Common Exam Deficiencies
Data-driven analysis of the most frequently cited deficiencies during state RIA examinations, with remediation guidance.
Top Deficiency Categories
Findings from the NASAA 2023 Investment Adviser Coordinated Examination Sweep.
Source: NASAA 2023 Investment Adviser Coordinated Examination Sweep. Percentages represent share of total deficiency findings. Additional categories (advertising, custody, ethics, business continuity, cybersecurity) were also identified but without specific percentages.
Detailed Breakdown & Remediation
Registration (23%)
Registration deficiencies including failure to register, maintain proper registration, or update registrations when required.
Maintain a registration tracking calendar. Review Form ADV quarterly. Verify representative registrations before client engagement.
Books & Records (17%)
Inadequate recordkeeping, missing required records, failure to archive electronic communications including emails and texts.
Deploy automated archiving for all business communications. Conduct quarterly record audits. Maintain a written record retention schedule.
Supervision & Compliance (16%)
Inadequate supervisory procedures, compliance policies that do not reflect actual practices, insufficient oversight of advisory personnel.
Update written supervisory procedures annually to match current operations. Document all supervisory reviews. Train supervisors on their specific responsibilities.
Contracts (12%)
Client contract deficiencies, missing or improper advisory agreements, inconsistencies between agreements and actual services provided.
Conduct annual review of all client advisory agreements. Ensure agreements accurately reflect services, fees, and terms. Maintain executed copies of all contracts.
Fees (6%)
Improper fee practices, fee calculation errors, fee disclosure issues, inconsistencies between advisory agreements and actual fees charged.
Implement automated fee calculation and reconciliation. Review fee schedules against contracts annually. Document all billing processes.
Advertising & Marketing
Non-compliant advertising materials, misleading performance claims, missing disclosures on testimonials and endorsements.
Implement a mandatory pre-publication review process. Use standardized templates with built-in disclosure language. Archive all marketing materials.
Custody of Client Assets
Inadvertent custody situations, missing surprise examinations, inadequate fee deduction documentation.
Perform annual custody assessments. Ensure surprise exams are scheduled. Document all fee deduction authorizations.
Code of Ethics
Missing personal trading pre-clearance records, late holdings reports, inadequate gift policies, undisclosed outside activities.
Automate pre-clearance workflows. Set up reporting deadline reminders. Maintain a centralized gift and entertainment log.
Business Continuity
Missing or outdated business continuity plans, failure to test plans, no provisions for succession planning.
Update BCP annually. Conduct annual testing. Address succession planning for key personnel.
Cybersecurity
No written cybersecurity policy, failure to conduct risk assessments, inadequate incident response planning.
Adopt a written cybersecurity policy. Conduct annual risk assessments. Develop and test an incident response plan.
Prevent deficiencies before they happen
Compliance Approved continuously monitors for common exam deficiency areas.