Having established more than a dozen registered investment advisers and worked with hundreds of legal and compliance professionals, I’ve seen nearly every possibility in which RIAs fulfill their regulatory obligations. While these regulatory rules, guidance notes, court cases, no-action letters, and legal interpretations can fill a library, an RIA’s role in keeping the SEC happy can simply be summarized as:
Advisors that are considering going independent and forming their own RIA have likely depended in large part on an existing compliance infrastructure. This might have been a branch manager or an in-house compliance team that reviewed your marketing materials and asked you to disclose gifts, entertainment, political contributions and outside business activities. Each of those responsibilities (and many more) now fall on the advisor once you establish your RIA.
There are a few ways to tackle this. First is with the CCO appointment:
Once you have a CCO, you have two options to develop your compliance program:
It’s important to note that this is not a “pass the buck” exercise. Simply appointing a CCO and making that person responsible for compliance doesn’t absolve the CEO (President, Manager, or whatever title you chose if it’s your RIA) of responsibility. Always remember that it’s your RIA and you are ultimately accountable for the RIA fulfilling its regulatory obligations and not violating state or federal securities law. If anything, the SEC tends to be more forgiving to the CCO, provided the CCO demonstrates sufficient authority and seniority with respect to carrying out the compliance program!
Selecting the best choice
Let me save you some trouble in spending too much time deliberating. Hire an outsourced CCO to develop and administer your compliance program. Think about the trade off: launching an RIA tends to be one of the biggest professional decisions an advisor makes. Would you rather spend your time focusing on what you’re good at (e.g. building a business, spending time with your clients, etc.) or learning the complex world of the 1940 Investment Advisers Act and subsequent 80 years of rule-making? Most of your colleagues agree: less than 10% of RIAs with fewer than $250 million in AUM have a full-time dedicated CCO.
Stick with your strengths, and hire someone that knows what they’re doing. You might ask:
“What if I take on the CCO title and just hire a consultant to do all the compliance work?”
Fair question, and a common, more cost-effective solution, too. This comes down to bandwidth and comfort. You may find a consultant that you think would be great to work with, but won’t take on the CCO title. Alternatively, you might find a mediocre consultant that’s happy to assume the CCO role. It’s best to evaluate each, determine who you’re more comfortable trusting to give you sound advice, and proceed accordingly. Again, as the sole operator of your RIA, the buck stops with you, so you can worry less about titles.
At some point it will make sense to hire an in-house compliance resource. That tends to happen around the $250-300 million mark. We can cross that bridge when we get there!
How do I hire a consultant?
There are five factors I always consider when hiring any outsourced compliance resource: expertise, bandwidth, patience, risk appetite and cost.
Pulling the trigger on a new compliance hire isn’t easy; but if you spend the time up front researching and discussing your needs you’ll save yourself plenty of time down the road. As always, if you ever have any questions or would like a sounding board or second opinion, feel free to reach me at firstname.lastname@example.org.