Annual Compliance Reviews

For SEC-registered investment advisers, the annual compliance review is not optional. Rule 206(4)-7 under the Investment Advisers Act of 1940 requires each registered adviser to adopt and implement written policies and procedures reasonably designed to prevent violations of the Advisers Act and its rules. The rule also requires the adviser to review those policies and procedures at least annually to determine whether they are adequate and being implemented effectively.

In practice, the annual review should not be treated as a check-the-box exercise or a simple update to the compliance manual. It should be a practical evaluation of whether the firm’s compliance program continues to match the firm’s actual business, regulatory obligations, conflicts of interest, client services, operations, technology, personnel, and disclosures.

The SEC has repeatedly identified weaknesses in compliance programs as a common examination issue. These observations often involve policies and procedures that are not tailored to the adviser’s business, policies that are not followed in practice, insufficient annual review testing, incomplete documentation, weak fee billing controls, marketing review deficiencies, custody issues, books and records gaps, and inadequate supervision of electronic communications, vendors, or other operational risks.

An effective annual review should evaluate what changed during the review period. This may include changes in ownership, personnel, service offerings, client types, assets under management, fee arrangements, technology systems, vendors, marketing practices, outside business activities, personal trading activity, custody practices, privacy and cybersecurity practices, and the use of artificial intelligence or other emerging tools.

The review should also consider whether the firm’s disclosures remain accurate. This includes Form ADV Part 1, Form ADV Part 2A, Form CRS, advisory agreements, privacy notices, marketing materials, solicitor or promoter disclosures, website content, client communications, and any other materials used to describe the firm’s services, fees, conflicts, investment process, or disciplinary history.

A high-level annual review checklist may include the following areas:

1. Review of the compliance manual, code of ethics, privacy policy, cybersecurity policies, business continuity plan, and related written procedures.

2. Comparison of Form ADV, Form CRS, advisory agreements, client communications, website content, and marketing materials for consistency and accuracy.

3. Testing of advisory fee billing, including fee calculations, billing periods, householding, breakpoints, prepaid fees, refunds, deductions from client accounts, and consistency with client agreements and disclosures.

4. Review of marketing materials, testimonials, endorsements, third-party ratings, performance advertising, hypothetical performance, substantiation files, and approval records.

5. Review of custody, standing letters of authorization, fee deduction authority, client account access, trustee or executor roles, and related controls.

6. Review of personal securities transactions, holdings reports, access person reporting, outside business activities, gifts and entertainment, political contributions, and conflicts of interest.

7. Review of client files, suitability or investment profile documentation, portfolio management practices, best execution, trading practices, allocation procedures, and documentation of client instructions or restrictions.

8. Review of electronic communications, including email, text messaging, social media, collaboration tools, off-channel communications, and retention practices.

9. Review of vendor due diligence, service provider oversight, cybersecurity, privacy, data protection, and incident response procedures.

10. Review of employee training, certifications, attestations, licensing, continuing education, disciplinary disclosures, and supervisory controls.

The annual review should result in practical conclusions. The firm should be able to identify what was reviewed, what testing was performed, what issues were identified, what corrective action was taken, and whether any policies, procedures, disclosures, contracts, controls, or training materials need updating.

Although firms may conduct the annual review internally, there are benefits to periodically engaging an independent third party to assist with the review. A third-party review can provide an outside perspective, help identify gaps that may be missed by personnel who work with the firm’s procedures every day, and benchmark the firm’s program against current regulatory focus areas and common examination deficiencies.

This can be particularly useful where the firm has experienced growth, added new services, changed personnel, updated technology, expanded marketing efforts, revised its fee structure, added private funds or alternative investments, changed custodians, implemented new cybersecurity or privacy procedures, or has not had a fresh review of its compliance program in several years.

A third-party annual review is not a substitute for the firm’s own compliance responsibility. The adviser remains responsible for maintaining and implementing an effective compliance program. However, an outside review can help the firm assess whether its policies and procedures are appropriately tailored, whether its disclosures remain accurate, whether its controls are being followed, and whether documentation exists to support the work being performed.

The annual review is one of the most important tools an adviser has to identify issues before they become examination findings. When conducted thoughtfully, it can help a firm strengthen its compliance program, improve documentation, address operational weaknesses, and reduce the risk of preventable deficiencies.

Firms that have not yet completed their annual review should consider whether the review will be handled internally, whether outside assistance would be useful, and whether the scope of the review is broad enough to address the firm’s current business and regulatory risks.

The annual review process should be part of the firm’s ongoing compliance program throughout the year, not limited to a single year-end exercise. However, firms that have not had an independent third party assist with or conduct their annual review in several years may want to consider whether this is the right time to obtain an outside perspective. A third-party review can help assess whether the scope is broad enough to address the firm’s current business, regulatory risks, disclosures, testing process, and overall compliance program.

Firms considering outside assistance with their 2026 annual compliance review may want to begin planning now. Colter Strategic Services assists SEC- and state-registered investment advisers with annual review support tailored to the firm’s business, operations, disclosures, policies, procedures, testing processes, and regulatory risks.

Firms that engage CSS for a 2026 annual review by July 15, 2026, may be eligible for a preferred scheduling rate. Early scheduling allows the review to be planned thoughtfully, provides adequate time for document collection, testing, and follow-up, and helps avoid the year-end rush.

If you found this article helpful, please like and share it to help advisory professionals strengthen their compliance programs.

Coulter Strategic Services provides customized compliance and regulatory consulting designed to meet the specific needs of each investment advisory firm. Services are tailored to the firm’s structure, business model, and regulatory obligations to help maintain an effective and sustainable compliance program aligned with current expectations. Contact us today to discuss your firm’s compliance program needs. Learn more at https://www.coulterstrategicservices.com/

All information provided is for educational purposes and should not be construed as specific advice. The information does not reflect the view of any regulatory body, State or Federal Agency or Association. All efforts have been made to report true and accurate information. However, the information could become materially inaccurate without warning. Not all information from third-party sources can be thoroughly vetted. Coulter Strategic Services and its staff do NOT provide legal opinions or legal recommendations. Nothing in this material shall be considered as legal advice or opinion.

#RIA #FinancialAdvisors #RegisteredInvestmentAdvisor #SECcompliance #Advisor #AnnualReview #regulation #compliance #investmentmanagement #wealthmanagement #regulatoryeducation #compliancereview #COMPLIANCEPROGRAM