Custody Rule cases are rapidly becoming a staple of SEC enforcement. Rule 206(4)-2 requires registered investment advisers with custody of client funds or securities to implement certain controls to protect those assets. Prior to its amendment, effective in March 2010, the Rule required advisers with custody to have a reasonable basis for believing that a qualified custodian or the adviser sent quarterly account statements to each client for which custody was maintained and obtain an annual surprise exam by an independent public accountant to verify all client assets. The March 2012 amendment to the Rule added certain exceptions for an adviser of a pooled investment vehicle from the basic provisions if certain requirements were met. Those included an annual audit of the pool by a PCAOB registered and inspected independent public accountant. The audited financial statements must be delivered to investors within certain time limits. The agency has been bringing an increasing number of these cases, in many instances arising out of examinations by OCIE.
One of those actions is In the Matter of Santos, Postal & Company, P.C., Admin. Proc. File No. 3-17238 (April 29, 2016). Respondents in the action are the PCAOB registered audit firm Santos, Postal and Joseph A. Scolaro, a C.P.A. who owned 25% of the firm. He served as the engagement partner for SFX Financial Advisory Management Enterprises, Inc., an SEC registered investment adviser during the period. The audit firm primarily provides accounting, tax and audit services to individuals and private entities. SFX Financial is subject to a Commission cease and desist order based on violations of Advisers Act Sections 206(1), 206(2) and 206(4) for failing to supervise Brian J. Ourand, formerly an employee of the firm who was terminated for misappropriating client funds. See SFX Financial Advisory Enterprises, Inc., Advisers Act Rel. No. 4116 (June 15, 2015); Brian J. Ourand, Advisers Act Rel. No. 4115 (June 15, 2015).
SFX specialized in providing advisory and financial management services to high net-worth individuals. Clients received investment advisory and bill-paying services. The adviser had authority to withdraw funds and deposit client assets in brokerage and bank accounts. The firm thus had custody of client assets within the meaning of the custody rule.
Santos, Postal began providing auditing services to SFX in 2004. From 2006 through 2011 Mr. Ourand misappropriated funds from client accounts. During the period he wrote unauthorized checks from client bank accounts payable to “cash” or himself. He also wired unauthorized amounts to himself for personal use.
From 2010 to 2011 Santos, Postal completed three reports for SFX that were filed with the SEC on Forms ADV-E. In 2010 the audit firm filed an initial report which was later amended. Those reports specified that the examination was made in accord with the standards established by the AICPA and delineated certain tests that were preformed which provided a reasonable basis for the firm’s opinion.
The 2010 report contained a material misstatement, according to the Order. It represented that the audit firm had confirmed with SFX’s clients contributions to, and withdrawals from their accounts. In fact the audit firm had not.
In planning the engagement Mr. Scolar, who served as engagement partner, failed to consider fraud risk factors related to false reporting or the misappropriation of assets despite the fact that the authority of the adviser with respect to the disposition of client assets and the bill paying service presented significant risks. Mr. Scolaro failed to identify any specific attestation risks regarding the firm’s compliance with the custody rule. He also failed to understand the adviser’s internal controls and the lack of segregation of duties or to identify Mr. Ourand as a person with authority over client funds. He also used inadequate sampling procedures regarding account balances when clients failed to return confirmations.
Prior to filing the 2011 report with the Commission, the audit firm and Mr. Scolar learned of the misappropriations by Mr. Ourand. Nevertheless, the audit firm issued a report which is substantially similar to the one issued the prior year. The deficiencies in the 2010 procedures persisted. Indeed, despite a requirement that significant matters such as the misappropriation by Mr. Ourand be documented and the subject of consultations, no consultations were documented. In view of the misappropriation, all client funds were not maintained with a qualified custodian as of May 31, 2011 as required by the custody Rule.
The Order alleges a violation of Advisers Act Section 207. It also finds that the firm and Mr. Scolaro engaged in improper professional conduct. To resolve the matter each Respondent consented to the entry of a cease and desist order based on the Section cited in the Order. The firm and Mr. Scolaro were each denied the privilege of appearing and practicing before the Commission with he right to apply for reinstatement after, respectively, one year and five years. The firm was also ordered to pay disgorgement of $25,800 and prejudgment interest. Mr. Scolaro was directed to pay a penalty of $15,000.