The US Securities and Exchange Commission has published its rundown of Examination Priorities for Fiscal Year 2025. The 2025 Exam priorities provide an outline of the questions and proof points that regulators will likely be evaluating during examinations. Reviewing the priorities will allow CCOs to assess their compliance programs to ensure that they have the required policies, procedures and controls in place—and that there are systems in place to easily evidence compliance.
Firms should also take a look at 2024's Enforcement Results for additional insight into areas of SEC focus.
2024 SEC Enforcement Results
2024 was yet another year of aggressive enforcement. The agency filed 583 total enforcement actions in fiscal year 2024, with financial remedies totaling $8.2 billion, the highest amount in SEC history. It's interesting to note that even though the dollar amount of financial penalties was the highest in agency history, the number of individual actions actually decreased by 26 percent. One single verdict contributed a whopping $4.5 billion to the total enforcement amount, the largest fraud action in SEC history.
Off-channel communications remained a priority
The 2024 enforcement statistics show enforcement across a range of areas, such as compliance programs, disclosures, conflicts of interest, investment recommendations, market and credit risks, derivatives and leverage, insider trading, and new technologies.
Off-channel communications remain an agency priority, with 70+ firms facing $600+ in penalties.
There were 583 total enforcement actions in the SEC’s fiscal year 2024, including:
- 431 new, or "stand alone," enforcement actions
- 93 "follow-on" administrative proceedings seeking to bar or suspend individuals based on criminal convictions, civil injunctions, or other orders
- 9 actions against issuers allegedly delinquent in required filings
Proactive compliance and self-reporting can reduce penalties
Self-reporting and credit for cooperation was cited by Sanjay Wadhwa, Acting Director of the SEC’s Division of Enforcement, who noted “In fiscal year 2024, the Division continued to vigorously enforce the federal securities laws by recommending to the Commission high-impact enforcement actions addressing noncompliance throughout the securities industry and resulting in robust financial remedies. At the same time, market participants across the spectrum – from public companies to major broker-dealers and advisory firms – stepped up efforts to self-report, remediate, and meaningfully cooperate with our investigations, answering our call to foster a culture of compliance.”
The SEC’s Division of Enforcement filed settled charges and imposed penalties against firms and individuals across a broad range of securities law violations, including:
- Off-channel communications violations
- Marketing Rule violations
- Insufficient disclosures of holdings and transactions by company insiders
- Abusive trading practices
- Major fraud including Ponzi schemes, pyramid schemes, pre-IPO fraud and relationship investment scams
- Block trade disclosure violations
- FCPA violations and bribery schemes
- Violations of whistleblower protection rules
- Failure to obtain required disclosures and fraud in the public finance sector
- Fraud and unregistered offerings in the crypto space
- Audit and quality control failures, including failure to inform the SEC about cybersecurity issues
- Emerging technologies including AI
Individual accountability is an essential deterrent
The report also noted that charging individuals for securities law violations remains essential for accountability and deterrence. 2024 enforcement saw individuals charged for violations including fraudulent crypto offerings, misleading investors, improper disclosure of insider information and overstating revenue.
SEC Division of Examinations 2025 Examination Priorities
The SEC Division of Examinations 2025 Examination Priorities outline the agency's strategic approach, direction and priorities for the upcoming year across types of regulated market participants. The priorities contain the Division’s assessment of key risks, issues, and policy matters stemming from market and regulatory developments, examination information, and sources including tips, complaints, referrals and coordination with other SEC divisions and other regulators.
SEC Division of Examinations 2025 Examination Priorities by Market Participant Type
Investment Advisers
The agency will examine how investment advisers adhere to fiduciary standards of conduct. Focusing on the suitability of investment advice, disclosure of conflicts of interest and management of disclosures in general. Advisers to private funds can expect to be examined to see if disclosures are consistent with actual practices.
Continuing the trend from previous years, examinations of newly registered advisers, those who have never been examined, and those who have not been examined in a while will continue to take priority. Read about Compliance Pitfalls for Newly Registered Investment Advisers.
Registered Funds
An agency priority because of their importance to retail investors, registered investment companies (RICs or funds) will reviewed for the soundness of their compliance programs, disclosures and governance programs. Focus may include fees and expenses, oversight of affiliate and third-party service providers, portfolio management practices and disclosures, and issues associated with market volatility.
Broker-Dealers
For broker-dealers, top priorities include compliance with Regulation Best Interest (Reg BI) and the use of Form CRS, as well as the financial responsibility rules and trading-related practices and services. Reviews will also focus on operational resiliency, including supervision or third-party or vendor services.
Other market participants
The Division will examine the compliance programs, policies and procedures, risk management, operational resilience, and third-party relationships of other market participants, including self-regulatory organizations, clearing agencies, municipal advisors, security-based swap dealers, transfer agents, and national securities exchanges, focusing on oversight and governance as well as the protection of customer assets and data.
