How Do You Choose the Right Compliance Consultant for Your RIA?

RICHARD CHEN • September 6, 2023
13 minute read

The volume and complexity of regulations facing investment advisers continues to grow, and regulators, especially the U.S. Securities and Exchange Commission (SEC), are proactively bolstering their efforts to scrutinize advisers to ensure that their compliance programs are reasonably designed to ensure compliance with securities laws. Advisers that fail to develop, implement and manage their compliance programs in a manner that satisfies regulatory expectations face the specter of censures, monetary penalties and suspensions or disqualifications from regulators, as well as reputational harm to their businesses. With this background in mind, most investment advisory firms have turned to outside compliance consultants for support.

Fortunately, there are many options out there when it comes to compliance consultants, but choosing the right option is a common struggle for many investment advisers, particularly given the difficulty in understanding what compliance personnel do, discerning the differences among the numerous compliance consultants, and determining the adviser’s exact compliance needs. This article will provide a blueprint to help advisers determine how to choose the right compliance consultant for their firm. Among other things, we will provide:

  • A general summary of what compliance personnel do;
  • Survey the different types of compliance consulting services in the marketplace;
  • Describe the factors advisers should consider in selecting a compliance consultant;
  • Describe some common mistakes advisers make when selecting a compliance consultant; and
  • Provide some practical guidance advisers can use when vetting compliance consultants to make the right choice for their firm.

What Do Compliance Consultants Do?

Before embarking on a discussion of the different compliance consulting solutions out there, it’s important for advisers to understand the basic expectations that regulators have when it comes to adviser compliance and what compliance personnel (whether internal or through outside compliance consultants) do to support a firm’s compliance efforts. First, the SEC and most states require investment advisers to adopt compliance policies and procedures designed to prevent violation of applicable securities laws. These policies and procedures must be customized to the business of the adviser, which requires that the person drafting the policies and procedures take the time to clearly understand the adviser’s business, organizational structure and operations, and how to draft procedures that will keep the firm compliant with applicable securities laws. Once adopted, advisers have an obligation to ensure that the policies and procedures that are adopted are being followed, and such efforts must be clearly documented – otherwise, regulators such as the SEC will assume that the policies and procedures are not being followed. For instance, if the policies and procedures require the adviser to take certain steps when it comes to conducting due diligence on investments or conducting trading activities, the adviser must document that such steps were taken to show that it followed such policies and procedures. Most advisers significantly underestimate the amount of time and effort required to document their efforts to comply with their policies and procedures.

Compliance personnel perform numerous tasks on a day-to-day basis designed to ensure that the adviser remains in compliance with applicable securities laws. Among other things, compliance personnel review reports to identify if any compliance issues arise, review marketing and other materials to ensure they comply with applicable securities laws and prepare and update regulatory filings to ensure that the firm is providing current and accurate information to regulators and the public.

Compliance personnel are also tasked with interpreting applicable securities laws to determine whether and how they apply to the adviser’s business and operations. This requires that the compliance personnel be sufficiently knowledgeable and experienced to understand how to interpret the applicable securities laws and regulations, including understanding how the applicable regulators are approaching such regulations through formal and informal guidance, such as risk alerts, no-action letters and speeches. Incorrect interpretations on such compliance matters can potentially result in severe consequences for an adviser.

Next, the SEC and certain states require that advisers periodically review, test and update their compliance policies and procedures to ensure that they continue to be reasonably designed to prevent violations of the securities laws. This requires compliance personnel to evaluate to what extent compliance policies and procedures are being followed, how the adviser’s business or operations have changed, and how regulatory guidance or requirements have changed. To the extent that any of these circumstances requires updates to the adviser’s compliance policies and procedures, compliance personnel must make timely and appropriate revisions to the firm’s compliance policies and procedures. Therefore, compliance personnel must be in ongoing communication with the adviser’s management to understand how the compliance program is functioning and whether any changes must be made to ensure that the adviser remains in compliance with applicable requirements.

