The SEC Encourages Transfer Agents to Review and Strengthen Policies, Procedures and Controls

March 29, 2019 by Nick Prokos, Thomas Riley

On February 13, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations ( OCIE) issued a Risk Alert highlighting the concerns and issues associated with certain types of transfer agents (“TAs”) that also serve as paying agents.1 For the past several years, OCIE has prioritized examining TA’s performance in safeguarding funds and securities.2 This Risk Alert highlights OCIE’s findings from 75 such examinations during nearly a three-year period from October 2014 through September 2017. While the Risk Alert is aimed at certain operational and regulatory requirements, compliance professionals within the mutual fund industry should also consider how certain areas identified by OCIE are compared to their mutual fund company’s in-house or third-party TA and/or sub-transfer agent(s).

We note that the Risk Alert did not explicitly address whether the areas of concern include mutual fund TAs, and it did not reference or infer the responsibility of mutual funds under Rule 38a-1 under the Investment Company Act of 1940. Nonetheless, a mutual fund’s oversight of its TA and sub-transfer agent service providers should include some of the issues raised in the Risk Alert that more commonly apply to mutual fund TA operations.

Below are those areas we believe are of interest to mutual fund compliance professionals when conducting their next TA oversight reviews.

Safeguarding Funds and Securities

Exchange Act Rule 17Ad-12 (the “Safeguarding Rule”) requires TAs to hold securities in a manner that is reasonably free from the risk of theft, loss, or destruction. It also requires that funds be protected, considering all facts and circumstances, against misuse.

In its examinations, OCIE noted certain interesting occurrences of misappropriations of issuers’ funds, poor controls around physical certificates being issued and maintained, and instances of commingling of shareholder funds with TA operating funds. However, these concerns are likely not afforded within the mutual fund industry as being high risk given the operations of mutual funds and how shares are handled. Alternatively, OCIE noted instances of inadequate policies, procedures, and controls related to issuing and handling checks, distributing dividends, reconciling bank accounts, and establishing security protocols to restrict access to vaults, computers, and areas that handle disbursement operations. These are potential areas that could be applicable to a mutual fund TA.

OCIE noted some positive practices undertaken by several TAs. These included, among other things, the following measures:

  • Maintaining logs of unused and uncashed checks
  • Conducting periodic audits of blank certificates and cancelled certificates
  • Segregating duties among various individuals holding different positions at the TA
  • Identifying entities or positions responsible for specific tasks in the policies and procedures

ACA Guidance

ACA advises mutual fund chief compliance officers (“Fund CCOs”) to review the TA’s System of Internal Accounting Controls or similar report required under Rule 17Ad-13. This report would cover those controls tested for the safeguarding of related securities and funds and would provide reasonable, but not absolute, assurance that securities and funds are safeguarded against loss from unauthorized use or disposition, and that transfer agent activities are performed promptly and accurately.

Fund CCOs should also consider how their own funds currently offer shares, or have done so in the past. Though mutual funds do not normally issue physical certificates in today’s market, there are a few funds around that do have physical share issuances outstanding that have not been recalled. ACA believes it could be beneficial to review procedures on handling receipt of physical certificates for redemption and how are those certificates are identified for potential fraud and disposal.

Fund CCOs may also want to review money market funds, or any other fund that allows for check writing privileges on the shareholder’s account. Understanding the controls on how checks are received, cleared, maintained and later destroyed is always an interesting walk-through demonstration to do at a TA if you have some time!

Policies and Procedures for Lost Securityholder Searches

Exchange Act Rule 17Ad-17 (the “Lost Securityholder/Unresponsive Payee Rule”) requires, in part, that every TA that maintains an issuer’s master securityholder file conduct searches for lost securityholders within a defined period (i.e., a TA must conduct the initial search between three and 12 months of a securityholder being classified as lost), send notices to unresponsive payees within a defined time period (no later than seven months after sending the not yet negotiated check)3, and to maintain written procedures describing how they will comply with the rule.

