In a year when the Securities and Exchange Commission (SEC) double-clicks on investor protection and compliance, understanding the SEC Division of Examinations’ 2026 Priorities is more than academic—it’s a practical roadmap for advisers, RIAs, broker-dealers, and other market participants. The SEC’s transparency-minded approach aims to align firms’ compliance efforts with areas of focus, from fiduciary duties to cybersecurity and emerging technologies. Here’s a structured, reader-friendly guide to the key themes, risks, and actionable takeaways you can implement now. 

The Big Picture — Why These Priorities Matter 

The SEC publishes annual examination priorities to: 

• Provide transparency to registrants and investors about where the Division will focus. 

• Encourage firms to direct their compliance efforts toward areas of focus. 

• Promote alignment between disclosure, practice, and client outcomes. 

In 2026, the focus spans three broad axes: 

• Investment advisory Areas of Focus (fiduciary duties, conflicts of interest, and advisory practices). 

• Firm-wide compliance program effectiveness (policies, procedures, and annual reviews). 

• Risk areas impacting market participants (information security, emerging technology, Regulation Systems Compliance and Integrity (SCI), Anti-Money Laundering (AML), and regulatory changes such as FinCEN’s IA AML Rule timing). 

Understanding these themes helps you prioritize remediation, governance, and monitoring efforts to reduce oversight risk and protect clients. 

The Core Chapters of the 2026 Priorities 

1. Adherence to Fiduciary Standards of Conduct 

Key questions the SEC will probe: 

• Are advisers’ recommendations and related disclosures consistent with fiduciary duties of care and loyalty? 

• How do financial conflicts of interest influence impartial advice? 

• Do advisers consider all relevant factors: costs, product objectives, liquidity, risks, potential benefits, volatility, time horizon, and exit costs? 

• Are best-execution considerations aligned with maximizing client value given current circumstances? 

Targeted areas of focus include: 

• Investment products with complex features and higher costs, such as certain alternative investments (private credit), complex ETF structures, and high-commission products. 

• Recommendations to specific client groups (older investors, retirement savers) and relationships involving private funds, separately managed accounts, or newly launched funds. 

• Potential conflicts arising from dual registrations (advisory and brokerage), compensation structures, and cross-practice allocations. 

• Use of third-party access to client accounts and related control weaknesses. 

• Post-merger or acquisition scenarios may introduce new conflicts or operational and compliance complexities. 

Practical takeaways: 

• Normalize and document a robust conflict-of-interest framework. 

• Ensure disclosures reflect actual practices and recommendations to align with clients’ objectives and risk tolerances. 

• Review client-centric processes for older investors and retirement accounts; validate that product suitability, diversification, and risk profiles are appropriate. 

• Tighten controls around third-party access, account allocations, and inter-fund transfers; conduct regular governance reviews of any transitions or integrations. 

2. Effectiveness of Advisers’ Compliance Programs 

The SEC will evaluate: 

• Whether policies and procedures cover fiduciary obligations and conflicts of interest across marketing, valuation, trading, portfolio management, disclosures, filings, and custody. 

• The effectiveness of annual reviews of compliance programs. 

• Implementation and enforcement of procedures, with emphasis on fee-related disclosures and conflicts tied to compensation structures. 

• Specific attention to advisers with activist engagements, late or inaccurate filings (e.g., Schedules 13D/13G, Form 13F, Forms 3, 4, 5, N-PX), and firms changing business models or entering new asset classes or client types. 

Practical takeaways: 

• Establish and document a holistic, risk-based compliance program that is actively implemented and enforced. 

• Maintain clear, consistent disclosures about fees, conflicts, and compensation structures. 

• Prepare for targeted reviews by ensuring accurate, timely regulatory filings and robust governance around activist strategies or new asset classes. 

3. Never-Examined and Recently Registered Advisers

The Division prioritizes examinations of advisers never previously examined, with heightened attention to recently registered firms. 

Practical takeaways: 

• If you’re a newer or less-tested adviser, ensure you have a scalable, documented compliance program from day one. 

• Focus on key policy areas that are often scrutinized in early-stage examinations: marketing materials, disclosures, trade practices, and recordkeeping practices. 

4. Information Security and Operational Resiliency 

Critical risk areas include: 

• Cybersecurity: governance, data loss prevention, access controls, account management, incident response, and resilience to ransomware. 

• AI and polymorphic malware: training, detection, and response capabilities; threat-intelligence-driven controls. 

• Regulation S-ID and Regulation S-P: Identity theft programs, incident response planning, and safeguards for customer information. 

• Vendor risk management and third-party oversight. 

Practical takeaways: 

• Publish and enforce a mature cybersecurity program with clear governance, ongoing training, and incident response playbooks. 

• Strengthen identity theft prevention controls and ensure readiness for updated Regulation S-ID/S-P requirements. 

• Implement rigorous third-party risk management and data protection measures, with ongoing monitoring and testing. 

5. Emerging Financial Technology

Focus areas: 

• Automated investment tools, AI-driven advisory services, trading algorithms, and data-driven platforms. 

• Ensuring representations about AI capabilities are accurate and not overstated. 

• Policies and procedures to supervise AI and automated processes, including fraud prevention, AML, and back-office operations. 

• Integration of regulatory technology to enhance efficiency and compliance. 

Practical takeaways: 

• Audit algorithms and automated tools for alignment with client profiles and stated strategies. 

• Develop and enforce governance around AI usage, ensuring disclosures, controls, and supervision are robust. 

• Leverage RegTech where appropriate, while maintaining human oversight and accountability. 

6. Regulation Systems Compliance and Integrity (SCI)

Examinations will focus on: 

• Incident response policies and their effectiveness. 

• Management of third-party vendor risk and proper identification of SCI systems. 

Practical takeaways: 

• Strengthen SCI incident response capabilities and testing. 

• Clarify and document which vendor systems qualify as SCI or indirect SCI systems; ensure appropriate protections and monitoring. 

7. Anti-Money Laundering (AML)

Context: 

• The IA AML Rule timeline has shifted, with FinCEN delaying the IA AML Rule’s effective date from January 1, 2026, to January 1, 2028, and revisiting scope. 

Practical takeaways: 

• Prepare for evolving AML obligations and align internal AML programs with anticipated rule changes. 

• Maintain robust AML controls, ongoing monitoring, and readiness to adapt as regulatory requirements evolve. 

Practical Guidance for Firms 

• Conduct a comprehensive gap analysis against the 2026 priorities to identify where policies, procedures, and controls may need enhancements. 

• Build a living risk register that maps each priority to owners, remediation steps, timelines, and metrics. 

• Strengthen governance around fiduciary duties, conflicts of interest, and client disclosures; ensure consistency across marketing, investment advice, and client communications. 

• Invest in cybersecurity maturity: governance, access controls, data protection, incident response, AI risk management, and workforce training. 

• Enhance third-party risk management and vendor oversight, including policy alignment with SCI considerations. 

• Prepare for evolving AML requirements by closely tracking FinCEN developments and building adaptable AML controls. 

• For newer advisers, establish a foundation for a compliant, scalable program that can withstand exam scrutiny and future changes.