Decoding Compliance Buzzwords: The Practical Application Of Risk Assessment & Forensic Testing

  • Uploaded by: SEC Compliance Consultants
  • 0
  • 0
  • June 2020
  • PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA


Overview

Download & View Decoding Compliance Buzzwords: The Practical Application Of Risk Assessment & Forensic Testing as PDF for free.

More details

  • Words: 4,967
  • Pages: 12
This article was originally printed in Schwab Institutional's Compliance Review, April 2007, Volume 16 Issue 3.

DECODING COMPLIANCE BUZZWORDS: THE PRACTICAL APPLICATION OF RISK ASSESSMENT AND FORENSIC TESTING By: Janaya Moscony and Robert Tull of SEC Compliance Consultants, Inc. Risk assessment is a phrase used to describe the process of identifying and estimating the exposure to real and potential risks. Forensic testing is colorful shorthand to refer to periodic tests used to evaluate the effectiveness of controls. However, the application of these notions goes beyond the simple definitions since risk assessment and forensic testing are pillars for a sound compliance program. Understanding the Risk Assessment Process The Relevance of Risk Assessment for Investment Advisors Risk assessment is arguably the most vital activity that Chief Compliance Officers (“CCO”) should oversee in the development of an adequate compliance program. In adopting Investment Adviser Rule 206(4)-7 and Investment Company Rule 38-1, the Compliance Rules, the Securities and Exchange Commission (“SEC”) stated that “each adviser, in designing its policies and procedures, should first identify conflicts and other compliance factors creating risk exposure for the firm and its clients in light of the firm's particular operations, and then design policies and procedures that address those risks.” 1 The intention is for each advisor to create a customized compliance program based on a risk assessment that is appropriate given the nature and scope of the advisor’s business. It is apparent that compliance expectations for investment advisors continue to escalate as the industry swells in terms of assets.

1

Compliance Programs of Investment Companies and Investment Advisers. Release No. IC-26299 and IA-2204 (December 17, 2003).

Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

1

SEC Compliance Consultants, Inc. Bridging your Compliance Gap

According to the 2006 study conducted by the Investment Adviser Association and National Regulatory Services, “Evolution Revolution,” investment advisors have more assets under management than ever before. 2 In fact, total AUM among registered investment advisors increased 17.2 percent from 2005 to 2006, from $26.8 trillion up to $31.4 trillion. However, what is interesting about the study is that most of those assets are managed by a small number of firms. The study found that 90 percent of registered advisors reported that they have 50 or fewer employees. Only 4 percent of the firms reportedly manage 82 percent of the total discretionary AUM for all advisors. According to the survey, the typical registered investment advisor - the median point in the data has $96 million in discretionary AUM, six to 10 employees and 26 to 100 clients, who consist of individuals, high-net worth clients, pensions and profit-sharing plans. Therefore, it is conceivable that the vast majority of investment advisors will approach risk assessment without the luxury of dedicated risk management resources.

Risk Assessment Options When determining how to approach risk assessment, an advisor should consider its size and the depth of its business. There are various theories and approaches with regard to risk assessment and management including, but not limited to, those enumerated in The Committee of Sponsoring Organizations of the Treadway Commission’s Internal Control – Integrated Framework, 3 Enterprise Risk Management, 4 Key Risk Indicators, 5 and Statement on Auditing Standards (SAS) No. 109,6 to name a few. Many financial firms rely on a variety of methodologies. However there is not a one-size fits all solution; a publicly traded large institution may require a much more technical process than a typical investment advisor. In the context of an advisor’s compliance program, the rationale is to prevent, detect, and when necessary correct any areas where there may be violations. A violation is often the result of a risk event. When formulating a risk assessment process, there are several types of risks that an advisor should keep in mind; these risks can be classified by the potential consequence, such as: financial risk, informational risk, reputational risk, and regulatory risk. Some of these risks have more obvious implications than others; however, the less obvious ones can be just as severe.

