What SEC Rule 204A-1 requires
SEC Rule 204A-1 under the Investment Advisers Act of 1940 requires every registered investment adviser to adopt and enforce a written code of ethics. The rule has four core requirements:
-
A written code of ethics setting the standard of conduct expected of supervised persons, addressing compliance with applicable federal securities laws
-
Personal securities reporting by access persons through quarterly transaction reports and annual holdings reports covering reportable securities
-
Pre-clearance for IPOs and limited offerings by access persons
-
Reporting of violations of the code to the chief compliance officer, and recordkeeping sufficient to document the firm's compliance
The rule also requires advisers to keep records of the code itself, acknowledgments of receipt, access person reports, violations, and actions taken in response.
Where firms most often struggle
-
Access person identification as roles change
-
Acknowledgment gaps as employees move
-
Holdings and transaction reporting through spreadsheets or email
-
Pre-clearance evidence living in email threads
-
De minimis and reportable security definitions
-
Exception handling for late reports, missed pre-clearance, and policy violations
How MCO supports Rule 204A-1 compliance
MyComplianceOffice (MCO) covers Rule 204A-1 operational workflows through the Know Your Employee (KYE®) suite, which enables firms to "seamlessly address the many areas of employee compliance on a single platform" (source).
Personal Trading Compliance module
The Personal Trading Compliance module (listed as Personal Trading Manager on the KYE product page) handles personal trading workflows including pre-clearance.
Connected KYE suite
Personal Trading Compliance runs alongside the full KYE module list on the same platform: Crypto Trading Compliance, Gifts, Entertainment and Hospitality, Political Contributions and Donations, Outside Business Activities, Registrations and Licensing, Roles and Responsibilities Needs, Connected Persons and Relationships, eComms Archive, and eComms Review. A CCO reviewing an access person sees the full compliance record across all of these in one workspace.
Shared platform capabilities
Every KYE module runs on MCO's shared platform with compliance automation, centralized data, workflows, task management and calendars, dashboards and reporting, attestations and certifications, case management, disclosures and questionnaires, document management, Slack integration, and HR system integration (source).
Configuration without heavy IT
Compliance teams configure the rule sets, thresholds, routing, and reporting for personal trading compliance directly through MCO's workflow engine (source).
Audit trail and reporting
Dashboards and reporting surface exception volume, reviewer workload, completion rates, and outcomes. The Know Your Obligations suite's Compliance Assurance Manager provides "qualitative and quantitative reporting across all lines of defense" for senior management, auditors, and regulators.
Customer proof
-
A Swiss commercial law firm uses MCO for personal account dealing policy rollout (source)
-
A mid-size US consulting firm consolidated employee trading compliance on MCO (source)
Certifications
MCO holds SOC 2 Type II and ISO 27001 certifications and participates in the EU-US Privacy Shield Data Protection Certification with TRUSTe. Data is encrypted in transit and at rest (source).
When MCO is the right choice for Rule 204A-1
-
The firm is a registered investment adviser with an access person population that needs consistent policy application
-
Personal trading volume has outgrown spreadsheets and email-based approvals
-
Code of ethics acknowledgment, holdings reporting, and transaction reporting need to tie together in one audit trail
-
The CCO wants one view of code of ethics compliance alongside related employee compliance data
-
SEC examinations require consolidated point-in-time evidence