Home » custody

Category: custody

SEC and FINRA Raise Crypto Custody Concerns

 In a joint statement, staffs of the SEC’s Division of Trading and Markets and FINRA’s Office of General Counsel, raised significant regulatory concerns for broker-dealer firms deemed to have custody of digital assets.  The joint statement questions how a broker-dealer could comply with the customer protection rule (15c3-3), especially the obligation to safeguard customer assets.  The regulators, noting that $1.7 Billion worth of digital assets were stolen in 2018, express concern about how to adequately guard against fraud and theft.  They also ask how to reverse transactions made in error and how to properly control digital assets.  The SEC and FINRA staffs are also concerned about SIPA protection for the firm and its clients.  The next step is continued dialog with the industry: “The Staffs encourage and support innovation and look forward to continuing our dialogue as market participants work toward developing methodologies for establishing possession or control over customers’ digital asset securities.”

Now, what?  Will the SEC, in conjunction with the industry, offer some solutions to these difficult questions?  Or, will the regulator continue to push the crypto-industry to the Wild West corners of the securities markets including offshore jurisdictions and private networks?

Adviser Faces Industry Death Penalty and Criminal Prosecution for Ignoring Custody Rule

An adviser agreed to shutter the firm and close its private fund and pay over $1.1 Million in disgorgement and interest for lying to clients about the safety of their assets.  The firm’s principal has also been barred from the industry and faces criminal prosecution.  According to the SEC, the firm violated the custody rule (206(4)-2) by failing to deliver audited fund financial statements and then lying to clients about the fund’s assets and pendency of the audit.  The SEC alleges that the respondents misappropriated client assets for personal and firm expenses and lied to clients with false account statements, tax documents and Form ADV.  The SEC also charges the respondents with securities fraud.

It is a HUGE warning sign when a fund manager fails to deliver audited financial statements, regardless of the ostensible reasons for delay.  What may be most shocking is that this firm engaged in unlawful conduct for at least 11 years until the SEC uncovered wrongdoing during a routine OCIE exam in 2018. 

SEC Alleges that RIA and Principal Ignored Compliance Obligations

The SEC has commenced enforcement proceedings against an adviser and its principal for disregarding its compliance obligations for over 10 years.  The SEC alleges that the firm did not even draft or adopt compliance procedures until an SEC examination commenced in 2015, 11 years after it initially registered.  The SEC also asserts that the principal named two individuals on Form ADV as Chief Compliance Officers even though neither person had responsibility for compliance, and one of the individuals did not even know that he was named as CCO.  The SEC also charges the firm with failing to conduct annual compliance reviews, comply with the custody rule, and maintain required books and records. 

The SEC will offer no quarter to RIAs who ignore their basic compliance responsibilities.  At a bare minimum, firms must appoint a dedicated and qualified CCO, adopt tailored policies and procedures, annually test the program, and generally attempt to comply with the Advisers Act.  The initiation of proceedings, rather than a settled order, suggests that the SEC intends to pursue aggressive penalties. 

Accounting Firm Caused Custody Rule Violations

The SEC censured and fined an accounting firm and its engagement partner for improper audits that caused the client to violate the Advisers Act’s custody rule (206(4)-2).  The SEC maintains that the audits failed the independence requirements because the accounting firm prepared the work papers that it audited.  The SEC also asserts that the firm delivered an unmodified audit opinion despite knowing about related party transactions.  The SEC also charges the firm with failing to meet professional auditing standards because the audit team had limited experience, knowledge and training in SEC requirements.  The SEC previously charged the audit firm’s asset management client.  

Only retain service providers that have specialized knowledge and experience in asset management.  You wouldn’t hire a family physician to perform surgery, so why would you hire a general practice accounting firm to conduct specialized regulatory audits?  The same rationale applies to your lawyers, administrators, and compliance consultants. 

Accounting Firm Followed the Wrong Independence Standards

 An accounting firm was fined and barred from any engagement arising from an SEC rule because it violated independence rules by auditing funds and firms for which it also prepared financial statements.  The SEC charges that the accounting firm prepared financials including preparing draft statements for management review, converting from cash to GAAP accounting, proposing accounting adjustments, and drafting notes.  Regulation S-X prohibits a firm that provides bookkeeping or other accounting services from auditing the same financial statements.  According to the SEC, the firm wrongly applied AICPA independence rules rather than Regulation S-X, which applies to private fund and broker-dealer audits.  The SEC charges the firm with causing its clients violations of the securities laws.

OUR TAKE: Performing audits of registered advisers, broker-dealer, or public companies involves a thorough understanding of the applicable securities laws and accounting standards.  Accounting firms should not undertake engagements without retaining a compli-pro that can help navigate the regulatory waters.  Advisers and broker-dealers should not retain a firm that lacks a track record of practicing in this area.