In addition, in the case of advisers registered with the SEC, the SEC expects an individual to be designated as the chief compliance officer (CCO) of the firm if they are responsible for ensuring that the compliance program is functioning in a manner that ensures that the advisory firm is complying with federal securities laws. It’s vital to note that the SEC can impose sanctions (including censures, monetary penalties and/or suspensions or disqualifications) on individuals who assume the role of the firm’s CCO, and the SEC has sanctioned several CCOs personally in the past. As a result, anyone who assumes the role of the CCO should be sufficiently qualified or have support to ensure that the individual can perform the role in a manner as to minimize the likelihood of personal liability.

 Advisers need compliance personnel who are sufficiently knowledgeable about and experienced in the advisory industry and applicable compliance landscape and can spend an adequate amount of time to support the adviser’s compliance program to ensure that the adviser stays in compliance with applicable regulatory requirements. Compliance consultants can help with some or all of the above functions as needed by an adviser.

What Types of compliance Consultants Are Out There?

The compliance consultant landscape is vast, and there is no easy way to categorize compliance consultants into separate buckets. Therefore, we will attempt to survey the landscape by describing the types of services available, the ways those services are offered and the pricing options available to advisers.

In terms of service offerings, most compliance consultants can perform most or all of the general functions outlined above, depending on the adviser’s needs. However, compliance consultants can provide other valuable services to an adviser. For instance, compliance consultants can conduct mock (or simulated) examinations that help an adviser prepare for an actual regulatory examination. These mock audits can be valuable because they help advisers:

  • Understand the types of information a regulator is likely to request;
  • Identify if there are gaps in the documentation that advisers are required to maintain;
  • Understand the types of questions that regulators will ask the adviser;
  • Identify if there are any gaps in the adviser’s compliance program; and
  • Demonstrate to the regulator that the adviser is serious about ensuring compliance with applicable regulatory requirements.

In addition to mock exams, compliance consultants can assist advisers in the course of an actual regulatory exam, including:

  • Facilitating production of documents and information requested by the regulator;
  • Responding to inquiries from the regulator;
  • Preparing advisers for interviews the regulator; and
  • Responding to letters from regulators that have identified any deficiencies in the adviser’s compliance program.

Some compliance consultants (i.e., those doing business through law firms) can provide representation should an adviser become embroiled in an investigation or enforcement action because of serious compliance violations identified during an examination.

Compliance consultants vary in the types of investment advisers they support. Some compliance consultants serve SEC-registered advisers; others serve state-registered advisers; and some serve both. It’s important to know that the rules and regulations (as well as the regulators) governing SEC and state-registered advisers vary significantly, and so it’s important to hire a compliance consultant that is intimately familiar not only with applicable rules and regulations, but also the inner workings of the applicable regulators. Also, some compliance consultants have specialty focus areas and serve different segments of the investment advisory community, wealth managers, private fund advisers (including advisers to hedge, venture capital, private equity and real estate funds), registered fund advisers (including advisers to mutual funds and exchange-traded funds) and commodity trading advisors. Because the business and operations of these types of advisers can vary so significantly (thus resulting in different compliance requirements), it’s vital to have a compliance consultant that clearly understands the adviser’s service model as well as how compliance obligations must be fulfilled for the firm.

Some compliance consultants also offer technology designed to facilitate the performance of certain compliance obligations, typically through the software-as-a-service model. For instance, one of the most time-consuming tasks advisory personnel face is reporting on their personal securities holdings and transactions. Some compliance consultants offer software designed to directly connect an employee’s brokerage account information to a portal through which the adviser can review such information without manually having to gather paper brokerage statements from each employee each quarter. Such technologies can also potentially facilitate the performance of other tasks by employees, including submitting certifications and requests for approval from the compliance department. These technologies not only streamline the performance of compliance tasks by employees, but also streamline the compliance review of documents and information submitted by employees. Other compliance consultants make cloud-based solutions available to clients that can facilitate the sharing of information and documents and/or provide workflow integrations with the adviser’s other technologies. While there are many benefits of technology solutions (which can save time and money for advisers), such solutions should not be thought of as a replacement for knowledgeable and experienced compliance personnel who are vital to the success of a firm’s compliance program. Put another way, while technology can help an adviser build a better plane, it does not replace the need for an experienced pilot.

