Creating a culture of compliance through training

Compliance training could be the difference between a strong compliance program and one that would have regulators knocking at your door.

The SEC first proposed changes for registered investments advisers in 2003, that would later become known as new rule 206(4)-7. This rule had three key requirements:

  1. Adopt and implement policies and procedures reasonably designed to prevent violation of the Investment Advisers Act of 1940, as amended (the “Advisers Act”).
  2. Review those policies and procedures annually for their adequacy and the effectiveness of their implementation.
  3. Appoint a Chief Compliance Officer (CCO) responsible for administering the policies and procedures.

As with most SEC rule requirements, the general guidance is written in the language of the release, but the “how to implement” part is left up to the internal teams at the registered investment advisers (RIAs) to decide.

So how exactly does an RIA implement policies and procedures that are reasonably designed to prevent violation of the law? How do they ensure its adequacy and effectiveness? And how does a CCO get assurance that employees of the firm would actually follow those policies and procedures?

The answer lies in creating a culture of compliance through training.

Why is it important to implement compliance training?

Bad actors aren’t the majority of businesses in the world. When an employee fails to comply with a firm policy or regulatory requirement, it’s usually because that individual didn’t know or understand the requirements of the policy / rule. They might not have known the steps that they as an employee have to take to remain in compliance with those requirements. If someone doesn’t understand the ‘why’ or ‘how’ of the requirement, it’s very difficult to be compliant with a rule.

To create a lasting culture of compliance, RIAs need to build a robust compliance training program. Here’s what we think a successful program should include:

  • The ‘What’ – What is the rule / policy? Which regulatory body is enacting these requirements?
  • The ‘Why’ – Training should always include explanations of the policy and rule requirements, and why it is important to follow them.
  • The ‘How’ – How exactly does an employee of the firm meet these requirements and remain in compliance with the rule / policy?
  • The ‘When’ – Timing and repetition, where quarterly and annual training can serve as key reminders to employees on compliance requirements. It also allows for the information to be top of mind throughout the year.
  • The ‘Where’ – Where are these trainings, policies and procedures housed at the firm? Is the information accessible to all employees? Where can employees report and escalate issues?

Robust compliance training programs result in active risk mitigation. In short, informed employees are usually compliant employees. When an individual knows and understands the rule / policy requirements, and why it’s important to follow them, the regulatory risk exposure is reduced. They’re also better equipped to identify misconduct and report and escalate issues.

How can Bovill Newgate help you create a culture of compliance?

Our specialized team can help you understand which regulatory changes apply to you and design and implement regulatory training programs. We can also support your ongoing compliance and work with you to develop risk assessments and compliance monitoring programs to make sure your framework is robust.

We offer a range of training packages including code of ethics training, reviews, code of ethics approvals (such as Outside Business Activities, Private Investments, Personal Account Dealing, Pay-to-Play, annual attestations, etc), Investment Company Rule Requirements and email surveillance services.