On October 21, the Securities and Exchange Commission’s (SEC) Division of Examinations announced its 2025 examination priorities (2025 guidance) for registered investment advisers and investment companies, broker-dealers, clearing agencies, self-regulatory organizations, and other registered entities that are subject to inspection by the Division. The annual guidance aims to align with the Division’s four pillars: to promote and improve compliance, prevent fraud, monitor risk, and inform policy. The 2025 guidance lists plenty of familiar topics, but also includes new priorities that reflect the evolution of U.S. and global markets. Next year’s examinations will prioritize areas such as fiduciary duties and standards of conduct for investment advisers, and cybersecurity, artificial intelligence (AI), and anti-money laundering (AML) for various market participants. More generally, the Division’s acting director, Keith Cassidy, stated the 2025 guidance aims to “identify the key areas of potentially increased risks and related harm for investors.” In addition to conducting examinations in core areas such as disclosures and governance practices, the Division will also examine compliance with new rules, the use of emerging technologies, and the soundness of controls intended to protect investor information, records, and assets.
The number of SEC investment adviser exams conducted each year has been steadily on the rise as the number of registrants has also increased. Keith Cassidy said this week at the National Society of Compliance Professionals National Conference that for 2026, the Division will be adjusting its methodology for estimating the number of exams to be conducted in a fiscal year and their budget will reflect that new method. He confirmed, though, that the examination program will continue to be risk-based.
The Division’s 2025 guidance covers a broad array of potential risks to investors and firms alike. These priorities continue to signal an increased focus on elevated risk areas such as cybersecurity, AI, and emerging technology, which often do not have clear and well-defined rules or guidance. While the Division’s 2025 priorities span several topics, below is a brief summary of the more noteworthy priorities and some of the Division’s newer areas of focus for investment advisers, broker-dealers, and other market participants.
-
Investment Adviser Fiduciary Obligations and Conflicts of Interest: With respect to investment advice provided to advisers’ clients regarding certain products, investment strategies, and account types, the Division will focus on recommendations related to: (i) high-cost products; (2) unconventional instruments; (3) illiquid and difficult-to-value assets; and (4) assets sensitive to higher interest rates or changing market conditions, including commercial real estate. The Division will also closely examine the impact of advisers’ financial conflicts on providing impartial advice and best execution, with consideration given for nonstandard fee arrangements.
-
Effectiveness of Investment Adviser Compliance Programs: The Division’s review may include: (1) fiduciary obligations of advisers that outsource investment selection and management; (2) alternative sources of revenue or benefits advisers receive, such as selling nonsecurities-based products to clients; and (3) appropriateness and accuracy of fee calculations and the disclosure of fee-related conflicts, such as those associated with select clients negotiating lower fees when similar services are provided to other clients at a higher fee rate.
-
Private Fund Managers: Advisers to private funds remain a significant portion of the SEC-registered investment adviser population. Within this realm, the Division division will continue to focus on advisers to private funds, for example: (1) whether disclosures are consistent with actual practice and if an adviser met its fiduciary obligations in times of market volatility and whether a private fund is exposed to interest rate fluctuations, such as commercial real estate, illiquid assets, or private credit fund; (2) the accuracy of calculations and allocations of private fund fees and expenses (both fund-level and investment-level), including valuation of illiquid assets, calculation of post-commitment period management fees, offsetting of such fees and expenses, and the adequacy of disclosures; and (3) disclosure of conflicts of interests and risks, and adequacy of policies and procedures, including use of debt, fund-level lines of credit, investment allocations, adviser-led secondary transactions, transactions between fund(s) and/ or others; investments held by multiple funds; and use of affiliated service providers. The Division may focus on examinations of advisers to private funds that are experiencing poor performance and significant withdrawals and/or hold more leverage or difficult-to-value assets, including commercial real estate funds. The Division will closely monitor compliance with recent amendments to Form PF.
