Regulatory reality check: What compliance teams need to know in July 2025

Edition 22: July 2025

As we enter the second half of 2025, regulators across North America and Europe are recalibrating their priorities. From new disclosure regimes in Canada to formal withdrawals of major SEC proposals, the regulatory landscape continues to shift, sometimes rapidly. For compliance professionals, this means striking a balance between strategic foresight and day-to-day readiness.

In this month’s RegTech Report, we examine the latest developments that are shaping compliance operations and governance expectations. Whether you're adapting to new fund disclosure requirements or preparing for your next regulatory exam, the focus for many firms is increasingly on staying informed, responding proactively, and maintaining thorough documentation.[AF1] 

 July report highlights:

• Canadian Fund Reporting (CFR): The countdown begins. CSA’s proposed rule will overhaul investor reporting in Canada, replacing MRFPs with investor-friendly Fund Reports. Confluence is actively supporting Canadian fund administrators and asset managers in early-stage preparation using its Unity Financial Reporting platform.

• SEC pulls back: 14 rule proposals withdrawn. In a major shift, the SEC has formally withdrawn proposals on cybersecurity, ESG, predictive analytics, custody, and alleviating immediate compliance pressure while maintaining long-term regulatory expectations. Core compliance principles still apply.

• How to survive a regulatory exam: Lessons from the field. Based on insights from Confluence's expert panel, we share practical, battle-tested advice for managing SEC and FINRA exams—from prep to follow-up—with a focus on documentation, internal alignment, and interview readiness.

The Canadian Fund Report is coming – are you ready yet?

Introduction

A significant regulatory change is anticipated in the Canadian investment landscape, and many firms are still preparing. The Canadian Securities Administrators (CSA) have proposed a new Fund Report rule that intends to modernize the information shareholders receive. This initiative reflects similar disclosure reforms like the U.S. Tailored Shareholder Report (TSR) rule, which Confluence has supported firms with in the past.

What is the Canadian Fund Report?

The proposed rule aims to replace the current Management Report of Fund Performance (MRFP) with a new, investor-focused Fund Report format. The intention is to promote simplicity, clarity, and accessibility—in both English and French—through features like tables, charts, graphs, bullet points, and concise language.

Who will be impacted?

Fund administrators are expected to play a central role in producing these reports on behalf of asset managers. This change may require updates to reporting systems, processes, and timelines.

Why act now?

Although the rule is not yet finalized, it could be implemented within approximately 12 months after publication. Based on market feedback, this timeline may be shorter than anticipated. Early preparation could help reduce potential risks associated with missed deadlines, reporting challenges, or impacts on client trust.

How Confluence is preparing

Drawing on experience supporting the SEC’s TSR rule, Confluence is proactively adapting its Unity Financial Reporting platform to support the Canadian Fund Report requirements.

Confluence Unity is:

• Designed with multilingual capabilities to address Canadian dual-language needs

• Built with features designed to align with evolving disclosure needs through flexible templates and workflow automation

• Utilized by administrators managing over 2,300 funds in Canada today

Early preparation can help

While the final rule is pending, firms may benefit from beginning to evaluate and prepare their reporting workflows. Confluence is working with Canadian fund administrators and asset managers to build in bilingual formatting, automate data sourcing, and support distribution.

By starting preparations early, firms can better position themselves to respond efficiently when the rule is finalized. For more information, please contact us.

Regulatory reset: SEC formally withdraws 14 rule proposals

On June 12, 2025, the SEC announced the formal withdrawal of 14 pending rule proposals originally introduced under former SEC Chair Gary Gensler. These included sweeping initiatives across a broad spectrum of regulatory priorities:

• Outsourcing by investment advisers

• Safeguarding advisory client assets (the “Custody Rule”)

• Cybersecurity risk management for advisers and funds

• Regulation best execution for broker-dealers

• Enhanced disclosures of ESG practices

• Conflicts of interest associated with the use of predictive data analytics conflicts

• Exchange and ATS oversight reforms

Withdrawing these proposals ends their current rulemaking process. Each is now off the regulatory table, requiring a fresh notice-and-comment cycle to be reconsidered.

What this means for advisers and other registrants

• Paused priorities: Implementation of new rules on outsourcing, custody, cybersecurity, and ESG is on hold for now. Any future efforts will start anew. Firms can pause any implementation planning for these proposals.

• Strategic shift: Recent developments – such as paused priorities, a 17% staff cut, and suspension of the SEC’s insider-trading surveillance system – suggest a shift toward reduced regulatory activity and resource reallocation.

• Still on track, prepare to comply! FinCEN’s AML Rule for advisers remains scheduled for January 1, 2026. The SEC/FinCEN Customer Identification Program (CIP) proposal, while unwithdrawn, awaits further joint rulemaking. Even without a final rule, comprehensive Customer Identification Programs are key to effectively preventing and detecting potential money laundering and terrorist financing activities. Regulation S-P amendments (cyber incident response, data protection) continue toward implementation.

Key takeaways for compliance officers

1. No immediate new compliance obligations have been introduced—for now. Resources allocated to preparing for the withdrawn rules can be redirected elsewhere.

