Your Annual RIA Compliance Checklist
Don’t let compliance catch you off guard. Use this checklist to stay ahead of regulatory requirements and keep your firm protected.
Q1 (January – March)
□ Annual Amendment Filing
- Review and update Form ADV Parts 1, 2A, 2B, and 3 (CRS)
- File amendments within 90 days of fiscal year-end
- Distribute updates to all clients
□ Annual Compliance Review
- Conduct comprehensive review of compliance program effectiveness
- Document findings and recommendations in written report
- Present results to decision makers
□ Personal Securities Holdings Review
- Collect and review all IAR personal holdings reports
- Verify compliance with Code of Ethics requirements
- Document any violations and remedial actions
□ Books and Records Assessment
- Verify all required records are being maintained
- Check that retention schedules are being followed
- Review electronic storage and backup systems
Q2 (April – June)
□ Cybersecurity Assessment
- Review and test incident response plan
- Conduct risk assessment of systems and data
- Update cybersecurity policies as needed
- Provide refresher training to staff
□ Business Continuity Plan Review
- Test BCP procedures
- Update contact information and recovery procedures
- Document testing results
- Review and update succession plan, as needed
□ IAR Annual Interviews
- Schedule and conduct one-on-one compliance meetings
- Review outside business activities
- Discuss any compliance concerns or questions
- Document all interviews
- Review IAR CE requirements and completion status
Q3 (July – September)
□ Contract Review
- Review client facing agreements
- Review internal agreements with employees and contractors
- Review vendor contracts and verify delivery of all services
- Review custodial agreements
- Review Sub-Advisory / Solicitor / Co-Advisor Agreements
□ Best Execution Review
- Analyze execution quality across all custodians
- Document findings in written report
- Consider whether changes are needed to improve outcomes
□ Marketing and Advertising Review
- Audit all marketing materials for compliance
- Review website, social media, and presentations
- Verify all required disclosures are present
- Document review and any needed corrections
□ Third-Party Vendor Review
- Review all vendor contracts and services
- Assess vendor compliance with your requirements
- Update vendor management documentation
Q4 (October – December)
□ Annual Training Program
- Conduct required compliance training for all staff
- Cover Code of Ethics, cybersecurity, AML, and current regulatory topics
- Document attendance and training content
- Review IAR CE requirements and completion status
□ Code of Ethics Annual Certification
- Distribute and collect annual certifications from all access persons
- Review for completeness and follow up on any issues
□ Anti-Money Laundering (AML) Review
- Conduct annual independent AML program review
- Update risk assessment
- Review suspicious activity monitoring
□ Policy and Procedure Updates
- Review all compliance policies and procedures
- Update for regulatory changes throughout the year
- Document review and any revisions made
Ongoing (Throughout the Year)
□ Quarterly Regulatory Updates
- Monitor SEC, FINRA, and state regulatory changes
- Assess the impact on your firm
- Update policies as needed
□ New IAR Onboarding
- Complete background checks and U4 filings
- Provide compliance training
- Collect initial disclosures and attestations
□ Client Account Reviews
- Monitor for suitability and best interest compliance
- Document supervisory reviews
□ Form 13F Filing
- File quarterly 13F updates if the firm meets reporting thresholds
Compliance Doesn’t Have to Be Overwhelming
Feeling overwhelmed? This is exactly why firms partner with My RIA Lawyer.
Choose Your Path:
DIY Route: Get compliance training and templates through our RIA Compliance University and tackle this checklist yourself.
Full-Service Route: Let our Outsourced Compliance Department handle everything on this list (and more) so you can focus on growing your business.
When compliance gets complicated, you need legal muscle behind your compliance program.
Ready to stop worrying about compliance?
Author Bio
Leila Shaver is the Founder of My RIA Lawyer, a law firm that provides compliance and legal consulting for financial institutions. With extensive experience as a securities attorney and compliance expert, she has served as Chief Compliance Officer and General Counsel to RIAs, BDs, and TAMPs with billions in assets under management.
Leila understands the challenges RIAs face and is committed to helping RIAs streamline their processes, mitigate risks, and ensure compliance with regulatory requirements. She received her Juris Doctor from Atlanta’s John Marshall Law School and is a West Georgia Young Lawyers’ Association member. Leila has received numerous accolades for her work, including the Carroll County Bar Association’s Outstanding Young Lawyer Award in 2017.