Stay Up to Date
SEC Private Fund
Rulemaking Tracker
Finalized Rules with Upcoming Compliance and Effective Dates
| Rule | Effective Dates | Brief Description |
| Regulation S-P | August 2, 2024 Compliance date: December 3, 2025 for large advisers with at least $1.5B AUM; June 3, 2026 for small advisers with less than $1.5B AUM |
Covered institutions must create an incident response program reasonably designed to detect, respond to, and recover from unauthorized access to or use of customer information. Individuals whose sensitive customer information was, or is reasonably likely to have been, accessed or used without authorization must be notified no later than 30 days after becoming aware of such incident |
| SEC/CFTC Amendments to Form PF | October 1, 2025 | This is the second set of Form PF reporting amendments in as many years. Among the changes, advisers will be required to disaggregate complex fund structures, report contributions and withdrawals/redemptions in the reporting period, and provide increased performance measures |
| Investment Adviser Anti-Money Laundering Program Requirements | January 1, 2026 | RIAs and ERAs are required to (1) designate an AML Compliance Officer; (2) implement an AML program; (3) conduct independent testing of the program; and (4) provide AML training to employees. FinCEN has delegated examination authority to the SEC |
| Form SHO | January 2, 2026 | Institutional Investment Managers are required to file Form SHO within 14 calendar days of month end if they exceed certain thresholds in short-sale positions |
Proposed Rules
| Rule | Proposed Dates | Brief Description |
| Customer Identification Program (“CIP”) | May 13, 2024 |
The proposed rule aims to strengthen AML/CFT measures in the investment adviser sector. It would require RIAs and ERAs to implement CIPs that would make it more difficult for persons to use false identities to establish customer relationships with investment advisors. The CIP would include procedures for RIAs and ERAs to verify the identity of each customer to the extent reasonable, and obtain certain identifying information from each customer. This is separate from the finalized August 2024 rule issued by FinCEN requiring investment advisers to adopt an AML program |
| Conflicts of Interest for Use of AI | Withdrawn June 2025 | Firms that use a “Covered Technology” (use of analytical, technological, or computational functions, algorithms, models, correlation matrices, or similar methods or processes that optimize for, predict, guide, forecast, or direct investment-related behaviors or outcomes) would be required to evaluate whether any conflicts of interest may exist from such technology, and if so, eliminate them. Firms would also need to establish written policies and procedures addressing the use and conflicts of such Covered Technology. Finally, there are new record keeping requirements advisers would need to follow |
| Safeguarding Advisory Client Assets | Withdrawn June 2025 | The proposed amendments would expand the Custody Rule to cover any client assets that an adviser has custody of, including but not limited to digital assets, real estate, and commodities. Assets would now also include non-traditional line items, such as written options and negative cash. Under the proposal, qualified custodians would be required to have “possession or control” of advisory client assets, with limited exceptions for physical assets and certain privately offered securities |
| Outsourcing by Investment Advisers |
Withdrawn June 2025 | Among other proposed requirements, advisers would need to be able to document their analyses of the scope of work service providers are performing, each service provider’s subcontracting arrangements, and potential risks to the adviser relating to work performed by the provider |
| Enhanced ESG Disclosure | Withdrawn June 2025 | Under the proposed rule, advisers would have to specify whether they or their private funds pursue ESG “Integration Funds,” “ESG-Focused Funds,” or “Impact Funds,” and disclose certain ESG-related information on Form ADV Part 1A and Part 2A, including methods of analysis, financial industry affiliations, and proxy voting policies, among other things |
| Cyber Security | Withdrawn June 2025 | Registered advisers would need to adopt policies reasonably designed to address cybersecurity risks, conduct annual reviews of the policies, and report significant cybersecurity incidents and risks to the SEC in new Form ADV-C and Form ADV Part 2A |