On November 9, 2015, the SEC’s Office of Compliance Inspections and Examinations issued a Risk Alert, noting that some of the outside CCOs that were examined were not sufficiently competent, knowledgeable of the business of the company or the federal securities laws or empowered with full responsibility, resources and authority to develop and enforce appropriate policies and procedures for the company. Observations of the SEC’s staff include:

  • Outsourced CCOs should frequently and personally interact with the registered investment advisers (“RIA”) employees (in contrast with impersonal interaction, such as electronic communication or pre-defined checklists) to obtain a better understanding of the RIA’s businesses, operations, and risks.
  • Outsourced CCOs with a strong grasp of the RIA’s businesses, operations, and risks can better identify and remedy inconsistencies between the compliance policies and procedures and the RIA’s actual business practices.
  • Outsourced CCOs that served as the CCO for numerous unaffiliated firms, generally, lack sufficient resources to perform compliance duties.
  • Annual reviews performed by outsourced CCOs, who were able to independently obtain the records they deemed necessary for conducting such reviews, more accurately reflected the RIA’s actual practices than annual reviews conducted by CCOs, who relied wholly on the firm to select the records subject to their review.
  • It is a bad fact if the RIA’s employees have discretion to determine which documents were provided to the outsourced CCOs.

In light of these findings, the SEC recommends that advisers and funds with outsourced CCOs review their business practices to determine whether their practices comport with their responsibilities as set forth in the Investment Advisers Act and the Investment Company Act.

Please see here for the SEC’s Risk Alert on outside CCOs.

CCO Takeaways

– RIAs that are using or considering using an outside CCO should carefully consider the SEC staff’s observations about how outside CCOs should interact with the employees of the RIA, in order to emulate the best case cited by the SEC staff. Given the thoughtful guidance and the attention to outside CCOs that preceded the guidance, the use of an outside CCO will result in the SEC staff approaching an examination with these views in mind.


For further information regarding the foregoing, please contact Thomas Devaney (TDevaney@sheppardmullin.com; 212-634-3042), Jung Yeon Son (JSon@sheppardmullin.com; 650-815-2676), or Angela Kim (AngelaKim@sheppardmullin.com; 213-617-5453).


This update has been prepared by Sheppard, Mullin, Richter & Hampton LLP for informational purposes only and does not constitute advertising, a solicitation, or legal advice, is not promised or guaranteed to be correct or complete and may or may not reflect the most current legal developments. Sheppard, Mullin, Richter & Hampton LLP expressly disclaims all liability in respect to actions taken or not taken based on the contents of this update.