You never know what an SEC Auditor will find to complain about. In my 20 years of working with PortfolioCenter, I’ve been through hundreds of federal and state audits with my managers.
The good news: all my managers have passed their audits with flying colors. The bad news: SEC auditors found something to complain about anyway — every time.
In the post-Madoff audit world, the number of complaints seems to be geometrically rising. I call this one “the Santa Claus complaint” – making a list and checking it twice.
One of my managers was dinged by her auditor because she failed to keep a written and frequently updated list of who is allowed access to her PortfolioCenter database. Furthermore, she did not regularly send that list to third-parties like me. This manager frequently hires summer interns. Perhaps the revolving door of interns influenced the auditor’s decision.
At any rate, the auditor told her she must:
- keep a written list of both her in-house staff and third-parties (e.g. accountants, virtual assistants, technical support, etc.) who are allowed access to client data
- update that list the moment it changes and
- send it to her third-party consultants (in particular)
My policy is to send all PortfolioCenter reports and client information directly to my managers, so my managers can review it before they forward it to accountants or clients as needed. Given that I only talk to my managers and their in-house staff, I have no clue why I was singled out.
Word to the wise: You might want to create a list and tuck it away before your next audit. I expect having an outdated list is better than having no list at all.