Back to basics: how private funds CFOs can prepare for 2026 SEC exams

Preparing for an SEC exam requires careful planning and collaboration, particularly on the part of private funds chief financial officers (CFOs) and chief compliance officers (CCOs). In 2025, the SEC swore in Chairman Paul Atkins, who signaled a shift in enforcement priorities toward fraud, market manipulation and addressing investor harm.

Historically, years marked by leadership transitions have seen fewer enforcement actions. This trend was amplified last year amid uncertainty surrounding potential government budget cuts. Although no FY25 enforcement report was published by the SEC, reports indicate a roughly 30% decline¹ in enforcement action. During FY25, the SEC ordered approximately $808 million in financial remedies, down 45% from the year before¹. Much of this enforcement activity was initiated under previous SEC Chairman Gary Gensler, before Atkins took office.

However, in 2026, early indications suggest SEC examination activity has returned to more typical levels, which may lead to increased enforcement activity during the year. Regulators are shifting to a “back-to-basics” approach. They are emphasizing actions involving breaches of fiduciary duties by investment advisers, insider trading and fraud in various areas, including fund offerings.

Because of this “back-to-basics” approach, it is an opportune time for CFOs and CCOs to revisit their compliance programs and exam readiness to ensure they are aligned with the SEC’s current priorities. It is important to note that a shift in focus does not mean that examinations won’t result in corrective action. In fact, anecdotal evidence suggests an increase in corrective actions stemming from exam findings, rather than as a consequence of enforcement. The CFO and CCO play pivotal roles in ensuring their firms are well-prepared to respond effectively.

For more than a decade, I’ve guided private funds CFOs through the intricacies of SEC compliance, with a focus on exam readiness. Whether you're new to the role or a seasoned professional, this article will equip you with the strategies needed to confidently navigate an upcoming SEC exam.

Likelihood of being selected for an examination

If you are a registered investment adviser (RIA), you are much more likely to be subject to an examination in any given year than an exempt reporting adviser (ERA):

However, ERAs should continue to monitor SEC exam trends. Understanding how the adviser’s business objectives and evolving investing landscape can change regulatory obligations is critical to determining whether registration may be necessary.

For instance, there has been growing interest in taking advantage of opportunities for risk management, improved taxation, providing limited partners with liquidity, or pursuing certain investment opportunities. An adviser relying on the venture capital exemption may consider a continuation vehicle, raise a fund of funds, or pursue a secondary transaction that would bring them outside the exemption and would require registration.

For RIAs, it is important to note that any year since your last exam is open for scrutiny from the SEC. The SEC doesn’t publicly disclose its selection criteria for examinations. However, my experience with past examinations has shown the following factors can raise an adviser’s risk profile:

Current SEC examination priorities New rules adopted by the SEC Whether discretionary vs. non-discretionary advisory services are offered Types of investors Regulatory assets under management, including major changes to it such as large redemptions or significant raises, and fund performance Adviser’s organization Newly registered investment adviser Significant changes to an adviser’s organization, such as ownership or structure Complexity around an adviser with multiple business lines Complexity around several advisers associated with a single entity

Unfortunately, if you’re chosen for an exam, the SEC typically does not disclose the risk factors that led to your firm’s selection. However, you may glean clues from their requests, such as multiple document requests in a particular area or requests for data within a specific period.

Outcomes of an SEC examination

The best possible outcome, a “no further action” letter, is relatively rare. This means that no deficiencies came to the examiner’s attention during the examination, and no further action is required at this time.

It’s more common to receive a deficiency letter, which requires your firm to provide a response acknowledging the deficiency and demonstrating remedial action within 30 days. Once submitted, this type of response is usually sufficient. The SEC will review your firm’s prior history in future exams, so be sure your team is aligned on new and/or corrected processes.

In my experience, deficiency letters are used to notify an adviser of areas that require special attention or remediation. Common deficiencies include: 

• Insufficient recordkeeping
• Late filings
• Inadequate disclosures regarding fees and expenses
• Calculation and allocation of fees and expenses
• Inconsistent practices
• Inadequate disclosures around the allocation of investment opportunities, especially when the private fund adviser manages multiple types of clients
• Timely issuance of audited financials to investors
• Deficient policies and procedures related to the above areas

A deficiency letter can also result in referrals to the Division of Enforcement, which may enforce costly penalties “designed to deter future violations, establish accountability from major institutions and order tailored undertakings that provide potential roadmaps for compliance by other firms” or the return of investor funds. During FY24, the SEC ordered $8.2 billion in financial remedies, the highest amount in SEC history.² This figure includes $2.1 billion in civil penalties across all firms it examined.

