SEC Announces 2025 Examination Priorities

11/27/2024

---

On October 21, 2024, the Securities and Exchange Commission’s Division of Examinations (“DOE”) announced its examination priorities for 2025 (“2025 Examination Priorities”) (available here). DOE publishes its examination priorities annually to inform investors and registrants of potential risks in the U.S. capital markets and to make them aware of the examination topics that DOE plans to focus on in the new fiscal year. DOE prioritizes examinations of the practices, products and services that were found through a risk-based assessment to present a heightened risk to investors or to the integrity of the U.S. capital markets.

DOE’s examination priorities are developed in consultation with other divisions and offices of the SEC and are informed by prior years’ examinations, market events, information gathered through participation in conferences, and conversations with investors, registrants, industry groups, and other regulators. As technology continues to transform investing, DOE has been working to identify new and emerging risks to assess how the changes are impacting firms’ operations. This years’ examinations will prioritize perennial and emerging risk areas, such as fiduciary duty, standards of conduct, cybersecurity, and artificial intelligence (“AI”).

The annual publication of DOE’s examination priorities furthers the SEC’s mission and aligns with the “four pillars” of DOE’s work, to (1) promote and improve compliance, (2) prevent fraud, (3) monitor risk and (4) inform policy.

Fiscal Year 2025 Examination Priorities

I. Investment Advisers

1. Adherence to Fiduciary Standards of Conduct
2. Effectiveness of Advisers’ Compliance Programs
3. Examinations of Advisers to Private Funds
4. Never Examined Advisers, Recently Registered Advisers, and Advisers Not Recently Examined

II. Investment Companies

III. Broker-Dealers

1. Regulation Best Interest
2. Form CRS
3. Broker-Dealer Financial Responsibility Rules
4. Broker-Dealer Trading Related Practices and Services

IV. Self-Regulatory Organizations

1. National Securities Exchanges
2. Financial Industry Regulatory Authority
3. Municipal Securities Rulemaking Board

V. Clearing Agencies

VI. Other Market Participants

1. Municipal Advisors
2. Transfer Agents
3. Security-Based Swap Dealers
4. Security-Based Swap Execution Facilities
5. Funding Portals

VII. Risk Areas Impacting Various Market Participants

1. Emerging Financial Technologies
2. Crypto Assets
3. Regulation Systems Compliance and Integrity
4. Anti-Money Laundering
5. Information Security and Operational Resiliency
   • Cybersecurity
   • Regulation S-ID and Regulation S-P
   • Shortening of the Settlement Cycle

I. INVESTMENT ADVISERS

Adherence to Fiduciary Standards of Conduct
As a fiduciary, an investment adviser owes a duty of care and loyalty to its clients. An adviser must “serve the best interest of its clients and must not place its own interests ahead of the interests of its clients.” An adviser must eliminate or make full and fair disclosure of all conflicts of interest. DOE will continue to focus on:

• Investment advice provided to clients regarding “products, investment strategies, and account types, and whether that advice satisfies the fiduciary obligations owed to their clients.” In particular, DOE will focus on recommendations related to: (1) high-cost products; (2) unconventional instruments; (3) illiquid and difficult-to-value assets; and (4) assets sensitive to higher interest rates or changing market conditions.
• For dual registrants and advisers with affiliated broker-dealers, DOE will: (1) assess investment advice and recommendations regarding certain products to determine whether they are suitable for clients’ advisory accounts; (2) review disclosures to clients regarding the capacity in which recommendations are made; (3) review the appropriateness of account selection practices; and (4) assess whether and how advisers adequately mitigate and fairly disclose conflicts of interest.
• The impact of advisers’ financial conflicts of interest on providing impartial advice and best execution, with consideration given for non-standard fee arrangements.

Effectiveness of Advisers’ Compliance Programs
DOE continues to focus on advisers’ compliance programs. DOE reviews whether advisers’ compliance policies and procedures address compliance with the Investment Advisers Act of 1940, as amended (the “Advisers Act”) and whether they are reasonably designed to prevent the adviser from placing their own interests ahead of clients’ interests. Areas of interest for DOE include: (1) fiduciary obligations of advisers that outsource investment selection and management; (2) alternative sources of revenue or benefits advisers receive; and (3) appropriateness and accuracy of fee calculations and the disclosure of fee-related conflicts, such as those associated with select clients negotiating lower fees when similar services are provided to other clients at a higher fee rate.

DOE also will focus on an advisers’ policies and procedures for: (1) valuation of illiquid or difficult-to-value assets; (2) AI, if integrated into advisory operations and disclosures regarding its use; (3) use and supervision of independent contractors working from geographically dispersed locations; and (4) adoption of new compliance practices when advisers change their business models or advise different types of assets, clients or services.

