Email FacebookTwitterMenu burgerClose thin

Website Compliance Rules for Financial Advisors


A professional website is an instrumental part of a successful financial advisor’s marketing plan. As investors increasingly turn to the internet to search for financial advisors, having an established online presence can be invaluable. As you build out your digital footprint, it’s important to ensure that you’re observing financial advisor website compliance rules.

Ready to grow your client base? SmartAsset AMP helps you connect with leads.

Understanding Website Compliance for Financial Advisors

Financial advisor compliance rules for marketing, including websites, are governed by two entities: the Financial Industry Regulatory Authority (FINRA) and the Securities and Exchange Commission (SEC).

FINRA Rule 2210 outlines the compliance responsibilities of broker-dealers in communicating with the public. The main takeaway to know regarding this rule is that any communication you have with the public – whether it be through your website, social media accounts or another platform – must be fair, balanced and not misleading in any way.

The SEC also has rules regarding website compliance for registered investment advisors (RIAs). Some of the most significant rules advisors need to know for compliance are Rule 204-2, which governs website archiving, and Rule 206(4)-1, which applies to investment advisor marketing as a whole.

Financial Advisor Website Compliance Requirements

Whether you’re building out your advisor website for the first time or you have an established site, you must ensure compliance with all applicable rules. The following checklist covers the most important requirements advisors must meet.

1. Disclosures and Disclaimers

Your advisor website must include appropriate disclosures and disclaimers. When investors visit your site, they should be able to easily locate your name and contact information, Client Relationship Summary (Form CRS) and disclosure forms.

The types of disclosures you’ll need to add can depend on whether you’re a registered broker-dealer or investment advisor. Your list may include disclosures for:

  • Revenue-sharing
  • Account agreements and account fees
  • Regulation best interest, if applicable
  • Account features and terms of services
  • Patents your firm holds
  • Account protection and privacy
  • Social media policies
  • Email communications
  • Subsidiaries and affiliate relationships
  • Online services

RIAs must disclose their registered investment advisor status and where they’re registered. They must also include wording specifying that the information provided on the website is for educational purposes only and does not constitute financial or legal advice.

Disclosures may be formatted as footnotes, stand-alone pages on the site, or downloadable PDF files. If you update or revise any disclosures or disclaimers on your site, you’ll need to keep a record of when the changes were made and what was changed.

2. Privacy Policy

The Gramm-Leach-Bliley Act of 1999 established privacy rules for institutions that engage in financial activities, investment advisors and financial planners. The Federal Trade Commission (FTC) oversees compliance with these rules, which require advisors to give their customers a privacy policy outlining:

  • What type of information they collect
  • How information is disclosed and which entities it’s disclosed to
  • How customer information is protected
  • What rights customers have and how they can opt out of information-sharing

Privacy notices must be clear and conspicuous, and delivered to customers in writing. Including a link to your privacy policy in your website’s footer and requiring prospective clients to acknowledge receipt of the notice before obtaining your services is a simple way to meet this compliance requirement.

3. Recordkeeping

SEC Rule 204-2 requires RIAs to maintain certain records regarding advertising and other communications with prospective and existing clients. This rule applies to the recordkeeping of client accounts, but it also extends to your marketing communications, including:

Under SEC rules, website records “shall be maintained and preserved in an easily accessible place for a period of not less than five years from the end of the fiscal year during which the last entry was made on such record, the first two years in an appropriate office of the investment adviser.”

Archiving software or compliance software that includes an archiving feature can help ensure that you’re meeting the SEC’s requirements.

4. Testimonials and Endorsements

An investment advisor including client testimonials on their websites.

SEC rule changes allow investment advisors to include client testimonials on their websites, which you might consider doing if you’d like to leverage rave reviews to promote your business. There are, however, a few things to know about compliance when adding testimonials to your site.

  • Advisors can ask clients to leave reviews on third-party sites, such as Yelp or Google Business, but they cannot tell them what to say.
  • Cherry-picking is not allowed, meaning you can’t ask one segment of your client base for testimonials while excluding another.
  • Advisors must disclose whether a person giving a testimonial is a client and whether they’ve been paid to share their opinions.
  • Potential conflicts of interest must also be disclosed.
  • Removing negative reviews from social media platforms or your website to cast your firm in a more positive light is prohibited.

If a client is offering a testimonial that will be published on your website, you can only edit it for length and clarity or to correct grammatical or spelling errors.

5. Cybersecurity

Financial advisor websites are an attractive target for cyberattacks due to the personal and financial information hackers could gain access to. SEC rules require firms to disclose their cybersecurity risk management strategies, as well as any cyberattacks they experience.

Ensuring that your advisor website is properly secured can minimize the likelihood of having your clients’ information compromised by cyber attackers. Your compliance software may include cybersecurity tools, but you can strengthen your defenses by:

  • Purchasing a Secure Socket Layer (SSL) certificate for your site and ensuring that it’s up to date
  • Changing the administrative login URL for the site and creating a unique password that’s required to access it
  • Regularly updating any plugins used on the site
  • Limiting who has access to the back end of your site
  • Installing security software to detect malware and viruses
  • Creating regular backups of your site

If you don’t have the time or skill to implement security measures, you may consider outsourcing these tasks to an experienced website developer or IT security specialist.

6. Website Content

Website content, whether it’s promotional copy advertising your products and services, a link to a case study you completed or a blog post, is subject to strict compliance rules. Under SEC Rule 206(4)-1, your website content cannot include:

  • Untrue statements or clear omissions of fact
  • Any statement that you can’t reasonably substantiate
  • Statements that highlight the benefits of any product or service without also disclosing the potential risks
  • Performance results that are not fair and balanced
  • Hypothetical performance results, with no tangible data to back them up

In a nutshell, you cannot share any information that’s misleading in any way.

Frequently Asked Questions (FAQs)

Can Financial Advisors Have Their Own Website?

Financial advisors can have websites to market their firm’s services. A professionally designed website can be an effective marketing tool if you’re using search engine optimization (SEO) strategies or social media to drive traffic to your site. Advisor websites must observe SEC compliance rules and FINRA compliance rules, if applicable.

How to Build a Financial Advisor Website?

Building a website for your advisory firm is a multi-step process that involves securing website hosting, purchasing a domain name and installing an operational framework like WordPress. Once you have the basics established, you can move on to customizing your website design, adding the necessary disclosures and creating content. If you’re not familiar with website building, you may want to outsource these tasks to a professional web developer.

Do Financial Advisors Need a Website?

Having a website is not a requirement to be a financial advisor. However, you could be missing out on opportunities to market your services and build your credibility if you don’t have one. A well-designed website can make it easier for prospective clients to find you online.

Bottom Line

An advisor sits down confident about adhering to financial advisor website compliance in regards to his clients.

Financial advisor website compliance is something you must take seriously, as failure to comply could result in fines or other negative consequences. If you’ve been putting off building out your site or updating it, now is a great time to consider how you can make it as client-friendly as possible.

Tips for Growing Your Advisory Business

  • Websites can be powerful marketing tools, but it can take time to generate traffic. If you’re looking for a shortcut to gaining new clients, you might consider partnering with a third-party marketing platform instead. With SmartAsset AMP, you can get connected with leads without sacrificing valuable time with your current clients. Schedule a free demo to learn how this marketing tool can help you grow your business.
  • If you’re acting as chief compliance officer (CCO) for your firm, but find it challenging to keep up with changing regulatory rules, you might consider assigning this role to someone else. Evaluating your firm’s needs and budget can help you decide if it makes more sense to hire a part-time or full-time CCO.

Photo credit: ©, © Safari, ©