SEC Announces 2026 Examination Priorities: What Compliance Teams Need to Know Now

The SEC’s Division of Examinations has released its 2026 Examination Priorities, providing an updated roadmap of where regulators intend to focus their limited resources in the year ahead. The priorities highlight continued attention to fiduciary and conduct standards, complex and higher-risk products, cybersecurity and information security, and the implementation of the new Regulation S-P amendments and other technology-related requirements.

For investment advisers, investment companies, broker-dealers and other registrants, these priorities are a practical signal of where examination questions, data requests and follow-up inquiries are likely to converge. Firms that proactively assess their programs against these focus areas will be better positioned to manage regulatory risk and demonstrate a culture of compliance.

Key Focus Areas for 2026

• Fiduciary and conduct standards for investment advisers and broker-dealers, especially in connection with retail and older investors, and retirement accounts.
• Conflicts of interest and fee practices, including higher-cost, complex and illiquid products.
• Effectiveness of compliance programs, including annual reviews, marketing and advertising, valuation and custody controls.
• Cybersecurity, identity theft prevention, and implementation of the 2024 Regulation S-P amendments and incident response obligations.
• Use of emerging technologies and AI in advice, trading, fraud detection and regtech, and the accuracy of AI-related representations.
• AML program design and OFAC sanctions compliance tailored to firm-specific risks.

Investment Advisers and Investment Companies

The Division will continue to scrutinize advisers’ adherence to fiduciary duties of care and loyalty, focusing on how advisers recommend and monitor:

• Alternative and complex products such as private credit, private funds with long lockups, complex or leveraged ETFs and higher-cost strategies.
• Recommendations to retail, older and retirement investors, as well as advisers to private funds that also manage separately managed accounts or registered funds, where allocation and valuation conflicts may arise.
• Firms that are dually registered, recently registered, newly advising private funds or have undergone mergers or acquisitions that create operational or conflict-of-interest challenges.

For funds, exam staff will review fee and expense practices (including waivers and reimbursements), portfolio management and disclosure alignment with fund strategies and names, and governance and compliance functions. Funds with complex or illiquid holdings, leverage vulnerabilities or engaged in mergers and reorganizations should expect added scrutiny.

Broker-Dealers

Broker-dealer exams will emphasize:

• Compliance with net capital and customer protection rules, including supervisory oversight of vendors that support financial reporting and recordkeeping and firms’ ability to operate through stress events.
• Trading practices in equity and fixed-income markets, extended-hours trading and municipal securities, including valuation and disclosure of mark-ups and VRDO rate resets.
• Best execution and order routing disclosures under Regulation NMS Rule 605 and the pricing and valuation of illiquid products such as municipal securities and non-traded REITs.
• Ongoing assessments of Regulation Best Interest compliance, including account and rollover recommendations, complex product sales, conflict identification and mitigation, and processes for considering reasonably available alternatives and satisfying the Care Obligation.
• Dual registrants’ account selection, allocation practices and recommendations regarding brokerage versus advisory accounts, including wrap fee programs, along with the accuracy and completeness of Form CRS disclosures.

Other Market Participants

The Division will also continue risk-based exams of:

• Municipal advisors and their fiduciary duty, conflict disclosures, and compliance with MSRB Rule G-42.
• Transfer agents and funding portals, including processing, safeguarding of funds and securities, recordkeeping and readiness for the new Regulation S-P requirements, such as written incident response programs and customer notifications.
• Clearing agencies and security-based swap entities, with a focus on risk management, liquidity and default management, trade reporting accuracy and remediation of prior deficiencies.

Emerging Risks: Technology, Cybersecurity and Data Protection

Information security and operational resiliency remain perennial priorities. The Division will evaluate governance, access controls, data loss prevention, account management, vendor oversight and incident response capabilities, including preparedness for ransomware and advanced threats such as AI-driven and polymorphic malware attacks. Firms should expect exam questions regarding how they integrate threat intelligence and test resiliency for mission-critical systems.

Regulation S-ID reviews will focus on the design and implementation of written Identity Theft Prevention Programs, including detection and mitigation of red flags and staff training. With the 2024 Regulation S-P amendments, the Division will begin probing how firms are building incident response programs that detect, respond to and recover from unauthorized access to customer information, and how they plan to deliver timely notifications to affected individuals.

The Division will also review the use of AI and other emerging tools across the front, middle and back office, assessing whether:

• AI-related marketing claims are accurate and not misleading.
• Algorithms and automated advice tools generate recommendations consistent with investors’ profiles and stated strategies.
• Supervisory controls and testing keep pace with the use of AI in trading, fraud detection, AML monitoring and regtech applications.

AML and Sanctions Expectations

Broker-dealers and certain registered funds will remain under close scrutiny for AML compliance. The Division will look for programs that are tailored to the firm’s location, customer base, products and distribution channels, including omnibus accounts for foreign financial institutions. Examinations will review independent testing, customer identification and beneficial ownership procedures, Suspicious Activity Report processes and oversight of intermediaries. Firms should also be prepared to demonstrate how they monitor and comply with OFAC sanctions requirements.

Read the Full Report

Actionable Takeaways for Compliance Teams

To prepare for exams in FY 2026, firms should consider:

• Refreshing risk assessments to capture expanded use of complex products, private credit, leverage, illiquid investments and emerging technologies.
• Reviewing fiduciary and Reg BI frameworks for alignment between policies, disclosures, compensation structures and actual practices, with special focus on older investors and retirement accounts.
• Testing and documenting compliance programs, including annual reviews, marketing and performance advertising controls, valuation processes, custody safeguards and Form CRS content.
• Updating cybersecurity, identity theft and privacy programs to meet the new Regulation S-P incident response and notification requirements and to address AI-driven threats.
• Re-evaluating AML and sanctions programs to ensure they remain risk-based, current and well documented, with robust independent testing and reporting.

Bates Group assists firms in preparing for and navigating SEC examinations and operational challenges. Our compliance, regulatory, and litigation specialists can help you benchmark your current program against 2026 priorities, identify potential gaps, and develop practical remediation plans ahead of your next exam.

From registration support to compliance readiness and remediation, our team provides guidance designed to help firms maintain regulatory confidence and continuity.

Contact Bates Group today to discuss how we can support your firm’s SEC compliance needs.