2

http://www.icaa.org/public/evolution_revolution-2006.pdf

3

http://www.coso.org/publications/executive_summary_integrated_framework.htm

4

http://www.coso.org/Publications/ERM/COSO_ERM_ExecutiveSummary.pdf

5

http://www.continuitycentral.com/BusinessSpecificKeyRiskIndicatorspartone.pdf http://www.continuitycentral.com/BusinessSpecificKeyRiskIndicatorsPart2.pdf

6

https://www.aicpa.org/download/members/div/auditstd/SAS109.PDF

Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

2

SEC Compliance Consultants, Inc. Bridging your Compliance Gap

For example, at the 2005 NSCP National Membership Meeting, Lori Richards, Director of the SEC’s Office of Compliance Inspections and Examinations, shared an anecdote about the importance of compliance and the implications to a firm’s reputation. 7 According to Ms. Richards, a research analyst at a major wire house divided the top 25 fund firms into three groups: those that were very much involved in the fund scandals, those that were somewhat involved, and those that were not touched at all. The analyst then calculated the growth rates of the firms in each category in the 18 month period after the scandals came to light. The funds that were very much involved shrank by 24%, while those that were somewhat involved grew by 13%, and those that were not involved at all grew by 15%. Ms. Richards continued, “the next time someone says to you: ‘compliance is a cost center, not a business center,’ you should reply, ‘when was the last time your department had a 15% impact on the growth of this business?’” The risk assessment process should be comprehensive, factoring in all relevant and potential risks. Aside from the benefits to an advisor’s compliance program, conducting a risk assessment of your firm can add value by forcing an advisor to take new perspectives on operations, affiliations, relationships, and even outside industry practices. The desired outcome of every business decision should be to add value. When considering the risk of certain decisions versus the potential reward, advisors are not only considering the benefits presented to clients, but also shareholders of the entity itself.

A Team Effort While the CCO should oversee or manage the process, an effective risk assessment cannot be carried out by one person alone - regardless of size of the firm. Risk assessment requires insight into the essential functions within the firm and this is often only available through input from operational personnel. Operational expertise and various perspectives add value to the process. It's very important that supervisors buy into the risk assessment process, not only for the financial and reputational benefits but as part of the firm’s culture of compliance.

Documentation Tools Documenting the risk assessment process has two primary benefits. First, documentation is one of the hallmarks of an adequate compliance program. Evidencing the risk assessment process adds credibility and confidence to the compliance program. Secondly, documentation can serve as a tool to navigate the risk assessment process.

7

Remarks before the National Society of Compliance Professionals National Membership Meeting by Lori Richards. October 25, 2005. http://www.sec.gov/news/speech/spch102605lr.htm.

Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

3

SEC Compliance Consultants, Inc. Bridging your Compliance Gap

Risk Assessments can be documented in various ways. A grid or matrix can be used to show the various areas of compliance, where each risk corresponds to controls. Lists or “inventories” are another alternative, but can presumably be less detailed and could tend to be too simplistic for many firms. Charts, graphs, and heat maps can be used and are often preferred as visual summaries. These tools can also communicate the results of the risk assessment to those parties that were not involved with the process, which makes them ideal for high level reporting, such as to a firm’s or fund’s Boards of Directors. A Practical Approach to Risk Assessment Regardless of the theories an advisor wishes to incorporate and the personnel involved, the purpose of the risk assessment is five-fold and includes the following components: (1) identifying the potential regulatory and operational risks associated with the activities conducted within each area of the compliance program; (2) measuring those risks with a standard set of terms or metrics; (3) prioritizing any gaps associated with those risks; (4) formulating a timely action plan to manage the risk; and (5) monitoring those risks on an ongoing basis. 1. Identifying the Risks Identifying risks is the initial phase in the risk assessment process. There are two major categories of risk that advisors should consider: risks inherent to the industry (such as soft dollars, performance marketing, direct debiting fees, and code of ethics) and business specific risks (such as affiliations, business lines or products, and client profile). Risks can be efficiently identified through a four step process. Step One – Start with the Compliance Rule. The adopting release for the Compliance Rule identifies certain areas that each advisor should address in its policies and procedures to the extent they are relevant. To initiate the risk identification process, the advisor can brainstorm some of the risks in these same areas by asking basic questions.     

