SEC’s Renewed Focus On Exams: How RIAs Can Prepare With Mock Audits

As regulatory compliance continues to be a major focus for advisory firms, the Securities and Exchange Commission (SEC) has recently announced plans to resume onsite exams. This renewed focus on exams means that RIAs need to be prepared to face a more aggressive SEC than they may be used to. The SEC’s Division of Examinations is taking a very tough stance, and firms would be wise to conduct an evaluation of their compliance program via a mock audit if they have not done so within the past three years.

Mock audits are a great way for firms to test their compliance program and identify any weaknesses that need to be addressed. The mock audit should be conducted by someone who is not involved in the day-to-day operations of the firm, such as an outside consultant or a member of the firm’s compliance team who is not associated with the area being audited. This will help to make sure that the audit is unbiased and thorough.

Policies & Procedures

During the mock audit, the auditor should review all of the firm’s policies and procedures, as well as the implementation of those policies and procedures. They should also review the firm’s books and records to ensure they are accurate and complete. Any deficiencies that are identified during the mock audit should be addressed before the SEC arrives for an onsite exam.

SEC Marketing Rule

One area that the SEC is likely to focus on during the onsite exam involves potential marketing rule violations. The SEC’s most recent risk alert on newly registered advisors highlighted marketing rule violations as a key area of concern. Firms need to ensure that they have substantiation for any claims made in their marketing materials and that compliance has a role in ensuring that backup support exists for those claims. Firms that are newly registered should pay particular attention to this area, as many are still struggling to bring their compliance programs up to speed.

RIAs should also be watching for an upcoming “Risk Alert” related to the marketing rule once the SEC has gathered “some data to release from exams.” This alert will likely provide guidance on how firms can remain compliant with the rule and avoid potential violations.


Another area that RIAs should be watching closely is the SEC’s proposed cybersecurity rule for advisors. This is expected to be the first rule adopted this spring or summer from the long list of proposals that came out for advisors last year. RIAs should ensure that they are prepared to comply with this rule once it’s adopted.

Conduct A Mock Audit Of Your RIA Today With AdvisorLaw

AdvisorLaw’s team of experienced compliance specialists and securities attorneys is well-equipped to help RIAs prepare for SEC exams. Our compliance specialists can conduct comprehensive mock audits of RIA compliance programs, including their policies and procedures, codes of ethics, advertising and marketing materials, client onboarding and ongoing monitoring procedures, and cybersecurity practices.

The mock audit process typically involves a review of the RIA’s documentation and practices, interviews with key personnel, and testing of controls and procedures. Based on the results of the mock audit, AdvisorLaw can provide recommendations for improving the RIA’s compliance program and reducing the risk of SEC enforcement actions.

In addition to mock audits, AdvisorLaw provides a range of other compliance services to RIAs, including:

  • Cybersecurity: AdvisorLaw’s CyberProtection program can help RIAs assess their risk profile and implement policies and procedures to protect against cyber threats. This includes conducting vulnerability assessments, developing incident response plans, and training employees on cybersecurity best practices.
  • Policies & Procedures Updates: AdvisorLaw can help RIAs stay up to date with regulatory changes by updating their policies and procedures to reflect current regulatory requirements. This includes reviewing and revising compliance manuals, codes of ethics, and other key documentation.
  • Compliance Program Development: AdvisorLaw can help RIAs establish a comprehensive compliance program that meets SEC requirements. This includes developing policies and procedures, conducting compliance training, and implementing ongoing monitoring and testing.
  • SEC Exam Preparation: AdvisorLaw can help RIAs prepare for SEC exams by conducting mock exams, identifying potential compliance issues, and providing guidance on how to address those issues.
  • Enforcement Defense: In the event of an SEC enforcement action, AdvisorLaw’s team of securities attorneys can provide expert representation to help RIAs navigate the enforcement process and minimize the impact on their business.

Overall, AdvisorLaw’s compliance services are designed to help RIAs establish and maintain robust compliance programs that meet SEC requirements and protect against enforcement actions. Whether through mock audits, cybersecurity consulting, policy and procedure updates, or other services, AdvisorLaw is committed to helping its clients stay ahead of the regulatory curve and operate with confidence in today’s complex regulatory environment.

Contact us today for a complimentary consultation!

Blog Contact