Examinations of Advisers to Private Funds
DOE will continue to focus on advisers to private funds. DOE will prioritize specific topics and will review:

• Whether disclosures are consistent with actual practices and if an adviser met its fiduciary obligations in times of market volatility and exposure to interest rate fluctuations. DOE may particularly focus on examinations of advisers to private funds that are expecting poor performance and significant withdrawals and/or hold more leverage of difficult-to-value assets.
• The accuracy of calculations and allocations of private fund fees and expenses, including valuation of illiquid assets, calculation of post commitment period management fees, and the offsetting of such fees and expenses.
• Disclosure of conflicts of interests and risks and adequacy of policies and procedures. 
• Compliance with recently adopted SEC rules, including amendments to Form PF and investment adviser marketing.

Never Examined Advisers, Recently Registered Advisers and Advisers Not Recently Examined
DOE will prioritize examinations of advisers that have never been examined and those that have not been recently examined with a continued focus on newly registered advisers.


II. INVESTMENT COMPANIES

DOE continues to prioritize examination of registered investment companies (“RICs”) due to their importance in retail investors, particularly those saving for retirement.

DOE will review RICs’ compliance programs, disclosures and governance practices, with a focus on: (1) fund fees and expenses including any associated waivers and reimbursements; (2) oversight of service providers; (3) portfolio management practices and disclosures; and (4) issues associated with market volatility.

III. BROKER DEALERS

Regulation Best Interest (“Reg BI”)
DOE will continue to examine broker-dealer practices related to Reg BI, including the following areas: (1) recommendations with regard to products, investment strategies, and account types and whether the broker has reasonable basis to believe a recommendation is in the best interest of the customer; (2) disclosures made to investors regarding conflicts of interest; (3) conflict identification and mitigation and elimination practices; (4) processes for reviewing reasonably available alternatives; and (5) factors considered in light of the investor’s investment profile, such as investment goals and account characteristics.

Examinations of broker-dealer practices will focus on those recommended products that are complex, illiquid, or present higher risk to investors, such as highly leveraged or inverse products, crypto assets, structured products, alternative investments, products that are not registered with the SEC (and therefore are less transparent), products with complex fee structures or return calculations, products based on exotic benchmarks, or products that represent a growth area for retail investment. Examinations may focus on recommendations: (1) using automated tools; (2) recommendations related to opening different account types; and (3) made to certain types of investors, such as older investors.

DOE examinations also may focus on dual registrants and encompass reviews of firms’ process for identifying, mitigating and eliminating conflicts of interest, account allocation practices and account selection practices. Examinations also may assess broker-dealer supervision of sales practices at branch office locations.

Form CRS
DOE will review the content of a broker-dealer’s relationship summary, particularly how it describes: (1) the relationships and services it offers to retail customers; (2) fees and costs; and (3) conflicts of interest, and whether broker-dealer has disclosed its disciplinary history. DOE will evaluate whether the broker-dealers have filed their relationship summary with the SEC and delivered it to retail customers.

Broker-Dealer Financial Responsibility Rules
DOE examinations will continue to focus on broker-dealer compliance with net capital and customer protection rules, including the related internal processes, procedures and controls. Examinations will include review of broker-dealer accounting practices, timeliness, financial notifications and “operational resiliency programs,” relating to supervision of third party or vendor provided services that are used to prepare their financial reporting. Examinations will assess broker-dealer “credit, market, and liquidity risk management controls” to ensure sufficient liquidity to manage stress events.

Broker-Dealer Trading-Related Practices and Services
DOE will examine broker-dealer trading practices, focusing on the “structure, marketing fees and potential conflicts” associated with their offerings to retail customers, in particular, with respect to bank sweep programs, fully-paid lending, programs, and mobile apps/online trading platforms. In addition, examinations will review broker-dealer trading practices associated with trading in pre-IPO companies and the sale of private company shares in secondary markets. DOE also will review broker-dealers’ execution of retail orders to determine: “(1) whether retail orders are marked as ‘held’ or ‘not held,’ and the consistency of marking with retail instructions; and (2) the pricing and valuation of illiquid or retail-focused instruments such as variable rate demand obligations, other municipal securities, and non-traded REITs.”

With respect to Regulations SHO, DOE will review whether broker-dealers are appropriately relying on the bona fide market making exception, including “whether quoting activity is away from the inside bid/offer.”

IV. SELF-REGULATORY ORGANIZATIONS

National Securities Exchanges
As in prior years, DOE will examine national securities exchanges to assess whether they are enforcing compliance with the exchanges’ own rules, as well as the federal securities laws. Examinations may focus on “exchange governance, regulatory programs, and participation in National Market System Plans.”

