How to Prepare for a State Exam: Tips from a Former Regulator

Investment professionals registered with one or more states have two basic regulatory challenges: managing differences in securities regulations from one jurisdiction to another and affording the resources needed to remain in compliance with the required regulations. Both challenges can be heightened, or even compounded, during an examination by a state securities regulator.


While there are many commonalties among the states in the rules and laws which regulate investment-related firms, the differences, if unknown, can easily result in a firm and/or its investment professionals being out of compliance. In order to avoid examination deficiencies and stay in compliance, firms have to spend a lot of time and resources learning about applicable regulations and implementing appropriate procedures and controls. This month’s Risk Management Update (“RMU”) provides guidance from a former state regulator on what to expect during a state examination and steps to take for a successful outcome.

Components of A State Regulatory Examination

An examination is a systematic method used by securities regulators to determine whether a registrant is, and has been, in compliance with the stated rules and laws that govern the registered activity of the specific jurisdiction. Note that this is not limited to investment advisers. Many states also have jurisdiction of certain private equity firms, financial planners, and state-registered broker-dealers. Investment-related firms requesting registration in any given state agree to abide by the rules and laws of that jurisdiction as part of the registration. This includes the right of the state to examine the registrant as determined by the state securities authority and governing law.

An examination has three basic components:

  • Request(s) for information
  • Review of information
  • Determination of compliance.

Each component can vary in scope, complexity, and methodology depending on the state regulator and the type and size of an investment firm. For example, an investment adviser with only one investment adviser representative (“IAR”), managing a limited number of client portfolios, and only advising on select sectors will have a very different examination than an investment adviser that manages a large number of clients, utilizes option strategies, provides financial planning, and advises a private equity fund.

Requests for Information

When a state securities regulator notifies a registrant, generally done by email, that an examination is being conducted, the regulator will begin with requests for information from the firm. This request can often be made in conjunction with the notice of examination and will generally be communicated by providing a list of books and records. It is important to read through the requests carefully and ask for clarification from the assigned examiner on any unclear request. This is important in order to prevent any incorrect assumption(s), which can result in either the wrong record being provided or inadvertently providing more information than was requested. Understanding the requests as completely as possible will save time and efforts for both the examiner and the examinee.

New firms and firms that have not been examined before can be a bit overwhelmed by the volume of records required to be provided for an exam. A number of states have certain books and records requirements posted publicly on their website, which also directs the reader to the exact section of the regulations to review that outline the minimal requirements for an examination. Check with your regulator[1] to know what to expect in advance. An important reminder that any records which are not part of registered activities or generally outside the scope of the regulatory authority that are comingled with any records covered under the examination authority can be subject to the examination, with a general exception of privileged records with counsel. When responding to a records request electronically, it’s important to only provide requested documents vs. additional information, unless necessary.

Another way a regulator will request information is through an interview with certain firm personnel. Typically, the interview is conducted with the Chief Compliance Officer (“CCO”), principal officer of the firm, and/or the Portfolio Manager.[2] With state registrants, it is not uncommon for these roles to be held by the same person. The interview process is meant to obtain an overview of the firm, its activities, and steps taken for general adherence to common compliance requirements. The examiners use the information provided in the interview(s) as a guide when reviewing the requested information.

A common tendency that should be avoided in interviews is feeling the need to over-explain and give more detail than what is needed to answer a question. The interview should be approached as more of a verbal “executive summary”, rather than a deep dive into the complexities of firm operations. During interviews, provide information that specifically answers the question to the best of your knowledge and let the examiner ask any follow-up questions.

Review of Information

Once the requests for information have been satisfied, the examiner will review the books and records provided by the registrant to: (i) determine whether the requests have been addressed as completely as possible, and (ii) confirm that the information provided during the interview(s) is generally in line with provided records and applicable regulations. As the examiner(s) goes through this process, any incomplete records or information will be noted and, generally, a follow-up request will be made to the firm for a completed copy of the record and/or additional information.

During this portion of the exam, some of the areas the examiners will focus on can include:

  • Correctness of fee calculations
  • Completeness of trade records
  • Retention of executed contracts
  • Accuracy of information in disclosure brochures
  • Applicability of policies and procedures to regulations and the firm’s business activities
  • Appropriateness and retention of all business communications (including emails)
  • Financial stability of the firm and accuracy of its financials

The review of information is not only to cross-reference records for accuracy and compliance with the rules and laws of the regulatory authority, but also serves to determine if any potential red flags of fraudulent activity are present. Remember, the regulators’ primary mandate is to ensure a safe and healthy securities market for investors.

Determination of Compliance

Once the review process has been completed, the examiners make a determination of whether any records, activities, or other aspects of the examined firm are out of compliance with any of the state’s regulations. Typically, firms will have one or more deficiencies, and in a lot of cases they are centered around a lack of maintaining certain required books and records. The examiners will notify the firm in writing of the deficiencies and require the firm to respond to them by a specific date on how the firm will correct the deficiencies. Usually, they allow 30 days to respond. Firms that are well prepared and have tested and maintained their compliance programs will most often be the ones with no material or even reported deficiencies.

According to the most recent data from the North American Securities Administrators Association (“NASAA”)[3], the most common deficiencies noted in state examinations involved:

  • Fee charged does not match contract or ADV
  • Supervisory failures
  • Advertising violations
  • Written contracts with missing or incomplete information
  • Inconsistencies between Form ADV Part 1 & Part 2
  • Missing or incorrect Form ADV information
  • Issues with firm financials such as trial balances, statements, or ledgers
  • Client suitability information

In the more egregious cases, state securities regulators will initiate an administrative action against a firm and/or one or more of its representatives, which involve fines and, in some cases, suspended or revoked licenses.


Not being in compliance with state regulations can be costly. If you feel that your firm may have compliance gaps, don’t wait to address. Consider getting a mock regulatory exam by a compliance expert. Firms that are prepared and continually encourage a culture of compliance with employees will have a much better opportunity to navigate a successful state examination, which can save money in the end.

The Core Compliance team has many years of experience in assisting firms with preparing for regulatory exams and performing mock exams. For assistance or more information about our services, please contact us at (619) 278- 0020 or visit us at for more information.

Author: Core Compliance & Legal Services (“Core Compliance”); Editor: Tina Mitchell, Managing Director, Consultation Services, Core Compliance. Core Compliance works extensively with investment advisers, broker-dealers, investment companies, hedge funds, private equity firms and banks on regulatory compliance issues.

This article is for information purposes and does not contain or convey legal or tax advice. The information herein should not be relied upon in regard to any particular facts or circumstances without first consulting with a lawyer and/or tax professional.


[2] Notably, state examiners can request interviews with any personnel during exams.


Leave a Reply

Your email address will not be published. Required fields are marked *