SEC Proposes Sweeping Revisions to Advisers Act Custody Rule

By a 4-1 vote, the U.S. Securities and Exchange Commission (the Commission) on February 15, 2023, proposed sweeping revisions to the rule under the Investment Advisers Act of 1940, as amended (the Advisers Act) that addresses custody of client assets by registered investment advisers. If adopted as proposed, the rule will have far-reaching effects on how registered investment advisers manage and safeguard client assets, including digital assets, real estate, loans, and other emerging asset classes as well as physical assets. As proposed, the new rule also would affect the services offered by qualified custodians to advisers. The long-anticipated rule proposal (the Release)¹ follows dramatic advancements in technology, advisory services, and custody practices since 2009, when the Commission last amended the current custody rule.

New Rule 223-1 (the Proposed Rule) would amend and redesignate Rule 206(4)-2, the current custody rule. The Proposed Rule would, among other things,

• expand the custody rule to apply to all client assets held in advisory accounts, not just client “funds and securities,” and explicitly include crypto assets (regardless of whether they are funds or securities);
• require advisers with custody of client assets to maintain them with a qualified custodian. To meet the “maintain” standard, the qualified custodian must have “possession or control” of client assets and must participate in any change of beneficial ownership of the client’s assets;
• require advisers to enter into written agreements with qualified custodians and obtain “reasonable assurances” concerning nine enumerated provisions that address safeguarding of client assets, including a requirement that the qualified custodian indemnify the client for losses resulting from the custodian’s own negligence;
• require qualified custodians to maintain client assets in bankruptcy-remote accounts that are clearly identified and segregated from the adviser’s proprietary assets;
• revise the exception for “privately offered securities” and create a new exception from the requirement to maintain certain assets with a qualified custodian, provided that the adviser meets certain conditions; and
• explicitly include in the definition of custody an adviser’s discretionary authority to trade client assets. The Proposed Rule, however, would exempt assets for which an adviser has custody from the surprise audit requirement if the adviser’s sole basis for being deemed to have custody is the adviser’s discretionary authority that is limited to instructing the client’s qualified custodian to transact in assets that settle on a delivery-versus-payment basis.

The Proposed Rule would apply to all registered investment advisers (and advisers required to be registered) under the Advisers Act. Exempt Reporting Advisers (ERAs, both U.S. and non-U.S.) and the accounts of the non-US clients of registered offshore advisers, however, would continue to fall outside of the scope of Advisers Act custody rules. Registered investment companies also would not be required to comply with the Proposed Rule, as they are subject to separate custody requirements under the Investment Company Act of 1940.

Our take. The Proposed Rule, if adopted as proposed, will introduce new challenges to advisers and qualified custodians, especially with respect to custody of digital assets. The proposals are intended to preserve the safeguarding principles underlying the current custody rule in the context of technological and market advances that make safekeeping of client assets more complicated, which is a laudable goal. The proposals preserve some of the provisions of the current custody rule and related interpretations, and provide a few examples of how they would apply. If adopted as proposed, however, the Proposed Rule will have broad-reaching and potentially costly effects – particularly for smaller investment advisers – that will not only change the way advisers and custodians function but undoubtedly introduce new challenges that may act as barriers to entry (or motivate current service providers to exit) the investment management custody business. We expect advisers and custodians to object strongly to some of the Commission’s proposed regulatory changes, particularly relating to the relationship between advisers and qualified custodians and new contractual requirements applicable to them.

Application of the rule: what is custody of client assets? The Proposed Rule generally would preserve the current rule’s definition of “custody.” That is, the Proposed Rule would apply when an adviser “holds, directly or indirectly, client assets, or has any authority to obtain possession of them.” In other words, the Proposed Rule would apply when an adviser has the ability or authority to access, control, or effect a change in beneficial ownership of a client’s assets.

