In December 2003, the SEC adopted Rule 38a-1 under the Investment Company Act of 1940 and Rule 206(4)-7 under the Investment Advisers Act of 1940. Among other provisions, these rules require funds (investment companies and business development companies) and investment advisers to:
- Adopt and implement written policies and procedures reasonably designed to prevent violation of, in the case of funds, federal securities laws and, in the case of investment advisers, the Investment Advisers Act of 1940, including SEC rules issued thereunder;
- Review those policies and procedures at least annually for their adequacy and the effectiveness of their implementation; and
- Designate a chief compliance officer (CCO) to be responsible for administering the policies and procedures.
Many operations of funds and, in some instances, operations of investment advisers are carried out by service providers. Service providers have their own compliance policies and procedures that may affect or be part of a fund's or investment adviser's compliance or internal control over compliance with federal securities laws, individual statutes or provisions thereof, or corresponding SEC rules. It may be impractical for a fund or its CCO to directly review all of its service providers’ policies and procedures. In these circumstances, the SEC considers the fund to have satisfied the requirements of Rule 38a-1 if the fund’s board of directors, in evaluating whether to approve the service provider’s compliance program, uses a third-party report on the service provider’s policies and procedures.
The American Institute of Certified Public Accountants therefore has released Statement of Position (SOP) No. 07-2, Attestation Engagements That Address Specified Compliance Control Objectives and Related Controls at Entities That Provide Services to Investment Companies, Investment Advisers, or Other Service Providers. This SOP is an interpretive publication regarding the application of Statements on Standards for Attestation Engagements primarily to examination engagements in which a practitioner reports on the suitability of the design and operating effectiveness of a service provider’s controls in achieving specified compliance control objectives. The objective of an examination engagement performed under AT section 101, Attest Engagements, would be for the practitioner to report on the suitability of the design (at the end of a specified period) and the operating effectiveness (during the specified period) of the service provider’s controls in achieving the compliance control objectives specified by management of the service provider. A practitioner may also perform agreed-upon procedures related to compliance control objectives and related controls in accordance with AT section 201, Agreed-Upon Procedures Engagements.
|
