Tirador Resources

Colorado Division of Securities: Regulators for small and mid-market RIAs (<$100 million AUM), and broker-dealers doing business in the state of Colorado, and securities licensing jursidiction of all IARs and Registered Representatives conducting business in Colorado.

Colorado Vulnerable Adults/Financial Exploitation Act: Beginning July 1, 2017, the Colorado Protection of Vulnerable Adults from Financial Exploitation Act:

• Requires RIAs and IARs to report suspected financial exploitation of elderly or at-risk persons (“Vulnerable Adults”) to the Colorado Division of Securities;
• Authorizes RIAs and IARs to notify a previously-designated third party of suspected financial exploitation; and
• Authorizes RIAs and IARs to delay disbursement of a transaction that might result in financial exploitation.

The Act applies to all persons licensed by the Colorado Division of Securities, which includes IARs of both state and SEC-regulated firms.

​Colorado Securities Laws and Rules: The Division of Securities' page with all the good stuff!

IARD Instructions for Uploading ADV Part 2 

​Regulation of Investment Advisers by the U.S. Securities and Exchange Commission: An excellent summary of SEC regulation, in topical order, with footnotes for statutes, regulations, and no-action letters. Originally written by Robert Plaze, who retired from the SEC in 2012 as Deputy Director of Division of Investment Management. 

North American Securities Administrators Association (NASAA): This organization, comprised of state and provincial Securities regulators in the U.S., Canada, and Mexico, provides model rules and legislation and writes the 60-Series qualification examinations (e.g. Series 63, 65, etc.).

• Find Your State or Provincial Regulator
• RIA Resources from NASAA

Federal Trade Commission CAN-SPAM Guidelines: Anyone who uses email to promote a product or service is subject to this law. ​​Each separate email in violation of the CAN-SPAM Act is subject to penalties of up to $16,000, so non-compliance can be costly. Regulators may review compliance with CAN-SPAM when examining advertising.

EthicalSystems.org: I have seen competent, likeable professionals end their careers through preventable and unintentional ethical lapses. "Ethical Systems makes the world's best research available and accessible, for free, to anyone interested in improving the ethical culture and behavior of an organization." Not fluffy, pie-in-the-sky stuff, but research-based material on what actually works in the business world.​​

New RIA Registration 

Launching your firm is a busy time for you. We don't send you questionnaires to fill out (effectively making you write your own documents). We will learn your business through one-on-one conversations, then we build your registration and compliance documents.

Includes Tirador’s exclusive Policies and Procedures ("P&P" or "WSP"), scaled for your firm and processes, and built directly on the RIA regulations that apply to your firm. We maintain and update your P&P for as long as you remain a Tirador client.

Annual Reviews and Updates

There are four major recurring requirements for every RIA*. Tirador works with each client personally on these reviews, and recommends the following schedule:

• Annual ADV Amendment – Q1: All RIAs are required to file an annual amendment by 90 days after the end of the firm’s fiscal year, which is March 31 for firms whose fiscal year ends December 31. Tirador helps you to ensure that the updates are accurate and timely, while minimizing the time taken away from running your firm.
• Policies & Procedures/Books & Records Review – Q2: All advisory firms are required to have written supervisory procedures and to maintain specific books and records. Your supervisory procedures should reflect your firm’s business and scale and should correspond to the regulations under which your firm operates (i.e. state or SEC). Your books and records then document that you follow your own policies.
• Cybersecurity Review – Q3: You should have an inventory of your IT hardware, security software, and systems to assess and mitigate your cybersecurity risks. You also need an incident response plan and training materials on cybersecurity.
• Business Continuity Planning – Q4: Regulators want advisory firms to have a written Business Continuity Plan (BCP), and to review it at least annually. It doesn't have to be elaborate, but it must address essential elements. Business continuity for a small firm needs to address key person risk – what will happen if a key person is incapacitated, unavailable, or dies? Most BCP templates don’t address this, and it is akin to your RIA having an estate plan.

*Some regulators have not yet implemented rules for Cybersecurity and/or Business Continuity Planning, but these items remain key to running a good practice and fulfilling your fiduciary duty. 

​State-to-SEC Transition

We love it when our clients succeed! We can facilitate the regulatory filings, help prepare your firm for the differences between state and SEC regulation, and continue to support your compliance program once SEC registration kicks in!

Regulatory Filings

• Firm Registration - Your ADV describes your business to the regulators.
• Annual Updates - Due within 90 days of year end, these review and update your firm's registration information.
• Amendments - Your registration information must be updated timely whenever there is a change in your business.
• ADV Part 2A (Brochure) - Just like ADV Part 1, this plain-English document describes your firm's business to clients and prospects.
• ADV Part 2B - All IA firms must have Part 2B, and state-registered firms must include the 2B in registrations and updates.
• U4/U5 Maintenance - Each representative's information needs to be accurate and up-to-date. 

*Tirador Compliance LLC does not provide legal, tax, or financial advice.