Financial Industry Regulatory Authority (“FINRA”)
DOE conducts oversight examinations of FINRA. It selects major regulatory areas within FINRA to examine through a risk-assessment process designed to identify aspects of FINRA’s operations “important to the protection of investors and market integrity, including FINRA’s implementation of investor protection initiatives,” such as Reg BI and Form CRS, and the fair administration of its dispute resolution forum. DOE also conducts oversight examinations of FINRA’s examinations of certain broker-dealers and municipal advisors that are FINRA members.

Municipal Securities Rulemaking Board (“MSRB”)
DOE, along with FINRA and federal banking regulators, conducts examinations of registrants to assess compliance with MSRB rules, and applicable federal securities laws and rules. DOE also applies a risk-assessment process, similar to the one it uses to oversee FINRA, to identify areas to examine at the MSRB.

V. CLEARING AGENCIES

As required by Title VIII of the Dodd-Frank Act, DOE examines, at least once annually, each clearing agency designated as “systemically important” and for which the SEC serves as the supervisory agency. These examinations focus on clearing agencies’ “core risks, processes and controls and will cover the specific areas required by statute, including the nature of clearing agencies’ operations and assessment of financial and operational risk.” DOE also conducts risk-based examinations of other registered clearing agencies that have not been designated as systemically important. The examinations of registered clearing agencies are designed to ensure that they have policies and procedures that address “maintaining sufficient financial resources, protecting against credit risks, managing member defaults, and managing operational and other risks.”

VI. OTHER MARKET PARTICIPANTS

Municipal Advisors
DOE will continue to examine whether municipal advisors have met their fiduciary duty to clients when providing advice regarding the pricing or method of sale with respect to the issuance of municipal securities. DOE will examine whether municipal advisors have complied with MSRB Rule G-42, which “establishes the core standards of conduct and duties” applicable to non-solicitor municipal advisors, including conflicts of interest and relationship disclosure requirements. DOE also will continue to assess whether municipal advisors have made required filings with the SEC and met their professional qualification, recordkeeping, and supervision requirements.

Transfer Agents
DOE will continue to examine transfer agents’ processing of items and transfers, record keeping and record retention, safeguarding of funds and securities, and filings with the SEC. Examinations also will focus on transfer agents that use emerging technology to perform their transfer agent functions.

Security-Based Swap Dealers (“SBSDs”)
For SBSDs that have yet to be examined, DOE will focus its examinations on whether the SBSDs have implemented policies and procedures related to compliance with security-based swap rules generally, including whether they are meeting their obligations “to accurately report security-based swap transactions to security-based swap data repositories” and, where applicable, whether they are complying with relevant conditions in SEC orders governing substituted compliance. For other SBSDs, DOE will focus on their practices with respect to applicable “capital, margin, and segregation requirements and risk management.” DOE will assess whether SBSDs have taken corrective action to address issues identified in prior examinations.

Security-Based Swap Execution Facilities (“SBSEFs”)
On November 2, 2023, the SEC adopted new Regulation SE under the Securities Exchange Act of 1934, as amended (the “Exchange Act”), which implements rules and forms for the registration of SBSEFs. DOE may begin conducting examinations of registered SBSEFs in late fiscal year 2025.

Funding Portals
This is a new area of focus for DOE. It will examine whether funding portals are making and preserving: “(1) required records, such as records related to investors who purchase, or attempt to purchase, securities through the funding portal; and (2) records related to issuers who offer and sell, or attempt to offer and sell, securities through the funding portal and the control persons of such issuers.” In addition, DOE will review funding portals’ written policies and procedures to assess if they are reasonably designed to achieve compliance with restrictions that prohibit funding portals from engaging in: “(1) offering investment advice or recommendations; (2) soliciting transactions in the securities displayed on the funding portal’s platform; (3) compensating persons for solicitation or based on the sale of securities displayed on the funding portal’s platform; and (4) holding, managing, possessing, or handling investor funds or securities.”

VII. RISK AREAS IMPACTING VARIOUS MARKET PARTICIPANTS

Information Security and Operation Resiliency
a. Cybersecurity
DOE will continue to review registrants’ practices “to prevent interruptions to mission-critical services and to protect investor information, records, and assets.” As part of its examinations in this area, DOE will examine registrants’ procedures and practices to assess whether they are reasonably managing information security and operational risks.

DOE’s focus on cybersecurity practices will examine registrants’ “policies and procedures, governance practices, data loss prevention, access controls, account management, and responses to cyber-related incidents, including those related to ransomware attacks.” DOE also will review alternative trading systems’ safeguards to protect confidential trading information.

DOE will continue to consider cybersecurity risks and resiliency goals associated with third-party products, sub-contractors, services, and any information technology (“IT”) resources used by businesses without the IT department’s approval, knowledge or oversight, or non-supported infrastructure. The focus will include assessments of how registrants identify and address these risks to essential business operations.

b. Regulation S-ID and Regulation S-P
DOE will review compliance with Regulations S-ID and S-P, focusing on registrants’ “policies and procedures, internal controls, oversight of third-party vendors and governance practices” particularly as they pertain to safeguarding customer records and information.

