The SEC’s Division of Examinations (Division) – formerly the Office of Compliance Inspections and Enforcement, or OCIE – recently sought to elevate CCOs’ practices by issuing a risk alert on notable compliance issues identified by staff members during examinations of private fund managers (Risk Alert). At first glance, many practitioners considered the observations therein to be rather routine or fundamental. That perception should only serve to bolster the importance of the Risk Alert, however, as it emphasizes that many firms are failing at some of the most basic compliance tasks they may be taking for granted. To evaluate important details and key takeaways from the Risk Alert, the Private Equity Law Report interviewed several practitioners for their insights on the items addressed therein. This second article in a two-part series highlights concerns in the Risk Alert about inadequate annual compliance reviews and ill-tailored policies and procedures, along with some high-level takeaways to consider. This first article summarized the Division staff’s observations about fund managers’ limited compliance resources, primitive technology and poor empowerment of CCOs. See our coverage of Division risk alerts on the cash solicitation rule; oversight of employees; fees and expenses; the advertising rule; compliance topics; custody; cybersecurity; and social media.