LawFlash

Compliance Alert: SEC’s 2025 Examination Priorities

October 31, 2024

The US Securities and Exchange Commission’s (SEC’s) Division of Examinations released its annual report of examination priorities on October 21, 2024 (the Exam Priorities). The annual Exam Priorities report, which is designed to augment the Division’s periodic risk alerts, provides insights into the Division’s—and by extension the broader SEC’s—current thinking and areas of focus with respect to existing risks, changes in technologies, and compliance with rules, in addition to identifying topics that will be formally examined by the Division over the course of the next fiscal year.

IN BRIEF

  • In general, there are no major surprises and many of the focus areas are consistent with the last several years.
  • There is a heightened focus on registrants’ use of artificial intelligence (AI) and related capabilities and ensuring that technology operations and AI use align with regulatory obligations and disclosures to investors.
  • Compliance with new regulations such as T+1 trade settlement and recent amendments to Form PF has emerged as a Division focus.
  • There is a new focus on risks related to outsourcing, including advisers that outsource investment selection and management, and cybersecurity-related risks of outsourcing services generally, which could be a reaction to the SEC not yet having adopted the outsourcing rule proposed under the Advisers Act in October 2022.
  • We summarize below the 2025 Exam Priorities and distill the report to its essential points. In the attached Appendix, we briefly summarize some key themes and topics that differed between the 2024 and 2025 reports.

THE DETAILS

The 2025 Exam Priorities [1] are similar to the 2024 priorities in that they reaffirm the Division’s focus on registered investment advisers’ (herein, advisers’) adherence to fiduciary standards and compliance obligations, particularly with respect to newly registered advisers. Similarly, the Division remains focused on monitoring broker-dealers and their obligations under Regulation Best Interest. The Division further remains focused on monitoring the use of technology and new assets (including the increasing market for crypto assets and companies providing crypto-related services) as well as the use of blockchain and assessing firms’ readiness and ability to safeguard information in the face of cybersecurity threats.

In a change from the 2024 report, the 2025 Exam Priorities focus much more heavily on firms’ implementation and use of AI. Firms should expect upcoming examinations to probe into whether and how they use AI and how they monitor and supervise AI consistent with policies and procedures and public disclosure. The 2025 report also indicates the Division’s attention to commercial real estate market exposures for all registrants (including both private funds and registered funds with retail investors) and across asset classes. The 2025 Exam Priorities also focus on risks associated with holding and valuing hard-to-value assets and illiquid assets, and place a new focus on the risks of various sorts of outsourcing, including advisers that outsource investment selection and management, and cybersecurity-related risks of outsourcing services generally.

For ease of reference, this summary is organized under the headings provided in the Exam Priorities.

INVESTMENT ADVISERS

The Division will continue to prioritize examinations of advisers that have never been examined, newly registered advisers, and those that have not been examined recently.

Adherence to Fiduciary Standards of Conduct

The Division will continue to focus on whether investment advisers consistently satisfy their fiduciary duties of care and loyalty, namely whether advisers appropriately disclose conflicts of interest and actively prioritize the interests of clients. In the context of advisers’ investment advice, the Division will focus on high-cost products, unconventional instruments, illiquid and difficult-to-value assets, and assets that are sensitive to interest rate changes or shifting market conditions (e.g., commercial real estate).

The Division will also prioritize dual registrants and advisers with affiliated broker-dealers, with a focus on assessing the suitability of investment advice, disclosures regarding the adviser’s capacity when making recommendations, account selection practices (including rollovers), and the disclosure and mitigation of conflicts of interest. The Division will examine the impact of financial conflicts of interest on the impartiality of advice and best execution, particularly with respect to conflicts arising from nonstandard fee arrangements.

Effectiveness of Advisers’ Compliance Programs

The Division will continue to review advisers’ compliance with Rule 206(4)-7 under the Investment Advisers Act of 1940, as amended, which requires SEC-registered investment advisers to adopt and implement written compliance policies and procedures, designate a chief compliance officer, and review such policies and procedures annually.

