Reaffirming its dedication to preserving market integrity through its Four Pillars, being; promoting robust compliance, preventing misconduct, informing policy, and monitoring risk, the SEC’s Division of Examinations (the “Division”) has released its priorities for the 2026 fiscal year (the “Examination Priorities”). Whilst the Four Pillars remain consistent year to year, the 2026 agenda signal a sharpened focus on how firms manage emerging technologies, operational resiliency, and evolving market risks. Rather than simply outlining areas of scrutiny, the latest priorities reflect the SEC’s broader effort to anticipate vulnerabilities in an increasingly complex financial ecosystem.
Through the lens of those Four Pillars, we summarise below the Division’s areas of focus and the practical implications.
Promoting Robust Compliance
Technology risk
A notable development in the 2026 Examination Priorities is the SEC’s heightened emphasis on technology-driven risk. As firms accelerate their adoption of AI-enabled tools, automated trading systems, and digital client-facing platforms, the Division is placing renewed scrutiny on how these technologies are governed. Firms must be able to explain how their algorithms make decisions, understand the data provenance, test models to ensure they work as intended, and guard against biased or inconsistent outputs.
As a result, examiners will assess whether firms have implemented adequate policies and procedures to monitor and supervise AI technologies across advisory, trading, back-office, and AML-related operations.
Reg S-ID and Reg S-P
Examiners will also review whether firms have developed and implemented written Identity Theft Prevention Programs (Reg S-ID) and privacy and information security programs (Reg S-P) that include reasonable policies, red-flag detection, employee training, incident response, and protection of customer information, including with administrative, technical, and physical safeguards.
Reg SCI
Similarly, Regulation Systems Compliance and Integrity (Reg SCI) oversight will focus on incident response procedures, vendor risk management, and proper identification of direct or indirect Reg SCI systems. Together, these initiatives signal the SEC’s insistence that robust, well-governed systems are foundational to regulatory compliance.
Operational resilience
At the same time, the Division continues to spotlight information security and operational resiliency, underscoring that cyber risk remains one of the most pervasive threats to market stability. Examiners will closely assess whether firms have implemented adaptive incident-response planning, conducted meaningful oversight of third-party service providers, and embedded cybersecurity considerations into enterprise-level governance. In an environment where attacks are growing in sophistication, the SEC is signalling less tolerance for firms whose controls are static, siloed, or check-the-box in nature.
Preventing Misconduct
Reg BI and retail investors
As we’ve seen in previous examination priorities, certain topics are an ongoing priority of the Division. Investment advisers and broker-dealers’ adherence to their duty of care & loyalty obligations continues to be an ongoing commitment, especially in areas affecting retail investors. Examiners will assess whether recommendations and disclosures align with fiduciary obligations and Reg BI standards, focusing on how financial conflicts influence advice; whether firms rigorously evaluate key factors such as cost, risk, liquidity, and investment objectives; and, whether firms seek best execution to maximize client value.
For broker-dealers, the SEC will continue to examine broker-dealer retail sales practices under Reg BI, focusing on whether recommendations are suitable for clients and comply with the duty of care obligations. Examinations will also assess complex or tax-advantaged products, conflict identification and mitigation (especially for dual registrants), branch office supervision, and the accuracy and completeness of Form CRS disclosures, including services, fees, conflicts, and disciplinary history.
Dual registrants
Additionally, the SEC will focus on advisers whose business models may introduce extra risks or conflicts, such as dual registrants (advisers who are also broker-dealers), advisers relying on third-party access to client accounts, and advisers involved in mergers or acquisitions that create operational or compliance challenges.
Private funds
Private funds, which remain a consistent area of scrutiny, can expect examinations to continue drilling into valuation practices, expense allocation, and side-letter transparency.
Anti-Money Laundering
While AML programs remain outside of an investment advisers’ expectations, examiners will evaluate whether broker-dealers and certain registered investment companies (RICs) are tailoring their AML programs to their specific risk profile, performing independent testing, maintaining adequate customer identification (including beneficial owners), meeting Suspicious Activity Report (SAR) filing obligations, and ensuring compliance with OFAC sanctions.
Suitability
High-risk or complex products, including alternative investments, complex or leveraged ETFs, and higher-fee products, remain a focus, particularly in the context of suitability and impact on vulnerable populations such as older investors or those saving for retirement. Examinations will also probe advisers offering automated or AI-driven investment services to confirm that outputs are aligned with regulatory obligations and investor interests.
Informing Policy
As markets evolve, so too does the SEC’s use of examination findings to inform future policy direction. The 2026 Examination Priorities reinforce the Division’s growing interest in thematic areas such as climate-related disclosures, market volatility events, and financial products and emerging financial technologies. These themes often signal where regulatory expectations are heading.
By reviewing compliance with AI governance, AML protocols, identity theft prevention, and SCI requirements, the SEC gains insights into how firms are managing evolving risks. These insights can shape policy development, particularly around automated advisory services, cybersecurity standards, and risk-based AML practices.
Monitoring Risk
Dynamic and thematic examinations
Finally, the Division’s risk-based approach means firms should be prepared for more dynamic, thematic examinations. Issues may appear on document request lists unexpectedly as market conditions shift through sudden volatility, new financial products gaining traction, or sector-specific disruptions.
New entrants
A continued priority within this pillar is the examination of advisers who have never been examined or newly registered. By assessing the compliance foundations of new entrants early, the SEC aims to identify structural weaknesses before risks escalate.
Across all four pillars, the SEC’s focus appears to be that maintaining strong systems, rigorous oversight, and adaptive risk monitoring is no longer optional, it is essential for navigating a rapidly evolving financial landscape.
If you would like to discuss the 2026 Examination Priorities, please do get in touch. Blueprint GRC has London based SEC compliance expertise offering a range of services including examination support, mock audits and retained advisory support.
