The SEC's early regulatory warning shot and 6 other takeaways from its 2024 exam priorities

If the SEC comes knocking this year, its inspectors are likely to be looking for lapses related to cryptocurrency, cybersecurity, marketing and hybrid advisory-brokerage firms.

All those topics figure in the Wall Street regulator's examination priorities for 2024, released early this week. Securities and Exchange Commission examiners now pay a visit to every one of the more than 15,000 federally registered financial advisors at least once every seven years. And the Financial Industry Regulatory Authority, the broker-dealer industry's self-regulator operating under the SEC, examines every one of the nearly 3,400 U.S. registered brokerages at least once every four years, sometimes more frequently if they are deemed risky.

Amid a push to increase the frequency of its exams, the SEC has regularly kept firm executives apprised of what its examiners might be looking for. Cryptocurrency, a new marketing rule allowing advisors to use clients' testimonials and celebrity endorsements, and data security have all figured among the regulator's priorities in the past. The priorities for next year also continue to emphasize advisors' and brokers' obligation to disclose conflicts of interest and consider safer and less risky alternatives to any sophisticated investment they are thinking of recommending.

Notably absent this year is any mention of ESG — or investing strategies meant to further certain environmental, social or governance goals. Carlo di Florio, the global advisory leader at the compliance consultant ACA Group, said he doesn't read much into that absence.

READ MORE: With spot-crypto ETFs on the horizon, here's what advisors need to know

He noted that regulators have been cracking down lately on alleged instances of "greenwashing" — or making misleading ESG-related claims. He said the SEC's exam priorities are never meant to provide an exhaustive list of every single type of violation regulators will be looking for.

"They've got a full pipeline of [ESG] cases that have been referred from the exam division," di Florio said. "And so that's just going to continue to move forward and make ESG as important today as it was yesterday and even more important tomorrow." 

For more highlights from the SEC's examination notice, scroll down.

Early release

Michael Cocanower, the founder of AdviserCyber, a financial security and compliance service provider, said he was surprised by how early the SEC issued its exam priorities this year. In previous years, the regulator had typically waited until January or February.

Cocanower said the early release of the latest exam priorities made for good timing because they came out when many firms are preparing their annual budgets.

"So to have this data in early October, as inputs and to be able to align our annual plan with what the SEC is thinking and what they're going to be going after — to me — is a very, very welcomed change," he said.

Richard Best, director of the SEC's division of examinations, confirmed in a statement that the early release was partly meant to give firms more time to prepare.

"We hope that aligning the publication of our examination priorities with the beginning of the SEC's fiscal year will provide earlier insight to registrants, investors, and the marketplace of adjustments in our areas of focus year to year," he said.

Crypto

This isn't the first time the SEC has warned advisors and brokers to tread lightly when they are considering recommending bitcoin or other digital assets to clients. The regulator in April released an alert bulletin calling on wealth managers to use what it deemed "heightened scrutiny" for possible investments not only in crypto but also derivatives, private funds and other complex assets.

This means it's not enough simply to decide that a particular investing opportunity promises good returns. Advisors and brokers have to take the additional step of making sure their clients have some sort of identifiable goal that can be met only through a risky product. 

The SEC's 2024 examination priorities double down on those admonitions. The regulator calls on firms to routinely review their internal practices to make sure customers' digital assets are safely stored — in so-called digital wallets or in other places. It also calls on wealth managers to take particular care when recommending cryptocurrencies for retirement accounts or older clients.

Don’t forget AI

Di Florio noted the exam priorities also call for scrutiny of firms' reliance on systems like sophisticated algorithms, predictive analytics and artificial intelligence for investing advice. He said he expects new uses of technology to be a huge subject of regulation in coming years. 

"They have announced that they also have created specialized examination teams that will focus on crypto assets, cybersecurity, fintech and artificial intelligence," he said. "And so once you take the energy to form a specialized team, it's a mandate."

And there’s cybersecurity

The SEC is now pursuing a slew of rules meant to ensure firms are doing their utmost to protect client data. The regulator's 2024 examination priorities show that cybersecurity will be a subject of great interest, whether those rules are in place or not.

The SEC is warning firms that it wants to make sure they've taken steps to prevent digital disruptions not only from cyberattacks, but also bad weather, wars and other global events or the mere fact that their offices are spread out over large areas. The regulator also wants firms to vet any third-party firms they may contract for cybersecurity services for possible risks.

Cocanower said the SEC is really saying that it's impossible for firms to outsource their duty to keep client data safe to consultants or other business partners.

"The SEC has, in my opinion, put a shot across the bow and said, 'Hey, when we come in for an exam, we're going to be asking these questions about: How have you vetted your third party vendors, and can you show us that documentation?'" he said. "Show me the questions that you've asked, show me if you've collected the auditor's report … show me all of those things and show me evidence that you are actually vetting these vendors and ensuring that they're meeting the standards that you've set."

Disclosures

Advisors have an obligation under their fiduciary conduct standard to look out for their clients' interests and disclose conflicts related to compensation and similar matters. In 2024, the SEC will be looking to make sure advisors are living up to this responsibility by being upfront about how they make money. That's especially true if they are recommending investments that provide them with payments in the form of revenue sharing or markups.

Reg BI

Broker-dealers, which operate under the weaker Regulation Best Interest conduct standard, are similarly called on to be forthcoming about any ways they could benefit from any investing options they are putting forward. If brokers are making money by having clients in particular investments, they'll have to furnish support for why any possible alternatives — that might pay them less — weren't better suited to their interests.

Brokers are called on to pay special attention to their Form CRS — their customer relationship summary laying out their revenue sources in detail. And so-called hybrid firms — brokers with a separate fiduciary arm — are reminded of the need to justify any decision, say, to put a client in a higher-fee brokerage account rather than a cheaper advisory account.

Marketing

The SEC is again calling on advisors and brokers to pay close attention to any advertisement or message they put out for the purpose of soliciting business. The regulator's marketing rule, which took effect in November, applies to any communication that advisors send to two or more current or potential clients about new advisory services.

In general, it calls on firms to make sure any factual information they are dispensing is verifiable and take various precautions before predicting the likely performance of recommended investments. After a roughly yearlong grace period, the SEC has begun showing willingness to enforce the still new rule.

Most notably, it hit nine firms with $800,000 in fines in September to resolve allegations that they had not taken care to make sure hypothetical investment results they were advertising were tailored to the needs of specific investors. Instead, the firms were accused of directing their performance predictions to a "mass audience."

The SEC's latest exam priorities confirm that regulators will continue looking to make sure firms have policies and processes in place to prevent the broadcasting of misleading or incorrect information. They will also have to make sure they are disclosing information on their marketing practices in the Form ADVs registration documents they file with regulators every year.
MORE FROM FINANCIAL PLANNING