Blog, Newsletter

SEC Division of Examinations Announces 2026 Priorities 

By: Mike Scally

On November 17, the SEC’s Division of Examinations (EXAMS) released its 2026 examination priorities. 

The annual priorities outline areas where EXAMS expects to concentrate its resources as it examines SEC-registered investment advisers, investment companies, broker-dealers, clearing agencies, and self-regulatory organizations, among others, for compliance with federal securities laws. Through its annual publication of examination priorities, EXAMS seeks to further the SEC’s mission and align its efforts with four core pillars: promoting and improving compliance, preventing fraud, monitoring risk, and informing policy. 

For fiscal year 2026, which began on October 1, EXAMS will continue examinations in core areas such as fiduciary duty, standards of conduct, and the custody rule. In addition, EXAMS will focus on compliance with new rules, including the 2024 amendments to Regulation S-P. As in prior years, EXAMS will prioritize examinations of newly registered advisers and investment companies, with the goal of encouraging the development of robust compliance programs. 

Within the priorities, EXAMS notes that it is currently operating with fewer resources. 

Under the leadership of SEC Chair Paul Atkins, EXAMS has reassessed how best to deploy its resources to meet expanding responsibilities and evolving risks shaped by developments in U.S. capital markets, as well as broader economic and geopolitical forces. This reassessment includes reevaluating EXAMS’s risk-based priorities and its approach to market trends, new and emerging products and services, and internal processes, with the goal of ensuring examinations remain efficient and effective. 

As noted by Chair Atkins: 

“Examinations are an important component to accomplishing the agency’s mission, but they should not be a ‘gotcha’ exercise. Today’s release of examination priorities should enable firms to prepare to have a constructive dialogue with SEC examiners and provide transparency into the priorities of the agency’s most public-facing division.” 

Examination Priorities 

EXAMS develops its examination priorities in coordination and consultation with other divisions and offices across the SEC. In doing so, EXAMS considers prior examination findings, market events, and information gathered through conferences and discussions with investors, registrants, industry groups, and other regulators. 

The 2026 priorities include specific areas of focus for the following registrant types. 

Investment Advisers 

In examinations of investment advisers, EXAMS will focus on firms’ adherence to their duty of care and duty of loyalty to clients, with particular emphasis on: 

Investment products with the following strategies or characteristics: 

  • Alternative investments (e.g., private credit and private funds with extended investment lock-up periods).
  • Complex investments (e.g., exchange-traded fund (ETF) wrappers on less liquid underlying strategies, option-based ETFs, and leveraged and/or inverse ETFs).
  • Products associated with higher costs (e.g., high commissions or higher investment expenses relative to similar products).

Investment recommendations, assessed for consistency with product disclosures and clients’ investment objectives, risk tolerance, and financial or personal circumstances, with emphasis on: 

  • Recommendations to older investors and those saving for retirement.
  • Advisers to private funds that also advise separately managed accounts and/or newly registered funds (e.g., reviewing potential favoritism in allocations and interfund transfers).
  • Advisers to newly launched private funds.
  • Recommendations of products that may be particularly sensitive to market volatility.
  • Advisers that have not previously advised private funds (e.g., reviewing regulatory awareness, liquidity, valuation, fees, disclosures, and differential treatment of investors, including the use of side letters).

EXAMS will also focus on advisers and advisory practices that may present additional risks or conflicts of interest, including advisers dually registered as broker-dealers and advisers that have merged with, consolidated into, or been acquired by existing advisory practices. These transactions may introduce operational or compliance complexities and new conflicts of interest. 

In addition, EXAMS will evaluate the effectiveness of advisers’ compliance programs, including: 

  • Core compliance areas such as marketing, valuation, trading, portfolio management, disclosures and filings, and custody. 
  • Firms’ Rule 206(4)-7 annual reviews.
  • Whether policies and procedures are appropriately implemented and enforced.
  • Whether disclosures adequately address fee-related conflicts, particularly those arising from account and product compensation structures. 
  • Regulatory filings, including Schedules 13D and 13G, Form 13F, Forms 3, 4, and 5, and Form N-PX.
  • Advisers that change business models or are new to advising certain asset types, client segments, or services. 

As in prior years, EXAMS will prioritize examinations of never-examined advisers and recently registered advisers. 

Information Security and Operational Resiliency 

Cybersecurity 

EXAMS will continue to review registrants’ practices designed to prevent interruptions to mission-critical services and to protect investor information, records, and assets. Operational disruption risks remain elevated due to the increasing prevalence of cybersecurity attacks, firms’ dispersed operations, weather-related events, and geopolitical concerns. 

A longstanding examination priority, cybersecurity remains a key focus for EXAMS. Examiners will pay particular attention to registrants’ policies and procedures related to governance practices, data loss prevention, access controls, account management, and response and recovery from cyber-related incidents, including ransomware attacks. 

EXAMS will also evaluate firm training programs and security controls used to identify and mitigate emerging risks associated with artificial intelligence (AI) and polymorphic malware, including how firms operationalize information obtained from threat intelligence sources. 

Regulation S-ID and Regulation S-P 

EXAMS will assess compliance with Regulations S-ID and S-P, as applicable, with a focus on firms’ policies and procedures, internal controls, third-party vendor oversight, and governance practices. 

Regulation S-ID 

With respect to Regulation S-ID, EXAMS will focus on firms’ development and implementation of written Identity Theft Prevention Programs designed to detect, prevent, and mitigate identity theft in connection with covered accounts. Specifically, EXAMS will assess whether firms’ policies and procedures: 

  • Are reasonably designed to identify and detect red flags, particularly during customer account takeovers and fraudulent transfers.
  • Include appropriate training related to identity theft prevention. 

Regulation S-P 

With respect to Regulation S-P, and in advance of the compliance dates for the SEC’s amendments (December 3, 2025, for advisers with $1.5 billion or more in AUM, and June 3, 2026, for all other advisers), EXAMS will review firms’ progress in implementing incident response programs designed to detect, respond to, and recover from unauthorized access to or use of customer information. 

Following the applicable compliance dates, EXAMS will assess whether firms have developed, implemented, and maintained policies and procedures that comply with the amended rule’s requirements related to administrative, technical, and physical safeguards for customer information. 

Emerging Financial Technology, Including Artificial Intelligence 

EXAMS remains focused on registrants’ use of emerging technologies, including automated investment tools, AI technologies, and trading algorithms or platforms, as well as the associated risks. Examinations will include reviews of firms’ automated advisory services, recommendations, and related tools. 

These reviews will generally assess whether: 

  • Representations to investors are fair and accurate.
  • Operations and controls are consistent with disclosures. 
  • Algorithms generate advice or recommendations aligned with investors’ profiles or stated strategies.
  • Controls ensure advice and recommendations generated by automated tools comply with regulatory obligations, including obligations to retail and older investors. 
     

With respect to AI specifically, EXAMS will review registrant representations regarding AI capabilities and usage for accuracy. EXAMS will also assess whether firms have implemented adequate policies and procedures to monitor and supervise AI use, including for fraud prevention, back-office operations, anti-money laundering (AML), and trading functions. Reviews will also consider firms’ integration of regulatory technology to automate internal processes and improve operational efficiency. 

Investment Companies 

EXAMS will continue to prioritize examinations of registered investment companies (RICs), including mutual funds and ETFs, given their importance to retail investors, particularly those saving for retirement. Examinations will generally cover compliance programs, disclosures, filings (e.g., summary prospectuses), and governance practices. 

Areas of particular focus include: 

  1. Fund fees and expenses, including waivers and reimbursements.
  1. Portfolio management practices and disclosures, including consistency with stated investment strategies, fund filings, marketing materials, and the amended fund “Names Rule” (following its compliance date).

Broker-Dealers 

In examinations of broker-dealers, EXAMS will assess compliance with requirements such as the net capital rule, the customer protection rule, and related internal processes, procedures, and controls. Broker-dealer equity and fixed income trading practices, as well as sales practices, will also remain examination priorities. 

Takeaways 

When compared with the EXAMS 2025 Examination Priorities issued under former Chair Gary Gensler [see Salus GRC’s November 2024 newsletter, p. 12], the 2026 priorities reflect several notable changes in focus and approach: 

  • Cryptocurrencies and digital assets have been removed as a standalone priority.
  • With the Regulation S-P amendments now effective for larger advisers, compliance with these requirements is expected to receive heightened examination focus. 
  • In the cybersecurity context, EXAMS has signaled increased attention to specific threats, including ransomware and advanced malware.
  • With respect to artificial intelligence, EXAMS emphasized a focus on recent AI advancements and the accuracy of firms’ representations and disclosures regarding AI capabilities; firms are encouraged to review their legal and regulatory disclosures when adopting new AI use cases.