Like the current custody rule, the Proposed Rule would define three categories that serve as examples of custody:

• physical possession of an asset;
• any arrangement (including a general power of attorney or discretionary authority) that authorizes or permits the adviser to instruct the client’s custodian to withdraw client assets; and
• any capacity that gives the adviser or affiliate legal ownership or access to securities (e.g., a general partner of a limited partnership).

The Proposed Rule specifically includes “discretionary authority” within the definition of custody. An adviser would also continue to be deemed to have custody of client assets if it is authorized to withdraw funds from client accounts to pay its advisory fee.

Scope of assets covered. The current rule applies only to “funds and securities” held in a client’s account of which the adviser has custody. The Proposed Rule would expand the definition of assets to all assets within the scope of an adviser’s fiduciary relationship with its client, including:

• crypto assets, commodities, and other real assets;
• assets not typically included on a balance sheet for accounting purposes, such as short positions and written options;²
• derivatives contracts held for investment purposes, such as swaps; and
• physical assets, including artwork, real estate, precious metals, and physical commodities, such as wheat, lumber and whisky.

Definition of a qualified custodian. The Proposed Rule would not materially change the types of entities that could serve as qualified custodians, that is:

• banks or savings associations (including trust companies);
• registered broker-dealers;
• registered futures commission merchants; and
• certain types of foreign financial institutions (which would need to meet additional qualification requirements not currently part of Rule 206(4)-2). The Proposed Rule goes beyond the current custody rule in that it would require that a qualifying bank or savings association hold client assets in an account that is designed to protect the assets from creditors or in the event of insolvency. Specifically, the qualifying bank or savings institution must maintain the client’s assets in an account in which assets are easily identifiable and clearly segregated from the bank’s assets. The Proposed Rule also expands the criteria specifically required of foreign financial institutions that seek to qualify as custodians.

In a departure from the current rule, these institutions may serve as qualified custodians only if they have “possession or control” of client assets pursuant to a written agreement between the qualified custodian and the investment adviser.

Written contract. The Proposed Rule requires a qualified custodian to maintain possession or control of client assets pursuant to a written agreement between the adviser and the qualified custodian. The written agreement must contain at least four enumerated safeguards that the Commission believes are “critical to safeguarding client assets” and that the adviser must “reasonably believe” have been implemented. This requirement generally formalizes requirements under the existing rule, except as noted. Specifically, at a minimum, the written agreement must provide that the qualified custodian:

• promptly, upon request, provide records to the Commission or to an independent auditor conducting an annual audit;
• send an account statement to the client or its representative identifying each client asset held in the account and summarizing all transactions;
• at least annually, provide the adviser with a written internal control report (the current requirement requires an internal control report only when the adviser or its related person acts as the qualified custodian); and
• specify the adviser’s agreed-on authority to effect transactions in the custody account and any relevant limitations (designed to distinguish between broad authority permitted in custody agreements as compared to more limited authority in advisory agreements).

The Release states that while the Proposed Rule does not prescribe specific safeguarding procedures or require that client assets be maintained in a particular manner, it expands and formalizes the standard of protection to advisory client assets held by qualified custodians by establishing requirements designed to serve as “guardrails” across all asset classes and any type of financial institution that acts as a qualified custodian. Some of these requirements are consistent with standards of care that either currently apply to qualified custodians or have become market practice. The Proposed Rule would require the adviser to obtain from each qualified custodian “reasonable assurances,” in writing, that the qualified custodian will provide certain client enumerated safeguards. Specifically:

• Standard of Care. The qualified custodian will exercise due care in accordance with reasonable standards in discharging its custodial duties and will implement appropriate measures to safeguard client assets;
• Indemnification. The qualified custodian will indemnify the client (and will have insurance arrangements in place that will adequately protect the client, which may be difficult to obtain for certain asset classes, such as crypto assets) against the risk of loss of the client’s assets maintained with the qualified custodian in the event of the qualified custodian’s negligence, recklessness, or willful misconduct;
• Sub-custody. The existence of any sub-custodial, securities depository or other similar arrangements with regard to client’s assets will not excuse any of the qualified custodian’s obligations to the client;
• Segregation of Client Assets. The qualified custodian will hold client assets in a custodial account, segregated from the qualified custodian’s proprietary assets and liabilities; and
• No Security Interest or Lien. The qualified custodian will not subject client assets to any right, charge, security interest, lien, or claim in favor of the qualified custodian or its related persons or creditors, except as agreed to by the client.

