In 2022, the U.S. Securities and Exchange Commission (SEC) took significant steps to enhance regulatory oversight by adopting and proposing new rules and amendments. Not only that, but the SEC also shared that some of its top exam priorities are to ensure compliance with these new rules.
With noncompliance potentially resulting in hefty fines, your registered investment advisory (RIA) firm would be wise to ensure policies and procedures are up to date with the latest requirements.
Three new SEC rules and proposals for RIA firms
A significant priority for the SEC in 2023 is the implementation of new rules for investment advisers and investment firms. Here are five key regulations that were recently adopted by the SEC that affect your RIA firm:
The SEC adopted its new marketing rule (SEC Rule 206(4)-1) in 2021, though it went into effect in 2022. The SEC’s new marketing rule allows firms to use client testimonials, past-performance illustrations and third-party endorsements, but with restrictions and additional disclosure requirements.
On Oct. 22, 2022, the SEC shared a proposal requiring advisers to satisfy specific due diligence elements before retaining a service provider that will perform certain advisory services or functions. Also referred to as the outsourcing proposed rule and vendor due diligence proposed rule, firms would be required to carry out periodic monitoring of the service provider’s performance if this proposal is adopted. Additionally, advisers would have to obtain reasonable assurances from third-party recordkeepers and maintain records related to the oversight obligations.
3. Proposed cybersecurity risk management rules and amendments.
On Feb. 9, 2022, the SEC shared proposed rules requiring advisers and funds to adopt and implement written cybersecurity policies and procedures designed to address cybersecurity risks that could harm advisory clients and fund investors. These rules would mandate advisers and funds to adopt written cybersecurity policies, report significant incidents and publicly disclose cybersecurity risks and incidents in their brochures and registration statements. The proposal also includes recordkeeping requirements to enhance the availability of cybersecurity-related information for inspections and enforcement purposes.
As the SEC strengthens its regulatory presence, RIA firms must recognize the importance of complying with the new rules and amendments. Failing to do so can lead to enforcement actions and reputational damage.
The compliance team at your RIA firm should seize these opportunities to fortify its compliance programs, bolster trust among investors and clients and foster sustainable growth. Compliance should be viewed not as a cost center, but as a competitive advantage that sets firms apart from their peers. By staying informed, embracing compliance and implementing best practices, your investment firm can thrive in an evolving regulatory landscape.
Navigating the rapid pace of regulatory change can be challenging, but with the right strategies and resources, investment firms can adapt successfully. Need further assistance navigating these new challenges and setting yourself apart from the competition? Download the COMPLY CCO Playbook today!