-
Recently Adopted SEC Rules: The Division plans to closely monitor private fund advisers’ compliance with recent SEC rules, including the Marketing Rule and whether advisers have adopted and actually follow policies and procedures to ensure compliance with these rules. The 2025 guidance specifically indicated that the Division plans to conduct outreach within the securities industry with a focus on the implementation of the requirements of Regulation S-P, which are set to go into effect on December 3, 2025, for larger entities and June 3, 2026, for smaller entities.
-
Cybersecurity: The 2025 guidance notes that cybersecurity is a “perennial examination priority” as operational disruption risks remain elevated due to the proliferation of cybersecurity attacks, firms’ dispersed operations, weather-related events, and geopolitical concerns. As part of examinations into this area, the Division will examine registrants’ procedures and practices to assess whether they are reasonably managing information security and operational risks. Other areas of focus will include governance practices, data loss prevention, access controls, account management, and responses to cyber-related incidents.
-
AI and Emerging Technology: For investment advisers that integrate AI into advisory operations, including portfolio management, trading, marketing, and compliance, the Division may take a more in-depth look at compliance policies and procedures as well as disclosures to investors related to these areas. The Division continues to focus on registrants’ use of certain AI tools, trading algorithms, and the risks associated with the use of emerging technology and alternative sources of data. The 2025 guidance notes that firms which employ certain digital engagement practices, such as digital investment advisory services, recommendations, and related tools, who will face scrutiny. In particular, the Division expects to conduct reviews that assess whether: (1) representations are fair and accurate; (2) operations and controls in place are consistent with disclosures made to investors; (3) algorithms produce advice or recommendations consistent with investors investment profiles or stated strategies; and (4) controls to confirm that advice or recommendations resulting from digital engagement practices are consistent with regulatory obligations to investors, including older investors.
-
Cryptocurrency: Similar to prior years, the 2025 guidance will focus on the offer and sale, recommendations of, advice regarding, and trading in crypto assets or related products. More specifically, the Division is expected to focus on whether investment advisers and firms meet the standards of care and routinely review and update their compliance procedures regarding activities listed above. The Division is also expected to assess registrant practices to address the technological risks associated with the use of blockchain and distributed ledger technology, including risks pertaining to the security of crypto assets.
-
Anti-Money Laundering: The 2025 Guidance is clear that the Division will continue to focus on AML programs and review whether broker-dealers and certain registered investment companies (RIC) are:(1) appropriately tailoring their AML program to their business model and associated AML risks; (2) conducting independent testing; (3) establishing an adequate customer identification program, including for beneficial owners of legal entity customers; and (4) meeting the suspicious activity reports filing obligations. The Division will also examine certain RICs to review policies and procedures for oversight of applicable financial intermediaries. Interestingly, even though investment advisers have until 2026 to comply with FinCEN’s new AML rules, the 2025 priorities include reviews whether broker-dealers AND advisers are monitoring the Department of Treasury’s Office of Foreign Assets Control sanctions and ensuring compliance with such sanctions. Those sanctions rules are separate from FinCEN’s new AML rules and already apply to all U.S. persons.
Marshall Grady, the SEC’s national associate director of the IA/IC Examination Program, said this week at the National Society of Compliance Professionals National Conference that the Division wants to partner with compliance to empower compliance and enhance compliance programs. While the Division does not view enforcement referrals as its mission, the SEC enforcement will likely pay close attention to the Division’s priorities when deciding to pursue actions given the risk-based nature of the Division’s program. This only further illustrates the need for chief compliance officers to take a hard look at the adequacy and effectiveness of their compliance programs with respect to the risks identified in the Division’s priorities. Grady hinted more risk alerts are in the works to help inform the industry on the examination process. Those expected risk alerts could include additional observations on the Marketing Rule as well as observations on RICs, AI, and digital assets. Lastly, Grady also shared with conference attendees as a reminder, “Say what you do, do what you say.”
