The Division of Investment Management (DIM) of the U.S. Securities and Exchange Commission (SEC) recently issued three different clarifications that have an impact on whether a registered investment adviser (RIA) has custody of client assets under Rule 206(4)-2 of the Investment Advisers Act of 1940, commonly known as the Custody Rule. The three clarifications included the following:
- Guidance Update No. 2017-01 – “Inadvertent Custody: Advisory Contract Versus Custodial Contract Authority”
- Staff No-Action and Interpretive Letter regarding certain standing letter of authorization (SLOA) arrangements
- Staff Responses to Questions About the Custody Rule – Update to Question II.4 regarding first party transfers
Each of the three clarifications is discussed in more detail below, with action steps to consider.
Before jumping directly in, let us first take a step back and refresh our memory on what exactly constitutes custody and the requirements once an RIA has custody.
What is Custody?
SEC Release No. IA-2968 defines custody as holding, directly or indirectly, client funds or securities, or having the authority to obtain possession of them. This applies to both the RIA and its related persons. Custody includes:
- Possession of client funds or securities (but not checks drawn by clients and made payable to third parties) unless received inadvertently by the RIA and returned promptly (i.e. within three business days of receiving) to the sender;
- Any arrangement (including a general power of attorney) under which an RIA is authorized or permitted to withdraw client funds or securities maintained with a custodian upon the RIA’s instruction to the custodian; and
- Any capacity (such as general partner of a limited partnership, managing member of a limited liability company, or trustee of a trust) that gives an RIA or an RIA’s supervised person legal ownership of or access to client funds or securities.
What are the Requirements of Having Custody?
The Custody Rule offers safeguards for investors against potential theft or misappropriation by an RIA. As such, the Custody Rule forces several requirements, with certain exceptions in each case, on RIAs that have custody.
- Maintain client funds or securities with a qualified custodian either in a separate account for each client under that client’s name or in accounts that contain only client funds and securities under the name of the RIA as agent or trustee for the client;
- Promptly notify clients in writing upon opening a custodial account or making any changes to a custodial account, including notification of the qualified custodian’s name, contact information, and the manner in which the funds or securities are maintained;
- Have a reasonable basis to believe that qualified custodians send account statements not less than once a quarter;
- Enter into an agreement with an independent public accountant to perform an annual surprise examination; and
- If the qualified custodian is also the RIA or a related person of the RIA, obtain, on an annual basis, an internal control report (commonly known as a SAS 70 or SSAE 16) from the qualified custodian that includes an opinion of an independent public accountant regarding the effectiveness of the custodian’s procedures for safeguarding client funds and securities.
Inadvertent Custody
IM Guidance Update No. 2017-01 warns RIAs that they may inadvertently have custody due to agreements entered into by their clients directly with a qualified custodian. Although an RIA may not intend to have such access, these separate agreements could grant broader access than the RIA’s agreement with their client. The guidance update lists the following examples:
- A custodial agreement that grants the client’s adviser the right to “receive money, securities, and property of every kind and dispose of same.”
- A custodial agreement under which a custodian “may rely on [adviser’s] instructions without any direction from you [the client/investor]. You [the client/investor] hereby ratify and confirm any and all transactions with [the custodian] made by [adviser] for your [the client/investor] account.”
- A custodial agreement that provides authorization for the client’s adviser to “instruct us [the custodian] to disburse cash from your [the client/investor] cash account for any purpose….”
While there may be restrictions in an agreement between the RIA and its client, the qualified custodian does not necessarily know of those restrictions. As such, if an adviser attempted to withdraw funds, the qualified custodian would look to its agreement with the client as authorization.
Action Steps
RIAs should be aware of the possibility of inadvertent custody, which could in turn impute the need for an annual surprise examination. The guidance update indicates that one way to avoid inadvertent custody would be to draft a letter to the custodian, copying the client, and which limits the RIA’s authority to delivery versus payment (i.e. to effect or to settle trades / transfer funds out only upon corresponding transfer of securities in). The key is to obtain written acknowledgment from both the client and the custodian. Otherwise, the RIA would retain the authority under the client’s agreement with the qualified custodian, and would continue to have custody.
