This week, the Securities and Exchange Commission (SEC) released its examination priorities for 2025, continuing a practice that has benefited the industry since 2013. By sharing these priorities, the SEC signals the highest-risk areas for investors and markets, providing insight into where it will focus its oversight efforts in the coming year.

In addition to its annual priorities, the SEC regularly issues risk alerts and conducts outreach, such as compliance seminars, to help firms align their practices with regulatory expectations. Compliance teams should take this opportunity to review their programs and ensure they’re prepared for heightened scrutiny in key areas. When the SEC comes knocking, the expectation is that you’re ready.

Key Focus Areas for 2025

Beyond emerging issues like financial technologies and crypto assets, the SEC will continue its focus on core areas, including:

Effectiveness of the Compliance Program

The “Compliance Rule” (Rule 206(4)-7 under the Advisers Act) mandates that investment advisers:

(1) Adopt and implement written policies and procedures designed to prevent violations of the Advisers Act;

(2) Designate a Chief Compliance Officer (CCO) responsible for overseeing these policies and procedures;

(3) Review compliance policies and procedures annually to ensure their adequacy and effectiveness.

The effectiveness of a firm’s compliance program remains a top priority for the SEC. Examinations often review several areas, including marketing, valuation, trading, portfolio management, disclosures, custody, conflicts of interest, and the annual compliance review.

At Skematic, we’ve seen firsthand how regulators are increasingly interested in how firms measure and document the effectiveness of their compliance programs—and more importantly, how they drive continuous improvement.

Policies and Procedures

The SEC will continue examining whether a firm’s policies and procedures are designed to prevent advisers from placing their own interests ahead of clients. Compliance teams must ensure they’re not only saying what they do but also doing what they say. Keeping policies up to date with evolving regulations and ensuring controls are aligned is key to avoiding regulatory pitfalls.

Private Funds

Private fund advisers remain a significant focus, with the SEC zeroing in on the consistency between disclosures and actual practices, the accuracy of fee and expense calculations, and the handling of conflicts of interest. Firms must also ensure compliance with newer rules like the Form PF amendments and updated marketing rules.

The SEC will ask: Are your policies and procedures in place, and do your practices match your claims?

Cybersecurity

Cybersecurity remains a critical area of focus, with particular attention on how firms manage risks related to the disruption of mission-critical services and the protection of investor information and assets. This extends to third-party products and services used by the business, including subcontractors and unsanctioned IT resources. Firms must be prepared to demonstrate how they identify and manage these risks to safeguard business operations.

Artificial Intelligence (AI)

As AI becomes more integrated into financial services, the SEC will assess whether firms are accurately representing their use of AI, and whether they have robust policies in place to monitor and supervise its application. This includes tasks related to fraud prevention, back-office operations, anti-money laundering (AML), and trading functions.

The reviews “will also consider firm integration of regulatory technology to automate internal processes and optimize efficiencies.” As AI is incorporated in both the front and back office, it is important that compliance teams have a plan in place to, again, say what you do and do what you say.

How Skematic Can Help

Many compliance teams are relying on a patchwork of tools for individual compliance rules, but few have a solution for managing the overall compliance program itself. Skematic offers a unified compliance management platform designed specifically for the compliance team.

As you review the SEC’s 2025 exam priorities and evaluate your policies, procedures, and related controls, consider incorporating Skematic into your preparation. It’s time to move beyond Word documents and spreadsheets and into a dynamic solution built to simplify compliance management.