Examinations will be designed to evaluate core compliance areas including marketing, valuation, trading, portfolio management, disclosure, filings, and custody. The Division will typically request and analyze an adviser’s annual review of the effectiveness of its compliance programs with an eye toward addressing and monitoring conflicts of interest related to business and compensation arrangements, arbitration clauses, and affiliated transactions.

Additionally, the Division will focus on fiduciary concerns in the outsourcing of investment selection and management, alternative revenue sources and benefits accruing to the adviser, and the accuracy of fee calculations and disclosures where fee-related conflicts may exist. The depth of review in a given examination will depend on a particular adviser’s practices and products, with heightened attention to illiquid asset valuation, any AI-technology integration, supervision practices for geographically dispersed independent contractors, and compliance practices for advisers changing business models or advising new asset types, clients, or services.

Examinations of Advisers to Private Funds

The Division will continue its focus on advisers to private funds through its review of whether private fund disclosures are consistent with advisers’ actual practices, fiduciary obligations are met during periods of market volatility, and private funds are exposed to risks related to interest rate fluctuations. Examinations may also home in on the accuracy of fee and expense calculations and allocations, disclosure of risks and conflicts of interest, adequacy of policies and procedures, and compliance with the marketing rule and recently adopted amendments to Form PF. Special attention may be given to advisers to private funds showing poor performance, significant withdrawals, higher leverage, or difficult-to-value assets.

INVESTMENT COMPANIES

Registered investment companies (registered funds), including mutual funds and exchange-traded funds, remain a priority as a consequence of the Division’s focus on protecting retail investors, particularly those saving for retirement. Examinations will review compliance programs, disclosures, and governance practices with a focus on fund fees and expenses (including waivers and reimbursements), consistency between portfolio management practices and disclosures, oversight of both affiliated and third-party service providers, and issues related to market volatility. The Exam Priorities highlight registered funds with exposure commercial real estate as a developing area of interest. Similar to adviser examinations, the Division will prioritize funds that have never been examined, those not recently examined, and newly registered funds.

BROKER-DEALERS

Regulation Best Interest

The Division will continue to assess broker-dealer practices related to Regulation Best Interest, including the following:

  • Whether broker-dealers have a reasonable basis for believing their recommendations regarding products, investment strategies, and account types are in the best interest of customers
  • Adequate disclosure of conflicts of interest
  • Practices for identifying, mitigating, and eliminating such conflicts of interest
  • Whether processes are in place to review alternatives
  • Factors considered when aligning recommendations with individual investor profiles

In particular, the Division will focus on complex, illiquid, or other high-risk products (e.g., leveraged/inverse products, crypto assets, structured products, alternative investments, unregistered products, products with complex fees or return calculations, products based on exotic benchmarks, products experiencing growing allocations from retail investors). Examinations may also assess recommendations that are generated using automated tools, related to opening different account types, and/or made to specific investor types (e.g., older investors and those saving for retirement or college).

The Division may also examine dual registrants regarding conflicts identification and mitigation, account allocation and selection practices (including rollovers and advice to open wrap fee accounts), and supervision of sales practices at branch offices.

Form CRS

The Division will review the content of broker-dealer relationship summaries, including descriptions of relationships and services offered to retail customers, fees and costs, conflicts of interest, and full disclosure of disciplinary history. Examinations will also evaluate compliance with SEC filing and retail customer delivery obligations.

Broker-Dealer Financial Responsibility Rules

The Division will continue to focus on compliance with net capital and customer protection rules such as broker-dealer accounting practices, the timeliness of financial notifications, and operational resiliency programs, including supervision of third-party vendors. The Division will also assess risk management controls related to credit, market, and liquidity stress testing.

