In the same way that we contemplate our New Year’s resolutions, the SEC has selected a variety of emerging areas it will focus on moving into 2025, giving firms a heads up of where to prepare for future regulatory activity.
The SEC released its 2025 Examination Priorities on October 21, which mainly includes an abundance of old themes, with a sprinkle of new. By releasing its priorities, the SEC aims to “provide more transparency … as early as reasonably possible to allow registered firms more opportunities to evaluate their compliance efforts.”
As with its 2024 Priorities, the regulator has outlined the same seven key areas that it will be concentrating on, which include:
- Investment advisers
- Investment companies
- Broker dealers
- Self-regulatory organizations
- Clearing agencies
- Other market participants
- Risk areas impacting various market participants
While many of the 2024 and 2025 priorities overlap, the most notable difference is in the inclusion of artificial intelligence (AI). The technology was not mentioned at all in 2024 but, considering how pivotal AI has become in the financial space, and as reinforced in SEC Commissioner speeches, the spotlight on AI only seems fitting.
A deeper look into the 2025 Examination Priorities
1. Investment advisers
Main themes include: Regulation Best Interest, compliance programs, and marketing policies
In accordance with one of its core missions, the SEC’s first priority reiterates that it will continue to focus on registered investment advisers (RIAs) and ensuring that any investment advice and disclosures are in clients’ best interest.
The SEC will also assess investment advisers’ compliance programs, including the effectiveness in addressing risk areas such as marketing, portfolio management, and disclosures and filings. In particular, this includes whether “policies and procedures address compliance with the Advisers Act and the rules … designed to prevent the advisers from placing their interests ahead of clients’ interests.”
While the SEC didn’t explicitly highlight the Marketing Rule with this point, it is important to note that this has been a subject the regulator has zoned in on over the past year, charging RIAs with violations of the Marketing Rule in April, and again in September.
Interestingly, the SEC referenced AI in relation to RIAs stating that the regulator’s review of compliance programs may go into greater depth if AI is integrated to confirm appropriate disclosures to investors. Seeing as the SEC has fined firms for misleading statements about the use of AI before, it’s clear RIAs should pay close attention.
2. Investment companies
Main themes include: Compliance programs, disclosures, governance, and third-party oversight
Within its second point, the SEC clarified that it will continue to prioritize examinations of registered investment companies because of their importance to retail investors relating to retirement matters. In the same vein as RIAs, these examinations will include reviews of the effectiveness of compliance programs, disclosures, and governance practices. More specifically, the examination priorities highlight that focus areas could include fund fees, portfolio management practices, market volatility, and oversight of service providers (both affiliated and third-party).
3. Broker dealers
Main themes include: Regulation BI, high risk products, and operational resilience
When it comes to broker dealers (BDs), the SEC stated that it will continue to examine practices related to Regulation BI (Reg BI), especially concerning products and investment strategies, disclosures, and conflict identification.
Mentioned in conjunction with BDs are crypto assets, with the SEC’s priorities stating that “examinations of BD practices will focus on…products that are complex, illiquid, or present higher risk to investors … such products may include … crypto assets.” Given that the Financial Industry Regulatory Authority (FINRA) has weighed in on crypto promotions over the past year, and that the SEC has taken considerable action against major crypto firms, this could indicate another direction the regulator intends to take.
Another key area is operational resiliency programs under the financial responsibility rules portion of the BD segment, which underscores expectations around third-party supervision.
4. Self-regulatory organizations
The SEC will continue to focus on self-regulatory organizations (SRO) through 2025.The National Securities Exchange is listed as one such critical SRO, which is tasked with providing a marketplace for securities transactions. Additionally, the SEC will continue to perform risk-based oversight exams of FINRA and the Municipal Securities Rulemaking Board to ensure effective operations.
5. Clearing agencies
Main themes include: Credit risk, financial resources, operational risks, and risk management frameworks
Echoing virtually the same points as last year’s priorities, the SEC will review clearing agencies’ risks, processes, and controls related to operations and assessment of financial and operational risk. More specifically, the regulator will confirm that any examined clearing agencies have sufficient financial resources, are protecting against credit risks, and are managing member defaults.
6. Other market participants
Carrying on from its 2024 Examination Priorities, the SEC will examine municipal advisors, transfer agents, and security-based swap dealers as” other market participants.”
New developments in this section include the addition of security-based swap execution facilities (SBSEF) and funding portals. Per the adoption of Regulation SE under the Exchange Act, SBSEFs may now be subject to SEC examinations. The SEC will also examine funding portals’ required records, as well as policies and procedures.
7. Risk areas impacting various market participants
Main themes include: Operational resilience, third-party risk, cybersecurity, crypto, and AI
Last, but certainly not least, the SEC states a variety of pertinent priorities that are of upmost concern to compliance teams. These include operational resilience, cybersecurity, AI, and crypto assets.
The SEC is setting its sights on AI and the risks associated with emerging technologies. Consequently, its examinations will look to confirm:
- Whether AI tools are represented fairly and accurately;
- If controls in place are consistent with disclosure to investors;
- Whether advice is consistent with investors’ investment profiles; and
- That advice resulting from digital engagement practices complies with regulatory obligations.
Moreover, the SEC will confirm that AI capabilities are accurate and that procedures are in place to supervise AI use.
In acknowledgment of the fact that operational risks are elevated due to increasingly complex cybersecurity landscapes, the SEC confirms that it will scrutinize if firms are managing information security and operational risks. The regulator referred to cybersecurity as a “perennial examination priority,” stating that it will continue to safeguard customer records by assessing policies, governance practices, data loss prevention, and cyber-related incidents.
Operational resilience and third-party risk go hand in hand, and with knowledge of how impactful a disruptive event can be, such as the historic disruption caused by the Crowdstrike outage, this point should be duly noted. The SEC outlined that it will assess the effectiveness of incident response plans, and “evaluate policies and procedures regarding the decision to disconnect or reconnect from another registrant or third-party that is experiencing a cyber event.”
The SEC will also continue to observe crypto assets, including if registrants meet standards of conduct when recommending crypto assets to clients and that compliance practices surrounding crypto are routinely reviewed.
The SEC’s 2025 Examination Priorities reaffirm some core concentrations, and continues the regulator’s trend towards increasing transparency of its aims and how it will achieve them. With emerging topics like AI and crypto more present on this year’s checklist, firms should make the SEC’s priorities their own.