Portfolio management processes – How are investment opportunities identified and allocated? How are client restrictions or mandates monitored? Trading practices – Are trades bunched or blocked for multiple clients? How are trades allocated? Are disclosures about trading practices accurate and understandable? Proprietary trading – Does the advisor allow personal trading in the same securities that are traded for client accounts? How are conflicts managed to ensure that clients’ interests always come first? Accuracy of disclosures – Has the advisor adequately disclosed its business, affiliations and activities to clients? How often are disclosures reviewed and updated? Safeguarding of client assets – How are client assets protected from unauthorized access or transfer? If clients ever send checks directly to the advisor rather than the custodian, how is this handled? Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

4

SEC Compliance Consultants, Inc. Bridging your Compliance Gap   

 

Books and Records – How are e-mails retained? How are books and records secured from unauthorized alteration or use and protected from untimely destruction? Marketing – Are marketing materials reviewed for misleading statement and applicable disclosures? How are solicitor arrangements documented, disclosed, and supervised? Valuation of client holdings and Advisory Fees – Does the advisor use the custodians to value client portfolios? Does the advisor fair value positions or over-ride third-party valuations? What valuations are used for the basis of advisory fees? Privacy – How is access to confidential client records controlled? How does the firm dispose of confidential information? Business continuity plans – How effective is the disaster recovery or business continuity plan? Does the firm have loss of key man/woman provisions?

Step Two – Review Form ADV Part 1 and Part II. Read through Form ADV Part 1 (IARD) as if you were evaluating the firm from an outsider’s perspective – a potential client or a regulator. Where are the potential risks? For example, if your advisor has affiliated companies, potential related risks should be included in your risk assessment. Does the advisor recommend that clients purchase insurance through a related entity? Is the advisor receiving compensation? Disclosures regarding discretion, brokerage, solicitors, and affiliations are easy places to begin. While the disclosures in Part II of Form ADV may be narrative and specific, they generally involve inherent risks. Not only are Form ADV responses used to provide relevant, material information about a firm’s operations, but also the responses are used by the SEC in order to create a risk profile for each firm.

Step Three – Walk through the major operational and regulatory areas of the firm. Which areas present more risk and what has not been identified yet? Is there a proper delineation of responsibility and oversight within the organization to prevent and deter unethical behavior? Brainstorm with operational level personnel, leveraging the expertise and knowledge base of all staff. Be creative about the less obvious risks and create scenarios on how certain risks might manifest themselves.

Step Four – Industry Information. The advisor needs to stay current on the rules and regulations. Best practices and industry buzz can assist the advisor in knowing where to focus. The advisor can find guidance by looking to industry publications, SEC releases and speeches, and service provider knowledge-bases. Also, advisors should not overlook the value of using peers or competitors as a benchmark. Assess how they are approaching compliance risks and how their operations and business lines evolving.

Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

5

SEC Compliance Consultants, Inc. Bridging your Compliance Gap

This identification process should yield a comprehensive inventory of relevant risks. Depending on the documentation tool used, an advisor may take this opportunity to drill down to link these risks to a procedure. It is also useful to link policies and procedures to applicable staff members who are responsible for executing the policies and supervising their effectiveness. It is beneficial to conduct interviews to ensure individuals take responsibility and memorialize that responsibility in writing. 2. Measuring the Risks Identified At this stage, the advisor should measure the risks identified by considering their impact and probability (or likelihood) of a risk event in the absence of controls (these risk are often referred to as “inherent risks”). Likelihood represents the possibility that a given event will occur, while impact represents its effect should it occur. When evaluating impact, the advisor should look at the impact to clients or potential clients, the impact to disclosure, financial impact, impact to reputation, and regulatory impact. The advisor should also consider materiality when assessing impact . Probability is the anticipated frequency of a risk event given the regularity of the activity or process that is associated with the risk. For example, the risk of incorrectly assessing quarterly advisory fees could occur on a quarterly basis. Adequate controls will decrease the probability. The measurement should provide a baseline for an advisor to assess how well its policies and procedures control or manage the inherent risk – i.e.: decrease the probability or impact. Projecting and estimating these measurements should be based on the nature of the risk. Estimates of risk likelihood and impact often are determined using data from past observable events and forensic testing. This helps to provide a more objective basis rather than entirely subjective estimates. Caution should be used when using past events to make predictions about the future, as factors influencing events may change over time. In addition, internally generated data based on an advisor’s own experience may reflect subjective bias. Advisors may want to consider having an independent third party assist with the risk assessment or some other piece of the compliance program. There are various methodologies that can be used to measure the impact and probability of risks, such as: Quantitative (1,2,3,4,5 etc), Qualitative (low, medium, high), and Relative (average, below average, above average). Qualitative assessment techniques alone may be used for multiple reasons. For example, the results of qualitative assessments can capture subjective elements and be easily interpreted. Additionally, it may not make sense to quantify the risks when consistent data is not available. Quantitative techniques are typically associated with more complex risk assessments and are generally used in conjunction with qualitative assessments. Although an entity need not use common assessment techniques across all areas of its business, an advisor will find it advantageous to use a consistent process and attempt to simplify the process to the extent possible.

Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

6

SEC Compliance Consultants, Inc. Bridging your Compliance Gap

The following is an illustration of applying a methodology to risks associated with obtaining best execution. ABC firm identifies a potential risk in that execution is being done through an affiliated broker. Qualitatively, the firm opines that this is a significant risk because the firm could use an electronic communication network (or “ECN”), but chooses to use the affiliated broker for 90% of all transactions executed. The firm could be perceived as acting in its own best interest ahead of its clients best interest if the firm is not comparing execution alternatives and documenting its due diligence review. Quantitatively, the firm could use a 1-5 scale and rate this risk as a “5” or use algorithms to determine an estimated monetary measure. Alternatively, the firm could measure this risk in relative terms. If executing the majority of trades through an affiliated broker could present high regulatory, financial, and informational risk, the advisor may rate the risk simply as “high” or “above average” when compared to other potential risks. Another alternative measurement approach may be to apply the performance measurements used by management in determining the extent to which objectives are being achieved. It may be useful to use the same unit of measure when considering the potential impact of a risk to the achievement of a specified objective. Management may assess how events correlate, where sequences of events combine and interact to create significantly different probabilities or impacts. While the impact of a single event might be slight, a sequence of events might have a more significant impact. Where potential events are not directly related, management assesses them individually; where risks are likely to occur within multiple business units, management may assess and group identified events into common categories. There is usually a range of possible results associated with a potential event, and management considers these potential results as a basis for developing a risk response.

3. Prioritizing the Risks Based on Measurements Once an advisor has measured its inherent risks – that is, the impact and likelihood of a risk event in the absence of controls – it is time to create an action plan and prioritize the risks by first addressing the areas that have the greatest exposure in terms of their measurement. A practical technique to prioritizing risks is assessing how well existing controls address those risks. By evaluating the adequacy and effectiveness of controls, an advisor can gauge the amount of inherent risk that is not mitigated by existing controls; often referred to as “residual risk.” Revisiting the best execution example, the inherent risk is the risk that the firm could be obtaining better execution by using another unaffiliated broker to execute transactions. However, if the advisor reviews transactions and compares them against market executions and finds that the transactions executed by the affiliated broker are generally better than those executed elsewhere, the advisor essentially has potentially reduced its risk. The control is the review and comparison of trades executed in the market versus Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

7

SEC Compliance Consultants, Inc. Bridging your Compliance Gap

those executed by the affiliated broker. Therefore, the residual risk is the instances in which the affiliated broker might not execute at a better price than another broker. Management should recognize that some level of residual risk might exist even after the application of controls. Areas with higher residual risks should receive a priority in an action plan. Just as risk can be measured in relative terms, priorities can be classified in relative terms (high, medium, and low) or in a timeline with target dates or timeframes. An action plan should call for the development or improvement of policies, procedures, and control activities to address these risk areas with the intent to mitigate the impact and/or probability of these risks occurring. 4. Managing the Risks In executing the action plan, the advisor should take into account its risk tolerance and each risk’s cost and relative benefit as a result of the activity that creates the risk. The advisor should identify controls that are expected to bring risk likelihood and impact within the advisor’s risk tolerance. Controls may be implemented to avoid risk, reduce it, share it and when appropriate, accept it. For example, the advisor may determine that the risk related to potential conflicts or perceived conflicts associated with employees trading in their personal investment accounts is not worth accepting. That advisor could adopt a policy prohibiting personal trading.. Another advisor may not want to be so prohibitive with employees. This second advisor may be willing to accept the potential risk that an employee trade could present a perceived conflict despite implementing policies and procedures intended to shield this risk. Such an arrangement would not only be a potential regulatory risk, but it could also be a potential concern to clients. The advisor may be willing to accept the risk taking into consideration that employees shouldn’t be unduly constrained with regard to their personal finances as a result of their affiliation with the advisor. 5. Monitoring the Risks Risk assessment, and the management of those risks, is not a one day or a one time project. Both should be viewed as an ongoing activity. An advisor’s risk assessment should be revisited during the annual review of the compliance program. We advocate the annual review of the compliance program be conducted as a “rolling review,” include documented forensic testing, and tie back to the most recent risk assessment. As an advisor’s business and applicable regulations change, the advisor’s overall compliance program will need to evolve. Thus, an advisor should keep the risk assessment process evergreen by ensuring that it is relevant and reflective of the current operational and regulatory environment. The action plan itself should be periodically monitored and revisited.

Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

8

SEC Compliance Consultants, Inc. Bridging your Compliance Gap

Designing and Applying Realistic Forensic Tests Forensic testing provides the best approach to monitoring risks and testing compliance functions. The SEC staff has stated repeatedly during the 2006 CCOutreach Seminars8, and in numerous speeches and articles, that advisors should conduct various types of forensic testing as part of their annual (and interim) reviews of their compliance program. The term forensic testing is generally associated with technical sleuthing, such as linking evidence to criminal behavior as glamorized in popular television programs. However, the actual practice is far less intimidating or exciting. When the SEC references “forensic testing,” the agency is intending to reference the testing that advisors should be conducting of their compliance programs in order to identify areas where there are weaknesses 9 . This style of testing involves gathering operational data or information and analyzing it (either directly or through various manipulations) in order to draw conclusions with regard to certain compliance functions and controls. If the concept still seems enigmatic, a good place to start for examples of forensic testing is the SEC Examination Request List. Not only will the request list give you a good idea of where you should be conducting forensic testing, but it will also offer some insight as to what the SEC will be doing when they visit you to conduct an examination.

Examples of Types of Forensic Tests Certain forensic tests are rather straightforward.

Example 1 – Advisory Fees: This can be accomplished by sampling and recalculating fees, trending instances of refunds, comparing advisory fee revenues from quarter to quarter, and cross-referencing advisory fee receivables with amounts collected from clients. If a CCO or his or her designee tests advisory fee calculations and finds that there are inaccuracies, it would be sensible to conclude that the risks of inaccurately assessing fees is not mitigated to an appropriate level and that the compliance program in this area is weak.

Example 2 – Reporting of Personal Trades: Likewise, if a CCO or his or her designee reviews reports submitted by access persons’ with regard to personal securities transaction requirements and finds that the reports are incomplete or late, it could be an indication of weak controls. If one particular employee or members in a particular department are consistently submitting insufficient reports, it could be an indication that 8

http://www.sec.gov/info/ccoutreach.htm

9

http://www.sec.gov/info/cco/adviser_compliance_questions.htm

Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

9

SEC Compliance Consultants, Inc. Bridging your Compliance Gap

risks within that department are not fully addressed. Additionally, analytical testing could include cross-referencing personal trading activities with client transactions (or preapproval documentation) or comparing the profitability of employee transactions to client transactions. The results of these reviews indicate whether or not gaps remain in the compliance program, thus leaving exposure to certain risks identified and assessed.

Example 3 – Accurate Pricing: Why does the SEC request a list of client portfolio holdings as of certain dates? The SEC may use the holding reports to review for window dressing or for accurate pricing. Many firms use exchange quotes and broker quotes to value their securities, but firms also should use multiple sources and cross-check them to ensure they are accurate. If a broker is used, the advisor should conduct due diligence on that broker by inquiring as to whether the broker is a market maker and whether the broker back-tests the prices. One approach to testing the dependability of security valuation is an “acid test,” where the selling price of the security in the open market is compared to the most recent pricing obtained for that security from the pricing service. As an illustration, if a security is priced at $50/share on the 30th of the prior month and the advisor executes a sale of the security in the open market on the following trading day for $35/share, in the absence of material market or company specific developments or news, then an advisor should take additional steps to evaluate if pricing risks are adequately mitigated by using that particular pricing source.