Broker-Dealer Trading-Related Practices and Services

The Division will carry on its focus on both equity and fixed-income trading practices, including an assessment of retail offerings such as bank sweep programs, fully paid lending programs, and mobile/online trading platforms. Examinations may also review trading practices related to pre-IPO companies and secondary market transactions involving private company shares.

The Division will review the execution of retail orders, specifically the consistent use of “held” and “not held” markings as well as the pricing and valuation of illiquid instruments and other instruments targeted at retail investors (e.g., variable rate demand obligations, municipal securities, nontraded REITs). Further, the Division will assess firms’ compliance with Regulation SHO, specifically the bona fide market making exception.

SELF-REGULATORY ORGANIZATIONS

National Securities Exchanges

The Division’s examinations will continue to assess whether national securities exchanges are meeting their obligations to enforce compliance with their own rules and federal securities laws. Focus areas may include exchange governance, regulatory programs, and participation in National Market System Plans.

FINRA

The Financial Industry Regulatory Authority oversees most brokerage firms, branch offices, and registered representatives through examinations, enforcement, and surveillance. It also promulgates rules, provides dispute resolution forums, conducts market regulation and oversight, reviews advertisements, administers testing/licensing, and operates industry utilities. The Division’s risk-based oversight examinations of FINRA will focus on areas important to investor protection and market integrity such as implementation of investor protection initiatives (e.g., Regulation Best Interest and Form CRS) and administration of its dispute resolution forum. The Division also reviews FINRA’s examinations of certain broker-dealers and municipal advisors and provides recommendations for improvement.

Municipal Securities Rulemaking Board

Along with FINRA and federal banking regulators, the Division conducts examinations of registrants to assess compliance with Municipal Securities Rulemaking Board (MSRB) rules and federal securities laws. The Division conducts ongoing risk-assessment processes, similar to those used in overseeing FINRA, designed to identify areas to examine at the MSRB.

CLEARING AGENCIES

The Division’s examinations of clearing agencies, as required under Title VIII of the Dodd-Frank Act, will focus on core risks, processes, and controls, including financial and operational risks. The Division also conducts risk-based examinations of registered clearing agencies for compliance with the Standards for Covered Clearing Agencies. Examinations will assess risk management frameworks defined under the Securities and Exchange Act of 1934, as amended (the Exchange Act), remediation of prior deficiencies, and other risk areas identified in collaboration with the Division of Trading and Markets (Trading and Markets) and other regulators. The Division also examines security-based swap data repositories and other entities exempt from clearing agency registration under Section 17A(b)(1) of the Exchange Act. Consultation with the Federal Reserve Board and Trading and Markets informs the examination process.

OTHER MARKET PARTICIPANTS

Municipal Advisors

In examinations involving municipal advisors, the Division will continue to focus on the fulfillment of fiduciary duties owed to municipal entity clients, compliance with the MSRB’s rules, and SEC filing requirements. Examinations also assess whether municipal advisors are in compliance with other professional qualification, recordkeeping, and supervision requirements.

Transfer Agents

The Division will continue its focus on transfer agent processing, recordkeeping, safeguarding of assets, and compliance with SEC filing requirements. Notably, the Division is more likely to review transfer agents that use emerging technology (e.g., AI) to perform transfer agent functions.

Security-Based Swap Dealers

The Division will tailor reviews of security-based swap dealers (SBSDs) depending on whether they have been examined previously. For unexamined SBSDs, the review will center on the implementation of policies and procedures related to security-based swap rules (including Regulation SBSR), reporting transactions to data repositories, and compliance with substituted compliance orders. For other SBSDs, examinations may cover practices related to risk management, corrective actions taken regarding prior issues identified by the Division, and capital, margin, and segregation requirements.

Security-Based Swap Execution Facilities

Following the adoption of Regulation SE, security-based swap execution facilities (SBSEFs) are now required to register with the SEC. The Division may begin examining registered SBSEFs in late fiscal year 2025.

