When the SEC Comes Calling
When I receive an examination letter from the SEC's Division of Examinations (formerly OCIE), the clock starts ticking. An SEC examination is not optional, and how I respond in the first 48 hours sets the tone for the entire process.
This playbook walks through what I need to know before, during, and after an SEC examination. Whether this is my first exam or my tenth, preparation and protocol matter enormously.
⚠ First 24 Hours Are Critical
When I receive an exam notification, I immediately contact my securities counsel and compliance team. I do not respond to the SEC or begin gathering documents without a plan in place.
Types of SEC Examinations
The SEC conducts several types of examinations, and understanding which type I'm facing helps me prepare appropriately.
📅 Routine Examination
- Trigger: Regular cycle (every 1-5 years)
- Scope: Broad review of operations
- Duration: 2-6 weeks on-site
- Risk Level: Standard
- Advance Notice: Usually 2-4 weeks
- Focus: General compliance program
📈 Sweep Examination
- Trigger: Industry-wide initiative
- Scope: Specific topic or practice
- Duration: 1-3 weeks typically
- Risk Level: Moderate
- Advance Notice: 1-3 weeks
- Focus: Hot-button issues (e.g., AI, crypto)
⚠ Cause Examination
- Trigger: Complaint, tip, or red flag
- Scope: Targeted investigation
- Duration: Varies widely
- Risk Level: Elevated
- Advance Notice: Little to none
- Focus: Specific alleged violations
⚠ Cause Exams Require Immediate Counsel
If the examination letter references specific complaints, customer disputes, or unusual trading activity, this may be a cause examination. I engage experienced securities counsel immediately—this type of exam has a higher likelihood of enforcement referral.
The Examination Letter and Document Request
The examination letter is my roadmap. I review it carefully to understand exactly what the SEC is looking for.
Anatomy of the Exam Letter
- Examination Staff: Names and contact information for the lead examiner
- Scope Statement: General description of what they're examining
- Document Request List: Specific documents I must produce
- Due Date: When documents must be provided (typically 2-3 weeks)
- On-Site Dates: When examiners plan to arrive
- Response Instructions: How and where to submit materials
Typical Document Requests for Trading Platforms
| Category | Documents Requested |
|---|---|
| Governance | Org charts, board minutes, ownership structure, compliance committee notes |
| Policies & Procedures | Compliance manual, code of ethics, trading policies, cybersecurity policies |
| Client Records | Advisory agreements, account opening docs, risk disclosures, Form CRS delivery |
| Trading Records | Order tickets, execution records, allocation procedures, error logs |
| Communications | Email archives, marketing materials, social media posts, client correspondence |
| Financial | Fee schedules, billing records, expense allocations, custody statements |
| Personnel | Employee registrations, outside business activities, personal trading records |
| Technology | Algorithm documentation, system access logs, disaster recovery plans |
💡 Negotiating the Request
I can negotiate the scope of document requests. If a request is overly broad or unclear, I contact the lead examiner to discuss. The SEC typically prefers cooperation over confrontation on reasonable accommodation requests.
Preparing for Examiner Arrival
Preparation is where examinations are won or lost. I take these steps before examiners arrive.
Internal Readiness Checklist
- Assemble the Team: Identify who will be the primary contacts (usually CCO and counsel)
- Brief Key Personnel: Everyone who might interact with examiners needs to understand protocol
- Review Documents Before Production: I review everything before sending—this is my chance to identify issues first
- Prepare a Response Binder: Organize documents by request number for easy reference
- Set Up the Exam Room: Dedicate a private space with network access for examiners
- Document Privilege Issues: Identify any privileged documents and prepare a privilege log if needed
Pre-Exam Self-Assessment
Before examiners arrive, I conduct my own review to identify potential issues:
- Are my policies and procedures current and actually followed?
- Is my Form ADV accurate and up to date?
- Have I documented all required annual reviews?
- Are my trading records complete and accessible?
- Have there been any client complaints I should be prepared to discuss?
- Are my fee calculations accurate and properly disclosed?
✅ The Golden Rule
I never produce a document I haven't reviewed. If I'm surprised by something in my own files during the exam, so will the examiners—and that's never good.
On-Site Examination Conduct
When examiners are on-site, professionalism and protocol are paramount.
