The SEC Marketing Rule Changed Everything About Your RIA Website

Before November 2022, the SEC's advertising rule was from 1961. It defined 'advertisement' narrowly enough that most RIA website content fell into gray areas. The new Marketing Rule — SEC Rule 206(4)-1 — eliminated the gray areas by defining advertisement as any communication that offers or promotes investment advisory services.

Read that definition again. Any communication that offers or promotes. Your homepage describing your firm's philosophy? Advertisement. Your team page with partner bios mentioning decades of experience? Advertisement. Your blog post discussing market outlook with a CTA to schedule a consultation? Definitely an advertisement.

The practical impact is massive: virtually every page on your RIA's website is now subject to the Marketing Rule's requirements for substantiation, record retention, and compliance review. If your compliance program hasn't adapted to this reality, you're operating with a gap that SEC examiners are specifically trained to find.

The old rule prohibited testimonials entirely. The new rule allows them — with conditions. Client testimonials on your website must include disclosure of whether the person is a current client, whether they were compensated, and a statement that the testimonial may not be representative of other clients' experiences.

Third-party endorsements (like a financial advisor being quoted in a media article and featuring that on their website) require disclosure of any compensation arrangement, whether direct or indirect.

Here's where archiving becomes critical: if you add a testimonial to your website, the compliance review and all required disclosures must be documented. If you modify or remove a testimonial, you need records of when it was displayed and when it was changed. Daily website captures create an automatic record of every testimonial that appeared on your site and the exact dates it was live.

The Marketing Rule allows performance advertising (the old rule didn't, technically), but with detailed requirements. Net performance must accompany any gross performance presentation. Performance must cover specific time periods. Hypothetical performance requires specific disclosures and can only be shown to audiences that have the resources and knowledge to evaluate it.

Your website is a public resource. Anyone can access it. That means hypothetical performance on your website needs to clear a higher bar — or shouldn't be there at all. Many compliance consultants recommend keeping hypothetical performance behind a client login where access can be controlled.

The recordkeeping implication: every version of every performance presentation on your website must be retained under Rule 204-2 for 5 years. If your performance page changes quarterly, that's 20 versions to retain over the 5-year period. Automated daily captures handle this without any manual effort.

SEC EXAMS (formerly OCIE) has made the Marketing Rule a priority in examination cycles since its effective date. Examiners specifically review website content for: testimonials without required disclosures, performance claims without net performance, promissory language ('guaranteed returns,' 'risk-free'), misleading statements about qualifications or experience, and failure to retain website content as required under Rule 204-2.

The examination approach is methodical: examiners capture your current website, compare it against your compliance files, and request historical versions to check for changes. If you've been running testimonials without disclosures for six months before fixing them, the examiner will ask about those six months.

VaultShot's daily captures give you the same visibility examiners have — but proactively. Review your own archive regularly to catch compliance issues before an examiner does. It's much cheaper to fix a problem you find yourself than one an examiner finds for you.