2026 SEC Priorities Signal New Compliance Pressures for Financial Services

As financial markets continue to digitalise and compliance frameworks evolve, the SEC’s newly released 2026 Examination Priorities gives some guidance to regulated firms on what to focus on.

Chairman Paul Atkins and Acting Division Director Keith Cassidy emphasise a proactive, transparent regulatory direction focused on operational effectiveness. Notably, Atkins has directed the Division to:

• Re-evaluate risk-based priorities in light of economic, technological, and geopolitical shifts;
• Deploy limited examination resources more strategically, focusing on higher-impact areas such as cybersecurity, vendor oversight, and evolving technologies;
• Enhance transparency through public engagement and clearer communication of examination observations.

This shift reinforces the SEC’s aim to be both risk-sensitive and outcome-oriented—providing firms a clearer compliance roadmap while tightening enforcement around core investor protection and market integrity concerns.

The SEC is doubling down on the effectiveness of compliance programs, particularly among investment advisers and broker-dealers. This includes scrutiny of recordkeeping, supervision, and the use of marketing channels—areas where firms’ reliance on electronic communications (email, messaging, voice, video) creates compliance vulnerabilities if not properly recorded and supervised.

Cybersecurity & Operational Resilience: With high-profile outages (e.g., AWS) and breaches (e.g., Capita) fresh in mind, the SEC is emphasising resilient infrastructures.

Third-Party Oversight: The SEC is flagging vendor oversight, especially where third-party tools are used. Firms must ensure these tools are recordable and auditable, with proper governance policies and controls.

Use of AI Tools: The SEC, like many other regulators, has also highlighted emerging risks around AI—including transparency, explainability, and supervisory oversight when AI is integrated into compliance functions.

Keeping pace with ever-evolving expectations is challenging for firms relying on recording, reconciliation and surveilling over multiple communication channels, and more importantly demonstrating adequate systems and processes in place. Custodia aims to address this challenge by helping firms streamline their communication data record-keeping and reconciliation, and maintaining audit-ready records. For firms preparing for the 2026 exam cycle, investing in our CC1 services can be a practical step towards demonstrating compliance control, strengthening governance and resilience in a demanding regulatory landscape.