Do's and Don'ts
✅ Do
- Be courteous and professional at all times
- Answer questions truthfully and completely
- Take notes on all questions asked
- Ask for clarification if a question is unclear
- Request to follow up in writing if I need to verify facts
- Provide documents promptly when requested
- Keep counsel informed of all significant interactions
- Treat examiners as professionals doing their job
❌ Don't
- Volunteer information not directly asked
- Speculate or guess at answers
- Discuss the exam with employees not directly involved
- Alter, destroy, or create documents after exam starts
- Argue with examiners about the law
- Make off-the-cuff comments or jokes
- Provide access to documents beyond the scope
- Communicate directly with examiners without CCO knowledge
Interview Protocol
Examiners will interview key personnel. I prepare my team with these guidelines:
- Listen to the Full Question: Don't answer until the examiner finishes
- Pause Before Responding: Take a moment to formulate a clear answer
- Answer Only What's Asked: Be responsive but don't expand unnecessarily
- "I Don't Know" is Acceptable: If I don't know, I say so and offer to find out
- Counsel Can Be Present: For sensitive topics, I have the right to have counsel present
- Document Everything: My team takes notes on all questions asked
Common Examination Focus Areas for Trading Platforms
The SEC has specific areas of focus for trading advisers and algo platforms.
| Focus Area | What They Examine | Common Issues Found |
|---|---|---|
| Algorithm Governance | Documentation, testing, oversight procedures | Insufficient testing records, lack of change controls |
| Performance Claims | Backtesting, track records, marketing materials | Misleading performance, cherry-picked results |
| Best Execution | Execution quality, venue selection, conflicts | No best execution analysis, undisclosed conflicts |
| Fees & Expenses | Fee calculations, disclosures, expense allocations | Fee calculation errors, undisclosed fees |
| Cybersecurity | Policies, incident response, access controls | Outdated policies, no incident response plan |
| Custody | Surprise exam compliance, account statements | Inadvertent custody, late surprise exams |
| Trade Allocation | Allocation procedures, fairness, documentation | Preferential treatment, inconsistent allocation |
| Conflicts of Interest | Side-by-side management, proprietary trading | Undisclosed conflicts, inadequate policies |
⚠ AI and Automated Trading Under Scrutiny
The SEC has signaled increased focus on AI-driven investment tools. If my platform uses machine learning or AI, I should expect questions about model governance, explainability, and disclosure to clients about how algorithms make decisions.
Deficiency Letters and How to Respond
At the conclusion of most examinations, the SEC issues a deficiency letter outlining findings. How I respond matters significantly.
Types of Examination Outcomes
| Outcome | Meaning | My Response |
|---|---|---|
| No Action | No findings requiring response | Document the clean exam; maintain practices |
| Deficiency Letter | Issues identified requiring correction | Respond in writing with remediation plan |
| Referral to Enforcement | Potential violations warrant investigation | Immediately engage experienced securities counsel |
Crafting the Deficiency Response
When I receive a deficiency letter, I respond thoughtfully:
- Acknowledge the Finding: I don't argue with factual observations
- Explain Context: If there are mitigating circumstances, I explain them
- Detail Remediation: I specify exactly what I've done or will do to address the issue
- Provide Timeline: I commit to specific dates for completing remediation
- Demonstrate Implementation: I attach evidence of changes already made
💡 Response Quality Matters
The quality of my deficiency response affects whether the matter is closed or escalated. A well-crafted response that shows genuine commitment to compliance can prevent enforcement referral.
Enforcement Referral Warning Signs
Certain circumstances suggest an examination may be referred to the SEC's Division of Enforcement.
Red Flags During Examination
- Formal Testimony Requests: If examiners ask for sworn testimony, this is serious
- Document Preservation Requests: Formal preservation letters suggest potential litigation
- Extended Duration: Examinations that drag on for months may indicate deeper issues
- Senior Staff Involvement: When senior regional staff join the exam team
- Repeated Requests for Same Documents: May indicate building a record
- Questions About Specific Client Harm: Focus on investor losses or fraud elements
- Second Requests: Following up on matters from previous examinations
⚠ If I Suspect Enforcement Referral
If I see these warning signs, I immediately upgrade my legal representation to counsel experienced in SEC enforcement defense. The examination phase is my best opportunity to address concerns before formal investigation begins.