In the Risk Alert, OCIE notes that if searches were conducted, they were not conducted within the proper timeframe. In addition, some TAs conducted searches for lost securityholders using only public resources instead of an information database service.

ACA’s own observations during reviews have revealed that mutual fund TAs may use third-party vendors to perform the two database searches and that the function is not necessarily internally completed by the TA. The following additional diligence should be asked of the TA:

  • Asses the oversight of the third-party search vendor and inquire into the database services used by the TA or by the third-party search vendor.
  • Ask when the last two searches were completed for your fund and request a summary of results if they are not reported in the TA’s management reports to the fund.
  • Inquire what the securityholder inclusion criteria are for the searches and whether any securityholder type or accounts are excluded from the lost-securityholder lists.
  • Review the Form TA-2 filing for the TA made available on the SEC’s EDGAR database. This form requires a TA to disclose information pertaining to their lost securityholder searches, including date of database searches and certain results from the search.


Though the Risk Alert is not targeted to mutual fund TAs and their operations, and a number of the deficiencies identified may not be directly relevant to mutual fund operations, Fund CCOs can use the Risk Alert as the basis for discussion points during their oversight due diligence meetings with the fund’s TA and sub-transfer agent(s); focusing on the key aspects where it may be applicable to their own fund complex operations.

How ACA Can Help

ACA Compliance Group’s Investment Company Division helps registered funds, their investment advisers, and TAs ensure their compliance with regulatory requirements. Our services include compliance program development, customized testing support, and customized focused reviews. Our team has the specialized knowledge and skills needed to address unique compliance considerations of mutual funds and the operations of TAs.

For More Information

For more information, please contact Erik Olsen at

About the Authors

Nick Prokos is a Partner at ACA. He joined the firm in 2002 to enhance its investment company, hedge fund, and anti-money laundering compliance consulting services.

Nick began his compliance career by serving nearly four years as an examiner and staff accountant at the SEC’s New York Regional Office. He also spent two-and-a-half years as a Principal Consultant in the Investment Management Regulatory practice at PricewaterhouseCoopers in New York.

Nick represents ACA through his continuous public speaking at industry conferences on mutual fund and anti-money laundering topics. He is sought after by investment management media publications for his commentary and insight of regulatory matters. Nick earned his Bachelor of Science degree in Finance with honors from St. John’s University, where he subsequently earned his MBA.

Thomas Riley joined ACA in 2016 as a Principal Consultant in ACA’s Investment Company Compliance division. As a Principal Consultant, Tom leads or participates in SEC inspections, 206(4)-7 and 38a-1 annual compliance reviews, and more-focused compliance reviews for investment advisers to business development companies and registered investment companies. He also helps clients develop and maintain customized policies, procedures, and forensic testing programs.

Prior to ACA, Tom served as Chief Compliance Officer for the Business Development Corporation of America , a business development company, and its related adviser, BDCA Advisor, LLC, one of RCS Capital Corporation’s affiliated funds and advisers. Tom was also a Compliance Officer and a senior risk manager for RCS Capital. Prior to, Tom was with The Guardian Life Insurance Company of America where he served as Assistant Vice President, Head of Sales Supervision for their wealth management advisory platform.

Tom earned his Bachelor of Science degree in Finance and Economics from Siena College.


1 A paying agent accepts payments from a security issuer and distributes the payments to the security holders. See Rule 17Ad-17 under the Securities Exchange Act of 1934 (“Exchange Act”).

2 See OCIE examination priorities for 2014-2019 collectively available at For reference, OCIE’s 2019 examinations “will asses transfers, recordkeeping, and the safeguarding of fund and securities. Examinations will also focus on the requirement for transfer agents to annually file a report by an independent accountant concerning the transfer agency’s system of internal accounting records.”

3 Rule 17Ad-17(c) as amended January 16, 2013 (Exchange Act Release No. 68668).