By William Campbell Ries, Esq.

One of the significant challenges facing the providers of trust and investment management services is establishing and maintaining an effective compliance program. This is particularly daunting because these providers must comply with the rules and regulations issued by multiple regulators, including bank regulators, the Securities and Exchange Commission (SEC), the Department of Labor (DOL), the Internal Revenue Service (IRS), the Federal Trade Commission (FTC) and state fiduciary and insurance regulators. The failure to establish and maintain an effective compliance program can lead to significant risks, including litigation, regulatory sanctions and customer dissatisfaction. Civil money penalties may be imposed by the regulators on directors, officers and employees for violations of these laws or regulations. The penalties range from civil money penalties of $5,000 per day up to $1,000,000 per day for more serious violations. An effective compliance program can reduce such risks and provide protection to the organization's board of directors.

An effective compliance program requires the identification of risks so that appropriate policies and procedures can be adopted to address them. The institution’s board of directors must identify and establish appropriate risk levels which the financial institution is willing to assume based upon its size, diversification of its product line and the extent to which risks can be controlled. The program must also include risk supervision which involves ensuring that adequate policies and procedures are established to supervise risk on an ongoing basis and that the responsibility for supervising risk is assigned and controlled. Finally, an effective risk management program must include the ability to monitor controls and systems to ensure that risks are being adequately monitored.

An effective risk management program is particularly important to the institution’s management because the board of directors has ultimate responsibility for ensuring compliance with laws and regulations. In order to carry out this responsibility, it has become increasingly important for management to recognize both the scope and implications of the various laws and regulations as they impact the financial institution’s trust and investment management activities. Because of the number and complexity of laws and regulations affecting these activities, substantial financial exposure may result from potential losses and legal actions resulting from poor compliance practices.

Because of the scope and complexity of these laws, knowledgeable counsel can provide valuable assistance in establishing and maintaining an effective compliance program. Experienced counsel, who is familiar with the areas of exposure, can assist in identifying potential risks and in establishing policies and procedures to avoid potential liability.

The following steps should be an integral part of an effective compliance program:

Identify the Risks

The first step in any compliance program is to identify potential risks. It is important to develop an awareness of the issues which impact liability. Unless risks can be identified, they cannot be addressed.

Engage Knowledgeable People

In order to identify risks, you must utilize knowledgeable people. If internal personnel do not have the requisite expertise to recognize and deal effectively with compliance problems and potential violations, it is important to work with outside parties such as experienced legal counsel and accounting firms.

Develop Policies and Procedures

Effective policies and procedures must be established to identify and manage risks. Adequate policies and procedures are required by all regulators. Policies and procedures must be understandable, practical and workable.

Conduct Audits

In order for a compliance program to be monitored, periodic audits must be conducted. This includes audits by both internal and external auditors. Legal audits conducted by competent counsel are particularly useful because they are independent and can help to support actions which management and compliance personnel have taken or proposed to reduce the risk of liability.

Engage Experienced Counsel

Financial institutions should consider utilizing counsel with experience in trust and investment matters to address technical issues. Many times experienced counsel can resolve issues in the early stages and can avoid the time and expense needed to resolve problems before they have gone too far. The attorney-client privilege may be available to protect the confidentiality of counsel’s advice from third parties.

Review Fees and Incentives

Make sure your fees are authorized, disclosed and reasonable. Also review your compensation structure and incentives. Sometimes inappropriate incentives can lead to significant liability.

Communicate and Disclose

Communicate your fees, your practices and other material information that the clients need to know before they purchase a product or service. If the customer understands the product and its risks, he or she will be much less likely to complain later if market conditions change.

Review Sales Literature

Many financial institutions have been sanctioned for distributing false and misleading sales literature. This is particularly important to review for SEC-regulated products and services.

Document Compliance Efforts

It is important to document compliance efforts to demonstrate to regulators that you have an effective compliance program. A strong problem resolution program can provide assurances to management and regulators that your organization is compliance-minded in meeting customer concerns. Resolve customer complaints as soon as possible.

Conduct Suitability Reviews

Suitability is always a key responsibility in selling retail products, brokerage products and investment management products. It is a violation of fiduciary duty to sell a product or service to a customer if it is not suitable for that customer. Determine the customer’s needs, level of risk and objectives prior to recommending a particular product or service.

Review Privacy Policies

The Gramm-Leach-Bliley Act requires providers of financial services and products to develop and disseminate a privacy policy. Compliance with the privacy policy must then be monitored.

Address Money Laundering

Each financial institution must establish policies and procedures to comply with money laundering regulations. Serious sanctions can result from failure to maintain an effective money laundering policy.

Overall, financial institutions providing trust and investment management services are required by law to establish and maintain an effective compliance program. The development of an effective compliance program is complicated by the numerous laws and regulations which govern the products and services offered. It is also complicated by the number of regulators which oversee the various products and services offered. An effective risk management program can protect management and the board of directors from liability. It also makes good sense from a business point of view because poor practices can lead to the loss of revenue and customers.

We would be pleased to assist you in identifying potential risks and in helping you to establish an effective compliance program. We can also assist you in conducting a legal audit to monitor various legal risks arising from your business activities. Our Investment Management and Fiduciary Services Group members are also available for consultation on developing a privacy policy and a money laundering policy.