Timeline Expectations
Typical Examination Timeline
Receive examination letter; engage counsel; begin document collection
Review and produce requested documents; prepare key personnel
Examiners on-site reviewing documents and conducting interviews
Additional document requests; clarifying questions; supplemental interviews
Exit conference; deficiency letter issued (if applicable)
Draft and submit deficiency response; implement remediation
Note: Cause examinations and complex matters can take significantly longer—sometimes 12-18 months from start to resolution.
Working with Counsel During Exams
My relationship with securities counsel during an examination is critical.
When Counsel Should Be Involved
- Immediately Upon Receipt: Review exam letter and strategy
- Document Production: Review for privilege and strategic considerations
- Sensitive Interviews: Counsel present for interviews about potential violations
- Deficiency Response: Crafting the written response
- Any Enforcement Warning Signs: Immediately escalate
What Good Counsel Provides
- Experience with SEC examination process and examiner tendencies
- Privileged channel for frank discussions about potential issues
- Strategic advice on document production and interview preparation
- Advocacy with examiners on scope and process issues
- Preparation of deficiency responses
- Escalation path if enforcement referral occurs
✅ The Right Counsel
I use counsel who has actual SEC examination experience—ideally former SEC staff. General corporate counsel may not have the specific expertise needed for examination defense.
Post-Examination Best Practices
After the examination concludes, my work isn't done.
Immediate Post-Exam Actions
- Conduct Internal Debrief: What did I learn? What issues were identified?
- Document the Process: Record all interactions, questions asked, documents produced
- Begin Remediation Immediately: Don't wait for the deficiency letter
- Update Policies: Incorporate lessons learned into my compliance program
- Train Staff: Brief relevant personnel on any changes
Preparing for the Next Exam
- Maintain organized, exam-ready files continuously
- Conduct annual mock examinations or compliance reviews
- Keep current on SEC examination priorities (published annually)
- Address any issues identified before the next exam cycle
Document Retention Requirements
Proper document retention is essential for examination readiness and regulatory compliance.
| Document Type | Retention Period | Notes |
|---|---|---|
| Advisory Agreements | 5 years after termination | Include all amendments |
| Trade Records | 6 years (first 2 accessible) | Order tickets, confirmations, allocations |
| Communications | 5 years (first 2 accessible) | Emails, chat, social media |
| Marketing Materials | 5 years after last use | All versions and approvals |
| Compliance Records | 5 years | Annual reviews, testing, training |
| Financial Records | 5-6 years | Fee calculations, invoices |
| Personnel Files | 3 years after termination | Registrations, disclosures |
| Algorithm Documentation | 5 years | Development records, testing, changes |
⚠ Litigation Hold
If I receive an examination letter, I immediately implement a litigation hold on all potentially relevant documents. Destroying documents after receiving notice of an examination can result in obstruction charges.
Common Deficiencies Found at Trading Advisers
Understanding common deficiencies helps me proactively address issues before my next exam.
Top 10 Deficiencies at Trading/Algo Advisers
- Compliance Program Gaps: Annual reviews not documented, policies not followed
- Performance Advertising: Misleading backtests, cherry-picked results, missing disclosures
- Best Execution Failures: No analysis performed, conflicts with execution venues
- Fee Calculation Errors: Incorrect AUM, billing on gross vs. net, timing issues
- Code of Ethics Violations: Personal trading not pre-cleared, outside activities undisclosed
- Form ADV Inaccuracies: Stale information, missing disclosures, conflicts not described
- Custody Issues: Inadvertent custody, surprise exam timing, statement delivery failures
- Cybersecurity Deficiencies: No written policies, no incident response plan, weak access controls
- Trade Allocation Fairness: Preferential treatment, inconsistent procedures, poor documentation
- Books and Records: Incomplete trade records, missing communications, inadequate retention
💡 Proactive Self-Assessment
I review this list quarterly and honestly assess my compliance program against each item. Finding and fixing issues myself is far better than having the SEC find them.
Trading Platform-Specific Issues
- Algorithm Documentation: Insufficient records of algorithm development, testing, and changes
- Model Risk Management: No governance framework for model validation and monitoring
- Execution Quality: No systematic review of execution quality for automated trades
- Disclosure Adequacy: Clients don't understand how algorithms work or their limitations
- Error Handling: No procedures for handling algorithm malfunctions or erroneous trades
- Capacity Constraints: No disclosure about strategy capacity limits or impact on returns