On Feb. 15, the Securities and Exchange Commission (SEC) proposed significant amendments to Rule 206(4)-2 (Custody Rule) under the Investment Advisers Act of 1940 (Advisers Act). The proposed changes would redesignate the current Custody Rule as new Rule 223-1 under the Advisers Act (Safeguarding Rule) and would reshape the obligations of both SEC-registered investment advisers (RIAs) and qualified custodians under the existing rule. We summarize some of the more salient proposed changes below, and the full SEC release and proposed changes can be found here.
The Safeguarding Rule would expand the types of investments covered by the current Custody Rule by extending it to all client “assets” rather than only to client “funds and securities.” “Assets” would be defined to mean “funds, securities, or other positions held in a client’s account,” and the proposal explicitly mentions crypto assets, financial contracts and other assets that previously may not have been covered by the phrase “funds and securities.” In addition, with respect to the definition of “custody,” the Safeguarding Rule would explicitly include discretionary authority over a client’s assets as something that would trigger the rule.
The Safeguarding Rule would require that an RIA maintain client assets with a qualified custodian that has “possession or control” over those assets. “Possession or control” would be defined to mean holding assets such that (i) the qualified custodian is required to participate in any change in beneficial ownership of those assets, (ii) the qualified custodian’s participation would effectuate the transaction involved in the change in beneficial ownership and (iii) the qualified custodian’s involvement is a condition precedent to the change in beneficial ownership.
In addition, the Safeguarding Rule would require an RIA to enter into a written agreement with, and receive certain written assurances from, the qualified custodian to ensure that the custodian will provide certain protections when maintaining client assets. The protections to be contained in the written agreement must include (i) requiring the qualified custodian to promptly provide, upon request, records relating to client assets to the SEC or to an independent public accountant, (ii) requiring the qualified custodian to, at least quarterly, send account statements to the client and the RIA identifying the amount of each client asset held in the account and all transactions in the account during such period, (iii) requiring the qualified custodian to, at least annually, provide the RIA with a written internal control report that includes an opinion of an independent public accountant as to whether the controls in place are suitably designed and effective[1] and (iv) specifying the RIA’s agreed-upon level of authority to effect transactions in the custodial account and any applicable terms or limitations.
The Safeguarding Rule would also require RIAs to obtain reasonable assurances that the qualified custodian will (i) exercise due care in accordance with reasonable commercial standards in discharging its duty as custodian and implement appropriate measures to safeguard client assets from theft, misuse, misappropriation or other similar types of loss, (ii) indemnify the client against losses in the event of the qualified custodian’s negligence, recklessness or willful misconduct, (iii) not be excused from its obligations to the client due to any sub-custodial or other similar arrangement, (iv) clearly identify and segregate client assets from the custodian’s proprietary assets and liabilities and (v) not subject client assets to any right, charge, security interest, lien or claim in favor of the qualified custodian or its related persons or creditors, except to the extent agreed to or authorized in writing by the client.
The definition of “qualified custodian” under the Safeguarding Rule would continue to include foreign financial institutions (FFIs) as under the current Custody Rule. However, for an FFI to be a qualified custodian under the Safeguarding Rule, certain new criteria would need to be met, such as the RIA and the SEC being able to enforce judgments against the FFI and the FFI being regulated by a foreign country’s government as a banking institution, trust company or other financial institution that customarily holds financial assets for its customers.
The Safeguarding Rule proposes an exception from the obligation to maintain client assets with a qualified custodian with respect to physical assets and privately offered securities so long as (i) the RIA reasonably determines and documents in writing that ownership cannot be recorded and maintained in a manner in which a qualified custodian can maintain possession, or control transfers of beneficial ownership, of such assets, (ii) the RIA reasonably safeguards the assets from loss, theft, misuse, misappropriation or the RIA’s financial reverses, including the RIA’s insolvency, (iii) the RIA enters into a written agreement with an independent public accountant pursuant to which the accountant will verify any transfers of such assets and will notify the SEC within one business day upon finding any material discrepancies, (iv) the RIA notifies the aforementioned accountant of any transfer of such assets within one business day and (v) the existence and ownership of such assets are verified during an annual surprise examination or as part of a financial statement audit.
Under the Safeguarding Rule, RIAs with custody of client assets would be required to segregate those assets by (i) titling or registering the assets in the client’s name or otherwise holding the assets for the client’s benefit, (ii) not commingling client assets with the assets of the RIA or any of its related persons and (iii) not subjecting the assets to any right, charge, security interest, lien or claim of any kind in favor of the RIA or its related persons or creditors, except to the extent agreed to in writing by the client.
The Safeguarding Rule would continue to rely on the protections provided by independent public accountants. However, in light of the proposed broadening of the definition of “custody,” the SEC proposes to offer exceptions to the surprise examination requirement when the RIA’s sole reason for having custody is because (i) it has discretionary authority that is limited to instructing the qualified custodian to transact in assets that settle only on a delivery versus payment basis or (ii) the RIA is acting according to a standing letter of authorization, subject to certain requirements being included in such letter of authorization. Additionally, the proposal would expand the scope of who can satisfy the rule’s surprise examination requirement through financial statement audits by specifying that any entity, rather than only limited partnerships, limited liability companies or other types of pooled investment vehicles, can rely on the audit provision.
The proposal would also amend Rule 204-2 under the Advisers Act to require certain new recordkeeping requirements related to client account and custodian information. In addition, the proposal calls for amendments to Form ADV to align with the proposed enhanced reporting obligations. Form ADV Item 9 would include new reporting requirements with respect to client assets and the qualified custodians and public accountants that have been engaged.
In connection with the proposed changes, the SEC is requesting comments. The comment period will be open for 60 days after the date of publication of the proposal in the Federal Register.
[1] Unlike the current Custody Rule, the Safeguarding Rule would require the internal control report regardless of whether the RIA or its related person acts as the qualified custodian.