Compliance Rule 206: The SEC Standard Every RIA Must Master

Performance Advertising Requirements

The performance advertising provisions under Rule 206(4)-1(d) are among the most technically demanding requirements in the rule. They require:[dwt]​

• Net performance alongside gross performance — If an advertisement presents gross performance, it must also present net performance with at least equal prominence and for the same time periods.
• Standardized time periods — For any portfolio presented, the adviser must show 1-year, 5-year, and 10-year returns (or since inception if shorter), calculated to the most recent calendar year-end.
• Fair and balanced presentation — No cherry-picking of favorable time periods, specific accounts, or strategies.
• Hypothetical performance disclosures — Any hypothetical, back-tested, or model performance must be accompanied by clear disclosures, including the methodology, assumptions, and limitations, and must be relevant to the likely financial situation and investment objectives of the intended audience.

The SEC’s Marketing Compliance FAQ, updated as recently as January 2026, provides ongoing staff guidance on how performance characteristics should be treated within these requirements.mayerbrown+1

At Asset Manager Tech, all performance data presented to prospects is calculated by our algorithmic systems in strict compliance with these standards. No cherry-picked time periods. No gross-only performance. No hypothetical projections presented without full disclosure of methodology and limitations.

SEC Marketing Rule and RIA Advertising Compliance: Operational Standards for AI-Driven Firms

The transition from the old advertising rule to the current SEC Marketing Rule created a new operational standard for RIA advertising compliance. For traditional firms with human marketing and compliance teams, the rule created workflows, review processes, and documentation obligations. For AI-driven RIAs, the infrastructure requirements are the same — but the execution architecture is different.

Recordkeeping Under Rule 204-2 (Amended)

The SEC amended Rule 204-2 (the Books and Records Rule) in conjunction with the Marketing Rule. All SEC-registered RIAs must now maintain:[innreg]​

• Copies of every advertisement disseminated, regardless of format (digital, print, video, social media)
• All documentation supporting performance claims, including spreadsheets, calculation methodologies, and data inputs
• Written agreements with all compensated promoters or endorsers
• Disclosures provided to clients and prospects in connection with testimonials, endorsements, or third-party ratings
• Documentation identifying the intended audience for any hypothetical performance content
• Records demonstrating the basis for the adviser’s determination that any testimonial or endorsement complies with Rule 206(4)-1

Asset Manager Tech maintains a complete, automated recordkeeping system that captures and archives every piece of content produced for external dissemination. Our AI infrastructure timestamps, logs, and categorizes all marketing outputs for regulatory review.

Substantiation Standards

The unsubstantiated statement prohibition under Rule 206(4)-1(a)(2) requires that any material statement of fact in an advertisement be capable of documentation. This means:

• Claims about investment strategy effectiveness must be supported by verifiable performance data
• Descriptions of risk management processes must reflect actual operational procedures
• Statements about the firm’s technology, infrastructure, or regulatory standing must be accurate and documentable

The compliance infrastructure at Asset Manager Tech operates on the principle that every public-facing statement is a potential regulatory document. Our AI systems generate content that is cross-referenced against internal data sources before publication, ensuring substantiation is built into the production workflow, not reviewed after the fact.

Compliance Officer RIA: How Rule 206(4)-7 Defines Firm Governance

While Rule 206(4)-1 governs what an RIA can say, Rule 206(4)-7 — known as the Compliance Program Rule — governs how an RIA operates internally. Understanding both rules together is essential to understanding what Compliance Rule 206 means in practice.[innreg]​

The Three Core Requirements of Rule 206(4)-7

 

1. Written Policies and Procedures

Every SEC-registered investment adviser must adopt and implement written policies and procedures that are reasonably designed to prevent violations of the Investment Advisers Act and the rules thereunder. These procedures must be tailored to the specific business model, services offered, and risk profile of the firm. A boilerplate compliance manual is not sufficient.[ria-compliance]​

2. Annual Review

Firms must conduct an annual review of their policies and procedures to assess whether they remain adequate and effective. The SEC’s 2023 amendment to Rule 206(4)-7 now requires this review to be documented in writing, giving examiners direct visibility into how the firm evaluates and updates its compliance program. The review must assess:[innreg]​

• Whether existing policies are effective in preventing and detecting violations
• Whether the compliance program design still fits the firm’s size, services, and risk exposure
• Whether the program accounts for new products, regulatory changes, or business developments

3. Chief Compliance Officer Designation

Rule 206(4)-7 requires every registered investment adviser to designate a Chief Compliance Officer (CCO) who is responsible for administering the firm’s compliance policies and procedures. The CCO must be knowledgeable about applicable securities laws and must have sufficient seniority and authority within the firm to compel compliance.[ria-compliance]​

The AI-Only RIA and the CCO Function

For an AI-driven RIA operating without human advisors, the CCO function is one of the most structurally important considerations in the firm’s regulatory architecture. The SEC requires that a designated individual — or in the case of AI-first firms, a qualified principal or board-level officer — holds responsibility for the compliance program.

At Asset Manager Tech, our compliance infrastructure is designed to meet the letter and intent of Rule 206(4)-7. Our written policies and procedures govern every layer of the firm’s operations: investment decision-making logic, client onboarding, portfolio rebalancing triggers, performance reporting, marketing content production, and data security. These policies are reviewed at minimum annually and updated in response to regulatory guidance, SEC risk alerts, and changes in our technological infrastructure.

The documented annual review is not a formality. It is a structured examination of whether our AI systems, operational processes, and public communications remain aligned with the regulatory requirements under which we are registered.

SEC Oversight: How the SEC Examines and Enforces Compliance Rule 206

Understanding SEC oversight is as important as understanding the rules themselves. The Division of Examinations (formerly OCIE) conducts periodic examinations of registered investment advisers, and enforcement actions under Section 206 and its implementing rules carry significant consequences.

Examination Priorities and Marketing Rule Scrutiny

Since the compliance date of the Marketing Rule in November 2022, the SEC has prioritized review of RIA marketing materials in its examination program. The Division of Examinations has issued risk alerts specifically highlighting areas of concern under Rule 206(4)-1, including:[ria-compliance-consultants]​

• Failure to include required disclosures in testimonials and endorsements
• Use of compensated promoters without written agreements
• Compensating ineligible persons for testimonials or endorsements
• Performance advertising that does not present net returns alongside gross returns
• Use of hypothetical performance without appropriate disclosure and policies