Robo-Advisers are Not Immune from Compliance Failures

Regulators are continuing their focus on robo-advisers,[1] and since 2018 the Securities and Exchange Commission (“SEC”) has filed several enforcement actions reflecting violations of various regulations under the Investment Advisers Act of 1940 (“Advisers Act”).[2]  The most reoccurring are violations to:


  • Section 206(2) of the Advisers Act – prohibits an investment adviser, directly or indirectly, to engage in any transaction, practice, or course of business that operates as a fraud or deceit upon any client or prospective client.
  • Section 206(4) of the Advisers Act – prohibits an investment adviser from engaging in “any act, practice, or course of business which is fraudulent, deceptive, or manipulative”.
  • Rule 206(4)-1 of the Advisers Act – makes it a fraudulent, deceptive, or manipulative act, practice, or course of business within the meaning of Section 206(4) of the Advisers Act for a registered investment adviser to publish, circulate, or distribute any advertisement which contains any untrue statement of a material fact, or which is otherwise false or misleading.
  • Rule 206(4)-7 of the Advisers Act – which require a registered investment adviser to adopt and implement written compliance policies and procedures reasonably designed to prevent violations of the Advisers Act and the rules thereunder.

In this month’s Risk Management Update, we discuss the violations found and associated penalties in the SEC actions, and outline risk management steps to help firms prevent compliance failures.


Violations and Compliance Failures

The specific violations outlined in the administrative orders mainly circle around lack of disclosures covering conflicts of interest areas, such as:

  • Having a financial incentive to recommend/include certain investment offerings
  • Using affiliates to provide certain services connected to the robo-adviser platform
  • Using proprietary investment products

Additional violations pertain to the dissemination of marketing materials that contained false and misleading information regarding the performance and/or product offerings associated with the robo-adviser platform.

The one violation that was noted in all the robo-adviser administrative orders was the failure to adopt and implement adequate written policies and procedures.


Sanctions and Penalties

In some of the cases, the robo-advisers are required to hire an independent compliance consultant to conduct various reviews and provide written reports with findings and recommendations. The advisers also must promptly implement the recommendations and then certify in writing to the independent consultant and the SEC of the implementation.

In all the cases, the robo-advisers are required to provide a copy of the SEC Order to affected clients. Additionally, while not specifically outlined in the SEC orders, the robo-advisers will need to amend their Form ADV and Form CRS to disclose the enforcement action.

Last but not least, the robo-advisers are required to make disgorgement payments to clients, as applicable, and pay a penalty, which ranges from hundreds of thousands to hundreds of millions in US dollars.


Risk Management Steps

  1. Review SEC Guidance: The SEC periodically issues written guidance on various compliance topics to help firms understand requirements, which can be found on their website at For example, in November 2021, the SEC issued a Risk Alert that reflects their observations of various compliance deficiencies found during routine exams of investment advisers that provide electronic investment advice.[3]  The deficiencies discussed within the Risk Alert include the violation areas outlined above, but also cover additional areas, such as cybersecurity, portfolio management, appropriate registration, and adherence to Rule 3a-4 of the Investment Company Act of 1940.
  2. Perform Conflicts of Interest Assessments: Review all areas of business to determine the actual and potential conflicts surrounding the firm’s robo-adviser services. Examples of common conflict areas include: (i) advisory fees and other compensation, (ii) use of affiliates, (iii) referral arrangements, (iv) trading and best execution, (v) handling trade errors, (vi) revenue sharing arrangements, (vii) personal trading by employees, (viii) soft dollar arrangements, (ix) gifts and entertainment, and (x) employees’ outside business activities. The assessment should be performed at least annually and documented to reflect all identified conflicts and how the firm addresses each conflict.
  3. Review Written Policies, Procedures, and Controls: Compare current processes to written policies and procedures to determine if they are adequate and structured to detect and prevent violations. Ensure they clearly address the various areas surrounding the electronic advice being provided to clients and all identified conflicts of interest. This should be completed at least annually and can be part of the firm’s Rule 206(4)-7 required review.
  4. Review Form ADV and Form CRS: Confirm  that Form ADV Part 2A contains detailed disclosures covering the robo-adviser program, including but not limited to: (i) who sponsors the program, (ii) how client information is gathered and used, (iii) what types of securities are used, along with a description of the asset allocation strategies/models offered, (iv) the advisory fees charged and how they are calculated and billed/paid, (v) the additional fees and costs paid by clients in the program, (vi) any minimum investment amount, (vii) the portfolio management process and how often portfolios are rebalanced, (viii) the custodian and brokerage arrangements used, (ix) how proxy voting is handled, (x) any direct or indirect compensation received by the advisory firm, its employees, and/or affiliates, (xi) whether the firm has custody of client assets in the program, (xii) when they will receive account statements, and (xiii) the potential and actual conflicts applicable to the program and how the conflicts are addressed by the firm.  Form CRS should include a summary of the program services, fees charged, whether any employees and/or affiliates receive compensation tied to the program, and the associated conflicts.
  5. Review Marketing Activities and Materials: Determine whether the statements made, information included, and disclosures provided regarding the program are adequate, presented in a fair and balanced manner, and do not appear potentially misleading. This should include performing quarterly reviews of the following marketing channels, as applicable:
    • The online platform where the program is utilized by prospects and clients
    • The firm’s website and social media sites
    • Employee business social media sites
    • Affiliates website and social media sites
    • Third-party sites, such as sponsor websites, and solicitor social media and/or blogs

6. Test Performance Results: Periodically meet with personnel that oversee the calculation of performance returns for the program to determine the          process and perform quarterly sampling testing to ensure calculations are being performed correctly.

7. Perform Due Diligence on Third-Party Sponsors: If using a program that is sponsored by a third-party, firms should perform a detailed review of            the sponsor’s compliance protocols applicable to the program. The review should be performed and documented at least annually and cover all            areas the SEC listed in their guidance and enforcement actions, where deficiencies and violations were found.


SEC registered investment advisers are subject to numerous federal compliance requirements, regardless of whether they provide investment advice directly to clients or through electronic online platforms. Ensuring compliance with applicable regulations is not a one and done project, but rather a continuous process that requires ongoing testing, reviews, and updates to a firm’s compliance program.  Senior management should determine whether the resources devoted to the compliance function of the firm are adequate for compliance personnel to perform the required testing and reviews. Notably, if more resources are needed, utilizing technology and a compliance consulting firm to assist can provide an economical solution.

The Core Compliance consulting team are well versed in this area and can assist robo-advisers ensure that their compliance programs are appropriately designed to help prevent violations of securities laws. Call or email us at 619-278-0020 or, or visit us at for more information.

Authors:  Maggie Tavares, Sr. Compliance Consultant, and Tina Mitchell, Managing Director, Consultation Services, Core Compliance & Legal Services (“Core Compliance”). Core Compliance works extensively with investment advisers, broker-dealers, investment companies, and private fund managers on regulatory compliance issues.

This article is for information purposes and does not contain or convey legal or tax advice. The information herein should not be relied upon in regard to any particular facts or circumstances without first consulting with a lawyer and/or tax professional.


[1] Generally defined as an investment adviser with an online platform that provides automated financial guidance and investment services.

[2] See

[3] See

Leave a Reply

Your email address will not be published. Required fields are marked *