The examination process: Onsite vs. Remote

The SEC continues to conduct exams both onsite and remotely. For routine and sweep exams, I have never seen examiners show up without notice, although it is always a possibility. If you are a newly registered RIA, you can generally expect a remote exam within the first 12 to 18 months of registering.

During an onsite or remote exam, the SEC will focus³ on whether advisers have:

• Identified and addressed conflicts of interest
• Provided clients and investors with full and fair disclosure such that they are able to provide informed consent
• Adopted an effective compliance program.

Here’s what you can anticipate during the onsite and remote examination process:

Onsite exam process	Remote exam process
1. Examiner will contact the firm's CCO to provide 1-2 weeks advance notice of when they plan to be onsite to conduct the exam.*	1. Examiner will contact the firm's CCO to inform the CCO the SEC will conduct an exam.
2. Document request will be sent via a secure portal within 24 hours.	2. Document request will be sent via a secure portal within 24 hours.
3. Documents are required to be submitted prior to the SEC onsite. The SEC will request additional documents while onsite.	3. Deadline to submit documents is usually 1-2 weeks.
4. Exam interviews and document reviews onsite typically take place over 3-4 days in the office.	4. Examiner will review all documents remotely and may request supplemental information and telephonic discussions.
5. Examiner will review documents, request supplemental information, and conduct interviews onsite with personnel responsible for the business operations, investment activities, and compliance program, which typically means an interview with the CCO, CFO, operations lead, and founder or CEO. The SEC may also interview junior-level associates to assess the firm's culture and their engagement.	5. Examiner will schedule telephone or video call interviews with personnel responsible for the business operations, investment activities, and compliance program, which typically means an interview with the CCO, CFO, operations lead, and founder or CEO.

*The length of the SEC's advance notice can vary depending on a variety of factors, such as your firm size, the scope and nature of the exam and the regional SEC office. Delays in gathering documents and information could extend the timeline towards completion of the exam.

Examination priorities for 2026

According to the 2026 Examination Priorities Report⁴, private funds will continue to be under heightened scrutiny in the following classic and emerging risk areas:

Classic risk areas	Emerging risk areas
Fiduciary duties Compliance programs Conflicts of interest with respect to third parties and affiliates to provide services Calculation and allocation of fees and expenses (both fund-level and investment-level) and disclosures of fee-related conflicts (SEC has said5 private fund fees and expenses can be difficult for investors to understand) Timely delivery of audited financials to investors Disclosure of investment risks Controls around material non-public information (MNPI)	Integration of AI into advisory operations, including portfolio management, trading, marketing and compliance, and disclosures to investors related to these areas Cybersecurity practices Crypto assets and emerging financial technology Digital engagement practices Participation in prediction markets and misuse of non-public information Fund valuation methodology, recordkeeping and reporting Compliance with recently adopted rules including the Marketing Rule, amendments to Form PF, beneficial ownership filings and Form N-PX   Private fund advisers experiencing poor performance and significant withdrawals and/or holding more leverage or difficult-to-value assets or assets sensitive to market volatility

In my experience, the SEC has recently focused on the following 6 risk areas:

1. Fees and expenses

The SEC continues to emphasize that as compensation arrangements continue to grow in complexity, private fund fees and expenses can be difficult for investors to understand, even to the point where decision-making is affected. It has brought enforcement actions against an advisor for failing to disclose the nature of payments made to affiliates⁶ and inadequate disclosure of conflicts. Further, it recently brought an enforcement action against a private fund adviser who improperly calculated fee offsets due to compensation it received from portfolio companies⁷ pursuant to the terms of the limited partnership agreements (LPAs), which resulted in excess fees charged to investors.

Advisers should ensure they provide adequate and transparent disclosures to their investors and be familiar with the specific fees and expenses provisions in fund LPAs to implement robust policies and procedures. In the spirit of the SEC’s “back to basics” approach, it is common that examination requests include fund governing documents, side letters or other agreements with investors regarding fees and expenses, fund general ledgers and management company books. The examiner will often inquire about specific expenses or review calculations against the governing documents.

