How’s your summer going so far? For many financial advisors, it’s a slow season. Colleagues and clients are on vacation, and you might have some open stretches on your calendar.

We all know this calm won’t last. The post-Labor Day return to office will usher in a flurry of activity that will take us through the fall and into the new year. So, why not make the most of this slower summer period?

Now is the ideal time to review compliance requirements and refresh your compliance program to ensure it is as effective and efficient as possible. Not sure where to start? We’ve got some suggestions for compliance-focused tasks you can undertake this summer to set your firm up for success in Q4 and beyond.



 Manage the many sides of your firm’s compliance program so you’re always ready when the regulators call.

Always be Exam-Ready

Start a Compliance Summer Reading List

Looking for a solid beach read? We suggest the SEC 2023 Exam Priorities!

It might not be as captivating as the new thriller or romance novel from your favorite author, but adding compliance literature to your summer reading list is a great way to catch up on vital industry updates.

The SEC is constantly releasing documents to help firms build the best compliance program possible. Regulators run exams throughout the year and often unearth common deficiencies or risks. They share these in Risk Alerts and the annual Exam Priorities report so your firm can learn from others’ mistakes.

Don’t let these valuable resources go unread. The summer is the perfect time to hunker down with a highlighter and notepad and delve into the details.

Review Your Internal Compliance Policies and Procedures

Once you’ve gone through your compliance reading list, it’s time to focus on documents your firm has created: your compliance policies and procedures.

Armed with a deeper understanding of today’s most pressing compliance concerns, does your firm have specific policies and procedures you know would benefit from a refresh?

Start with those documents. You likely have dozens of policies and procedures, so reviewing every one might not be a realistic summer goal. But if you can use this time to edit a handful of documents you know need attention, you’re putting your team in a stronger, more compliant position heading into the fall.

Reassess Your Risks

Hopefully, you already have a list of your firm’s risks, ordered by priority. (If not, summer is a great time to compile one!)

The thing about priorities is that they often shift. And with so many massive global changes in the past few years (for example, the move to remote work or increased cybersecurity threats), your list may need tweaking.

Use this downtime to thoroughly review your risk list and adjust as needed. Ask yourself:

  • Are all of the risks on our list ranked correctly?
  • Are there any risks that are no longer relevant and can be removed?
  • Are there any risks that have recently arisen that need to be added?


Check Your Controls

Along with your list of risks, you should have a series of internal controls aimed at mitigating them. If your risks have shifted, your controls will need adjustment, too. Even if your risks remain the same, your controls are still worth revisiting. They may need updating for other reasons.

Review each of your controls with the following questions in mind:

  • What risk is this control associated with?
  • Who is responsible for the control?
  • How frequently do we run it?
  • What is the step-by-step process?
  • What tools do we use to complete these tasks?
  • How do we respond to unexpected or unfavorable results?
  • Where do we store the proof of our work?

Did asking these questions uncover any gaps or deficiencies? Now’s the time to adjust your controls to ensure they work as intended.

Audit Your Document Storage

The SEC offers specific guidelines1 for record-keeping, with an expectation that most documents are retained for at least five years from when the last entry was made on a given record.

Having quick and easy access to documents is not only an SEC guideline, it’s also a practical concern. When your firm receives a document request from regulators, the last thing you want is a chaotic scramble to find the requested records.

The summer is a perfect time to audit your document storage. Some questions to ask yourself include:

  • Do we have a secure, cloud-based storage system allowing easy access from anywhere? (This is an especially relevant concern if your team is now remote or hybrid.)
  • Is our filing system clear? Do I know where to find a specific type of record or document?
  • Is our document naming convention consistent? (This makes it easier to search for documents by file name.)
  • Do we have a system for properly destroying documents we no longer need to retain?

If the answer to any of these questions is “no,” you’ll want to draft a plan to change that!

Invest in Team Training

Is your team up-to-date on the latest compliance requirements and your firm’s policies, procedures, and expectations?

The summer, with a lighter load of client meetings, is the perfect time to put some compliance training and education time on your team’s calendar.

Compliance can feel like a heavy topic — and it is indeed serious business — but that doesn’t mean you can’t approach it in a fun and engaging way. Why not arrange a Compliance Day for your office, where you create gameshow-style quizzes and encourage some friendly competition among your team? Whoever wins gets a prize, and everyone leaves with valuable compliance knowledge.

Run a Mock SEC Exam

The SEC notes2 that regulatory exams are currently on about a seven-year cycle. So if it’s been a while since you’ve heard from the Commission, your firm might be coming up for re-examination soon.

What better way to use your summer than to run a mock exam with your team to prepare?

Create a fake document request letter and distribute it to your team to see how long it takes everyone to gather the needed evidence. Run mock interviews with your staff, where you roleplay an SEC examiner. Do they know how to accurately and succinctly answer the types of questions they’re likely to hear during an actual exam?

After you’ve run your practice drills, debrief with your team. Consider asking the following questions to assess where you stand:

  • How did everyone feel about the mock exam? Does anyone have any questions about their role?
  • Were you able to respond quickly and accurately to the document request? How can you improve your ability to pull the requisite information?
  • How did your team members respond to questions during the mock interview process? Is there room for improvement?
  • What can your compliance team do (updating policies, adjusting workflows, or offering additional team training and support) to position yourselves to do even better next time?

Ensure that everyone has clear next steps coming out of the debriefing process. This will help each individual improve and make you a stronger team overall.

Reassess Your Tech

As you review your various processes, do you find that your technological solutions are helping you or holding you back?

If you rely on outdated technological solutions to manage essential components of your compliance program, you may be creating unnecessary difficulties for yourself. The right compliance technology is:

  • Secure and cloud-based, for access from anywhere
  • Easy for your entire team to use
  • Fully integrated with the rest of your tech stack
  • Capable of automating rote compliance tasks
  • Able to auto-generate and store an audit trail

Switching tech providers can be a big project, but the summer is a great time to research your options and perhaps even implement a new solution. While the buzz of client activity is slower, your team can dig into learning about and optimizing the new tool, so you’re ready to hit the ground running come fall.



One integrated UX. One agreement. All the power of Orion.

Learn More



1Source: 17 CFR § 275.204-2 - Books and records to be maintained by investment advisers., Legal Information Institute
2Source:, Recommendation of the SEC Investor Advisory Committee’s Disclosure Subcommittee to Promote Investor Protection through Oversight of Investment Advisers, June 2023