Regulatory Update, February 2010

On December 30, 2009, the SEC published its final rule amending certain custody requirements under the Investment Advisers Act for registered investment advisers.  Among other things, the amendments to Rule 206(4)-2 under the Advisers Act (Custody Rule) will require surprise examinations and SAS 70 reports for certain RIAs based on how they manage custody of client assets.

An RIA is deemed to have custody of client assets if it, or a related person, directly or indirectly, holds or has authority to hold client assets.  Custody includes, among other things: (i) possession of client assets; (ii) a power of attorney or other arrangement authorizing the RIA to withdraw client assets; and (iii) acting in any capacity that gives the RIA legal ownership of, or access to, client funds or securities, such as status as the general partner or managing member (or any comparable position) of a private fund.

The Custody Rule generally provides that it is a fraudulent, deceptive or manipulative practice for an RIA to have custody of client assets unless certain requirements are met: 1) Client assets must be held by a “qualified custodian” in a separate account for each client in the client’s name, or in the RIA’s name as agent for the client.  2) The RIA must confirm that the qualified custodian sends an account statement, at least quarterly, to each advisory client for which the qualified custodian maintains assets.  (Distribution of annual audited financial statements exempts the RIA from distributing quarterly account statements to the private fund and its investors).  For RIAs to private funds that do not annually distribute audited financial statements to their investors (described in further detail below), quarterly account statements must be distributed by the qualified custodian to each investor in the private fund.  3) For custodial accounts opened by the RIA on behalf of a client, the RIA must notify the client of certain information concerning the custodian, and update the client if the information changes.

The “Surprise Examination”
In general, RIAs that have custody of client assets (directly, or through a related person) must undergo an annual surprise examination during which an independent public accountant, pursuant to a written agreement, will verify by actual examination all client assets custodied by the RIA (or its related person).

There are three exceptions to the surprise examina­tion requirement:

• First, the examination requirement does not apply to RIAs that have custody solely because they have the authority to automatically deduct advisory fees from client accounts.

• Second, this requirement does not apply to RIAs that are “operationally independent” from their related person that acts as qualified custodian for client assets.

• Third, RIAs to private funds that distribute annual audited financial statements to investors within 120 days (180 days in the case of a fund of funds) of the end of the fund’s fiscal year are exempt from the surprise examination requirement (with respect to their private fund client(s) only) if those annual audited financial statements are prepared in accordance with generally accepted accounting principles by an independent public account registered with, and subject to regular inspection by, the PCAOB.  

SAS 70 Reports
RIAs that act as qualified custodians for advisory clients (or have related persons that act as qualified custodians for the RIA’s advisory clients, regardless of whether the RIA is “operationally independent” from the related person) must obtain (or receive from its related person) a SAS 70 control report prepared by an independent public accountant registered with, and subject to regular inspection by, the PCAOB. The internal control report must, among other things, set out the opinion of the accountant as to whether controls are in place and suitably designed to safeguard client assets.

Compliance Policies and Procedures
The SEC suggests that RIAs with custody of client assets consider adopting certain policies and procedures, including:

• Background and credit checks on employees who will have access to client assets over which the RIA or its related person has “custody”;

• Requiring authorization of more than one employee before the movement of assets within, and withdrawals and transfers from, a client’s custodial account, as well as before changes to account ownership information;

• Limiting the number of employees who are permitted to interact with qualified custodians with respect to client assets;

• If the RIA also serves as a qualified custodian for client assets, instituting controls to prohibit any one person from misusing client assets without being detected.

The SEC also suggests that RIAs with authority to deduct advisory fees directly from client accounts consider adopting policies and procedures for, among other things: 

• Periodic testing on a sample basis of fee calculations for client accounts to determine their accuracy;

• Testing of the overall reasonableness of the amount of fees deducted from all client accounts for a period of time based on the adviser’s aggregate assets under management; and

• Segregating responsibilities between those who perform the following duties: (i) process billing invoices or listing of fees due from clients that are provided to and used by custodians to deduct fees from clients’ accounts; (ii) review the invoices and listings for accuracy; and (iii) reconcile invoices and listings with deposits of advisory fees by the custodians into the RIA’s bank account.

Compliance Dates
The Adopting Release specifies that all RIAs required to undergo a surprise examination must enter into a written agreement with an independent public accountant providing that the first examination will take place no later than December 31, 2010. The Adopting Release further explains that all RIAs required to obtain or receive a SAS 70 report must do so by September 12, 2010.