Articles & Alerts

New Investment Adviser Outsourcing Oversight Requirements Proposed by the SEC

December 5, 2022

On October 26, 2022, the Securities Exchange Commission (SEC) released a proposed rule under the Investment Advisers Act of 1940. According to the SEC, increased outsourcing and its associated risks of client harm are contributing to this latest proposal, despite the existing legal framework regarding investment advisers’ duties and obligations. As stated in the proposed rule release, an investment adviser cannot just “set it and forget it” when outsourcing. Registered investment advisers’ due diligence on third-party service providers will be standardized under proposed Rule 206(4)-11 (“the Proposed Rule”) by creating a consistent oversight framework for the industry. We’ve summarized some of the requirements for the proposal in this article.

Outsourcing Oversight Requirements

In the proposed rule release, the SEC makes it clear that disclosure alone will not be enough. As an investment adviser, it is the adviser’s responsibility to ensure that the service provider is appropriately overseen and complying with federal securities laws and that there is no negative impact on the adviser’s clients. Upon adoption, the Proposed Rule would apply to SEC-registered investment advisers that outsource “covered functions.” The definition of a “covered function” has two parts:

  1. A function or service that is necessary for the adviser to provide for its investment advisory services to be in compliance with the federal securities laws; and
  2. That, if not performed or performed negligently, would be reasonably likely to cause a material negative impact on the adviser’s clients or on the adviser’s ability to provide investment advisory services.

As part of the due diligence process, advisers need to identify and determine if it would be appropriate to outsource the covered function, as well as whether it would be appropriate to choose the service provider based on the following factors:

  • The nature and scope of the services;
  • Potential risks resulting from the service provider performing the covered function (including how to mitigate and manage such risks);
  • The service provider’s competence, capacity, and resources necessary to perform the covered function;
  • The service provider’s subcontracting arrangements related to the covered function;
  • Coordination with the service provider for federal securities law compliance; and
  • The orderly termination of the provision of the covered function by the service provider.

Therefore, if an adviser decides to outsource a covered function, the Proposed Rule requires that they:

  • Perform due diligence before outsourcing and monitor performance periodically;
  • Maintain records and books related to due diligence and monitoring;
  • Amend the Form ADV to collect information about advisers’ use of service providers; and
  • Perform due diligence on third-party recordkeepers and obtain reasonable assurances from them.

Proposed Form ADV Amendments: New Part 1 A, Item 7.C. and Related Section 7.C. of Schedule D

New Item 7.C. would require SEC-registered advisers to indicate whether they outsourced any covered functions to a service provider. Having this information for each listed service provider would help the SEC better understand the extent to which the adviser’s operations depend on one or more service providers. Specifically, the amendments would require registered advisers to:

  • Identify their service providers that perform covered functions;
  • Provide the location of the office principally responsible for the covered functions;
  • Provide the date they were first engaged to provide covered functions; and
  • State whether they are related persons of the adviser.

Proposed Books and Records Maintained by Third Parties

When an adviser outsources recordkeeping functions without sufficient oversight, the risk that an issue with an adviser’s books and records may arise can increase. In accordance with the Proposed Rule, advisers who use third-party recordkeepers must perform the above-described due diligence and monitoring of those third parties, and obtain reasonable assurances that the third-party recordkeeper will:

  1. Adopt and implement internal processes and/or systems for making and/or keeping records that meet the requirements of the recordkeeping rule applicable to the adviser in providing services to the adviser;
  2. Make and/or keep records that meet all of the requirements of the recordkeeping rule applicable to the adviser;
  3. Provide access to electronic records; and
  4. Ensure the continued availability of records if the third party’s operations or relationship with the adviser ceases.

To protect clients and enhance oversight of advisers’ outsourced functions, the SEC believes that more needs to be done. If adopted, all advisers registered with the SEC must comply with the rule starting 10 months from its effective date. For additional proposed rules related to this SEC Rule 206(4)-11 proposal, please click here.

As always, if we can be of any assistance, please do not hesitate to reach out to your Anchin Relationship Partner.