Nevermind Zombies and Ghouls; SEC Audits are a Real Nightmare for RIAs

Destiny A. Lopez  |

I think all can agree that audits are no fun. Whether on an individual or corporate level, audits can be time consuming, costly, and, overall, a pain. However, audits are in place in order to deter one from even considering any financial funny business. Because, especially these days, a person’s or company's financial indiscretions can be uncovered. Speaking of companies and organizations, audits are also in place to protect clients and consumers. However, for years, according to Wealth Management, consumer advocates have repeatedly called out the Security and Exchange Commission for its infrequent review and monitoring of registered investment advisors (RIAs). Well, in recent years, the SEC has heard the advocates pleas; and, in a real horror movie like twist, have begun to crack down on RIA’s.

Announced earlier this month, the SEC enforcement results revealed the following staggering facts:

  • 868 enforcement actions were filed exposing financial reporting-related misconduct by companies and their executives and misconduct by registrants and gatekeepers.
  • Among the actions, Aequitas Capital Management, was charged for concealing its diminishing financial state while continuing to raise more than $350 million from 1,500 investors.
  • Among the actions, failing to disclose conflicts of interest to clients landed J.P. Morgan wealth management subsidiaries in hot water; hot water being the filing of a $267 million enforcement action.

“By every measure the enforcement program continues to be a resounding success holding executives, companies and market participants accountable for their illegal actions,” said SEC Chair Mary Jo White. “Over the last three years, we have changed the way we do business on the enforcement front by using new data analytics to uncover fraud, enhancing our ability to litigate tough cases, and expanding the playbook bringing novel and significant actions to better protect investors and our markets.”

Thanks to recent developments, not to mention the growing concerns regarding cybersecurity, the Consumer Financial Protection Bureau (CFPB) is becoming recognized as a force in the financial and business sector. As reported by the RIA Compliance Blog, the CFPB, earlier this year, took on the online payment platform, Dwolla, bringing a cybersecurity enforcement action against the company. Although Dwolla alleged that its cybersecurity practices exceeded industry standards, the CFPB uncovered that, in this case, the company’s cybersecurity practices did not meet industry standards. By bringing this action against Dwolla, the company’s non-compliance highlights not only the increasing scrutiny being placed on financial regulators on cybersecurity practices; but that, yes, these instances do occur and can result in consequences for unknowing clients and consumers.

At this point in the tech age, most have been affected by cybercrime in one way or another. With recurring instances of massive data breaches, identity theft, and disgruntled employees causing company-wide vulnerabilities, cybersecurity solutions are in demand and, as reported by Cybersecurity Ventures, the market is estimated to reach $170 billion annually by 2020.

For businesses, particularly those operating in the financial sector, implementing effective cybersecurity measures can mean the difference between conducting business as usual or, potentially, losing everything not only for the organization; but, their clients as well. So, what the lesson here for RIA’s in regards to the SEC and the CFPB? RIA’s, now having real examples of what happens when one is not compliant both financially and regarding cybersecurity, may find it not only beneficial, but absolutely necessary to seek out experts within the sector in order to meet and exceed regulations and standards. According to ThinkAdvisor, some actions that can be taken include:

  • Reach out to IT staff or vendors and find services that aim to secure and protect the company network and client information.
  • Consider purchasing insurance that covers damages as a result of a hacking or data breach.
  • Adopt a written cybersecurity policy tailored specifically to one’s business practices and information technology framework.

One company that is recognized as the global standard for secure and certified electronic communications is RPost. For over a decade, RPost has aided a number of companies avoid a SEC audit nighmare by helping those reach compliance, while improving productivity with its services portfolio, including its patented Registered Email™ technology. To learn more about RPost, visit

Equities will continue to report on the Cybersecurity sector as stories continue to come to light.

Sign up for our Free Newsletter

DISCLOSURE: The views and opinions expressed in this article are those of the authors, and do not represent the views of Readers should not consider statements made by the author as formal recommendations and should consult their financial advisor before making any investment decisions. To read our full disclosure, please go to:



Symbol Last Price Change % Change






Can the Media Solve the Partisan Conflict?

Andrew McCarthy, Contributing Editor, The National Review; Michael Zeldin, CNN Legal Analyst; Celeste Katz, Senior Political Reporter, Glamour; Silvia Davi, SVP, Contributing Editor,; and Doug Simon, CEO, D S Simon Media discuss how the media’s role has shaped the landscape for communicators and what the media is trying to do to reduce discord in society.