2. Material non-public information (MNPI)

The SEC may request documents related to, and ask questions about, the management of MNPI among advisers investing in the public markets, private equity and venture capital. The agency has recognized that private equity and venture capital advisers have more risk exposure in this area for several reasons. First, they increasingly engage expert network firms and are increasingly involved with portfolio companies, such as participating on these companies’ boards. They may also engage with public companies to look for potential liquidity or for mergers and acquisitions (M&A) for their portfolio companies. Further, when advisers evaluate whether information is material non-public, they should be cognizant of how public markets have reacted recently to certain news. For example, it’s important to consider how a company’s use of AI or M&A with an AI-focused company could cause volatility in stock price.

During examinations, it is common for the SEC to request a log of all meetings and communications investment personnel have had with personnel of publicly traded companies. The SEC also requests compliance chaperone logs for expert network calls. It is a good time to review your firm’s policies and procedures as they relate to MNPI and tailor them to your business risks.

More recently, the rise of prediction market platforms has drawn scrutiny of potential misuse of MNPI. As a result, the SEC may investigate  prediction betting activities, which could include scrutiny of personal financial accounts and social media accounts. Beyond any technical “letter-of-the-law” violations, your firm should also consider the optics of engaging in certain activities, particularly given the reputational risks that can arise even when conduct falls within formal rules.  

Ultimately, it is a good time to review your firm’s policies and procedures as they relate to MNPI and tailor them to your business risks.

3. Valuation

The SEC has increased its focus on advisers who invest in illiquid or difficult-to-value assets, especially in commercial real estate and investments that are more sensitive to the interest rate environment and market volatility⁸. In recent examinations of private equity and venture capital funds, I have seen requests for valuation support on a sample of portfolio companies, such as top holdings across funds or portfolio companies whose valuations have been marked up or down materially over the course of the review period. The SEC will question valuation marks that they perceive as potentially outdated, especially those that have not been reviewed in more than a year. Further, they will be laser-focused on advisers who charge fees and expenses based on valuation rather than committed capital. Lastly, the recent SEC webinar reminded advisers that policies must account for unique components of their business lines and investment strategies.

4. Conflicts of interest

I have recently seen an uptick in areas related to conflicts of interest. It is particularly important that your firm be alert to potential conflicts of interest among affiliate relationships. As part of its document request, the SEC will ask for fund governing documents, side letters, disclosure materials, marketing materials and investor communications. It will also request documents related to any principal or cross transactions, services provided to portfolio companies and portfolio company restructurings and follow-on investments. Additionally, it will request a list of compensation paid by the fund and/or portfolio companies to affiliates, advisors and operating partners, as well as participation of affiliates in fund investments.

The SEC seeks to review LPA provisions, such as required limited partnership advisory committee (LPAC) and investor approvals. It also investigates conflict disclosures related to:

• • Billing of expenses to the portfolio company or the funds for services provided by affiliates
  • Funds invested in the same portfolio company but at different stages or tiers of the capital structure
  • Investment allocation
  • Use of borrowing and lines of credit
  • Adviser-led secondaries
  • Use of affiliate service providers

5. Digital communication

The SEC will focus less on sweep exams of advisers’ recordkeeping of digital communications. However, I have continued to see it inquire about an underlying portfolio investment and request records relating to that investment during exams.

Be aware that the SEC books and records rule can be interpreted broadly. If you are unable to produce the requested information, the SEC may initiate an investigation into your recordkeeping policies and procedures. Records may also be subpoenaed in litigation, whether the adviser is a party to it or not. If an adviser is unable to produce the requested information, the SEC may initiate an investigation into the adviser’s recordkeeping policies and procedures.

I recommend your firm use available options to archive or route texts and electronic communications to an archiver. Note that in the future, the SEC will likely address whether transcripts or summaries generated by AI notetakers and output from AI large language model (LLM) tools are subject to the SEC’s recordkeeping requirements.

As your firm integrates AI into daily operations, consider employees’ behaviors, preferred applications and use cases. You can then assess risks, current policies and procedures, and training to determine whether enhancements are necessary.

6. SEC Marketing Rule and other recently adopted rules

I anticipate the SEC will continue its focus on compliance with the Marketing Rule⁹, especially as it relates to performance advertising, testimonials, endorsements and third-party ratings, substantiation and recordkeeping. There were several enforcement actions in 2025 against advisers who were unable to substantiate material claims¹⁰ and made material misstatements to fund investors¹¹. 