Assets unable to be maintained by a qualified custodian. The Commission acknowledged that some assets – particularly physical assets and certain privately offered securities – may be difficult or impossible to maintain at a qualified custodian. The Proposed Rule provides an exception to the requirement to maintain client assets with a qualified custodian when an adviser has custody of privately offered securities or physical assets, provided that:

• the adviser reasonably determines and documents in writing that ownership cannot be recorded and maintained (book entry, digital, or otherwise) in a manner in which a qualified custodian can maintain possession or control transfers of beneficial ownership of such assets; and
• the adviser reasonably safeguards the assets from loss, theft, misuse, misappropriation, or the adviser’s financial reversals, including the adviser’s insolvency.

In addition, to rely on this exception, the adviser must enter into a written agreement with an independent public accountant and notify that accountant of any purchase, sale or transfer of beneficial ownership of any asset within one business day. The agreement would require the independent public accountant to notify the Commission within one business day of finding any discrepancies. In a departure from the current rule, each privately offered security or physical asset not maintained with a qualified custodian would have to be verified in either a surprise examination or audit.

Possession or control of client assets. In a change from the current rule, a custodian would be permitted to serve as a qualified custodian only if it has “possession or control” of client assets pursuant to a written contract with the adviser. Possession or control of client assets would depend, in part, on whether the qualified custodian is required to participate in a change in the beneficial ownership of a particular asset, and the qualified custodian’s involvement is a condition precedent to the change in beneficial ownership. (In the Release, the Commission acknowledges that other functional regulators have not defined “possession or control” in the custody context in exactly the same manner. The Commission said that, nonetheless, the proposed rule’s definition is designed to be consistent with the rules of other functional regulators that apply to the qualified custodians that they regulate, such as a broker-dealer’s possession and control requirements contained in Rule 15c3-3 under the Securities Exchange Act of 1934.)

The “possession or control” standard could affect broad categories of market participants who facilitate transactions in nontraditional assets—including, for example, floating rate and other loans and certain derivatives—when third parties effect a transfer of ownership or collect interest payments. The Proposed Rule, however, appears to target, among other things, crypto trading platforms that require investors to transfer digital assets and fiat currency to the exchange prior to executing a trade (see “Implications for all digital asset market participants” below). The Commission stated that these arrangements “would generally result in an adviser with custody of a crypto asset security” in violation of the Proposed Rule, because the asset is not maintained by a qualified custodian.

Discretionary authority. The Proposed Rule would explicitly identify an adviser’s discretionary trading authority as an arrangement that would trigger the application of the custody requirements. As such, the adviser would be subject to the requirement that client assets must be verified by an actual examination at least once during each calendar year by an independent public accountant (the so-called “surprise examination” requirement).

The Proposed Rule, however, would exempt advisers from the surprise audit requirement for certain assets under limited circumstances. For example, the exemption would apply when an adviser is deemed to have custody of client assets solely as a consequence of its authority to withdraw funds from client accounts to pay its advisory fee. Also, the exemption would apply when the sole basis for the adviser’s custody is discretionary authority with respect to those assets, and only with respect to “DVP,” or delivery-versus-payment, settled transactions (that is, the adviser’s authority is limited to authorizing a custodian to transfer securities out of a client’s account upon receipt of a corresponding transfer of assets into the account). On the other hand, in the case of assets settled on a basis other than DVP, advisers would be subject to the surprise audit requirements of the Proposed Rule.

