Regulation Best Interest, Cybersecurity Top Concerns at IAA 2019 Compliance Conference

The Investment Adviser Association (IAA) represents the interests of investment advisers in Washington D.C., and the IAA Investment Adviser Compliance Conference 2019 was a forum for the discussion of future potential rulemaking. Cybersecurity and Fiduciary Rule considerations were headline topics, with custody and marketing right behind. The following is a summary of key issues discussed during the two-day event:

The Fiduciary Rule: Regulation Best Interest (BI)

During a fireside chat that formally kicked off the event, SEC Commissioner Robert Jackson, Jr. expressed that Regulation BI is designed to make clear throughout the industry that financial service providers must place the interests of investors above their own interests. He further noted that the “cost of conflicted advice is high” and that we need more evidence on the subject. Although he voted to move the rule proposal ahead, Commissioner Jackson does not support the current proposal as final because the SEC’s “economic analysis was not a serious attempt” to evaluate the effects of the rule.

Cybersecurity and Privacy

Cybersecurity remains a complex and evolving issue in the advisory world, with Commissioner Jackson expressing a belief that cyber crime is a “war against our lifestyles.” Conference attendees agreed in a poll, ranking cybersecurity as the greatest compliance challenge for 2019. Commissioner Jackson noted that he believes that public companies need a bright-line rule regarding when to report cyber breaches in 8-K’s.

In a private equity session, panelists agreed that cyber reviews should be a standard part of the due diligence of portfolio companies. It is crucial for PE firms to determine evaluation strategies for portfolio companies as well as how active they need to be to establish privacy and security programs both at the beginning and throughout the relationship. Commissioner Jackson offered reassurance that the SEC does not punish firms trying to do the right thing. OCIE Chief Counsel Daniel Kahl also indicated that the industry could expect future risk alerts pertaining to Regulation S-P and regulation S-ID, but Sharanya Mitchell, Senior Global Regulatory Counsel and Chief Privacy Officer of Cohen & Steers Capital Management, does not believe new federal legislation will happen in this area before the adoption of the California Consumer Protection Act.


Division of Investment management Director Dalia Blass stated that the SEC is “reviewing the Custody Rule holistically” and looks forward to more industry input. This echoes back to her 2018 appearance at the same conference, where she acknowledged “there are so many big questions in the custody space.”


Director Blass also reiterated that marketing is on the Commission’s short-term agenda, as we had learned in SEC Chair Jay Clayton’s year-end Reg Flex update. She indicated that the staff anticipates presenting the Commission with recommendations in the near future. The rule adopted in the early 1960s predated the internet, and the “current regime does not sync well with the current real-world environment.”

“When I go to Amazon I review ratings by others,” she added, saying that the prohibition on testimonials presents challenges and is “not in line with how folks currently live their lives.”

Overall, there was not a lot of detail about what the rules will say but in totality, it represents a forewarning that compliance will have more changes ahead.

  • Post written by Keith Marks

Ascendant/CSS offers a broad service program designed to ensure strong cyber practices at portfolio companies, including our powerful cybersecurity solution, Shield. Additional solutions include our trading surveillance and compliance software, Sentry; and our regulatory reporting and filing platform, Consensus, which handles filings including Form PF, Form ADV, Form N-Port, and more. Contact us to learn more.

Related Content

Latest Content

Takeaways and Tips Related to SEC Risk Alert on Regulation S-P

On April 16, 2019, the SEC released a Risk Alert providing a list of compliance issues related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment advisers and broker-dealers. As with other risk alerts, these were deficiencies noted by OCIE in regulatory examinations. Though the deficiencies were fairly common … Continued

How to Be a Wildly Effective Compliance Officer

Being a Compliance Officer is no easy task. Administering a compliance program, implementing controls to help protect clients and the firm, and staying on top of new regulations is only part of the job. Compliance Officers are also expected to be flexible and pro-business. So how do you do it all? How can you be … Continued

Mitigating the Risk of Insider Trading

One of the biggest risks affecting investment advisers is the potential that material non-public information (“MNPI”) may be misused, leading to a charge of insider trading. Advisers should implement controls to mitigate these risks. Steven Stone of Morgan, Lewis & Bockius, LLP, Salvatore Cincinelli of the FBI and David Chaves of Tone at the Top … Continued

Compliance 2.0 – Being a Strategic Partner in Your Firm

Compliance as a profession continues to evolve. With Enron, Bernie Madoff and numerous other failures paving the way for rulemaking across industries and nations, the days of drawing a short straw, getting drafted into a compliance role and operating in isolation outside of the business are – or should be – ancient history. Since the … Continued

Big Data Part III: Preparing for the Future of Global Regulatory Governance

United States and European Union reporting requirements imposed on investment managers have exploded since the Global Financial Crisis and, with the imminent arrival of SFTR in Europe, it seems poised to expand again. The challenge of reporting trades, transactions and contracts in multiple jurisdictions requires firms to embrace technology as regulators continue to look to … Continued

Mailing List

Subscribe to the Ascendant Compliance email list for the latest compliance resources, conferences, ComplianceCasts™, and more.

Loading form...

Contact Us

Ascendant works together with clients to identify and assess critical needs through customized plans. If you need assistance with compliance functions, regulatory services, cybersecurity or technology tools, we’d love to speak with you.