Opinion: Three Steps for Avoiding Compliance Program Snafus



Niels Holch is executive director of the Coalition of Mutual Fund Investors.


A January compliance call sponsored by the Securities and Exchange Commission’s Fort Worth, Texas, regional office warned participants that a 2017 review of fund and adviser examinations indicated too many firms were not properly following the commission’s compliance rule.  

 The compliance rule, which was promulgated by the SEC in 2003 for both investment companies and their advisers, requires fund boards to review and approve the compliance policies and procedures of each fund’s service providers, including its investment adviser. The rule also requires directors to review these policies and procedures annually to determine whether they’re adequately and effectively implemented.



The compliance rule errors the SEC’s Fort Worth office emphasized earlier this year are completely correctable with an appropriate level of due diligence. Some firms were using canned compliance policies that were not tailored to the firm’s business activities. Others were using compliance programs that relied on policies and procedures not applicable to the firm. And the most embarrassing mistake made was to approve and implement a boilerplate policy that used the wrong firm’s name.


These issues have been around for several years. In fact, they were highlighted in a May 2013 SEC enforcement action against Northern Lights Fund Trust’s administrator, compliance service provider and independent directors. In that case, the board approved boilerplate disclosures that were materially untrue or misleading.


It is alarming that this is still a significant compliance problem. Directors should reevaluate their own oversight processes to avoid these issues. Below are three practical suggestions to help them fulfill their responsibilities in this area.


Robust Oversight


Directors should ensure that their review of all service-provider compliance policies and procedures is a robust, thorough evaluation. It can be an overwhelming task, as the compliance responsibilities of funds and their service providers are complex and far-reaching.


The SEC permits fund directors to satisfy their obligations under the compliance rule by reviewing summaries of the programs prepared by the chief compliance officer or someone else familiar with them.


However, the summaries need to be comprehensive and understandable. They should familiarize directors with the compliance programs’ salient features and provide them with an understanding of how the programs are intended to address significant compliance risks.


In conducting this oversight function, directors should keep in mind the specific compliance needs of each fund. A money market fund, for example, needs to have policies and procedures that sufficiently address the fund’s compliance with Rule 2a-7.


Fund directors should also dig deeper when evaluating the adequacy of policies and procedures in any area where problems may have occurred, to determine if there are weaknesses that need to be corrected.


Accuracy in Disclosures


Directors should also ensure that all fund disclosures are completely accurate. Canned or boilerplate language should be tailored to the specific compliance needs of the fund or its service providers.


The actual language of any material disclosure should be reviewed carefully to confirm that it applies to each fund’s unique circumstances and is not just borrowed from another source to check the box.


For many enforcement actions in this area, the SEC simply determined that a fund did not follow the policies and procedures articulated in its disclosures. The best, and only, practice for boards is to ensure that the processes they describe to investors are exactly the processes they follow.


And there is absolutely no excuse for a disclosure to mention the name of the wrong firm, as commission officials noted in their January conference call.


Consistency in Disclosures


Directors should also ensure that disclosures are consistent with each other, from the registration statement to shareholder reports. Minutes of board meetings and approvals, for example, should accurately reflect director discussions and should not contain statements that conflict with other disclosures.


For example, if a document states that the fund board has approved the compliance policies and procedures for a particular service provider, then the board minutes must document the board’s review and approval of such compliance program.




Reviewing outside service providers’ compliance programs is an important, but somewhat daunting, task for directors. This responsibility is complex and imposes additional regulatory burdens.


However, the problems SEC examiners identified are not gray areas. Directors are expected to conduct a robust evaluation of these compliance programs. They must also ensure that each material disclosure is accurate and not just “canned” language written on a piece of paper. And, finally, they should make sure that all shareholder disclosures, from the registration statement to periodic reports, are consistent from one area to another.


Investors should be able to rely on directors to look out for their interests by thoughtfully overseeing the many compliance programs they’re responsible for.