Other areas of compliance testing can be considered a bit more onerous or technical. For example, the analysis of a trade blotter can produce a wealth of information if an advisor is willing to become comfortable with breadth of data. It is not surprising that we find this to be an area where many firms fall short in their forensic testing. A CCO does not have to be a scientist to conduct these reviews, although a basic understanding of programs such as Excel or Access is helpful. Forensic testing of a firm’s trade blotter should include searching for patterns that occur over time and that may violate the firm’s internal controls or the law.

A typical SEC request list provided during an examination almost always asks for the advisor’s transactions. The request generally follows the following format: “Please provide the following fields of data: (a) trade date, (b) settle date, (c) type of transaction (buy, sell, etc.), (d) security name, (e) CUSIP, (f) ticker symbol, (g) quantity of shares or principal amount, (h) price, (i) total commissions, (j) commission per share, (k) accrued interest, (l) other fees, (m) net amount for client, (n) client name, (o) client account number or code, (p) name of executing broker-dealer, and (q) an indication if trade is stepped-out.”

Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

10

SEC Compliance Consultants, Inc. Bridging your Compliance Gap

Why does the SEC request this information? There are multiple reasons; the most notable of which is that a trade blotter contains a vast amount of flexible data that can be manipulated to assess several different operational areas. There are a number of forensic tests that the SEC can perform with regard to the trade blotter. An advisor should perform these same tests internally. Here are a few tests that an advisor can conduct: 

Review transactions to detect any unreported agency or internal cross transactions. For example, review transactions where there are opposite sides of a transaction in a security on the same day, at the same price, through the same broker, and generally, but not necessarily, for the same number of shares. Review if any clients were consistently the buyer or seller in cross transactions and calculate the profitability of buys and sells to see if the firm is “dumping” securities into certain client accounts.



Review the total commissions (and average commission rate) paid to each brokerdealer, the particular client accounts that generated such commissions, and note the average commission per share. This could indicate various issues such as undisclosed soft dollar arrangements and directed brokerage for client referrals.



Review for patterns of short-term trading in client accounts. Ensure that this is consistent with client mandates, the client’s desired level of risk, and the firm’s trading philosophy as disclosed to clients.



Review the allocation of IPOs and their profitability to determine if any clients were favored in IPO allocations.



Review bunched transactions to ensure that clients included in the bunch received comparable prices and paid comparable transaction costs. Further, investigate any instance where certain accounts are consistently excluded from bunched transactions.



Review transactions involving thinly traded securities to look for indications of market manipulation. Also, review transactions that could be large enough to move the market.



Review portfolio turnover for indications of churning (or reverse churning) in client accounts.

As with a risk assessment and other compliance related activities, forensic tests should result in documented conclusions (e.g., no unreported cross transactions in Q4-2006). While there may be some apprehension for fear that documentation could create a roadmap for the SEC when they stop by for a visit, this documentation can demonstrate how the firm proactively addresses and follows-up on compliance issues.

Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

11

SEC Compliance Consultants, Inc. Bridging your Compliance Gap

Capitalizing on Knowledge Understanding the meaning of risk assessment and forensic testing, and realizing that both activities have practical and useful solutions, places an advisor in a position to get the most compliance mileage out of limited resources. A compliance program built on a thoughtful risk assessment and one that incorporates consistent forensic testing will provide an advisor confidence that it is satisfying regulatory expectations. About the Authors Janaya Moscony is president of, and Robert Tull is a senior consultant with, SEC Compliance Consultants, Inc. (SEC3). SEC3 provides compliance consulting services to financial institutions globally, including investment advisors, investment companies, hedge funds, broker-dealers and transfer agents. SEC3 can assist with regulatory compliance needs and bridge the gap between a firm’s operations and current regulations. For details, please visit www.seccc.com or contact Janaya Moscony at 1-610-415-9261, ext. 114.

This article was originally printed in Schwab Institutional's Compliance Review, April 2007, Volume 16 Issue 3.

Telephone: 610.415.9261  Facsimile: 610.200.1463  seccc.com

12

Related Documents


More Documents from "Banhi"