Amendment to recordkeeping rule (Advisers Act Rule 204-2). The Proposed Rule would add new recordkeeping requirements, including, among others:

• retaining copies of required client notices;
• creating and retaining records and documenting certain client account information, including copies of all account opening records and whether the adviser has discretionary authority;
• creating and retaining records of certain custodian information, including required qualified custodian agreements and written assurances obtained from the qualified custodian;
• creating and retaining a record that indicates the basis of the adviser’s custody of client assets;
• retaining copies of all account statements;
• retaining copies of any standing letters of authorization; and
• keeping records relating to engagement of independent accountants.

Form ADV amendments. The Proposed Rule updates related recordkeeping requirements for advisers and amends Form ADV with respect to custody-related data available to the Commission, its staff and the public. The proposed new reporting requirements in Item 9 include additional details addressing the basis of custody of client assets, qualified custodians that maintain clients assets, and independent public accountants that have been engaged to provide either surprise examinations or financial statement audits of private funds.

Status of state-chartered trust companies and limited purposes banks. As mentioned above, the Proposed Rule would not change the types of financial institutions eligible to act as qualified custodians—which include “banks” (as defined in Section 202(a)(2) of the Advisers Act). The Proposed Rule, however, would require advisers to contract directly with, and obtain reasonable assurances from, qualified custodians relating to “minimum custodial protections” for client assets.

As Commissioner Mark T. Uyeda noted, the Release questions whether state-chartered trust companies and other state-chartered, limited-purpose banking entities (including such entities that focus on providing custody services for digital assets) “‘offer, and are regulated to provide, the types of protections [the Commission believes] a qualified custodian should provide under the rule,’ as if to suggest that state-regulated banking entities are less trustworthy than federally-chartered ones.”³ However, a number of state-chartered banks and trust companies should be able to provide such “minimum custodial protections” as required by the Proposed Rule. When asked by Commissioner Hester M. Peirce whether there are entities in the digital asset space that will meet the requirements of the Proposed Rule if adopted as written, Director of the Division of Investment Management William Birdthistle suggested there were, without commenting on any specific institutions.

Implications for all digital asset market participants. The Release extensively discusses crypto assets (also referred to as digital assets), and the potential implications for advisers that transact in crypto assets could be significant.

• Crypto assets are in scope. First, the Release includes a policy statement, echoing public statements made by Chair Gary Gensler, that many (with very few exceptions) crypto assets are securities. The Release states that advisers asserting the Proposed Rule would not apply to crypto assets are incorrect “because most crypto assets are likely to be funds or crypto asset securities covered by the current rule.”
  
  In a footnote, the Release attempts to clarify this point further and suggests that even crypto assets that are not securities would be considered “funds” within the scope of the current rule, but it does not elaborate or analyze why crypto assets would be considered “funds,” as opposed to other types of property.⁴ By expanding the scope of regulation to include all assets within the scope of a registered adviser’s fiduciary relationship with its client, the Proposed Rule would remove any doubts that it would apply to crypto assets.

• Possession or control of crypto assets. The Release notes that the requirement for qualified custodians to obtain and maintain “possession or control” of client assets may present unique challenges for crypto assets. The Release acknowledges that while it is possible for a custodian to implement processes that seek to create exclusive possession of control of crypto assets, it may be difficult to actually demonstrate that it has exclusive possession or control due to their specific characteristics (e.g., anyone with possession of the private key can transfer ownership of the asset).
  
  Recognizing the difficulty for a custodian to prove that it has exclusive control over the private keys necessary to control crypto assets, the Release does not view exclusive possession or control as the only way a custodian could demonstrate it meets the definition of the “possession or control.” The definition of “possession or control” in the Proposed Rule provides flexibility by permitting for situations when the custodian is necessary to change the beneficial ownership of the asset, even if it could not affect the change in ownership acting alone. For example, “a qualified custodian would have possession or control of a crypto asset if it generates and maintains private keys for the wallets holding advisory client crypto assets in a manner such that the adviser is unable to change beneficial ownership of the crypto asset without the custodian’s involvement.”⁵ These arrangements may include multisignature, or “multisig,” technology solutions for crypto asset custody, among others.
  
