In the last e-news article we discussed how to prepare for an SEC examination. Now, it is important to remember these best practice tips to use during the actual examination.

The SEC's examination program focuses strongly on the firm's culture of compliance, including "tone at the top" and effectiveness of the compliance program. To evaluate these areas, the Staff frequently reviews such items as firm e-mail communications (particularly to and from senior management team members), the compliance program's Annual Review report, lists of material and/or repeat minor violations unveiled by the firm during the examination period and what actions, if any, were taken by the firm to address violations.

It is critical for key employees to be prepared for and understand the examination process. They should be knowledgeable about the firm's policies and procedures for which they oversee and are accountable. The Staff will ask to speak to specific employees responsible for business risk areas such as trading, portfolio management, operations, finance and legal/compliance. Prior to meeting with the Staff, ensure that the designated employee is the most appropriate and knowledgeable person to speak to the applicable policies, procedures and the documentation, reports and tests used as internal controls for that particular area. Also, consider conducting a "practice" interview to help the employee prepare for the Staff's questions. Remind the employee to always be honest and forthcoming with the SEC.

First impressions say a lot about the firm and its culture of compliance. The opening interview often sets the tone for the examination. Consider preparing a presentation which covers, among other matters, an overview of your organization, your affiliates, the products and services offered, the firm's internal control environment and your compliance culture.

For your document production, make sure that all files are clearly labeled and in the order requested by the Staff. Remember that the goal of your document production is to demonstrate the effectiveness of your firm's compliance processes. Therefore, documentation should reflect how your daily processes and workflows help to achieve compliance with your firm's policies and industry regulations. Consider whether a brief memo or narrative may be needed to describe the purpose and flow of your firm's internal controls.

During the initial interview, set the ground rules for the examination and points of contact for the Staff. For example, establish early on who is the firm's primary contact for the Staff, what days and times interviews will be conducted, who from the Staff will explain the purpose and scope of the interview, who must be present for the interview (the CCO, legal counsel, etc.) and expected duration of the Staff's in-house examination.

In addition, determine whether the firm will provide copies to the Staff of documents they wish to duplicate. It is very important to at least duplicate copies of all documents produced to the SEC examiners, and you may wish to consider a third set for your outside counsel. For initial and supplemental production, remember that all documents should be Bates stamped and Freedom of Information Act stamped. These numbers will be referred to by the Staff during the exam and will be referenced on your firm's privilege logs.

The CCO typically has three roles during the examination process: educator, gatherer and provider.

Educator. The CCO often serves as the primary point of contact for the examiners. Therefore, the CCO generally is present for the initial interview and educates the Staff about the firm, its products and services, and how they have changed since the last examination. Thereafter, the CCO is present for most, if not all interviews, and answers or finds the answers to questions that the firm's employees may not readily know. During the examination process, the CCO's role is to proactively establish the firm's internal control and risk management environment at the on-set. This is accomplished by:

• Demonstrating how the firm has updated its policies and procedures to correct, detect and prevent violations of the federal securities laws;
• Evidencing where the compliance program enhanced its tests that were done previously; and
• Explaining the type of testing performed on various policies and procedures (transactional, periodic and forensic).

Gatherer. During the course of the examination, the Staff may ask for new or supplemental documents to review. The CCO and Compliance Department generally are responsible for gathering and organizing these documents for production. But beware: sometimes examiner requests may involve documents from non-regulatory members in your group of companies that the firm may not be obligated to produce. The CCO should carefully review each document request prior to production and question the Staff about its relevance or applicability if it appears the request goes outside the scope of the examination. As a practice tip, the CCO should carefully review the disclosure documents that the SEC provides at the inception of the exam. These disclosures will help the CCO to understand the SEC's lawful reach and prepare the CCO to recognize when it is exceeded.

Provider. The CCO often is the liaison responsible for providing important information to the examiners and firm senior management team. Therefore, the CCO must be fully aware of all of the moving parts during the examination, which includes, among other things:

• Location and Daily Schedules of the Staff
• Which firm personnel is to be interviewed
• The scope of all Staff interviews
• List of documents requested by the Staff
• Location of duplicate copies of documents produced to the Staff
• Persons to be present during the exit interview
• How to reach outside counsel, if needed

Finally, it is critical for firm members to demonstrate competency and knowledge of the firm's compliance program, particularly for their personal areas of responsibility. Can firm supervisors clearly articulate their risk controls, oversight and supervision of critical practice areas? Do managers understand their roles, responsibilities and escalation processes within the organization? Can employees express the firm's e-mail etiquette - on what to say and what not to say? Do personnel know how the firm communicates newly adopted firm policies - through departmental meetings, trainings, e-news bulletins or teleconferences?

In her 2004 speech, "The New Compliance Rule: An Opportunity for Change," Lori Richards Director of the SEC's Office of Compliance Inspections and Examinations, provided the following guidance.

"Compliance staff should continually be asking: Are we detecting problematic conduct with this policy? Based on what we've detected, should we alter our policy? Is there a better way to detect problematic conduct?....Were the actions we took, once problematic conduct was detected, adequate to deter problematic conduct by this individual or others?"[1]

Being able to answer these questions articulately and competently is essential to today's examination process. Given the complexity of the processes, many advisers elect to conduct a mock SEC examination to help them gain the competency (and confidence) on how to best approach the examination process. A mock regulatory examination helps firms to identify risks-management and training necessary for their compliance program. Knowledge of what gaps exist in the compliance program, demonstrating how the firm has enhanced its policies, having on-going training and articulating what steps the firm takes to deter problematic conduct from occurring are key essential components for establishing your firm's core competencies with the Staff.