Private Fund Firm Failed to Timely Deliver Financials to LPs


The SEC censured and fined a private fund manager for failing to timely deliver audited financial statements to limited partners.  Since the firm registered in 2012, it did not meet the 120-day deadline required by the custody rule (206(4)-2) with respect to 178 audits of 440 funds, a 40% failure rate.  In some cases, no financial statements were ever delivered.  The SEC faults the firm for failing to implement required policies and procedures to ensure delivery of the financial statements in accordance with the custody rule even though the firm, for most of the funds, had engaged a PCAOB audit firm to conduct the audits.  The SEC also cites violations of the compliance rule (206(4)-7) for failing to conduct annual reviews of the adequacy and effectiveness of the compliance program.

OUR TAKE: Hire a compliance officer – either in-house or through a compliance services firm.  These types of regulatory missteps can be easily avoided if you retain a professional that knows the rules and has the responsibility and authority to implement them.  If you don’t, you subject your firm to a debilitating and humiliating public enforcement action.

Private Equity Firm Failed to Deliver Financials within 120 Days

 The SEC fined and censured a private equity firm for failing to deliver audited financial statements to limited partners within 120 days of the end of the fiscal year, as required by the custody rule (206(4)-2).  The firm missed the deadline by an average of more than 60 days in every year since it registered in 2012.  Although the staff will give a firm a pass if it misses the deadline due to “unforeseeable circumstances,” the SEC faults the PE firm for failing to make material changes to its compliance processes, thereby leading to a violation in 6 consecutive years.

OUR TAKE: We have found the staff to be fairly reasonable if a firm misses the deadline by a few days because of an unusual event such as a hard-to-value security or a change in auditors.  When you consistently ignore a regulatory requirement and fail to make changes, the Enforcement Division will treat you as a regulatory recidivist and proceed accordingly.


Broker/Custodian Should Have Filed SARs to Report Advisers Act Violations

A large custodian/clearing firm agreed to pay $2.8 Million to settle charges that it failed to file Suspicious Activity Reports about the conduct of dozens of terminated advisors that the SEC claims violated the Advisers Act.  The SEC asserts that the Bank Secrecy Act required the custodian/clearing firm to file SARs when it suspected that advisers using its platform engaged in questionable fund transfers, charged excessive management fees, operated a cherry-picking scheme, or logged in as the client.  According to the SEC, such unlawful activities fall within the SAR rules because they had no lawful business purpose or facilitated criminal activity.

OUR TAKE: The SEC is leveraging the Bank Secrecy Act, adopted to combat money laundering, to require broker/custodians to police advisers on their platforms for violations of the Advisers Act.  It’s a novel legal theory to further the regulator’s enforcement goal of requiring large securities markets participants to serve in a gatekeeping role for the industry

Unknowing Adviser May Have Custody if it Recommended Custodian


An adviser that recommends a third party custodian will be deemed to have custody of client assets where the custodial agreement allows the adviser to instruct the custodian to disburse or transfer funds or securities, even if the adviser does not know the contents of the custody agreement.  However, if the adviser did not recommend, request or require the third party custodian, the adviser will not have inadvertent custody that will require meeting the several elements of the custody rule (206(4)-2), including the surprise examination, notwithstanding the terms of the custody agreement.  The staff of the Division of Investment Management seeks to clarify last year’s guidance concerning inadvertent custody (see FAQ II.11).

OUR TAKE: There are now well over 50 FAQs about the custody rule.  Perhaps, the SEC will acknowledge that it needs to re-write the rule rather than continue to issue FAQs.


Adviser’s Dual Employee Caused Violations of Custody Rule

The SEC censured and fined an investment adviser and its principal for violating the custody rule because a dual employee also had trust powers.  The adviser and a trust company engaged in a joint offering whereby each recommended the other’s services and shared office space.  The trust company paid the adviser monthly “rent” based on the trust company’s revenue from the adviser’s clients.  The adviser also appointed a dual employee that could receive and deposit checks as well as write checks on trust accounts to beneficiaries.  The SEC asserts that the adviser violated the custody rule (206(4)-2) because the adviser, through the dual employee, had constructive custody of client assets, but the adviser failed to satisfy the rule’s requirements including notifying clients, segregating client assets, and engaging a surprise examination conducted by an independent public accountant.

OUR TAKE: Last year, the SEC cited violations of the custody rule as common exam deficiencies.  While we think the rule is arcane and complicated (and needs re-drafting), advisers should seek expert help to understand when they are deemed to have custody and how to address the rule’s requirements.  As shown in this case, the SEC can bring an enforcement action even without alleging any underlying client complaint or loss.