A bank purchased an RIA in their local market from a person that they knew socially and civically. They relied heavily on assertions of facts rather than a true due diligence process. Their due diligence process seemed to be limited to having an attorney review the documents. As compliance and management issues arose – relatively quickly – we were engaged to come in and help.
This is an unfortunately common story. RIAs are unique and organizations considering purchasing one need to really be careful in their due diligence. The regulatory environment (SEC) is not something that most banks are experienced in dealing with.
Interestingly, management problems (style and attitude) started causing concerns which, when the bank started looking into them, found deeper problems including some potential and very real compliance problems.
Our Approach to the Situation
The first step was an organizational assessment. Business Risk Assessment We interviewed every employee of the RIA and the bank managers who were interacting with the RIA. We did overview compliance review (not a deep deep dive) and found enough concerns that, among other suggestions, recommended a “mock audit” for the organization. That recommendation included the idea that the “mock audit” needed to be conducted under an attorney’s relationship so as to create a privileged work product.
The mock audit was conducted as recommended and, unfortunately for them, found the problems that our overview had predicted. The Mock Audit identified the problems and the consultative report included recommendations for fixing the problems. A six month project plan was designed, agreed upon and implemented and the problems were fixed.