• wblogo
  • wblogo
  • wblogo

US compliance in wealth management: the trends at-a-glance

Chris Hamblin, Editor, London, 16 August 2017

articleimage

Cipperman Compliance Services of Pennsylvania has just completed its annual 'C-suite' survey of attitudes towards compliance at US financial firms. The results betray a fell fear of regulatory scrutiny on the part of wealth management executives.

The survey's respondents were senior managers with compliance responsibilities of various kinds and in various parts of the financial services industry. The Cipperman questionaire, which 200 of them filled in, divided their firms up into three categories: asset management firms, alternative management firms, and broker-dealers.

Hardly any executives at broker-dealers (4% in all) thought that compliance "keeps us honest and on our toes," although 10% of alternative managers and 14% of asset managers did. When asked whether they thought that compliance was a waste of time and money, however, none of the managers said yes.

Other opinions about compliance were surprisingly consistent. Asset managers were most complementary about it, 39% saying that it helped them sell business and retain clients (as against 30% for alternative managers and 32% for broker-dealers), 24% saying that it protected their franchises (as against 30% and 23%), and only 19% viewing it as a mere cost of doing business (as against a more substantial 30% of asset managers and 41% of broker-dealers). All categories of executive damned compliance with faint praise, but their attitudes towards it have been far more positive in this survey than in years gone by.

Although compliance is now more important for financial businesses than before and its worth appears to be rising in their eyes, the same cannot be said for executives' faith in their companies to comply. When asked whether their compliance programmes (i.e. plans of action, which are mandatory for American firms) would withstand the scrutiny of regulatory inspections, the executives were far from confident. A hefty 25% of asset managers said no, but a gigantic 43% of alternative managers and 32% of broker-dealers were also pessimistic. This meant that only 75% of asset managers, 57% of alternative managers and 68% of broker dealers thought that they would pass such regulatory "examinations."

Compliance Matters spoke to Todd Cipperman, the former general council of a fund company known as SEI Investments (headquartered in Oaks in Pennsylvania) and the founder of Cipperman Compliance Services. When asked whether the US term 'exam' always meant a regulatory visit, he replied: "It does in this case. Actually it's a regulatory audit. It can happen at the SEC's offices when they're poring over data that they've taken from your office. 'Remote exams' exist as well."

Not much confidence after all this time

When asked whether the executives based their beliefs that they would not pass exams on negative results from actual stress-tests or third-party assessments, Cipperman said: "We can't tell. It was just a questionnaire. It's curious, though, that after all this time, and after all the time and money that's been spent on compliance, this happens. It's almost stunning. Not much has changed in terms of what's required of a compliance programme (the rule that obliged every firm to have one was promulgated in 2004 and came into force in 2005). Not many requirements have changed. In 2012 Dodd Frank applied the regime to hedge funds, so that's an example of something becoming more onerous, but otherwise no. Maybe the regulators are a little more picky and stringent in what they expect, but the requirements have remained fairly constant. Yet the executives don't feel confident about surviving exams any more."

The survey asked managers whether their firms spent more on their compliance programmes than on legal counsel. Asset managers' responses were 34% yes, 48% no, 18% unsure. Alternative managers' responses were 20% yes, 71% no, 9% unsure. Broker-dealers' responses were 18% yes, 73% no, 9% unsure.

Compliance more worthy but less attainable

The 2015 survey said that half of US asset managers (but less than one-third of US wealth managers) kept compliance entirely in-house. When asked whether there had been any changes since then, Cipperman replied: "I think there's a trend, particularly amongst what I might call emerging asset managers, i.e. those whose AuM is under $5 billion. They think that hiring a person in-house is not efficient. This is because compliance is a non-core activity, that is it doesn't raise assets or deal with assets. I find it surprising that the worth of compliance has grown but the effectiveness of compliance has declined."

Cyber-security

In essence, Cipperman Compliance Services offer to perform all the functions of a compliance officer at any US customer-firm. One of these functions is cyber-security 'preparedness,' which the Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) made a compliance requirement in 2015. A compliance programme must cover seven things: governance practices, risk assessments, access controls, prevention of data loss, training, the management of vendors and responses to incidents.

When asked by the survey whether they were confident in their firms' cybersecurity, a staggeringly high 64% of broker-dealer executives - nearly two-thirds - said that they were not. Only 23% said yes and 13% were unsure. In other words, nearly two-thirds had received positive information that ruled out confidence in their cyber-security, while 13% had not received enough to make up their minds. Things were not much better for alternative managers, 43% of whom were not confident, with 25% attesting confidence and 32% not being sure - perhaps an even worse sign. Only 25% of asset managers were not confident in their firms' cyber-security, but a very high 24% of them were not sure. Still, 51% of them were confident, giving them the highest score among their colleagues for that.

The survey asked a related question: "do your cybersecurity and data protection policies meet regulatory requirements?" To this, asset managers replied 72% yes, 28% no; alternative managers replied 43% year, 57% no; and broker-dealers replied 77% yes, 23% no.
 
Compliance Matters asked Todd Cipperman whether US compliance officers were responsible for data protection. He replied: "Yes, it's part of the compliance programme. Compliance officers are not directly responsible for it but they have to protect the data."
 
He also remarked that, in general, the chief compliance officer at a US firm is responsible for anti-money laundering programmes as well.

CCO quality

On the subject of chief compliance officers (CCOs) in general, it is sometimes the case in the US that a firm appoints a 'patsy' to take the job title, someone disposable who is not equal to the job but will help his firm keep up appearences. When asked about this, Cipperman said: "There are firms that certainly do that. They hire someone who's not qualified. Another way of looking at it is that they don't take it seriously.

"There have been a lot of huge actions against banks - recently against Wells Fargo - but I've never heard of any bank that's been brought down by regulatory action except Riggs Bank. This is not the case with investment managers (who manage HNW individuals' assets) in the US. Regulatory action sometimes drives them into insolvency."

When asked whether the US was ever likely to have anything that resembled the British Senior Managers & Certification Regime, Cipperman said: "No. They did away with that with the CCO rules. There has been talk about all investment managers being required to undergo annual compliance reviews by third parties. This idea was floating around when Mary Jo White (an Obama appointee) was in charge of the SEC. It's not the sort of thing that Trump would want although it might be resurrected but the stats don't look good. The SEC only reviews 20% of investment advisors (IAs) every year. IAs can be discretionary fund managers (DFMs) but they are usually not. Most are advisory only.

When asked why the job did not go to FINRA, Cipperman replied: "The advisor community does not want FINRA to regulate them because they think they're a cut above the average corner broker."

Regulatory demands from customers

Although the performance of compliance departments and the quality of compliance programmes seems to be in doubt, the survey shows that compliance is rising inexorably in importance. This even extends to clients asking financial firms whether they can review their compliance policies and/or interview their compliance people. Among asset managers, 64% said that customers had asked for this, with 31% saying no and 5% being unsure. Only 26% of alternative managers said yes to this, with 44% saying no and 30% being unsure, but a staggering 68% of broker-dealers said yes, with 27% saying no and 5% being unsure.

This is the fourth annual Cipperman survey and its results - more than previous ones - raise significant questions about the effectiveness of firms' rocketing spending on internal compliance resources.

Latest Comment and Analysis

Latest News

Award Winners

Most Read

More Stories

Latest Poll