SEC 2025 Priorities: Examinations and Perspectives

Cybersecurity

Focus on companies’ cybersecurity practices, data loss prevention, and responses to cybersecurity incidents.

Additionally, companies will be assessed on their practices (and third-party practices) aimed at preventing interruptions to mission-critical services and protection of investor information, records, and assets.

Regulation S-ID and Regulation S-P

Companies will be assessed on their compliance with Regulations S-ID and S-P. The focus will be on policies and procedures, internal controls, governance practices, and third-party oversight related to safeguarding customer records and information, preventing identity theft, and managing operational risks.

Shortening of the Settlement Cycle (T+1)

Broker-dealers- will be evaluated on their compliance with amended books and records requirements associated with T+1. Examinations will also assess associated technology changes and areas that need further attention and/or resources (e.g., not settling in the required timeframe).

Emerging Financial Technologies

The Division’s examination focus will extend to risks associated with services such as automated investment tools, AI, trading algorithms or platforms and other emerging technologies and alternative sources of data. 

Further, companies’ practices for ensuring fairness, accuracy, best interest, suitability, and regulatory compliance will also be examined.

Crypto Assets

Registrants offering crypto asset-related services will be examined in areas of standards of conduct, risk disclosures, operational resiliency, and compliance with relevant laws (e.g., custody, BSA/AML, valuation).

Regulation Systems Compliance and Integrity (SCI)

SCI entities’ written policies and procedures must ensure adequacy of their system's capacity, integrity, resiliency, availability, and security. Reviews will focus on:

• Operational, business continuity, and testing policies and procedures
• Incident response plans effectiveness
• Security operations management tools adequacy

Anti Money Laundering (AML)

The Division will review whether broker-dealers and certain registered investment companies’ (RICs) comply with BSA/AML and sanctions requirements. They will be assessed on whether they appropriately tailor AML programs, conduct independent testing, establish an adequate customer identification program, and meet SAR filing obligations.

Investment Advisers

Focus on assessing Advisers’ adherence to fiduciary standards of conduct, including duty of care and duty of loyalty obligations (e.g., best interest, conflicts of interest). The Division will focus on recommendations related to:

• High-cost products
• Unconventional instruments
• Illiquid and difficult-to-value assets
• Assets sensitive to interest rate fluctuations or changing market conditions

For dual registrants and Advisers affiliated with broker-dealers, areas of focus will include: suitability; capacity in which recommendations are made; account selection practices (e.g., brokerage versus advisory); conflict of interest mitigation/disclosure; and the impact of conflicts on best execution.

For Investment Advisers to private funds, areas of examination focus may include the:

• Consistency of disclosures with actual practices
• Accuracy of calculations and allocation of private fund fees and expenses
• Conflict of interest disclosures and risk management
• Compliance with recently adopted SEC rules including amendments to Form PF and investment adviser marketing

The Division will focus on the effectiveness of compliance program policies and procedures in preventing Advisers from placing their interest ahead of clients’ interest. This will include:

• Fiduciary obligations of advisers that outsource investment selection and management
• Alternative sources of revenue or benefits Advisers receive
• Fee calculations and the disclosure of fee-related conflicts

The SEC will continue to prioritize the examination of Investment Advisers that are newly registered with the SEC or have never been examined or have not been examined recently.

Investment Companies

• Fund fees and expenses, and any associated waivers and reimbursements
• Oversight of service providers (affiliated and third-party)
• Portfolio management practices and disclosures
• Issues associated with market volatility
• Monitoring of developing areas of interest, such as exposure to commercial real estate and compliance with new and amended rules

Broker Dealers

Assessment of compliance with Regulation Best Interest (BI), Form CRS, financial responsibility rules, and trading related practices and services. Key focus areas will include:

• Recommendations to retail customers and compliance with Regulation BI, including complex, illiquid, and higher risk products
• Content of relationship summaries (e.g., fees, disciplinary history) and delivery obligations under Form CRS
• Compliance with the Net Capital Rule, Customer Protection Rule, and risk management controls (e.g., credit, liquidity, market), and related internal processes, procedures, and controls
• Operational resiliency programs, including supervision of third-party or vendor provided services
• Income trading practices (e.g., order routing and execution practices; compliance with Regulation SHO)

Self-Regulatory Organizations (SROs)

Scrutiny of SRO compliance with rules governing operations and enforcement activities (e.g., National Securities Exchanges and the Financial Industry Regulatory Authority (FINRA)), and review of fulfillment of regulatory duties (Municipal Securities Rulemaking Board (MSRB)). Focus areas will include:

• Enforcement of compliance with SRO rules and federal securities laws
• Risk assessment of FINRA’s operations and regulatory programs as well as oversight examinations of FINRA exams
• Risk assessment of MSRB’s operations and regulatory programs as well as oversight examinations of MSRB compliance exams

Clearing Agencies

Examinations of clearing agencies designated as systemically important are conducted at least annually, and focus on core risks, processes, and controls, among other areas.  All other clearing agencies are subject to risk-based and examinations and corrective action reviews. These exams will review compliance with the SEC's Standards for Covered Clearing Agencies and other relevant requirements, including assessment of:

• Risk management frameworks and compliance with the Exchange Act
• The adequacy and timeliness of remediation of prior deficiencies

Areas of examination focus in 2025 may include:

• Liquidity risk management
• Default management
• Links
• Margin systems
• Third-party service providers
• Operations

Other Market Participants

Focus areas for other market participants (e.g., Municipal Advisors, Transfer Agents, Security-Based Swap Dealers, Security-Based Swap Execution Facilities, and Funding Portals) will include:

• Municipal Advisor compliance with fiduciary duty obligations, recordkeeping, and registration requirements
• Transfer Agent processing, safeguarding of funds and securities, and regulatory filings
• Security-Based Swap Dealers’ compliance with capital, margin, and segregation requirements
• Security-Based Swap Execution Facilities compliance with Regulation SE (Note: examinations may begin in late fiscal year 2025)
• Funding Portals’ compliance with federal securities laws and rules prohibiting activities (e.g., offering investment advice or recommendations; soliciting transactions in the securities displayed on the funding portal’s platform; holding, managing, possessing, or handling investor funds or securities, etc.)