or patently inappropriate conduct to be a red flag.
5. OCIE should regularly review, not less than annually, its policies and procedures to ensure that its inspection and forensic testing programs are up to date.
The SEC will post positions for senior specialized examiners and for a senior attorney to do annual reviews of the OCIE programs, Walsh added.
As Complinet has reported, former OCIE director Lori Richards for years urged firms to adopt a culture of compliance, but the mantra now is for OCIE to adopt a culture of change and collaboration.
