Overview: Proposed Rule 206(4)-11 – Service Provider Oversight
On October 27, 2022, the Securities and Exchange Commission (“SEC”) proposed Rule 206(4)-11 under the Investment Advisers Act of 1940 (“Advisers Act”) which would require SEC registered investment advisers to conduct due diligence prior to engaging service providers that perform certain services or functions (“covered function”). It would further require advisers to periodically monitor the performance and reassess the retention of the service provider in accordance with due diligence requirements to reasonably determine that it is appropriate to continue to outsource those services or functions to that service provider.
- A “service provider” is defined “as a person or entity that performs one or more covered functions and is not an adviser’s supervised person.”
- A “covered function” means a function or service that: (1) is necessary for the adviser to provide its investment advisory services in compliance with the Federal securities laws, and (2) if not performed or performed negligently, would be reasonably likely to cause a material negative impact on the adviser’s clients or on the adviser’s ability to provide investment advisory services. Clerical, ministerial, utility, or general office functions or services are excluded from the definition.
- These functions, the SEC said, can include providing investment guidelines, portfolio management, models related to investment advice, indexes or trading services or software.
- Marketing and solicitation would not be covered under the rule since they are not used to provide investment advice to clients.
The proposed rule does not require additional explicit written policies and procedures related to service provider oversight. If the proposed rule were adopted, Advisers would be required under existing Rule 206(4)-7 to have policies and procedures reasonably designed to prevent violations of the Advisers Act and rules thereunder.
Summary of Three (3) Core Components of the Proposed Rule.
A. Before engaging a service provider, an adviser must (1) reasonably identify and determine through due diligence that is would be appropriate to outsource the covered function, and (2) select a service provider based on:
- The nature and scope of the services;
- Potential risks resulting from the service provider performing the covered function, including how to mitigate and manage such risks;
- The service provider’s competence, capacity, and resources necessary to perform the covered function;
- The service provider’s subcontracting arrangements related to the covered function;
- Coordination with the service provider for Federal Securities Law Compliance; and
- The orderly termination of the provision of the covered function by the service provider.
For example, if an adviser used a portfolio management service provider that experienced a cyber-incident that caused the service provider to be unable to monitor portfolio risks, it would reasonably likely cause a material negative impact on the adviser’s clients and the adviser’s ability to provide investment advisory services.
B. The proposed rule also proposes corresponding amendments to the investment adviser registration form (Form ADV Part 1) to collect census-type information about the service providers defined in the proposed rule. The SEC is proposing for Advisers to disclose service providers for the below functions in Item 7.C. of Schedule D:
- Client Services;
- Investment Guideline/Restriction Compliance;
- Investment Risk;
- Portfolio Management (excluding Adviser/Subadviser)
- Portfolio Accounting;
- Regulatory Compliance;
- Trading Desk;
- Trade Communication and Allocation;
- Valuation; and
C. In addition, the SEC is proposing related amendments to the Advisers Act books and records rule, including a new provision requiring advisers that rely on a third party to make and/or keep books and records to conduct due diligence and monitoring of that third party and obtain certain reasonable assurances that the third party will meet certain standards.
- For example, some advisers that use client relationship management providers have asserted that they have complied with Rule 204-3 because brochure delivery is programmed into the providers’ software, though during SEC examinations, they could not produce records to evidence that delivery took place.
- These standards address the third party’s ability to: (i) adopt and implement internal processes and/or systems for making and/or keeping records that meet the requirements of the recordkeeping rule applicable to the adviser in providing services to the adviser; (ii) make and/or keep records that meet all of the requirements of the recordkeeping rule applicable to the adviser; (iii) provide access to electronic records; and (iv) ensure the continued availability of records if the third party’s operations or relationship with the adviser cease.
Vigilant’s Thoughts and Observations:
We agree, as we are sure most of the industry would agree, that there has been an increase in Investment Advisers outsourcing certain functions. This is also not foreign to non-investment firms as well. Outsourcing certain functions and non-core competencies at firms has proved to be beneficial and cost effective, certainly for Advisers with limited resources or expertise in-house. Whether Advisers are outsourcing certain functions or doing those functions in-house, there will always be risk. The question is, which risk is greater? We are sure there is an argument to be made on both sides. If an Adviser is performing certain functions outside of its core competencies or resources available, it is certainly riskier to perform those functions in-house.
The SEC notes in its proposal that outsourcing a particular function or service does not change an adviser’s fiduciary duty or obligations under the Advisers Act and the other Federal securities laws. It is our opinion that this topic is well understood in the industry. Advisers know they have a fiduciary duty, and the majority of Advisers already conduct reviews of key service providers in conjunction with its Rule 206(4)-7 Annual Report.
Interestingly, the proposed rule does not require explicit written policies and procedures; rather, it requires that Advisers conduct a review of those service providers as part of its Rule 206(4)-7 annual review. This leads us to question the purpose of the proposed rule, versus if the SEC provided guidance as part of a Division of Examinations “Risk Alert.”
Overall, the proposed rule has gotten a negative response from Industry Trade Groups. Please see below for additional information on the proposed rule and other observations.
Press & Statements on Proposed Rule:
- Ignites – SEC Floats Rule for Advisors That Outsource Services
- Think Advisor – “New SEC Plan Says RIAs Must Vet Third-Party Services”
- SEC Statement on Proposal
- SEC Fact Sheet on Proposal
- Chair Gensler Statement on Proposal
- Commissioner Peirce Statement on Proposal
- Commissioner Crenshaw Statement on Proposal
- Commissioner Uyeda Statement on Proposal
- Commissioner Lizárraga Statement on Proposal