Critical Risk Areas and Compliance Considerations

Published:

SEC’s Fiscal Year 2025 Examination Priorities: A Comprehensive Overview

On October 21, 2023, the Securities and Exchange Commission’s (SEC) Division of Examinations unveiled its examination priorities for the fiscal year 2025, which spans from October 1, 2024, to September 30, 2025. Since its inception in 2013, the SEC’s annual examination priorities have served as a crucial guide for industry participants, highlighting the areas that pose the highest risks to investors and the broader financial markets. Understanding these priorities is essential for both industry professionals and investors, as they provide insights into the SEC’s regulatory focus and expectations.

Key Focus Areas for FY 2025

The SEC’s Division of Examinations has identified several perennial and emerging risk areas for the upcoming fiscal year. These include fiduciary duties, standards of conduct, cybersecurity, and the implications of artificial intelligence (AI). The Division aims to ensure compliance with regulations related to the use of emerging technologies and to assess the effectiveness of controls designed to protect investor information and assets.

Changes in Risk Areas

This year’s examination priorities reflect significant changes from the previous year. The risk area of Information Security and Operational Resiliency has been subdivided into three distinct categories: Cybersecurity, Regulation S-ID and Regulation S-P, and the Shortening of the Settlement Cycle.

  1. Cybersecurity: The Division will continue to focus on protecting investor information and managing operational risks. This includes evaluating firms’ policies, governance practices, data loss prevention measures, and responses to cyber incidents, particularly ransomware attacks.

  2. Regulation S-ID and Regulation S-P: This new subpart will assess firms’ policies and procedures for preventing identity theft and safeguarding customer records. The Division will engage with firms to ensure they are prepared for the compliance date of the SEC’s amendments to Regulation S-P.

  3. Shortening of the Settlement Cycle: Following last year’s revisions to Rule 15c6-1, which shortened the standard settlement cycle from T+2 to T+1, the Division will evaluate compliance with amended books and records requirements under Rule 15c6-2.

Emerging Financial Technologies and AI

The risk area of Emerging Financial Technology has been expanded to encompass digital engagement practices, including digital investment advisory services and algorithm-driven recommendations. The Division will scrutinize how firms represent their technologies, ensure consistent operations, and validate that advice generated by algorithms aligns with investors’ profiles. The SEC has emphasized the need for appropriate guardrails when deploying AI, ensuring that firms do not mislead the public about their capabilities.

Crypto Assets

The Crypto Assets risk area remains a focal point, with the Division continuing to monitor registrants offering related services. The examination will focus on compliance with standards of conduct when recommending or advising clients on crypto assets, as well as the adequacy of risk disclosures and operational practices.

Regulation Systems Compliance and Integrity (SCI)

The Division’s examination of SCI entities will now include a focus on incident response plans, particularly regarding decisions to disconnect from registrants or third parties experiencing cyber events. This addition underscores the SEC’s commitment to ensuring robust operational resilience in the face of cyber threats.

Anti-Money Laundering (AML)

The AML risk area remains largely unchanged from the previous year, with the Division continuing to emphasize the importance of tailored AML programs, independent testing, and compliance with customer identification and reporting obligations.

Detailed Examination Priorities by Registrant Type

The SEC’s examination priorities are categorized by registrant type, providing a clear framework for compliance expectations:

I. Investment Advisers

The Division will prioritize compliance with fiduciary duties, focusing on:

  • Investment advice related to high-cost products and illiquid assets.
  • The impact of financial conflicts of interest on impartial advice.
  • Core compliance program areas, including marketing and portfolio management.
  • The integration of AI in advisory operations, ensuring accurate disclosures.

II. Investment Advisers to Private Funds

For advisers to private funds, the Division will review:

  • Consistency of disclosures with actual practices.
  • Accuracy in fee calculations and allocations.
  • Compliance with recent SEC rules, including amendments to Form PF.

III. Dual Registrants

The focus for dual registrants will be on the suitability of investment advice and product recommendations, alongside disclosures regarding conflicts of interest.

IV. Investment Companies

Examinations will cover compliance programs, disclosures, and governance practices, particularly concerning fund fees and expenses.

V. Broker-Dealers

Key priorities for broker-dealers include:

  • Compliance with Regulation Best Interest.
  • Review of Form CRS content and delivery.
  • Adherence to financial responsibility rules and operational resiliency.

Conclusion

The SEC’s Fiscal Year 2025 Examination Priorities provide critical insights into the regulatory landscape for industry participants. By understanding these priorities, regulated entities can better prepare for upcoming examinations and ensure compliance with evolving standards. As the SEC continues to adapt to emerging risks and technologies, staying informed about these priorities is essential for maintaining investor trust and market integrity.

For further details, the full report on the Fiscal Year 2025 Examination Priorities is available here.

Contributors to this article include Susan Light, Michael Lohnes, Richard Marshall, and Patrick Smith.

Related articles

Recent articles