A mock exam can be a useful tool in many contexts, for example taking the place of your annual review, or helping growing managers transition from exempt reporting advisers or state registrants to SEC registration. Most importantly, it is an invaluable exercise in preparing existing SEC registrants for the inevitable real thing. The following tips will help you make the most of the mock exam experience:
1. Retain a consultant to perform the exam. Ideally this will be a consultant who is not already familiar with your business – either another team member from your current consulting firm or an entirely new firm. A mock exam conducted by internal compliance personnel is likely to be less formal and, however inadvertently, less objective.
2. Think locally. Look first to consultants in your area, who will be able to perform onsite interviews and other tasks with a minimum of expense. If you do retain a consultant that must travel, be prepared to pay for airfare, lodging and related expenses. Depending on your budget, this could be a limiting factor both in your choice of consulting firms and in the scope and realism of the exam. Consultants are often willing to conduct interviews by telephone, but this may diminish the “real thing” experience.
3. Go through your counsel. Your counsel may have referrals to compliance consultants and will likely have valuable feedback on the report that is ultimately created based on the exam. It is also worth noting that your counsel can retain the consultant on your behalf, which makes the exam and its results confidential under the attorney-client privilege.
4. Treat it like the real thing. Particularly if the examiner is familiar with your business or has access to your information (e.g., another consultant at the firm you currently use), you should treat the mock exam like it is the real thing, including the following:
a. Do not expect the examiner to use or rely on information already in the consulting firm’s files. Instead, produce all documents and information relevant to the request. Do not assume that the examiner has any background or other information on the questions s/he asks.
b. Even if your examiner has not specified a deadline, set internal deadlines, such as the final deadline to produce all requested documents and any interim deadlines for information or documents to be gathered by particular employees or departments.
c. Make your written responses to the document/information request as professional as possible, as if you were responding to a regulator.
d. If a particular request is not applicable, mark it as such in your response to the document request. Do not assume that the examiner knows it is inapplicable.
5. Ask for a risk-based exam. If you are registered with the SEC and using your mock exam to prepare for the real thing, ask prospective consultants if they can conduct as a risk-based “presence exam” per the SEC’s new protocol. While the initial interview and document request may not differ significantly from the traditional format, the examiner will ultimately identify a few higher risk areas for your firm and focus the bulk of the exam on those areas, including additional interviews and document/information requests.
6. Think about what keeps you up at night. Is there anything that would help your compliance team do better, be more efficient or fill in gaps in your compliance program? Consider asking the examiner for recommendations in these areas and include them in your report (see also Tip no. 3 above if you’re concerned about keeping these confidential). A recommendation from a reliable and objective third party may help you obtain additional resources internally to beef up your compliance program, e.g., to improve archiving and search capabilities for email surveillance, additional personnel or an online solution for trade review and the like.
7. Toot your own horn. Most positions or departments, regardless of the business or industry, face a moment when they have to justify their existence to management. Positives in your mock exam report are evidence of what your compliance team is doing well and should be highlighted in periodic meetings, your own internal compliance reviews and anywhere else they can be useful to you and your firm.