Main Contributor: Meghan Sundquist with contributions from Elizabeth Cope, Katie Mogan, Pamela Lalli, Vanessa Short, and Cameron Gunnin

Background

Every year, the National Society of Compliance Professionals (“NSCP”) hosts a two-and-a-half-day conference providing a wealth of educational and networking opportunities. NSCP is a non-profit organization dedicated to supporting compliance professionals, and this year the conference was held in Orlando, Florida during the last week of October.

Usually, the conference hosts panels with SEC regulators in addition to various vendors and professionals experienced in their fields. Due to the government shutdown, however, NSCP had to pivot quickly to fill the gaps due to the Staff being unable to attend. As a result, attendees were able to hear previous staff members and experienced compliance professionals discuss exam priorities under the new administration and best practices for current and future government shutdowns.

While some SCS employees attended the same sessions, we tried to spread out and attend different sessions we thought would be helpful in working with clients or topics that looked interesting. Below are some common takeaways from SCS employees who attended.

Technology

AI, blockchain, and cryptocurrency are here to stay, despite the hype. While actual application and legislation are still up in the air, technological advances continue to transform the financial and compliance landscapes.

The most common discussion at the conference surrounded Artificial Intelligence (AI) – it’s uses, risks, and implementation. A few SCS employees attended the AI panel discussion and learned some basic facts and more practical ideas for AI oversight.

One of the most important factors in AI implementation is due diligence. This was the current that underscored the panel discussion. Below are some factors to consider:

• AI as we know it today is simply an incredibly complex set of computer code creating Language Learning Models (“LLM”). They have to be programmed and trained and are not omniscient or incapable of error.

• Every LLM has a distinct personality and unique strengths due to how they are programmed and what they are programmed to do (e.g. ChatGPT tends to agree with the user, Grok tends to disagree, Perplexity excels at research, and Claude tends to be balanced). It is important to understand the nature of the LLMs used by your firm as well as the vendors you are considering or already using.

• There are also numerous concerns regarding privacy and accuracy. The NSCP panelists recommended having specific employees designated to oversee AI use at your firm. This could be IT or a person or group of people who work with IT. When conducting due diligence, be sure to carefully review the privacy policies and disclosures for the level of the product your firm plans on using (free version versus a paid tier). Some companies use transcriptions and other information to train their LLMs which could compromise client information. You should also test the LLM for accuracy multiple times a year (quarterly, semi-annually, monthly). The way in which your firm uses the LLM will dictate how you should test.

  • If you use an AI program to help employees access information in the policies and procedures or other HR documents, ask the program certain questions and compare the answers to the actual manual to confirm accuracy.

  • If you use an AI program for quick information reference, ask it questions and compare the answers with your own research to confirm accuracy.

  • Create policies and train employees on how to review AI generated content, such as meeting transcriptions, to ensure accuracy.

  • You can also ask similar questions to different programs and compare the answers.

  • Consider your firm’s use and whether any disclosures are necessary to clients.

Another technological topic discussed was the continuing rise of blockchain technology and cryptocurrency. While there are still many unknowns, one thing seems to be clear: this technology is here to stay. Firms should start preparing operationally and compliantly for the various ways this technology could impact the financial landscape. At SCS, we are monitoring the progress in this field and we are tracking regulations and updates as they come.

Regulation S-P

It is no surprise that Reg S-P was a topic of discussion, given the impending compliance deadline for large firms on December 3, 2025. To learn more on this topic, see our last blog post here.

Exam Priorities and Readiness

Finally, all SCS attendees noted the focus on shifting exam priorities with the new leadership and various ways firms can continue their efforts to be prepared. Based on the comments of several panelists referencing various statements from the SEC Staff and leadership, the following seem to be the focus of this new administration:

• Custody

• Fee Billing

• Conflict of interest disclosures

• Marketing: especially substantiation of factual statements and the general prohibitions

The overarching theme of these focus areas is fraud – i.e., whether investors and/or clients were harmed. While these are areas of focus, firms should continue to maintain thorough compliance and oversight of all other requirements applicable to their respective businesses. Firms can also review the SEC enforcement manual to aid in exam success.

At the time of the conference, the government was still shut down. Panelists urged compliance professionals to maintain timeliness with regulatory filings, exam deadlines, etc. With the SEC returning to the office, we expect a significant backlog as the Staff works to catch up on reviews, exams, and other submissions from their time away from the office.

If you have any questions on how any of these topics apply to your individual firm, please reach out to your SCS contact. If you are not currently an SCS client, you can schedule a meeting here to meet with an SCS representative to see how we may be able to help ease your compliance overwhelm!