Skip to main content
Investment Adviser speaking to client

New Outsourcing Rules for Investment Advisers?

On October 26, 2022, the SEC issued a proposal seeking feedback on new minimum due diligence and monitoring requirements for investment advisers who outsource certain covered services.
banner background

On October 26, 2022, the SEC issued a proposal seeking feedback on new minimum due diligence and monitoring requirements for investment advisers who outsource certain covered services:

  • Advisers must conduct due diligence before outsourcing and periodically monitor service providers’ performance and reassess whether to retain them. Oversight must be documented and detailed information on service providers would be required on Form ADV.
  • Enhanced due diligence and monitoring will be required for third-party record-keepers.

If approved, the compliance date would be 10 months from the rule’s effective date. Comments are due 60 days after issuance on or 30 days after Federal Register publication, whichever is later.


Many advisers engage service providers to perform various functions, services, and processes. Supporting functions include investment research and data analytics, trading and risk management, and compliance. Functions that support middle- and back-office functions include collateral management, settlement services, pricing/valuation services, and performance measurement. Advisers also engage index providers to develop bespoke indexes to replicate or track portfolios for their clients, sub-advisers to manage some or all of a client’s portfolio, and third parties to provide technology platforms for robo-advisory services. Outsourcing these functions to service providers allows advisers to access specialized areas of expertise, staffing flexibility, and to reduce headcount and costs. The SEC is concerned that investors could be harmed when an adviser outsources a key function without appropriate oversight, i.e., a significant disruption or interruption to an adviser’s outsourced services could affect an adviser’s ability to provide client services. The use of service providers also could create broader marketwide effects or systemic risks, particularly where the failure of a single service provider would cause operational failures for multiple advisers.

The Investment Advisers Act of 1940 (Advisers Act) already establishes a federal fiduciary duty for investment advisers that comprises a duty of loyalty and a duty of care that are enforceable under the antifraud provisions of the Advisers Act. Outsourcing a particular function or service does not change an adviser’s obligations under the Advisers Act or other federal securities laws. The proposed rule is intended to create a consistent oversight framework across investment advisers when outsourcing functions and services.

Framework for Service Provider Oversight

Proposed Rule 206(4)-11 would establish an oversight framework across SEC-registered advisers that outsource a “covered” function, which is a function or service that both:

  • Is necessary to provide investment advisory services in compliance with federal securities laws, and
  • If not performed or performed negligently, would be reasonably likely to cause a material negative impact on the adviser’s clients or on the adviser’s ability to provide investment advisory services. Determining what is a material negative impact would depend on the facts and circumstances, but it could include a material financial loss to a client or a material disruption in the adviser’s operations resulting in the inability to affect investment decisions or to do so accurately

Clerical, ministerial, utility, and general office functions or services are explicitly excluded from scope. 

Before retaining a service provider to perform a covered function, an adviser would be required to reasonably identify and determine through due diligence that outsourcing the covered function to that service provider would be appropriate by considering the following:

  • The nature and scope of the services
  • Potential risks resulting from the service provider performing the covered function, including how to mitigate and manage such risks. Potential risks include—but are not limited to—the sensitivity of information and data that the service provider may have access to, the function’s complexity, the reliability and accuracy of the service or function delivered by the service provider, extensive use of particular service providers by the adviser or several advisers, available alternatives in the event a service provider fails or is unable to perform the service, the speed with which a function could be moved to a new service provider, provider’s existing and potential conflicts of interest, the provider’s geographic location, unwillingness to provide transparency, known supply-chain challenges, and the availability of skilled market resources
  • The service provider’s competence, capacity, and resources necessary to perform the covered function. A subcontracting arrangement would be material if nonperformance or negligent performance would be reasonably likely to cause a significant negative impact on the service provider’s ability to perform the covered function
  • Coordination with the service provider for compliance with federal securities laws
  • The orderly termination of the performance of the covered function. This is to mitigate risks of an interruption in advisory services or the adviser’s compliance with the federal securities laws in the event that the outsourced relationship is discontinued

The proposal does not make a distinction between third-party providers and affiliated service providers because the risks this proposal addresses exist whether the service provider is affiliated or unaffiliated. Even though an affiliate may be in a control relationship with the adviser, the adviser must determine if it is appropriate to retain the affiliate’s services and to oversee the affiliate’s performance of a covered function.

There is no exception for service providers that are subject to other provisions of the Advisers Act, including SEC-registered advisers, or other federal securities laws. 

Periodic Monitoring

An adviser also must periodically monitor the service provider’s performance to reassess the selection of the service provider under the due diligence requirements of the rule. The Advisers Act books and records rule also would be updated to require an adviser to make and keep a list or other record of covered functions that the adviser has outsourced to a service provider and the name of each service provider, along with a record of the factors, corresponding to each listed function, that led the adviser to list it as a covered function. Required documentation includes a copy of any written agreement, including any amendments, appendixes, exhibits, and attachments, entered into with a service provider regarding covered functions. The due diligence records would include any policies or procedures or other documentation showing how the adviser would mitigate and manage the risks it identifies, both at a covered function and a service provider level. The records would have to be maintained in an easily accessible place while the function is outsourced and for five years thereafter.

Form ADV Updates

An adviser also must report census-type information about service providers on Form ADV. These records include a list or other record of covered functions the adviser outsourced to a service provider, including the name of each service provider, the factors that led to listing it as a covered function, and documentation of the adviser’s due diligence assessment.

Enhanced Oversight of Third-Party Record-Keepers

The proposal is intended to protect required records from loss, alteration, or destruction and help ensure that such records are accessible to the investment adviser and the SEC while allowing investment advisers to continue to contract with a wide variety of service providers to assist with record-keeping functions. The proposal would require an adviser that relies on a third-party record-keeper to conduct due diligence and monitoring of that third party consistent with the requirements under proposed Rule 206(4)-11. The proposal also would require advisers to obtain reasonable assurances that the third party will meet four standards, which address the third party’s ability to:

  • Adopt and implement internal processes and/or systems for making and/or keeping records that meet the requirements of the record-keeping rule applicable to the books and records being maintained on behalf of the adviser
  • Make and/or keep records that meet all of the requirements of the record-keeping rule applicable to the adviser
  • Provide access to electronic records
  • Ensure the continued availability of records if the third party’s relationship with the adviser or its operations cease

There are no new Form ADV requirements specific to third-party record-keepers. Form ADV already requires disclosure about the location of an adviser’s books and records under Section 204 of the Advisers Act when such books and records are maintained somewhere other than the principal office and place of business of the adviser.


The asset management team at Forvis Mazars has more than 50 years of experience providing accounting, tax, and consulting services to various types of investment holdings, including conventional debt and equity investments, loans, businesses, alternative investments, and other unique assets. As of August 2022, Convergence Optimal Performance ranked Forvis Mazars as a top 25 accounting and audit firm to registered investment advisors. Forvis Mazars also was ranked in the top 20 by assets under management. We have experience providing services to fund complexes with net assets ranging from a couple million to several billion dollars. Our experience allows us to provide tailored services to help meet your unique needs.

For more information, reach out to your advisor at Forvis Mazars or submit the Contact Us form below.

Download PDF here

Related FORsights

Like what you see?
Subscribe to receive tailored insights directly to your inbox.