On June 12, 2025, the SEC withdrew most of its pending proposed rules affecting investment advisers, investment companies, and broker-dealers. This included a wide range of rules proposed during former Chair Gensler’s tenure, including:
- Cybersecurity risk management and disclosure requirements
- ESG disclosure requirements
- Conflicts of interest related to predictive data analytics
- Outsourcing by investment advisers
- Best execution requirements for broker-dealers
- Safeguarding of advisory client assets
While the SEC did not provide commentary on its decision to withdraw these rule proposals, the move comes on the heels of the SEC and CFTC’s June 11, 2025, decision to further delay the implementation of Form PF updates, indicating that the SEC, under Chair Atkins, is moving away from its past approach to policymaking.
Our Guidance
While the withdrawal of many of these proposals was expected, firms should continue to focus on the core issues and risks that were addressed in these proposals. We expect issues like AI, cybersecurity, fraud, and conflicts of interest will continue to be included in SEC examinations. The SEC has also implemented “look-back periods” around key risks like these for when new rules are issued in the future. The withdrawal of these proposals should not be interpreted as a lack of future interest in these topics.
It is also important to note the proposals and upcoming rules the SEC has not withdrawn or delayed, including:
- Customer Identification Programs for Registered Investment Advisers – This proposal supplements the FinCEN rule, bringing advisers under the Bank Secrecy Act. That it remains under consideration strongly suggests the rule will stand. If finalized, a compliance deadline will follow, especially relevant as FinCEN’s compliance date approaches on January 1, 2026. Given the cross-agency effort to develop this proposal, we expect the two agencies continue to align on compliance dates.
- Amendments to Regulation S-P – These amendments are scheduled to take effect in December 2025 (June 2026 for smaller firms). They will require firms to establish and maintain an incident response program reasonably designed to detect, respond to, and recover from unauthorized access to or use of customer information. Given the SEC’s focus on investor and customer protection, and recent statements on the amendments, it is likely these amendments will take effect, though a delay of the compliance date is certainly possible.
The regulatory environment in the U.S. is constantly evolving. We are here to help you stay ahead of regulatory changes.
Explore Our Solutions
Whether you are looking to launch, grow, or protect your firm, a robust compliance program is essential. At ACA Group, we offer a comprehensive suite of advisory, managed services, and technology solutions designed to help you build, oversee, and maintain a best-in-class compliance program.
Partnering with ACA Group provides more than just compliance solutions—it offers a strategic advantage that helps you stay ahead of regulatory changes, streamline compliance oversight, and reduce operational risk all while supporting sustainable business growth. Our wide range of solutions includes:
- Compliance Advisory: Including ACA Signature, which offers three distinctive models–Partner, Core, or Essential–allowing you to customize your services according to your firm’s size, specific requirements and ongoing compliance obligations. These scalable consulting offerings can be paired with managed services, regulatory technology, cybersecurity, and ESG to effectively address your regulatory commitments and day-to-day responsibilities.
- Managed Services: Outsource your compliance management tasks to simplify your processes, save time, and enhance business outcomes. Whether you need support with regulatory filings, AML due diligence, marketing, eComms or social media reviews, investment performance, or code of ethics and personal trading, we’ve got you covered.
- Outsourced Chief Compliance Officer (OCCO): Optimize compliance oversight by passing your compliance requirements to our experts, helping to lower expenses and providing best practices.
- RegTech: Unlock the full potential of your compliance strategy with ComplianceAlpha®, ACA’s scalable governance, risk, and compliance software offering. Our integrated solution empowers you to streamline processes, enhance oversight, and meet regulatory demands with ease.
In addition to compliance, we also protect your firm with tailored ESG, Cybersecurity, Privacy and Risk, and Investment Performance services—enhancing both your risk management and long-term resilience.
Contact us today to learn how ACA Group’s specialized expertise, advanced technology, and proven processes can help your business achieve its compliance goals, scale efficiently, and protect your reputation in a complex regulatory environment.