The US Securities and Exchange Commission has published its rundown of Examination Priorities for Fiscal Year 2025.

The 2025 Exam priorities provide an outline of the questions and proof points that regulators will likely be evaluating during examinations. Reviewing the priorities will allow CCOs to assess their compliance programs to ensure that they have the required policies, procedures and controls in place—and that there are systems in place to easily evidence compliance.

SEC Division of Examinations 2025 Examination Priorities

The SEC Division of Examinations 2025 Examination Priorities outline the agency's strategic approach, direction and priorities for the upcoming year across types of regulated market participants. The priorities contain the Division’s assessment of key risks, issues, and policy matters stemming from market and regulatory developments, examination information, and sources including tips, complaints, referrals and coordination with other SEC divisions and other regulators.

SEC Division of Examinations 2025 Examination Priorities by Market Participant Type

Investment Advisers

The agency will examine how investment advisers adhere to fiduciary standards of conduct. Focusing on the suitability of investment advice, disclosure of conflicts of interest and management of disclosures in general. Advisers to private funds can expect to be examined to see if disclosures are consistent with actual practices.

Continuing the trend from previous years, examinations of newly registered advisers, those who have never been examined, and those who have not been examined in a while will continue to take priority. Read about Compliance Pitfalls for Newly Registered Investment Advisers.

Registered Funds

An agency priority because of their importance to retail investors, registered investment companies (RICs or funds) will reviewed for the soundness of their compliance programs, disclosures and governance programs. Focus may include fees and expenses, oversight of affiliate and third-party service providers, portfolio management practices and disclosures, and issues associated with market volatility.

Broker-Dealers

For broker-dealers, top priorities include compliance with Regulation Best Interest (Reg BI) and the use of Form CRS, as well as the financial responsibility rules and trading-related practices and services. Reviews will also focus on operational resiliency, including supervision or third-party or vendor services.

Other market participants

The Division will examine the compliance programs, policies and procedures, risk management, operational resilience, and third-party relationships of other market participants, including self-regulatory organizations, clearing agencies, municipal advisors, security-based swap dealers, transfer agents, and national securities exchanges, focusing on oversight and governance as well as the protection of customer assets and data.

Risk Areas Impacting Market Participants

The risk areas impacting various market participants are broken down into five categories:

Information Security and Operational Resiliency

• Cybersecurity focuses on registrant practices surrounding managing investor data, informational services and operational risks.
• To assess registrant compliance with Regulations S-ID and S-P, examiners will review policies and procedures, internal controls, oversight of third-party vendors and governance practices surrounding safeguarding customer information at firms providing electronic investment services.
• Broker-Dealers will be evaluated on compliance with Rule 15c6-1 regarding shortening of the settlement cycle. Advisers will also be evaluated on compliance with updated books and records requirements mandated by T+1.

Emerging Financial Technologies

The Division will be monitoring the use of emerging financial technologies, including artificial intelligence, automated investment tools and alternative data sources, with a particular focus on firms that offer digital investment services. Assessments will evaluate:

• Are representations fair and accurate?
• Are operations and controls consistent with disclosures made to investors?
• Do algorithms provide advice that aligns with suitability guidelines
• Are there controls to ensure that recommendations are consistent with regulatory requirements?

Using AI? The Rules of Effective Compliance Still Apply!

Crypto Assets

The Division will continue to monitor registrants who are offering crypto assets that are sold as securities or related products. In particular, examinations will review:

• Do recommendations meet suitability requirements and standards of conduct so investors understand the products recommended?
• Is the firm routinely reviewing, enhancing and updating its compliance program, risk disclosures and operational resiliency practices as the sector evolves?

Regulation Systems Compliance and Integrity

Firms must have written policies and procedures in place to ensure that their technology systems maintain capacity, integrity, resiliency, availability and security. In particular, the agency will evaluate the effectiveness of incident response plans, including oversight of third-party technology providers.

AML

Broker-dealers and certain RICs are required to establish anti-money laundering (AML) that are designed to ensure compliance with the Bank Secrecy Act. Examinations will continue to review:

• Are the programs tailored to the risk associated with the firm?
• Is independent testing conducted?
• Is there an adequate customer identification program in place, including for beneficial ownership?
• Are SAR filing obligations met?
• Are policies and procedures for oversight of financial intermediaries in place for certain RICs?
• Is the program compliant with Foreign Assets Control sanctions from the Department of the Treasury?

Evaluating the Soundness of the Compliance Program

“The Division’s assessment of the effectiveness of advisers’ compliance programs is a fundamental part of the examination process.”

—SEC Examination Priorities for Fiscal Year 2025

The importance of maintaining a sound and robust compliance program is a common thread that runs throughout the Priorities document.

The Priorities note that assessments of adviser compliance programs usually include an evaluation of the core areas of compliance and an analysis of the firm’s annual compliance review. The document also reinforces that the annual review is a critical means for firms to identify and address conflicts of interest.

When reviewing policies and procedures, the Division will continue to ensure that rules comply with Rule 206 (4)-7 under the Investment Advisers Act. Areas that examinations may focus on include fiduciary obligations and suitability, alternative sources of revenue and the appropriateness and accuracy of fee calculations.

Firms are also reminded that a review of an adviser’s program may focus on particular areas based on products sold and the business practices of the firm.

Be ready for proactive compliance in 2025! Watch an on-demand webinar featuring practical year-end guidance from the experts at MCG Consulting.

The Critical Role of Technology

“As technology continues to transform investing, we must work to identify new and emerging risks. The Division must constantly scan the horizon for these risks and stand ready to examine registered firms for compliance with SEC rules tied to these risks, and not merely react to these threats.”

—SEC Examination Priorities for Fiscal Year 2025

The report notes that when the SEC Division of Exams was created thirty years ago, traders were still using fax machines and yelling across the floor. The progression of technology across the decades has been fast and furious, both across the agency and across the financial services industry as a whole. Technology has enabled faster and more efficient transactions, but additional risks for fraud and unethical behavior come with that.

The SEC is using the latest technology to identify new and emerging risks and focus on key areas for compliance. Firms must keep their approaches, methods and tools up-to-date, and that involves using the latest technology to keep pace.

Read a tale of just right compliance technology

Can you Evidence Your Compliance Activities?

As MCO Sales Director Dave Barry notes, “Having robust policies and procedures is essential for firms to establish a strong compliance framework that aligns with the SEC’s 2025 examination priorities, and for that matter, to align with any regulator around the globe. Equally important is the ability to evidence compliance. Regulators expect tangible and defensible proof that the compliance program meets regulatory standards. Leveraging compliance technology like MyComplianceOffice is crucial in this process, as it streamlines the management and tracking of compliance activities, ensuring firms can efficiently meet regulatory requirements—and then prove it.”

It’s easy to talk about the need for a culture of compliance in theory, but much harder to put it into practice in a way that’s pragmatic—and that can be evidenced to regulators. Watch the webinar Beyond Wishful Thinking: How to Create a Thriving Culture of Compliance to learn more.

 Is your compliance roadmap for 2025 in place?

MCO can help you streamline compliance across your organization and be ready to stand up to regulatory scrutiny.  Contact us today for a demo to see MyComplianceOffice in action.