US updates

      The SEC’s Division of Examinations Published Observations From Their Series of Examinations

      November 11, 2021
      The SEC’s Division of Examinations released observations from their recent assessments of advisers offering digital investment advisory services.

      This week, the SEC’s Division of Examinations (the “Division”) published observations from their series of examinations assessing the practices of advisers who provide digital investment advisory services (“digital services”). The Division has seen a recent increase in these digital services, which when used well can provide more accessible services for investments and efficiency for advisers. However, the Division also recognized that there are significant risks to the digital services, such as incorrectly identifying client’s risk and using the services to prioritize the interest of the adviser over the client.

      Overview of deficiency letters issued by the Division

      The Division issued deficiency letters to nearly all advisers whose digital services were examined. The most common deficiencies were:

      Common deficiencies in compliance programs

      Compliance programs that did not:

      • Include written policies specific to their use of the digital services;
      • Undertake at least annual reviews to determine accuracy and implementation of their policies;
      • Comply with their “Code of Ethics” rules;
      • Have accurate oversight policies related to supervision of the platforms, developing accurate investment advice, or seeking best execution;
      • Accurately disclose use of the third-party digital software, collection and use of client information, how they address profits and losses from trade errors, or advisory fee calculations;
      • Include polices regarding protection of the firm’s system or response to cybersecurity events.
      • Advisers operating as unregistered and relying on the digital services registration, which is prohibited under Advisers Act Rule 203A-2(e)(iii).

      Non-compliance with Rule 3a-4

      Advisers relying on Rule 3a-4, and not accurately following the rule by:

      • Using limited questionnaires that potentially increased the risk of providing advice in the clients best interest;
      • Inaccurately disclosing or responding to the client’s ability to designate restrictions on securities bought or held;
      • Not notifying clients frequently enough about the investment objectives or the clients’ financial situation;
      • Limiting client’s communication to technical support or general customer service support;
      • Restricted ability to withdraw cash or securities from their accounts;
      • Not letting clients vote proxies, or delegate their right;
      • Not ensuring clients were sent legally required documents;
      • Not allowing clients the legal right to proceed against the issuer of any security in the client’s account.

      How to prevent deficiencies in your firm’s digital services

      To avoid deficiencies in the digital services your firm provides, the Division recommends:

      Adopting and implementing written policies

      Written policies establish a clear framework for how digital services should be managed, ensuring consistency, accountability and alignment with industry standards. Firms should tailor policies to their specific needs, addressing data security, user privacy and software updates. The Division recommends that these policies are regularly reviewed and updated to stay aligned with emerging technologies, regulations and evolving business practices.

      Testing algorithms periodically

      Firms should regularly test algorithms to ensure they function as intended, maintaining security and impartiality. Testing should cover accuracy, fairness, performance and security. A clear testing schedule should be established, with responsibility assigned to a dedicated team or third-party expert. Results should be documented and corrective actions taken when necessary.

      Employing safeguards against unauthorized changes

      The Division recommends implementing safeguards to prevent unauthorized changes to algorithms that could result in security breaches or service failures. This includes establishing access controls, audit logs and version control to ensure that only authorized personnel can modify algorithms. For additional protection, a formal change management process should be set up to review and approve modifications, alongside regular audits to verify the effectiveness of these safeguards.

      Further information

      If your firm provides digital investment advisory services read the Division’s “Observations from Examinations of Advisers that Provide Electronic Investment Advice.”

       Next post
      Share

      More like this

      US updates

      SEC Issues New Risk Alert on Marketing Rule Compliance: Key Findings for Investment Advisers

      On December 16, 2025, the SEC Division of Examinations issued a Risk Alert, “Additional Observations Regarding Advisers’ Compliance with the…
      December 22, 2025
      Read more
      US updates

      SEC Grants Temporary Relief for Rule 13f-2 and Form SHO

      On December 3, 2025, the Securities and Exchange Commission (SEC) issued an order granting temporary exemptive relief from compliance with…
      December 8, 2025
      Read more
      US updates

      Regulatory Update November 2025 – US Region: SEC 2026 Examination Priorities in Focus

      FINRA Annual Renewal Timeline and Action Steps and SEC Division of Examinations has published its 2026 Examination Priorities.
      December 5, 2025
      Read more
      US updates

      Regulatory Update October 2025 – US Region

      Stay informed with our Regulatory Update Navigate the ever-evolving regulatory landscape with Waystone’s Regulatory Update. Our team of compliance experts…
      November 6, 2025
      Read more
      US updates

      Regulatory Update September 2025 – US Region

      This US Regulatory Update includes SEC unveils 2025 agenda focused on innovation and oversight, Nasdaq proposes rule to enable trading…
      October 14, 2025
      Read more
      US updates

      SEC Operations Paused Amid Government Shutdown: A Strategic Moment for Compliance Readiness

      As the federal government shutdown continues in the US, the Securities and Exchange Commission (SEC) has suspended most of its…
      October 8, 2025
      Read more
      US updates

      Strengthening Your Compliance Program Through Effective Annual Compliance Reviews Under Rule 206(4)-7

      The Investment Advisers Act of 1940 was created to put investors first, ensuring that Registered Investment Advisers (RIAs) act with…
      October 2, 2025
      Read more
      Atoms/Icons/search
      image/svg+xml Atoms / Icons / plusCollapse
      Contact us