Preparing for the future: the SEC’s 2025 Examination Priorities

Published on October 25, 2024 by Dhivya Muralidharan and Avinash Seraphim

The US Securities and Exchange Commission (SEC) released its Examination Priorities for 2025 on Monday, 21 October 2024. These were developed mainly using prior years’ examinations, market events and information from various sources. The four main pillars of the Division of Examinations are to promote and improve compliance, prevent fraud, monitor risk and inform policy.

Hence, it aims to focus on emerging risks, products and services, market events and investor concerns. Furthermore, with rapid technological development, registered firms are developing AI-based applications, making it important to assess their impact and reassess the tools and approaches used to determine their complexity.

Key focus areas

The SEC’s focus areas for 2025 are in line with its objectives of safeguarding consumer interest and the health of the financial markets. The Division will assess how registrants will protect themselves against loss or misuse of client records and information that may arise from third-party AI models and from market players. Hence, they must carefully examine the risks and rewards of using financial technology.

1. Investment advisers

The Division will continue to focus on policies and procedure outlined in the Advisers Act. SEC examinations will include a new focus – on examining advisers who have never been examined before and those who have not been examined in recent years. Its aims to focus on advisers’ controls to protect clients’ material non-public information, particularly when multiple advisers share office locations, have significant turnover of investment adviser representatives or use expert networks.

The Examination is expected to focus on compliance practices, especially when advisers implement new business model approaches such as advising on new assets or services. In-depth examination may be required in the event an adviser integrates AI into their operations.

2. Investment companies

The Division continues to monitor areas such as registered investment companies (RICs) with exposure to commercial real estate and compliance with new and amended rules. Similar to the adviser examinations, the Division will examine funds that have never been examined before and those that have not been examined recently, focusing particularly on newly registered funds.

3. Broker-dealers

The main priority would be assessing broker-dealer equity and fixed income trading practices. It will also include broker-dealer trading in pre-IPO firms, the sale of private company shares in secondary markets and the execution of retail orders. The Examination could also concentrate on recommendations involving automated tools or other engagement practices. The Division will also be focusing on dual registrants, reviewing firms’ processes for identifying and reducing conflicts of interest, account allocation practices and account choosing practices. It may also assess broker-dealer supervision of sales practices at branch office locations.

4. Self-regulating organisations

National Securities Exchange (NSE)

The Division will continue to assess the rules and laws, ensuring its obligations are met. It will also continue to focus on exchange governance, regulatory programmes and its participation in National Market System Plans.

Financial Industry Regulatory Authority (FINRA)

The Division will conduct oversight examinations of FINRA’s examinations of certain broker-dealers and municipal advisers that are FINRA members. Depending on the result, it will provide recommendations to improvise their programmes, risk assessment processes and examinations.

Municipal Securities Rulemaking Board (MSRB)

The Division plans to conduct examinations of registrants along with FINRA and federal banking regulators to assess both MSRB and federal securities rules. Like FINRA, it will apply the same risk-assessment process to identify the key areas.

Clearing agencies

According to Title VIII of the Dodd-Frank Act, it is essential to undergo examinations annually. According to Section 807, the Examination is focused on core risks, processes and controls of clearing agencies. Thus, a risk-based assessment will be conducted for other registered clearing agencies.

Risk areas impacting market participants

1. Information security and operational resilience

Cybersecurity is a significant risk for all market participants. An alternative trading system will be assessed to protect the confidentiality of the trading system. Cyberattacks may disrupt a company, damage crucial data and cause financial loss. Therefore, the Division advises the implementation of effective cybersecurity protocols as a preventive measure.

New standards such as S-ID (the SEC’s implementation of the Identity Theft Red Flags Rule) and S-P (Privacy of Consumer Financial Information and Safeguarding Customer Information) are intended to protect investors from fraud and identity theft. To avoid regulatory implications, market participants must follow the guidelines and ensure they abide by the rules.

As mentioned in SEC Examination Priorities 2024, the SEC has reduced the settlement cycle to T+1 by speeding up securities settlement. This shift would have a variety of implications for market players, including the need to have more liquidity on hand and improve back-end systems.

2. Emerging financial technologies

Emerging technologies can present fresh opportunities for market participants but also new risks. When conducting a review, the assessors will generally examine whether the review is fair and accurate. Operations and controls in place should ensure that they are consistent with disclosures. Algorithms that generate advice or recommendations should align with investor profiles. Controls should ensure that advice or recommendations generated through digital engagement comply with regulatory obligations, including those for existing investors.

Regarding AI, the Division will evaluate the accuracy of registrants’ claims about their capabilities and use. It will also examine whether firms have sufficient policies and procedures in place to oversee and manage their AI applications, especially in terms of fraud prevention and detection, back-office operations, anti-money laundering (AML) and other trading functions.

3. Crypto assets

Crypto in all forms is rapidly gaining recognition, resulting in a variety of risks, including fraud, manipulation and theft. The Division will focus on offering, selling, recommending, advising, trading and other activities related to crypto assets that are marketed and sold as securities or similar products, including spot Bitcoin and Ether exchange-traded products.

4. Regulation Systems Compliance and Integrity (SCI)

This is a risk category of SCI entities that will test whether systems have sufficient capacity, integrity, resilience, availability and security to sustain their operational capabilities and support the maintenance of fair and orderly markets. The Division will assess the policies and procedures in place relating to decisions to disconnect or reconnect with another registrant or a third party during a cyber event, including the decision-making process for such actions when the SCI entity itself is experiencing a cyber event. This encompasses all forms of inbound and outbound connectivity, such as trade processing, data feeds, remote processing, post-trade reporting, market surveillance and remote access.

5. Anti-money laundering (AML)

Among other risks, this requires market players to implement measures relating to the firm’s location, size, type of customer it serves, type of products and services it offers and how they are offered to prevent money laundering. The Division will examine whether broker-dealers and advisers are compliant with the Department of Treasury’s Office of Foreign Assets Control (DOT-OFAC) sanctions.

Conclusion

In summary, the SEC’s 2025 Examination Priorities underscore the dynamic nature of regulatory oversight and the critical need for strong compliance frameworks. As the financial sector continues to evolve, firms must remain vigilant and proactive in managing potential risks. By comprehending and applying the SEC’s priorities, they can better safeguard their clients, bolster operational resilience and maintain regulatory compliance. This forward-thinking approach not only mitigates risk but also builds trust and confidence in the financial markets.

How Acuity Knowledge Partners can help

We are a prominent entity in the global financial services sector, offering extensive compliance expertise and other services. Our approach involves creating a dynamic, robust and proficient ecosystem of controls to manage risk at all levels in an organisation. We identify and address gaps in compliance programmes, meet regulatory requirements and develop tailored solutions using advanced technology.

Our specialised services include corporate compliance, forensic analysis, compliance testing, monitoring programmes, risk trend analysis and risk mitigation. We design and customise reviews to mitigate a company’s risks, adhering to the latest regulatory standards. From initial analysis to final documentation and recommendations, our comprehensive approach provides a holistic view of risks to a business, enhancing its resilience to threats.

Source:

• SEC.gov | SEC Division of Examinations Announces 2025 Priorities

---

---