Risk Areas Impacting Market Participants
The risk areas impacting various market participants are broken down into five categories:
Information Security and Operational Resiliency
- Cybersecurity focuses on registrant practices surrounding managing investor data, informational services and operational risks.
- To assess registrant compliance with Regulations S-ID and S-P, examiners will review policies and procedures, internal controls, oversight of third-party vendors and governance practices surrounding safeguarding customer information at firms providing electronic investment services.
- Broker-Dealers will be evaluated on compliance with Rule 15c6-1 regarding shortening of the settlement cycle. Advisers will also be evaluated on compliance with updated books and records requirements mandated by T+1.
Emerging Financial Technologies
The Division will be monitoring the use of emerging financial technologies, including artificial intelligence, automated investment tools and alternative data sources, with a particular focus on firms that offer digital investment services. Assessments will evaluate:
- Are representations fair and accurate?
- Are operations and controls consistent with disclosures made to investors?
- Do algorithms provide advice that aligns with suitability guidelines
- Are there controls to ensure that recommendations are consistent with regulatory requirements?
Using AI? The Rules of Effective Compliance Still Apply!
Crypto Assets
The Division will continue to monitor registrants who are offering crypto assets that are sold as securities or related products. In particular, examinations will review:
- Do recommendations meet suitability requirements and standards of conduct so investors understand the products recommended?
- Is the firm routinely reviewing, enhancing and updating its compliance program, risk disclosures and operational resiliency practices as the sector evolves?
Regulation Systems Compliance and Integrity
Firms must have written policies and procedures in place to ensure that their technology systems maintain capacity, integrity, resiliency, availability and security. In particular, the agency will evaluate the effectiveness of incident response plans, including oversight of third-party technology providers.
AML
Broker-dealers and certain RICs are required to establish anti-money laundering (AML) that are designed to ensure compliance with the Bank Secrecy Act. Examinations will continue to review:
- Are the programs tailored to the risk associated with the firm?
- Is independent testing conducted?
- Is there an adequate customer identification program in place, including for beneficial ownership?
- Are SAR filing obligations met?
- Are policies and procedures for oversight of financial intermediaries in place for certain RICs?
- Is the program compliant with Foreign Assets Control sanctions from the Department of the Treasury?
Evaluating the Soundness of the Compliance Program
“The Division’s assessment of the effectiveness of advisers’ compliance programs is a fundamental part of the examination process.”
—SEC Examination Priorities for Fiscal Year 2025
The importance of maintaining a sound and robust compliance program is a common thread that runs throughout the Priorities document.
The Priorities note that assessments of adviser compliance programs usually include an evaluation of the core areas of compliance and an analysis of the firm’s annual compliance review. The document also reinforces that the annual review is a critical means for firms to identify and address conflicts of interest.
When reviewing policies and procedures, the Division will continue to ensure that rules comply with Rule 206 (4)-7 under the Investment Advisers Act. Areas that examinations may focus on include fiduciary obligations and suitability, alternative sources of revenue and the appropriateness and accuracy of fee calculations.
Firms are also reminded that a review of an adviser’s program may focus on particular areas based on products sold and the business practices of the firm.
Be ready for proactive compliance in 2025! Watch an on-demand webinar featuring practical year-end guidance from the experts at MCG Consulting.
The Critical Role of Technology
“As technology continues to transform investing, we must work to identify new and emerging risks. The Division must constantly scan the horizon for these risks and stand ready to examine registered firms for compliance with SEC rules tied to these risks, and not merely react to these threats.”
—SEC Examination Priorities for Fiscal Year 2025
The report notes that when the SEC Division of Exams was created thirty years ago, traders were still using fax machines and yelling across the floor. The progression of technology across the decades has been fast and furious, both across the agency and across the financial services industry as a whole. Technology has enabled faster and more efficient transactions, but additional risks for fraud and unethical behavior come with that.
The SEC is using the latest technology to identify new and emerging risks and focus on key areas for compliance. Firms must keep their approaches, methods and tools up-to-date, and that involves using the latest technology to keep pace.
Read a tale of just right compliance technology
Can you Evidence Your Compliance Activities?
As MCO Sales Director Dave Barry notes, “Having robust policies and procedures is essential for firms to establish a strong compliance framework that aligns with the SEC’s 2025 examination priorities, and for that matter, to align with any regulator around the globe. Equally important is the ability to evidence compliance. Regulators expect tangible and defensible proof that the compliance program meets regulatory standards. Leveraging compliance technology like MyComplianceOffice is crucial in this process, as it streamlines the management and tracking of compliance activities, ensuring firms can efficiently meet regulatory requirements—and then prove it.”
Is your compliance roadmap for 2025 in place?
MCO can help you streamline compliance across your organization and be ready to stand up to regulatory scrutiny. Contact us today for a demo to see MyComplianceOffice in action.