2. Maintain current controls. Even without rule changes, SEC scrutiny will remain high on key risk areas, including cybersecurity, outsourcing, ESG, and custody. Each is a core element of fiduciary duty.

3. Be prepared. Consider maintaining readiness for potential reintroductions of these proposals.

4. Focus on imminent requirements—AML/CIP/Reg S-P—already final or moving forward on a firm timeline. Confluence Compliance Services can help!

Bottom line

The SEC’s June 12 withdrawal marks a clear regulatory pivot. While the withdrawal reduces near-term compliance pressure, firms should treat it as a temporary reprieve rather than a permanent change. Existing compliance obligations remain, and the landscape could still shift if the agency decides to circle back on any of these shelved proposals.

How Confluence Compliance Services can help

While regulatory priorities may change, core compliance principles remain essential. At Confluence Compliance Services, we help investment advisers, broker-dealers, funds, TAMPs, and other market participants to be exam-ready, regardless of the Commission’s pace. Our core services are built to support firms through both active and dormant regulatory cycles:

• Maintain customized, up-to-date compliance manuals that can evolve with your business and the regulatory landscape

• Provide ongoing or outsourced CCO support to handle day-to-day compliance tasks and annual review obligations

• Support for interpreting and responding to final rules like AML and Reg S-P.

• Conduct mock SEC exams and forensic testing to proactively identify gaps before regulators do

• Develop and review core compliance programs (e.g., cybersecurity, outsourcing oversight, AML, privacy) to reflect risk-based best practices—even where rules are withdrawn or pending

Whether you're scaling, reassessing, or just trying to keep pace, Confluence aims to bring clarity and consistency to compliance planning. Contact us to see how we can help tailor your compliance program with efficiency and confidence.

Surviving daunting regulatory exams: Key takeaways from compliance pros who’ve been there

Regulatory exams remain a constant consideration for firms—whether facing them for the first time or preparing for the next cycle. In our recent webinar, Confluence compliance experts shared practical strategies for navigating SEC and FINRA exams more effectively. Here are some key insights.

Exams are becoming more frequent and data-driven

Despite a perception of a softer regulatory approach, SEC exam activity remains steady with an emphasis on risk-based oversight. Remote and hybrid exams have increased exam frequency and efficiency. Approximately 10% of advisors are reviewed annually.

Preparation should start early and be continuous

A strong compliance program is built over time through documented policies, ongoing testing, training, and clear communication. As regulators often emphasize, “if it isn’t documented, it may be treated as if it didn’t occur”.

Focus areas often include cybersecurity, vendor due diligence, safeguarding client assets, trade settlement changes (e.g., T+1), billing accuracy, and marketing compliance.

Plan proactively. Don’t reactively panic

When notified of an exam, organizing management and teams, and establishing document trackers are key first steps. Many firms express concern over gaps between written policies and actual practices, highlighting the need for thorough internal reviews before exams.

Opening presentations are an opportunity to set the tone

Use the initial meeting to clearly explain your business model, introduce key team members, outline your control environment, and steer the exam focus toward relevant areas.

Interview readiness can influence exam results

Effective training helps employees respond clearly and concisely to examiner questions. It’s best to answer only what is asked, avoid speculation, and seek clarification when needed. Teams should understand when and how to escalate to compliance or legal support.

Follow-up and remediation are important

Preliminary feedback is a chance to clarify findings and outline remediation plans. Timely, well-documented responses are critical during this phase.

Mock exams provide valuable practice

Conducting mock exams helps identify gaps, improve document management, and train staff for interviews. Mock exams help firms foster a proactive approach to compliance and build internal awareness.

Stay ready at all times

Regulators expect firms to understand their obligations, maintain sound procedures, and respond promptly to inquiries. Many firms choose to operate with the mindset that exams could happen at any time.

Missed the live webinar?

Watch it on demand at your convenience.

About Confluence

Confluence is a leading global technology solutions provider committed to helping the investment management industry solve complex data challenges across the front, middle, and back offices. From data-driven portfolio analytics to compliance and regulatory solutions, including investment insights and research, Confluence invests in the latest technology to meet the evolving needs of asset managers, asset owners, asset servicers, and asset allocators to provide best-of-breed solutions that deliver maximum scalability, speed, and flexibility, while reducing risk and increasing efficiency. Headquartered in Pittsburgh, PA, with ~700 employees in 15 offices across the United Kingdom, Europe, North America, South Africa, and Australia, Confluence services over 1000 clients in more than 40 countries. For more information, visit confluence.com

Disclaimer

The content provided by Confluence Technologies, Inc. is for general informational purposes only and does not constitute legal, regulatory, financial, investment, or other professional advice. It should not be relied upon as a substitute for specific advice tailored to particular circumstances. Recipients should seek guidance from appropriately qualified professionals before making any decisions based on this content.

Unless otherwise stated, Confluence Technologies, Inc. (or the relevant group entity) owns the copyright and all related intellectual property rights in this material, including but not limited to database rights, trademarks, registered trademarks, service marks, and logos.

No part of this content may be adapted, modified, reproduced, republished, uploaded, posted, broadcast, or transmitted to third parties for commercial purposes without prior written consent.