SEC declares 2019 exam priorities

The regulator will focus on cyber-risk management and anti-money laundering as it checks up on firms.

Private equity firms should pay attention to their protocols on cyber-risk management and anti-money laundering programs, which have become part of the Securities and Exchange Commission’s examination priorities for this year.

The agency’s Office of Compliance Inspections and Examinations said in its 2019 Examinations Priorities report that it will be looking into what policies and procedures firms have in place when it comes to cyber-risk management and incident response. It will specifically look into how staff are trained related to cyber-risk management and establish whether firms are taking the proper steps to prevent the loss of data from cyber-attacks.

Cybersecurity was first listed as a major examination category for OCIE in 2015, and focus on the issue has recently started to increase. In 2017 OCIE sent out a risk alert highlighting its findings from examinations relating to cybersecurity. In October last year cybersecurity was a major topic at Private Equity International‘s Private Fund Finance & Compliance Forum 2018 in San Francisco.

“The minute you have a breach, then [the SEC] will come down on you. That’s why it’s so critical to be prepared on the cyber side,” an advisor said at the conference.

OCIE will also be making sure companies have the right policies in place to monitor suspicious activity and prevent money laundering activities. OCIE encourages filing suspicious activity reports with the Financial Crimes Enforcement Network when necessary. The report only mentions broker-dealers, but private equity firms can also be affected by money laundering and therefore should prepare for OCIE to test them on this matter as well.

“Although OCIE emphasized compliance with anti-money laundering requirements applicable to broker-dealers, private fund managers should ensure that all elements of their AML policies and procedures have been implemented and that compliance with those procedures is tested as part of the manager’s annual compliance review,” law firm Kleinberg Kaplan said in a note.

OCIE said it completed more than 3,150 examinations in fiscal 2018, which was up 10 percent from the year earlier. It did not break down how many of those involved private funds, but it did disclose that examinations of investment companies rose by about 45 percent last year.