Questions To Ask Yourself When Building a Compliance Program

Becoming an independent registered investment adviser (RIA) can be a lucrative and fulfilling career path—two factors that have contributed to the growing number of RIAs across the world. As of 2018, there were over 12,500 RIAs employed in the U.S. In fact, from January 2018 to January 2019, 42% of IBD advisers had at least considered opening an RIA firm.
If you’ve decided to become an independent RIA or start your own RIA firm, there are a lot of factors to consider, such as registration, marketing strategies, and business development. But some of the most significant considerations you will address are regulatory requirements.
Given the ever-changing regulatory environment, it’s crucial to understand RIA compliance. That’s why we rounded up a comprehensive list of the biggest compliance issues that RIAs must address, and the elements of a sufficient compliance program.

Issues That Must Be Addressed

Under Regulations Best Interest or RegBI, brokers must reveal to customers what capacity they are working in: broker or advisor. If they’re a broker, they cannot use the term “advisor” in their title if they are not registered as an investment advisor. Additionally, brokers are required to put their customer’s best interests ahead of their own. As an advisor, you have a fiduciary duty to your clients. During your initial strategizing, you must carefully consider the following aspects of your business and craft subsequent company policies that will ensure the safety of your clients’ assets:
Portfolio management processes. Do you have portfolio management software that provides transparency into accounts for both you and your clients? Does it provide a high-level view and notifications for tracking account activity? Does it have an intuitive interface for clients? Can you or your provider easily deliver commonly needed regulatory reports for fee billing audits, trade reviews, 13F filings, and other compliance needs?
Disclosure accuracy. How easy is it for you to update and maintain reporting disclosures? Are these clearly available for your clients review? Are they transparent and consistent to your examiner?
Trading practices. How will you monitor both your trading practices and those of your employees? Will you or your provider be able to generate trade blotters easily?
Safeguarding of client assets. How will you ensure your client assets are safe from improper use by employees? Which software will you use to protect assets from unapproved parties? Are you aware of the type of access your different vendors enable to your client accounts? Have they documented this to you or for you to share with regulators?
Accurate creation of required records. How will you create the unchangeable, accurate records required by law? If you are state regulated, have you confirmed your state’s required standards?
Privacy protection of client records. It has been predicted that over 33 billion records will be stolen by cybercriminals in 2023. How will you protect client records and how much access do your vendors have to client information? Will you prioritize security when searching for supporting technology?
Marketing advisory services. How will you ensure advertisements do not say something inappropriately promising? Will you hire an external marketing compliance expert? Will you hire a lawyer to review your marketing? If you used a 3rd party to help file your ADV, is this something they can help with as well?
Processes to value client holdings and assess fees. What will your process be when valuing client holdings? How will you determine and disclose your pricing schedule?
Business continuity plans. In times of emergency, your business has a responsibility to remain stable for customers. What is your emergency plan?

Elements Of A Compliance Program

A compliance program ensures that your business will be on the right side of regulatory action. Though there are many elements that should be addressed, your compliance program must have the following at the very least:

  • Written compliance and supervisory policies that identify conflicts and any potential compliance risks your business might encounter;
  • An annual review of policies that will help your business determine whether your policies are still relevant and adequate;
  • A qualified CCO (or e-CCO) who has the responsibility and authority to craft and enforce policies;
  • A carefully maintained Form ADV, Parts I and 2 so that your firm is legally allowed to disclose critical information to clients and securities regulators;
  • A clear code of ethics that outlines your business’s standards of conduct and reflects your firm’s fiduciary duties;
  • A regularly maintained system of books and records as per SEC Rule 204-2, which must include policies addressing how your records are kept and maintained;
  • Regularly registered and maintained license filings for the federal and state governments, plus policies that highlight which licenses your employees must maintain and which jurisdictions they must be registered in;
  • Continually monitored personal securities trading of IAR’s and access persons, plus policies that identify and set out processes for tracking trading from those persons;
  • A thorough review of Marketing Material Rule 206(4)-1 to addresses and fully comprehend the use of advertisements and social media in regards to marketing for your business’s growth, plus a subsequent policy regarding your specific marketing;
  • A comprehensive privacy policy that establishes what your RIA is permitted to do with confidential information from clients and that must be distributed to clients;
  • Solicitor agreements that outline appropriate policies for sharing advisory fees with third-party professionals;
  • An Outside Business Activities (OBA) policy that determines processes regarding ensuring all U4s are up to date, whether supervised contractors act appropriately, and whether OBAs represent conflicts of interest.


When establishing a new compliance program, your business should stay in a risk-based mindset, make comprehensive policies, and use modern technology to enhance transparency.
Wondering how your business can tackle all of these compliance issues? Contact us to learn how technology can help.