hamburger
Book a Demo
sign-1
Book a Demo
hamburger
sign-1
Book a Demo
hamburger
← Back to Glossary

Annual Compliance Review (Rule 206(4)-7)

The annual compliance review is required by Rule 206(4)-7 under the Investment Advisers Act. Each SEC-registered investment adviser must review the adequacy of its compliance policies and procedures and the effectiveness of their implementation at least once per year. Since ...
Rule 206(4)-7 review Annual review Compliance program review

Why examiners care

Common cause
The annual review is assembled in the weeks before the deadline from emails, screenshots, and ad-hoc spreadsheets. Gaps surface that should have been caught earlier in the year.
What the examiner sees
Inadequate annual review documentation — the firm cannot produce evidence that the program was actually tested against the firm's risks.
Defensible response
Year-round monitoring evidence, a written risk assessment, identified weaknesses with remediation status, and a CCO-signed report.

What the review must cover

The review is a top-to-bottom check of the firm's compliance program. The areas the SEC expects to see covered include:

  • Portfolio management — suitability, allocation, drift, and concentration controls.
  • Trading practices — best execution, order aggregation, allocation, personal trading.
  • Marketing and advertising — compliance with the Marketing Rule.
  • Client communications and disclosures — Form CRS, brochures, performance reporting.
  • Books and records — completeness, retention, accessibility.
  • Privacy and cybersecurity — Regulation S-P implementation.
  • Custody — qualified custodian status, surprise audits, inadvertent custody.
  • Code of Ethics — personal trading, access persons, gifts and entertainment.
  • Service providers — adequacy of oversight.

The 2023 written-documentation amendment

Before 2023, the rule required the review but did not explicitly require a written record of it. The amended rule closes that gap. The SEC can now verify that the review actually happened by requesting the written record. Firms that were doing the review only orally or informally are exposed for the first time.

What "adequate" documentation looks like

A defensible written annual review names what was reviewed, the period covered, the reviewer (typically the CCO or designee), the findings, the corrective actions taken, and the timeline for any open items. It is signed and dated. It is retained as part of the firm's books and records.

Common deficiencies

  1. No written record at all — the most serious finding.
  2. Generic checklist with no firm-specific findings — examiners read this as a fill-in-the-blank exercise rather than a real review.
  3. Findings identified but no corrective actions documented — the SEC views this as worse than not finding the issue.
  4. Review covers only a subset of required areas.

How StratiFi thinks about the annual review

The annual review is not a compliance ritual — it is the firm's chance to find its own gaps before the SEC does. Done well, it surfaces concrete actions: a policy that needs updating, a control that is not being followed, a record that is hard to produce. The firms that benefit most treat it as continuous evidence collection through the year, with the annual document being a synthesis rather than a one-time audit.

Frequently asked questions

  • Who has to perform the annual review?
    Every SEC-registered investment adviser. The CCO typically owns the review, and may engage external consultants to assist. State-registered advisers are subject to similar state-level requirements.

  • Does the review need to be signed?
    While the rule does not literally require a signature, the practical standard is a signed and dated document — the CCO's name, the review period, the date completed. Examiners expect this.

  • What's the consequence of a missed review?
    Failure to conduct or document the annual review is a direct violation of Rule 206(4)-7 and is reliably cited as a deficiency in examinations. Repeated failures can be referred to Enforcement.

Related terms

Books and Records (Rule 204-2)

Rule 204-2 under the Investment Advisers Act of 1940 requires registered investment advisers to maintain specific books and records for ...

 Form ADV

Form ADV is the uniform form that investment advisers use to register with the SEC and state securities regulators and to disclose ...

 Registered Investment Adviser (RIA)

A Registered Investment Adviser is a firm or individual registered with the SEC or one or more state securities regulators to provide ...