The SEC's 2025 Playbook: 3 Key Risk Areas You Can’t Ignore
The SEC’s Division of Examinations released their 2025 priorities yesterday, offering the market insight into where they will be focusing their energy. Market participants, regardless of their role, should pay close attention to three specific risk areas that will receive increased scrutiny:
Cybersecurity: The SEC's top priority for 2025 is information security and operational resiliency. While most think of dramatic hacks where data is stolen and sold, the SEC also emphasizes operational resiliency. Beyond preventing breaches, companies must be prepared for DDoS attacks and ensure web services are robust enough to maintain access to critical resources, as disruptions can impact investors - a key area of focus for the SEC.
Emerging FinTech: The SEC highlights that new technologies bring new risks along with them. As companies adopt AI and automated investment tools, they must ensure compliance with disclosure and fair practice regulations. The SEC will scrutinize whether businesses have accurately represented the role and impact of AI. Companies that may have overstated its benefits should take heed.
T+1 Compliance: Perhaps unsurprisingly, the Division of Examinations will be combing through companies’ books to ensure compliance with the updated T+1 rule. These examinations will check if broker-dealers and advisers have adapted their procedures to support timely settlement and address operational changes.