Funding Portals

The Division will examine funding portal policies and procedures, recordkeeping, and compliance with restrictions on activities such as offering investment advice, soliciting transactions related to securities shown on the platform, compensating persons for related solicitations or sales of securities shown on the platform, and custody-related activities involving investors’ funds or securities.

RISK AREAS IMPACTING VARIOUS MARKET PARTICIPANTS

Information Security and Operational Resiliency

Cybersecurity

The Division will continue to review registrant practices to prevent mission-critical service interruptions and protect investor information. It will focus on policies and procedures, governance, data loss prevention, access controls, account management, and incident response (e.g., ransomware attacks). Examinations will also consider cybersecurity risks associated with third-party products and services.

Regulation S-ID and Regulation S-P

The Division will review compliance with Regulations S-ID and S-P, focusing on the quality of policies and procedures, internal controls, oversight of third-party vendors, and governance practices. Examinations will also review policies and procedures and training programs designed to prevent identity theft and account intrusions as well as safeguard customer information. In recognition of the upcoming compliance dates for the amendments to Regulation S-P, the Division will inquire about progress in establishing incident response plans designed to comply with the new requirements.

Shortening of the Settlement Cycle

The Division will evaluate compliance with Rules 15c6-1 (T+1 settlement cycle) and 15c6-2 (T+0 allocation, confirmation and affirmation processes) under the Exchange Act. Examinations will also evaluate compliance with amended books and records requirements related to T+1 and assess any operational changes or other impacts related to compliance with Rule 15c6-2(a) as it relates to the facilitation of institutional transactions.

Emerging Financial Technologies

The Division will continue its focus on the use of automated investment tools, AI, and trading algorithms, including the fairness and accuracy of representations, operational consistency with public disclosures, the appropriateness of algorithm-produced advice when compared with individual investor profiles, and the adequacy of controls. Regarding the use of AI, the Division will review the accuracy of representations regarding AI capabilities as well as policies and procedures for both monitoring and supervising its use and protecting client data.

Crypto Assets

Citing the volatility and activity in proliferating crypto asset markets, the Division will continue to monitor and examine registrants offering crypto asset–related services. Examinations will assess a wide range of activities involving crypto assets offered and sold as securities or related products (e.g., spot bitcoin and ether exchange-traded products). The Division notes two areas of particular focus: (1) whether registrants meet and follow applicable standards of conduct when recommending or advising on crypto assets, with particular attention given to retail clients (including older investors) and retirement assets; and (2) whether registrants routinely review and update compliance practices, risk disclosures, and operational resiliency practices. The Division will also review how technological risks associated with blockchain and distributed ledger technology are managed.

Regulation Systems Compliance and Integrity

Examinations of Systems Compliance and Integrity (SCI) entities will center on policies and procedures regarding business continuity planning and testing practices, the effectiveness of incident response plans (including policies and procedures for deciding whether to disconnect from other entities during cyber events), and security operations management tools for SCI systems.

Anti-Money Laundering

The Division will continue assessing anti-money laundering programs, reviewing whether financial institutions subject to the Bank Secrecy Act tailor their programs to their business models and related AML risks, conduct independent testing, establish adequate customer identification programs, and meet Suspicious Activity Report filing obligations. Examinations of certain registered investment companies will also review oversight policies and procedures for financial intermediaries. Finally, the Division will review whether broker dealers and advisers are appropriately monitoring and complying with the US Department of Treasury Office of Foreign Assets Control sanctions.

Appendix >

Law clerk Mary Zimmerman contributed to this LawFlash.

Contacts

If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following:

Authors
Kelly L. Gibson (Philadelphia / New York)
John J. O'Brien (Philadelphia)
Emily E. Renshaw (Boston / New York)
Peter Dunne (Philadelphia)
Christopher Trueax (Philadelphia)

[1] The Exam Priorities are available on the SEC’s website. This is the second year in a row that the Division has published its examination priorities in October, which is the start of the SEC’s fiscal year.