Regulatory Update July 2025 – US Region
This month’s regulatory developments include:
Department of Labor (DOL)
On July 1, 2025, the DOL finalized the removal of certain interpretive bulletins from the Code of Federal Regulations under the Employee Retirement Income Security Act of 1974 (ERISA). Originally issued shortly after ERISA’s enactment, these bulletins have since been superseded by more recent guidance and organizational changes (e.g., Reorganization Plan No. 4 of 1978). Their removal, effective September 2, 2025, is intended to eliminate confusion and reduce regulatory burden by retiring outdated guidance. This action was taken pursuant to Executive Order 14192.
Read the final rule here.
Also on July 1, 2025, the DOL removed 29 CFR 2550.404a-4, a 2008 regulation that provided a fiduciary safe harbor for selecting annuity providers under ERISA-covered individual account retirement plans. This rule was rendered redundant by a 2019 statutory amendment to ERISA, which created a broader and more streamlined fiduciary safe harbor. The removal, effective September 2, 2025, aims to reduce duplicative regulation and provide clarity for plan fiduciaries.
Read the final rule here.
Securities and Exchange Commission (SEC)
On July 1, 2025, the SEC extended the compliance date for Rule 15c3-3(e)(3)(i)(B)(1) (Customer Protection Rule) from December 31, 2025 to June 30, 2026. This rule requires carrying broker-dealers with average total credits of USD$500 million or more to perform daily reserve computations, replacing the weekly standard. The extension was granted in response to industry feedback, particularly from SIFMA, citing significant operational and staffing challenges.
The SEC emphasized that the additional time will allow firms to build and test automated systems for compliance. Notably, broker-dealers below the USD$500 million threshold may elect to comply voluntarily, enabling them to apply a 2% debit reduction (versus the standard 3%) if they notify their designated examining authority. The compliance date for related amendments to Form X-17A-5 (FOCUS Report) remains March 1, 2026.
Read the final rule here.
On July 29, 2025, the SEC approved a series of orders permitting in-kind creations and redemptions for crypto asset exchange-traded product (ETP) shares. Previously, spot bitcoin and ether ETPs were limited to cash-only transactions. The change aligns these products with other commodity-based ETPs and is expected to improve market efficiency and lower costs for participants.
Read the press release here.
Department of the Treasury – FinCEN
On July 21, 2025, FinCEN announced the postponement of its final rule requiring registered investment advisers (RIAs) and exempt reporting advisers (ERAs) to implement Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) programs and file Suspicious Activity Reports (SARs). Originally scheduled for January 1, 2026, the rule (known as the IA AML Rule) will now take effect on January 1, 2028.
The delay is intended to give FinCEN additional time to reassess the rule’s scope and ensure alignment with the diverse risk profiles of investment advisers. During the postponement period, FinCEN plans to revisit related customer identification program (CIP) requirements in consultation with the SEC.
Read the press release here.
Investment Adviser Association (IAA)
On July 31, 2025, the IAA urged the SEC to extend compliance deadlines for the Regulation S-P amendments, which impose new data breach notification requirements. As adopted, the rule takes effect December 3, 2025, for advisers with over USD$1.5 billion in in assets under management (AUM), and June 3, 2026, for smaller firms.
In its July 30, 2025 letter, the IAA reiterated its request for a 12-month extension and proposed refinements to improve clarity and operational feasibility, including:
- Clarification of definitions of “customer information” and “sensitive customer information,” excluding encrypted data
- Allowance for forensic investigations prior to triggering notifications
- Service provider oversight flexibility , particularly for affiliates and non-contractual third parties
- Risk-based vendor management to address uncooperative vendors
- Limitation of notification scope to direct relationships
- Expansion of the law enforcement exception for ongoing investigations or national security cases.
The IAA emphasized its support for investor protection goals but underscored the need for workable compliance frameworks.
Read the press release here.
Read the letter here.
Stay informed with our Regulatory Update
Navigate the ever-evolving regulatory landscape with Waystone’s Regulatory Update. Our team of compliance experts provide a monthly review of a wide range of global regulatory compliance matters, including news, guidelines and significant regional updates. To sign-up to receive these updates, please follow the link below.
About Waystone
Waystone is a leading global provider of institutional governance, administration, risk, and compliance services to the asset management and financial services industry. Our global Compliance Solutions team helps clients navigate the regulatory landscape with confidence, aligning investment strategies and operational processes with compliance requirements. With over 100 compliance specialists based across North America, Asia, the Middle East, and Europe, we offer a comprehensive range of solutions, from company registration to compliance programs and ongoing support.
In the United States, Waystone brings over 20 years of experience supporting investment advisers and funds regulated by the SEC, CFTC, and FINRA. Our US-based team delivers tailored, risk-focused, and cost-effective compliance solutions. With deep regulatory expertise, we help enhance your firm’s governance framework while adding measurable value to your compliance program.
If you would like to discuss the themes raised in this guide with one of our US Compliance Solutions team members and learn how we can assist you, please contact us using the details below.