OCIE’s Driscoll on importance of CCOs

“In OCIE, our efforts are primarily directed at examinations, risk-assessment, and industry and investor outreach,” Driscoll, a past Compliance Week Top Minds recipient, said. “It is imperative that OCIE continually ask itself how best it can deploy its resources to protect the retail investor through primarily examinations, but also outreach and partnering with compliance officers.”

For years, he said, OCIE “has pushed the pillars of preventing fraud while promoting compliance.”

“To me, these principles go hand in hand with investor protection. In the title of this speech, I refer to how ‘we’ protect retail investors; not as just OCIE, but as a ‘collective we,’ including compliance officers, senior management, and OCIE,” he added, highlighting areas where OCIE works to protect investors through examinations as well as partnering with compliance professionals.

Adequate compliance resources, empowering the CCO

Driscoll addressed the “important role that compliance programs and compliance officers play in ensuring that market participants and firms protect investors.”

“Compliance officers are on the front lines of ensuring registrants meet their obligation under applicable securities laws and regulations. It’s not an overstatement to say that I view compliance officers and personnel as partners,” he said. “We cannot underscore enough a firm’s continued need to assess whether its compliance program has adequate resources to support its compliance function. … Without adequate resources, compliance professionals are like swimmers swimming against the tide constantly working to keep up and not lose ground.”

Driscoll expressed his concern when hearing from industry participants and press reports that compliance resources and budgets are being cut or are not keeping up with firms’ risk profiles.

Nor are CCOs sole saviors of a firm’s best practices.

“OCIE and others at the Commission have heard from CCOs of investment advisers that there is a feeling and concern that CCOs bear the ultimate responsibility for the success or failures of any compliance program,” Driscoll said. “These concerns, while understandable, from OCIE’s perspective are not warranted. A CCO, while a critical component to the effectiveness of any compliance program, is just that, one component. As the Advisers Act Compliance Rule states, a CCO is responsible for ‘administering’ the compliance policies and procedures that the adviser, not just the CCO, adopts.”

In Driscoll’s view, “compliance obligations and opportunities lie with personnel firm-wide, including importantly senior management and ownership, the tone from the top, and the first line or business side of an enterprise.”

“That is not to say that OCIE does not have high, perhaps very high, expectations for CCOs,” he cautioned. “We see on examinations competent CCOs that are not empowered to live up to the role that the Commission described in the adopting release of the compliance rule.”

What makes for an empowered CCO in Driscoll’s view?

They should have “full authority to develop and enforce policies and procedures and be of sufficient seniority and authority within the firm to compel others, including others in senior management, to follow and enforce those policies and procedures.”

“OCIE wants to help CCOs perform their challenging jobs because an effective CCO and compliance program is critical to the protection for retail investors,” he added. “Because OCIE only has the resources to examine a fraction of registered firms each year, it seeks other avenues to inform and empower CCOs. A CCO who wants to improve the firm’s compliance culture may have difficulty in getting the attention of firm management absent an examination.”

Much of this underscores the importance of culture at any firm, specifically the importance of a firm’s compliance culture.

“Without a solid compliance culture, supported by a sincere ‘tone at the top’ by senior management, a firm stands to lose the hard-earned trust of its clients, investors, customers, and other key stakeholders. Without that culture, the best compliance policies and procedures ever written would not hold up to the myriad of tests, challenges, and issues that today’s fast-moving marketplace present,” Driscoll said.

In his summary, OCIE sees the compliance function as equally important to key business lines to the overall success of a firm. Accordingly, OCIE hopes that all of a firm’s personnel, not just compliance, be an active and positive partner in the protection of investors.

“To assist CCOs, and frankly, to better understand from their perspective what it is that they are doing well and what it could improve on, OCIE is kicking off a pilot initiative to hold regional roundtables in select cities with CCOs,” Driscoll announced. “I hope these meetings with CCOs outside of an examination context will foster a healthy dialog with the compliance community as both the ‘collective we’ continue to search for ways to strengthen the role of the CCO, improve the culture of compliance, and deliver on the shared goal of investor protection.”