SLOA Arrangements
Investors commonly use SLOA arrangements to grant their RIA the limited power to disburse funds to one or more third parties. According to its no-action and interpretive letter, the SEC staff believes that an RIA with the limited power to dispose of client funds for purposes other than authorized trading of securities has access to the client’s assets and accordingly has custody. In the staff no-action letter, the DIM indicated that it would not recommend enforcement action to the SEC against the RIA if the adviser does not obtain a surprise examination while maintaining limited power under an SLOA arrangement to the extent the following seven representations are met:
- The client provides an instruction to the qualified custodian, in writing, that includes the client’s signature, the third party’s name, and either the third party’s address or the third party’s account number at a custodian to which the transfer should be directed;
- The client authorizes the investment adviser, in writing, either on the qualified custodian’s form or separately, to direct transfers to the third party either on a specified schedule or from time to time;
- The client’s qualified custodian performs appropriate verification of the instructions, such as a signature review or other method to verify the client’s authorization, and provides a transfer of funds notice to the client promptly after each transfer;
- The client has the ability to terminate or change the instruction to the client’s qualified custodian;
- The investment adviser has no authority or ability to designate or change the identity of the third party, the address, or any other information about the third party contained in the client’s instruction;
- The investment adviser maintains records showing that the third party is not a related party of the investment adviser or located at the same address as the investment adviser; and
- The client’s qualified custodian sends the client, in writing, an initial notice confirming the instruction and an annual notice reconfirming the instruction.
Action Steps
The purpose of these representations is to mitigate risks and concerns surrounding an RIA’s ability to “obtain possession of funds” under the Custody Rule. RIAs should consider the costs versus benefits of seeking relief of a surprise examination under the staff no-action letter. An RIA should report SLOA arrangements that result in custody in response to Item 9 of Form ADV regardless of whether or not the RIA decides to take relief from the surprise examination requirement.
To the extent the clarifications under the no-action letter cause an RIA to recognize that it has custody on account(s) not previously recognized, the change does not require an amendment to the RIA’s Form ADV prior to the next required annual update.
Many qualified custodians are already in the process of revising their policies and procedures and internal forms. RIAs should consider reaching out to custodians to see what changes they are making and whether any information or certifications are available.
First-Party Transfers
In its update to Question II.4, the SEC staff of the DIM clarified their interpretation of what constitutes specifying a client’s accounts.
Question II.4 continues to state that the SEC staff does not interpret an RIA’s authority to transfer client assets between various client accounts at the same qualified custodian (First-Party Journal Entries) as having custody, assuming the RIA meets certain conditions. Similarly, transferring client assets between the client’s accounts at a different qualified custodian (First-Party Transfers) does not constitute custody. The conditions in both cases require the client to authorize the RIA in writing to make such transfers, specify the client accounts maintained, and provide a copy of that authorization to the qualified custodians.
The update to Question II.4 clarifies the SEC staff’s view on “specifying” to require the written authorization to the sending custodian for First-Party Transfers to include both the name and account numbers on the sending and receiving accounts (including the routing numbers or names of the receiving custodian). This authorization is not required to be sent to the receiving custodian. Furthermore, client names and account numbers are not required for First-Party Journal Entries as the qualified custodian already has access to both the sending and receiving account information.
Action Steps
RIAs should review their agreements to determine situations where they may have authority for First-Party Transfers. For those situations, RIAs should work with their clients and qualified custodians to ensure they have authorizations with particular client-specific information in place.
Summing it Up
According to the Office of Compliance Inspections and Examinations of the SEC, the Custody Rule is one of the five most frequent compliance topics identified in examinations of RIAs. The above detailed clarifications should help RIAs understand the SEC’s positions in certain circumstances and benefit them in preparation for that eventual examination. In the interim, RIAs may want to consider speaking to their clients and custodians to confirm their understanding, and revising their policies and procedures as necessary. The SEC typically provides a reasonable period to come into compliance, but at the very least, specifically in connection with the no-action letter, RIAs should be prepared to respond appropriately to Item 9 of Form ADV in their next annual updating amendment filed after October 1, 2017.
We would be pleased to provide further information related to this subject. For more information, contact Craig B. Evans, Director, Audit & Accounting at cevans@kmco.com or Eric C. Sakelaridos, Senior Accountant, Audit & Accounting at esakelaridos@kmco.com.
You may also like: