8 Things to Do to Prepare for an RIA Audit

5 min read
April 07, 2016

No RIA owner wants to think about getting audited, but it’s a possible reality you may need to deal with if you run your own financial planning firm.

Instead of feeling stressed or scared about what you’ll do if this ever happens to you, how about taking a more productive action? Don’t worry. Educate yourself and know how you can prepare should you ever need to go through an RIA audit or technical visit.

What Happens During an RIA Audit?

It helps to get a sense of what the process looks like.

When you run a state-registered firm, keep in mind that each state is different. That means the auditing process is hard to predict. But generally, the process begins with a documentation request, in which the state will send a long list of documents they want you to prepare for review.

Then, the auditor will visit your office and review all of the documentation they have previously requested. Be prepared for an auditor to scour every inch of your paperwork to find anything that’s not compliant.

Depending on the severity of what they find, they may take one of numerous potential actions:

  • They may issue a letter requesting that the firm correct the items that were found.

  • They may close the firm down.

  • They may suspend the advisor’s registration, preventing them from working for any other firm for a period of time.

  • They may fine the firm.

While these actions sound harsh, you shouldn't be freaked out about audits or technical visits because it is a reality of the business. And being freaked out isn't going to change that.

Yes, audits can lead to businesses being shut down, large fines, and potentially even criminal charges. That in itself makes the subject scary for anyone! But failing to keep informed of the process or potential consequences isn’t a solution, either.

The best thing to do is to work to keep your business compliant, educate yourself, and get support from the right professionals who can help you.

How to Prepare If You’re Audited

Educating yourself and preparing ahead of time can make for a better audit experience. Start by understanding that audits aren't black-and-white, and there is no easy "1-2-3 step" process that you can follow.

The audit of every single financial planning firm will, in some way, be different than another.

But we can try to provide some guidance and additional considerations for audit preparation. And that’s where these 8 actions can come into play for you.

1. You’re Responsible for Your Firm’s Chief Compliance Program

While it would be nice to outsource compliance to the extent that you can be completely hands-off, that is not the reality. As your firm’s designated CCO, you are personally responsible for your Compliance Program.

One surefire way to annoy your examiner is to suggest that “someone else handles that,” when it is against regulations for that to be the case. Accept responsibility as your own CCO and stay proactive.

2. Know What Your Custodian Does and Doesn’t Do

Many RIA owners assume that their clearing firm or custodian is handling items that are, in fact, the firm owner’s responsibility. For items such as trade records, statement/document maintenance, and disclosure delivery, firms should be clear on exactly what their custodians are handling for them.

It’s also important to know exactly what documentation the clearing firm can provide, and what reporting capabilities they have. The faster you can access documentation and reports, the less painful the audit will be.

3. Understand Your Compliance Manual

It’s not fun, but firm owners need to know what’s in their compliance manual and how it ties back to other compliance documents. If your social media policy directly conflicts with something in your compliance manual, then not only will regulators assume that you are confused but that your clients are unclear in their understanding of your documents as well.

The compliance manual (or written supervisory procedures) is the “master document” that governs your firm’s compliance program. If you don’t know what’s in that, the regulators will assume you don’t know very much at all.

You don't want to be your own CCO, and we don't blame you. Check out how much  simpler Registering your RIA with XYPN can be →

4. Only Answer the Questions Asked

Be truthful in your interviews with auditors, but don’t provide any more information than what you’re asked. Audit interviews are nerve-racking, so the tendency to overexplain and unnecessarily elaborate is a common temptation.

The more you say, the more the examiner will be charged with verifying. Just answer what they ask you, and no more.

5. Handle Issues or Errors the Right Way

Inevitably, there will be something an auditor asks and you either know nothing about it, have never heard of it, or have not been in compliance with the subject that they are referring to.

When that occurs, simply ask questions of the auditor until you are clear enough to frame an intelligent answer. If you are completely lost on the subject, then simply indicate that you were “unaware that this was a regulatory requirement for your firm” (assuming this is true), and ask for guidance.

6. Do Not Lie in an RIA Audit!

This is self-explanatory, but it still bears mentioning. Just like your mother told you: if you tell one lie, then you will have to tell two. This truth is grossly magnified when working with auditors.

7. Remember That Examiners Are There to Help You

Even though it seems like audits are created for torture and punishment, you will fair much better if you view them as designed to help you and your firm remain compliant. If you’re operating ethically and genuinely putting forth efforts to remain compliant, then the examiner can become your greatest ally.

This is not to say that you cannot be disciplined or fined, but auditors can serve as invaluable resources for your compliance program. Don’t hesitate to call your regulator at any time.

8. Be Proactive

Don’t wait until you get notice of a visit to start tightening up your Compliance Program. Set aside some time along the way to review your documents, and make notes of anything that you cannot fully explain in an interview.

Log onto your FINRA Firm Gateway, and set up alerts using their website to notify you of important dates and regulatory notices. Take some time to create client lists, and check to make sure they have received ADV and Privacy Policy notices, and check to make sure you can locate their advisory agreements.

Access your Business Continuity Plan from time to time, to make sure it still makes sense for your business. It’ll look a lot better to a regulator if you miss one or two things, if you appear to be on top of everything else.

New call-to-action


Scott GillAbout the Author: Scott Gill is the Director of Keeping Us Compliant here at XY Planning Network. Outside of the office, Scott enjoys watching sports, exercising, and operating the charitable organization he created upon his father’s passing. 

Subscribe by email