  The Release does not address how the functional regulators of different types of qualified custodians define possession or control—even when the functional regulator is the Commission, although the Release specifically cites the Special Purpose Broker-Dealer Custody Statement as applicable guidance for broker-dealers that intend to custody crypto asset securities.⁶ 

• Crypto asset trading platforms. The Release notes that the requirement for a qualified custodian to maintain possession or control of client assets at all times when the investment adviser has custody means that advisers who trade on crypto asset platforms that require prefunding the platform would generally be in violation of both the current custody rule and Proposed Rule if the trading platform does not satisfy the definition of a qualified custodian. Interestingly, the Release notes that while the majority of crypto asset trading occurs on platforms requiring prefunding of trades, some trading of crypto assets occurs on a noncustodial basis through decentralized platforms and Alternative Trading Systems (ATSs).
• Status of crypto as “privately offered” securities. In the context of “privately offered securities” exception, the Release states that, as a result of “transactions and ownership involving crypto asset securities on public, permissionless blockchains [being] generally evidenced through public keys or wallet addresses,” the staff believes “that such crypto asset securities issued on public, permissionless blockchains would not satisfy the conditions of the privately offered securities” because under the Proposed Rule, for a security to be a “privately offered security,” it must be “uncertificated, and the ownership can only be recorded on the non-public books of the issuer or its transfer agent in the name of the client as it appears in the adviser’s required records. (Emphasis added.)⁷ 

Commissioner Peirce’s dissent. Commissioner Peirce voted against the Proposed Rule, citing a number of concerns. In particular, she questioned the proposed timing for compliance and the workability of obtaining written assurances from qualified custodians. She also expressed concerns that if adopted, the Proposed Rule would extend its reach to crypto assets, while at the same time effectively shrink the ranks of potential qualified crypto custodians, thereby increasing the potential for investor losses. Commissioner Peirce also took issue with what she asserted was attempt by the Commission to dictate contract provisions with entities that it does not regulate, namely certain qualified custodians.

Compliance transition. The Proposed Rule requires compliance within one year following the rule’s effective date for advisers with more than US$1 billion in regulatory assets under management (RAUM), and 18 months for advisers with less than US$1 billion in RAUM.

Next steps: comment period. The Release provides for a 60-day comment period following publication in the Federal Register. We encourage clients and market participants to submit comments with respect to the entire proposal or certain material changes that are relevant to a broad array of companies. Comments may address, among other things, how the Proposed Rule would affect advisers, broker-dealers, qualified custodians, digital asset market participants, accountants, insurance companies, or potential investors.

¹ Safeguarding Advisory Client Assets, Investment Advisers Act Rel. No. 6240 (Feb. 15, 2023).

² We note that the Commission, in Staff Accounting Bulletin 121, generally requires crypto platforms to include crypto assets of their clients on their balance sheets as a safeguard against potential loss.

³ https://www.sec.gov/news/statement/uyeda-statement-custody-021523

⁴ Proposal at fn. 29. (“Importantly, even if a particular crypto asset is not a security, the current rule also covers funds.”)

⁵ Proposal at 67.

⁶ SEC, Custody of Digital Asset Securities by Special Purpose Broker-Dealers, Securities Exchange Act Release No. 90788 (Dec. 23, 2020), 86 FR 11627 (Feb. 26, 2021). We are not aware of any special purpose broker-dealers approved by the Commission or the Financial Industry Regulatory Authority.

⁷ Release at p. 135. We note that some private placement securities are certificated, which calls into question how the Proposed Rule would apply to them.