In December 2025, the SEC issued a risk alert indicating additional observations regarding compliance with the Marketing Rule. It reiterated the requirements for usage of testimonials and endorsements and third-party ratings, following a number of enforcement actions in these areas in 2024. The SEC updated its Marketing Rule FAQ to state that extracted performance may be presented gross as long as fund-level performance is presented gross and net in equal prominence and calculated using the same timeline and methodology. However, it is important to note that you need to familiarize yourself with another section of the Marketing Rule FAQ on showing fund-level gross and net performance when the funds use lines of credit or other borrowing.

Further, the SEC has adopted several rules designed to increase transparency, such as the updated deadlines for 13D/G filings, the use of Form N-PX for advisers that also file Form 13F and additional trigger event disclosures on Form PF, to name a few. More recently, the compliance date for Regulation S-P amendments was December 2025 for larger entities and June 2026 for smaller entities. Your policies and procedures should be updated to reflect these new requirements and any area the SEC noted as an exam priority. 

The SEC will assess whether advisers have appropriately considered the unique risks posed by all these emerging activities since the initial development of their compliance programs.

Best practices to help you prepare for an exam

The added time and expense needed to develop a compliance program can be challenging. In my experience these three best practices are well worth implementing:

1. Ongoing communication with your compliance team

From what I’ve seen in recent years, examinations increasingly focus on firms’ compliance programs. Deficiency letters specifically singled out CCOs for insufficient development and execution of the firm’s compliance program. In addition, firms’ leadership—including the CFO—has been mentioned for not fully supporting the CCO with resources and organizational buy-in around compliance.

Collaboration with your CCO and compliance consultant can bring broader insights to the discussion as your firm develops both the program and effective controls. The SEC emphasizes how critical it is to have participation and input across all business and operations lines.

Questions to ask your compliance team: Which SEC recordkeeping requirements should I be aware of? What can finance and operations do from a compliance standpoint, including any reviews and testing the team should be performing? Are fund documents sufficient in fee and expense disclosures to investors? What kind of processes need to be built out to support compliance monitoring and testing? Have we recently reviewed fund documents to ensure our finance and operations processes align?  What aspects of filings, such as trigger events and information reported, do finance and operations need to be aware of and prepare for? What are best practices we can consider implementing?

In addition, I recommend ongoing communication with your CCO and compliance consultant and establishing routine touchpoints. The more frequently these touchpoints occur, the more likely you’ll have already covered many of the SEC’s questions during an exam.

2. A culture of compliance

Developing a culture of preparation within your firm requires building clear processes and procedures into your compliance program, from the structuring of accounts payable to the valuation of an investment.

The SEC understands that every firm is different, so your program should be tailored to your unique workplace culture. Reduce process complexity as much as possible and do what makes sense to ensure adherence isn’t too difficult.

In the event of an exam, your firm should be able to produce requested documents in a timely manner, articulate your procedures and demonstrate compliance to the SEC.

Questions the SEC will ask: Does your firm have tailored compliance policies and procedures in place? When were policies on fees and expenses and valuation last reviewed and can a redline against the last version be provided? Do the policies and procedures on fees and expenses and valuation capture the current processes related to all funds and the types of investments in fund portfolios? What kind of reviews and testing are performed on specific policies and procedures? Is the required documentation easily accessible by all responsible parties? Do employees have a reasonable understanding of the processes and their roles? Is the leadership team supportive of a sound compliance program? Does your firm's culture uphold the execution of the program?

Your compliance program should remain dynamic and capable of adjusting to evolving factors, such as changing market trends or investor expectations. Perform periodic reviews and testing based on past compliance issues, changes in business activities and regulatory updates.

3. Real-time access to industry updates

Finally, keep up to date with the newest regulatory developments, compliance best practices and enforcement actions. By staying informed, you can proactively collaborate with your compliance team and adjust your financial procedures to maintain compliance.

How to stay informed: Regulatory alerts from the SEC's Divisions of Enforcement and Investment Management Webinars and/or events hosted by private funds CFO groups Industry conferences like PE Insights, Private Equity Forums and Private Funds CFO New York Forum Email alerts from your compliance consultant and/or legal counsel

Working toward a positive outcome

Over the years, I’ve worked with dozens of private funds CFOs and come to understand the constraints on your time and resources. Leveraging the expertise and capacity of your CCO and compliance consultant can help you streamline your SEC examination process and position your firm for the best possible outcome.