How to Get Back to Basics with Sustainable Governance | 3 Reminders

With so many challenges and distractions, we decided to dedicate this post to a back-to-basics theme focusing on updating your compliance program as operational processes and business plans change, regulators announce new guidance and privacy and data governance remain a top priority. We offer three important reminders.

1. Adjust the Compliance Framework

• Contingency Planning: Remember to update your business continuity plan (BCP) and draft an infection response plan in adherence with OSHA requirements. SEC COVID-19 Announcement
• Testing & Monitoring: Continue your independent reviews and calendar quarterly testing, so you aren’t playing catch-up later in the year. We are almost mid-way through 2020, so it’s a good time to confirm you are in sync with marketing and business development plans as well as access to confidential or non-public information. Recent SEC Enforcement Case re: COVID-19 Fraud; New SEC Advisory Committee
• Benchmark & Connect: Join us for Compliance Call-in Fridays if you have any questions. We are here to help. RSVP at team@warburtonadvisers.com.
• Keep Learning: Listen to What’s Ethical podcast Episode 19 and learn from CCO at Ladder Insurance Cara St. Martin about being agile in the current environment and Episode 18 with CEO Matt Kunkel of LogicGate about how to manage through the pandemic. The podcast is available on many platforms as well as under Media on our new website. What’s Ethical Podcast

2. Track Regulatory Developments

• Focus on Priorities: Retail investor protection is still a top priority. This speech summarizes the sentiment to protect retail investors and reminds us about the importance of advertising compliance including the SEC’s proposal to revamp the advertising rules and potentially consider the adequacy of Climate Risk Disclosure. Consider redistributing this as a helpful email to stay in touch with the business or use it as training content to share regulatory priorities. SEC Commissioner Lee Speech
• Refresh Valuation Oversight: As you consider your investment and best execution process, review the long-awaited guidance on valuation. SEC Fund Valuation Proposal
• Regulation Best Interest: To date, the SEC has not extended the compliance deadline for Regulation Best Interest (Reg BI) and Form CRS due to the COVID-19 pandemic. SEC Risk Alert Reg BI OCIE has indicated initial examinations of Reg BI and Form CRS will begin shortly after the compliance date and may focus on assessment of the following:

• has made a good faith effort to implement policies and procedures designed to comply with Reg. BI and Form CRS;
• filed and delivered a Form CRS (relationship summary) as required. OCIE will verify if a firm has published the relationship summary on the firm’s website and delivered to retail investors before the compliance date. OCIE will further evaluate the process of delivery and the firm’s policies and procedures relating to the relationship summary;
• adequately adhered with requirements for content and format for the relationship summary.
• has updated its compliance manual or otherwise established policies and procedures for updating the relationship summary within 30 days of information becoming materially inaccurate and the communications to retail investors of the changes; and
• has updated its record retention policy or otherwise addressed the firm’s record keeping obligations concerning the delivery of the relationship summary.

3. Prioritize Data Governance

• Consider developing a Telework Security Policy which includes a definition of telework, remote access and the use of personal devices and the scope of access each teleworker is permitted;
• Protect data stored on company devices by encryption and not permitting any client data to be stored on personal devices;
• Require the use of multi-factor authentication passwords;
• The installation of encryption technology to protect email communications; and
• The installation of anti-malware.