Turning to the ways that compliance consultants offer their services, there are wide variations in how compliance consulting services are delivered. Some deliver their services through dedicated compliance consulting firms solely devoted to compliance, while others deliver their services through the law firm model. While we may be biased, there are some objective reasons why retaining a law firm to provide compliance consulting services has distinct advantages for advisers. For example, unlike compliance consultants that do not operate through a law firm, law firms can render legal advice, including interpreting the laws, rules and regulations that govern an adviser’s compliance obligations. Compliance consultants that do not operate through a law firm are not authorized to render legal advice and often refer issues requiring legal interpretation to law firms. In addition, law firms also owe professional responsibilities and duties (similar to an adviser’s fiduciary duties) to their clients, unlike compliance consultants that do not operate through a law firm model.

Some compliance consultants utilize a dedicated compliance consultant to render services to an adviser while other compliance consultants utilize a team approach.  

Compliance consultants also can vary their services in terms of the timing and frequency of delivery of such services, depending on the adviser’s needs. For instance, compliance consultants can provide initial support to an adviser to develop the compliance program, after which their services terminate. On the other hand, many compliance consultants provide ongoing compliance support by assisting an adviser with ongoing management of its compliance program, based on the amount of support desired by the adviser. Compliance consultants can also provide support to an adviser on a project-by-project basis or on an as-needed basis when questions arise.

In terms of pricing, compliance consultants vary widely in what they charge for their services. However, they charge for their services in three general ways: by the hour, on a subscription basis (e.g., a flat fee charged monthly) or on a per-project basis (typically a flat fee per project). The pricing for each service will depend on, among other things, the nature and scope of the services provided. For instance, many compliance consultants that provide ongoing compliance program management services charge a flat monthly or annual fee for their services.

Compliance consultants vary widely in terms of the cost for their services. The most significant factor in determining the cost of a compliance consultant’s services is the amount of time that the compliance consultant must spend to support the adviser’s compliance efforts. In addition, compliance consultants that retain more experienced personnel are likely to charge more for their services because such personnel will receive more in compensation from the compliance consultant. Compliance consultants that will provide an individual to serve as the CCO for an advisory firm will generally charge significantly more for their services, not only because of the significant amount of work to be performed, but because of the risk of personal liability attached to serving as the firm’s CCO. Additionally, advisers that provide other value-added services, such as compliance technology, may also charge additional fees for such services.

What Factors Should Advisers Consider When Selecting a Compliance Consultant?

Answering this question can be daunting given that many advisers are unfamiliar with what, and how much, compliance support is sufficient to meet their firms’ compliance needs. For starters, a key factor to consider is the type of business the adviser is conducting. An adviser must ensure that any compliance consultant has sufficient expertise with the type of business the adviser is conducting, as well as the regulatory requirements pertinent to such business model, to ensure that the consultant is equipped to fulfill the adviser’s compliance needs. Another factor to consider is the regulatory regime under which the adviser operates. As noted above, an adviser must ensure that a compliance consultant is sufficiently familiar with the rules and regulations applicable to the adviser’s business, as well as the expectations of the regulator that oversees the adviser’s activities.

Additionally, advisers with more employees or advisers that engage in certain types of activities (such as significant marketing or trading) may require more compliance support than other advisory firms.

Perhaps the most underestimated factor an adviser should consider in selecting a compliance consultant is the amount of in-house compliance support that an adviser has in place. Such in-house support should be evaluated based on the degree of knowledge and experience possessed by any employee tasked with performing compliance services, as well as the amount of time that such employee has to devote to performing such compliance tasks. Advisers that do not have personnel with sufficient compliance knowledge and experience should seek out compliance consultants with knowledgeable and experienced personnel that can provide appropriate advice and guidance to the adviser. An adviser that does not have sufficient employee capacity to carry out compliance functions should retain a compliance consultant that is willing to spend the time required to ensure the firm’s compliance with applicable regulatory requirements. We are often asked how much time an adviser should spend in any given week or month to ensure it can satisfy its compliance obligations. Unfortunately, the answer to this question depends on numerous factors, including the type of business conducted by the adviser, what activities the adviser engages in, the number of employees at the firm and other factors.

