I recently spoke at the IA Watch/Regulatory Compliance Watch compliance conference in Philadelphia sponsored by Simplify Compliance, where the discussion turned to firms’ tone at the top. “Tone at the Top” is a term that describes a firm’s management and whether they are committed to ethical behavior, honesty, and integrity. Clearly, the principals of some Registered Investment Advisers (“RIAs”) set the wrong tone at the top and do not demonstrate a commitment to acting in clients’ best interest.
A firm’s culture is often reflected in its policies and procedures. Do they fully address the risks facing the RIA, or are they boiler-plate policies and procedures? Are policies and procedures given full-throated support by management, or do the principals only give lip service to compliance? Are annual reviews conducted with an earnest desire to make improvements in the RIA’s policies and procedures?
An RIA’s management must work diligently to implement policies and procedures that are designed to address the specific risks facing the firm. Furthermore, management must ensure that policies and procedures are adhered to by every member of the firm. An RIA’s management should make it very clear to everyone that policies and procedures, including the firm’s code of ethics, must be taken very seriously. Management must respond forcefully when personnel deviate from the applicable policies and procedures and required code of conduct. There should not be one set of rules for star performers and a different one for others.
In her blog post entitled, “Regulatory Exams – Setting the Tone and Putting Your Best Foot Forward,” Katherine Libby of NCS Regulatory Compliance suggested that having a “Day One Exam Powerpoint Presentation” at the ready helps to set the tone for the inspection. According to Katherine, this presentation “says to the Examiners that you are professional and prepared.” To build upon Katherine’s excellent advice, tone at the top shows examiners that an RIA is dedicated to building a culture of compliance.
A speaker at the compliance conference pointed out that when a firm has changed Chief Compliance Officers (“CCOs”) several times during a short time frame, examiners view the RIA as a higher risk. As such, the firm may be subject to more frequent examinations. Turnover among CCOs could mean that an employee has left the position out of frustration with management’s commitment to compliance, or the firm’s principals prefer an employee who does not push back on them.
CCOs should possess sufficient authority and seniority to compel others to comply with the RIA’s policies and procedures. They should be willing to stand up to senior management when the firm is engaged in noncompliant activities. Firms must give CCOs sufficient resources to do their job well.
An RIA’s tone at the top may be suspect if the firm’s principals set a bad example for employees. For example, they might ignore some of the cybersecurity measures that are in place to protect clients and the firm. As another example, they might pressure the firm’s CCO to approve marketing materials without conducting a thorough review. In certain firms where tone at the top is questionable, managers give a lick and a promise to supervision.
Examples like this, and many more, send the message that compliance is being given short shrift, and the tone at the top is off key.