SEC Compliance Consultants, Inc.
Bridging your Compliance Gap
According to the 2006 study conducted by the
Investment Adviser Association
National Regulatory Services
investment advisors have moreassets under management than ever before.
In fact, total AUM among registeredinvestment advisors increased 17.2 percent from 2005 to 2006, from $26.8 trillion up to$31.4 trillion. However, what is interesting about the study is that most of those assetsare managed by a small number of firms. The study found that 90 percent of registeredadvisors reported that they have 50 or fewer employees. Only 4 percent of the firmsreportedly manage 82 percent of the total discretionary AUM for all advisors. Accordingto the survey, the typical registered investment advisor - the median point in the data -has $96 million in discretionary AUM, six to 10 employees and 26 to 100 clients, whoconsist of individuals, high-net worth clients, pensions and profit-sharing plans.Therefore, it is conceivable that the vast majority of investment advisors will approachrisk assessment without the luxury of dedicated risk management resources.
Risk Assessment Options
When determining how to approach risk assessment, an advisor should consider its sizeand the depth of its business. There are various theories and approaches with regard torisk assessment and management including, but not limited to, those enumerated in TheCommittee of Sponsoring Organizations of the Treadway Commission’s Internal Control– Integrated Framework,
Enterprise Risk Management,
Key Risk Indicators,
andStatement on Auditing Standards (SAS) No. 109,
to name a few. Many financial firmsrely on a variety of methodologies. However there is not a one-size fits all solution; apublicly traded large institution may require a much more technical process than a typicalinvestment advisor.In the context of an advisor’s compliance program, the rationale is to prevent, detect, andwhen necessary correct any areas where there may be violations. A violation is often theresult of a risk event. When formulating a risk assessment process, there are severaltypes of risks that an advisor should keep in mind; these risks can be classified by thepotential consequence, such as: financial risk, informational risk, reputational risk, andregulatory risk. Some of these risks have more obvious implications than others;however, the less obvious ones can be just as severe.