Apart from these factors, advisers should also evaluate the responsiveness, cost-effectiveness and value-added services provided by compliance consultants in determining which compliance consultant to choose.

 What Common Mistakes Do Advisers Make When Choosing a Compliance Consultant?

The most common mistake advisers make when choosing a compliance consultant is underestimating the amount of time required to satisfy their compliance obligations. As noted above, compliance personnel are tasked with numerous responsibilities, and those functions must be performed by in-house personnel or compliance consultants. To effectively perform compliance functions, compliance personnel must be proactive in communicating with firm management, preparing and reviewing filings and other documents, testing compliance with policies and procedures, documenting the work performed, keeping abreast of regulatory developments, and updating firm policies and procedures in the event of a change in the adviser’s business or regulatory requirements. Advisers must understand the amount of time that a compliance consultant intends to dedicate to rendering services to the firm when comparing options.   

The second mistake advisers make is underestimating the challenges associated with understanding and complying with the regulatory requirements applicable to their firms. Contrary to what some believe, managing a compliance program is far more than a check-the-box exercise. The compliance obligations imposed on investment advisers are comprised of a patchwork of laws, rules and regulations, as well as formal and informal guidance from regulators, that, at times, are difficult to understand. In addition, such rules, regulations and guidance often do not provide clear-cut direction to advisers as to the appropriate course of action. As such, it’s critical for advisers to ensure that their compliance consultants have the requisite skill, knowledge and experience to ensure effective performance of desired compliance functions.

The third common mistake made by advisers is underestimating how often their compliance program must evolve to adapt to changes in the adviser’s business and regulatory requirements. Changes in services offered by the adviser, the adviser’s personnel, arrangements with third-party service providers and business partners, and internal operational procedures can all have an impact on an adviser’s compliance obligations and program. Advisers that fail to make the appropriate changes to their compliance program to respond to such business changes risk compliance violations. In addition, the regulatory landscape impacting investment advisers is ever-changing, and advisers must adapt their compliance efforts to respond not only to formal changes in laws, rules and regulations, but also informal guidance provided by regulators. Failure to do so can subject advisers to regulatory violations. As such, advisers should treat their compliance programs like living, breathing organisms that must evolve as business or regulatory developments warrant. As such, advisers relying on outside consultants to manage their compliance programs should bear this in mind and ensure that the compliance consultant is willing to be proactive, and not merely reactive, to business and regulatory updates that could impact the compliance program.

What Practical Steps Can Advisers Take When Vetting Compliance Consultants to Make the Right Choice?

Although we have highlighted the factors advisers should consider when choosing a compliance consultant, advisers still face the challenge of discerning whether any given compliance consultant will deliver what they promise.

Fortunately, advisers can take certain practical steps designed to vet any compliance consultant they are considering. For starters, advisers should request a formal proposal from each compliance consultant that outlines the specific duties that the compliance consultant agrees to undertake. Advisers can compare proposals from multiple consultants and identify if there are differences in services being offered by different firms to identify any gaps in service offerings from the different compliance consultants.

Second, advisers should inquire as to the identity of the specific individual or team members that the compliance consultant will utilize to support the adviser’s compliance efforts. The adviser should conduct online searches (such as through LinkedIn) to evaluate the degree of experience that such individual or team members have when it comes to investment adviser compliance.

Third, advisers can request references from different adviser clients serviced by a compliance consulting firm. This will allow an adviser to hear first-hand how an adviser has experienced the support that is provided by a compliance consultant to determine whether the compliance consultant will spend enough time supporting the adviser, will render appropriate advice to the adviser, and will be responsive to the adviser’s needs.


While choosing the right compliance consultant can take time and effort, it’s vital that advisers make a strategic, well-thought-out choice for their firm given the potentially serious consequences that can arise out of making an incorrect choice.

© 2023 Brightstar Law Group®. All rights reserved.

Table of Contents