SEC Division of Examinations Staff Issues Risk Alert for Advisers that Provide Electronic Investment Advice

On November 9, 2021, the staff of the SEC’s Division of Examinations (Staff) issued a risk alert highlighting common compliance issues that it observed while conducting examinations of advisers that provide automated digital investment advisory services, also known as robo-advisory services (Alert). During each exam, the Staff focused on an adviser’s adherence to its fiduciary duties, giving specific attention to the adviser’s compliance program, formulation of investment advice, marketing and performance advertising practices, data protection practices, and registration information.

Nearly all of the examined advisers received a deficiency letter. The Staff found deficiencies most commonly in the following areas: (1) compliance programs; (2) portfolio management; and (3) marketing/performance advertising.

Compliance Programs. The Staff found most advisers’ compliance programs to be inadequate given, for example, failure to include written policies and procedures specific to use of an online platform or other digital tools for providing investment advice, failure to sufficiently review the adequacy of policies and procedures at least annually, and failure to comply with the Investment Advisers Act’s “Code of Ethics Rule.”

Portfolio Management. The Staff determined that many advisers failed to satisfy their duty of care by, for example, not testing the investment advice generated by their platforms against client investment objectives. Further, the Staff noted inaccurate or incomplete disclosures in many Form ADV filings, including those related to conflicts of interest, advisory fees, investment practices, and ownership structure.

Marketing/Performance Advertising. The Staff also found that the majority of advisers examined had advertisement-related deficiencies such as misleading or prohibited statements on websites, use of materially misleading performance advertisements, and inadequate disclosure about the nature and degree of human involvement in the oversight and management of client accounts.

In addition, the Alert describes common deficiencies in cybersecurity and protection of client information, as well as numerous advisers found to have been relying on, but not acting in accordance with, the internet adviser exemption from the prohibition on SEC registration and Investment Company Act Rule 3a-4 (safe harbor from investment company registration for certain investment advisory programs).