In preparation for the compliance date of the SEC’s amendments to Regulation S-P, DOE will assess firms’ progress in establishing “incident response programs” designed to “detect, respond to, and recover from unauthorized access to or use of customer information.”

c. Shortening of the Settlement Cycle
DOE will evaluate broker-dealer compliance with Exchange Act Rule 15c6-1, which reduced the standard settlement cycle to the day after trade date (T+1), and with Rule 15c6-2, which requires broker-dealers to have written agreements or written procedures reasonably designed to ensure completion of the allocation, confirmation, or affirmation process no later than the end of the day on trade date (T+0).

DOE will evaluate advisers’ compliance with amended books and records requirements associated with T+1 and will assess firm technology changes associated with shortening of the settlement cycle.

Emerging Financial Technologies
DOE remains focused on the risks associated with registrants’ use of automated investment tools, AI, and trading algorithms. DOE will examine firms that employ “certain digital engagement practices, such as digital investment advisory services, recommendations, and related tools and methods.” The examination will assess whether: “(1) representations are fair and accurate; (2) operations and controls in place are consistent with disclosures made to investors; (3) algorithms produce advice or recommendations consistent with investors’ investment profiles or stated strategies; and (4) controls to confirm that advice or recommendations resulting from digital engagement practices are consistent with regulatory obligations to investors, including older investors.”

DOE will review registrants’ representations regarding their AI capabilities or AI use for accuracy and will assess whether firms have implemented adequate policies and procedures to monitor their use of AI for tasks related to fraud prevention and detection, back-office operations, anti-money laundering (AML), and trading functions. DOE also will examine how registrants protect against loss or misuse of client records and information that may occur from the use of third-party AI models and tools, and how firms integrate regulatory technology into their general operations.

Crypto Assets
Given the proliferation of investments involving crypto assets and the volatility and activity in the crypto-asset market, DOE will continue to monitor and examine firms offering crypto asset related services. Examinations will focus on the offer, sale, recommendation, advice, trading, and other activities involving crypto assets that are offered and sold as securities or related products, such as spot bitcoin or other exchange-traded products.

In particular, these examinations will review whether firms: (1) meet and follow applicable standards of conduct when recommending clients regarding crypto assets, particularly retail clients and investments involving retirement assets; and (2) regularly review, and update, their compliance practices, risk disclosures, and operational resiliency practices.

DOE will assess technological risks associated with the use of blockchain and distributed ledger technology. 

Regulation Systems Compliance and Integrity (“SCI”)
DOE’s examination of SCI entities will focus on: (1) policies and procedures regarding the operational, business continuity planning and testing practices of SCI entities; (2) effectiveness of “incident response plans” regarding policies and procedures in connection with decisions to disconnect from or reconnect to other entities during cyber events; and (3) policies and procedures pertaining to security operations management tools to ensure that their SCI systems have adequate levels of security and effectiveness.

Anti-Money Laundering (“AML”)
The Bank Secrecy Act requires certain financial institutions to establish AML programs that are tailored to address specific risks associated with a firm’s business. DOE remains focused on the same AML priorities as in prior years. Examinations will review whether broker-dealers and certain RICs are: “(1) appropriately tailoring their AML program to their business model and associated AML risks; (2) conducting independent testing; (3) establishing an adequate customer identification program, including for beneficial owners of legal entity customers; and (4) meeting their Suspicious Activity Reports (“SARs”) filing obligations.” Examinations of certain RICs also will review policies and procedures for oversight of applicable financial intermediaries.

DOE also will review whether broker-dealers and advisers are monitoring the Department of Treasury’s Office of Foreign Assets Control sanctions and ensuring compliance with such sanctions.

Conclusion

DOE’s 2025 Examination Priorities are not exhaustive. The priorities are meant to inform investors and the industry about the areas DOE believes present the highest risk to investors and the markets. It is those key areas on which DOE has focused.

 

If you receive a notice of a DOE examination or would like assistance preparing for such an examination, or if you would like guidance or assistance establishing or updating your compliance program, please contact Meryl Wiener (mwiener@wbny.com 212-984-7731), any of the undersigned, or your regular Warshaw Burstein attorney.

Frederick R. Cummings, Jr. Jason Diener Thomas Filardo Marshall N. Lester Stephen W. Semian Martin S. Siegel Meryl E. Wiener

(212) 984-7807 (212) 984-7797 (212) 984-7806 (212) 984-7849 (212) 984-7764 (212) 984-7741 (212) 984-7731

fcummings@wbny.com jdiener@wbny.com tfilardo@wbny.com mlester@wbny.com ssemian@wbny.com msiegel@wbny.com mwiener@wbny.com