SEC custody exams and bill pay: What it is and how to prepare

Why do SEC custody exams exist, and when do RIAs need them?

Table of contents

Understanding the implications of offering bill pay services to clients can offer RIAs confidence

For RIAs considering bill pay services to their high-net-worth clients, the prospect of surprise annual SEC custody exams can feel uncertain. But understanding what these exams actually involve can turn apprehension into confidence. 

SEC custody exams verify that your firm follows established guidelines, many of which are already best practices for well-run firms. Rather than a barrier, these exams validate your commitment to protecting client assets and can strengthen client trust.

While BILL is not in a position to offer legal or compliance advice, our work with RIAs, family offices, and accounting firms shows that with a little background and forethought, RIAs can learn that offering bill pay can create opportunities for success that far outweighs the effort required for the exams. RIAs should consult their own legal and compliance professionals about how SEC rules, including the custody rule, apply to their specific circumstances.

Background: Why do SEC custody exams exist, and when do RIAs need them?

The custody exam is prescribed by the Investment Advisers Act of 1940, specifically Rule 206(4)-2. In simple terms, it exists to ensure that any time an investment advisor assumes custody of a client’s assets, the advisor follows certain rules laid out in the act. The goal is to protect the investor and make sure the advisor doesn’t misuse or irresponsibly access and invest client funds.

When an RIA offers day-to-day bill pay services for a client, that means the firm may be viewed as having custody of the assets used to pay those bills, depending on how the service is structured and the authority granted by the client.

Important: RIAs should work with their own legal and compliance advisers to understand how the SEC’s custody rule applies to their particular model.

In practice, offering bill pay services can be a win-win for firms and their clients:

  • RIA firms and advisors deepen their relationships with clients, become “stickier,” gain a detailed view of a family’s financial situation, and can offer more comprehensive service.
  • UHNW families gain peace of mind by having a trusted member of their financial “team” take ownership of everyday bill pay transactions, plus the added security and visibility that can come from online bill pay.

How BILL supports compliant bill pay services

BILL Accounts Payable makes it possible for RIAs to offer compliant bill pay services. Staff can be trained quickly on the intuitive platform, which provides:

  • Automatic transaction logging for complete audit trails
  • Customizable approval workflows that support separated duties
  • Role-based access controls that limit and track permissions
  • Efficient multi-entity management for complex family structures
  • On-demand reporting for client meetings or examiner requests

The system's ease of use means designated staff can be trained efficiently, while built-in compliance features make preparing for custody exams straightforward.

Understanding SEC custody exams: Not a traditional audit

When RIAs hear the terms “SEC” and “required” and “exam,” it can make their palms sweaty. Often in conversation, people might call it an audit, which can amp up the anxiety even further. After all, who would willingly ask for an audit? 

This is where semantics matter. It’s true that the exam is a review of a firm’s processes and how it manages custody of client assets, and a check that any custodial relationships fulfill the requirements set out in the rule. In a generic sense, this could be considered an audit as defined by the dictionary. But when people in finance talk about an “Audit,” with a capital A, they are often envisioning government accountants descending on their business, cross-checking every transaction.

There is a reason the SEC calls the verification of Rule 206(4)-2 an exam, not an audit. The exam is performed not by the SEC itself, but by an accounting form of the custodian’s choosing.

Most importantly, RIAs should note that what is being examined is often common-sense, best practice checks and balances and client approval of the relationship. Passing the exam means you are operating as a trustworthy, well-run financial services firm should.

Preparing for the SEC custody rule exam and what to expect

Should your firm choose to offer bill pay services, here is a thumbnail sketch of what the test will examine, and what you can do ahead of time to prepare:

  • Select an accounting firm and schedule the exam: Seek out a firm familiar with custody exams with a good reputation, just as you would with any professional service. The first exam often needs to be conducted within six months of your firm becoming subject to the custody rule (i.e., assuming custody of client assets as defined by the rule) and annually thereafter. While you won’t know the exact date, your selected firm ensures the exam happens on schedule. Your firm’s legal and compliance professionals can advise you on the timing and frequency requirements that apply to your situation.
  • Document everything and keep it accessible: Keep records of granted authority from clients (like signed contracts), which client assets your firm has custody of (account numbers etc.), payment approvals, transaction records, and more. Make sure you know where they are stored and can access them upon demand. BILL automatically maintains transaction records, payment approvals, and audit trails, making documentation requirements more straightforward.
  • Train staff: Ensure everyone who pays bills knows their duties and the firm’s regulatory responsibilities: what they can, can’t, and must do. Many firms separate responsibilities for creating and approving payments to reduce the risk of error or misuse. Your firm’s control design should be developed with input from your internal risk, compliance, and legal teams. Document the training process, and record who is trained and when they were trained.
  • Limit access to the bill pay service: Only professionals who truly need it should use it to reduce opportunities for abuse. Document who has permission to log in and pay bills, and what permissions and approvals are required. BILL's permission management and approval workflows make this easy to control and track.
  • Notify clients: During the exam, the accounting firm will likely review contracts and may contact clients to verify their approval of your firm’s custody. Tell clients about the exam and that they may be contacted annually. Knowing the relationship is externally confirmed can even build confidence and trust.

The exam itself typically will take a day or two of on-site work by the accounting firm. Expect them to request access to documentation, talk with your staff involved in bill pay, confirm your custodial relationships by contacting clients, and reconcile accounts and transactions to ensure the amounts in them match your records.

Moving forward with confidence

SEC custody exams don't have to prevent RIAs from offering valuable bill pay services. With proper preparation and systems designed to support compliance, these exams become a manageable part of delivering exceptional client service.

The opportunity is significant: deeper client relationships, differentiated service offerings, and the trust that comes from regulatory validation of your practices.

Ready to explore bill pay for your RIA?

Trusted by top RIAs, family offices, and leading US financial institutions serving UHNW clients, BILL processes $345B in total payment volume (~1% of US GDP) on an annual basis.*

Request your demo today.

DISCLAIMER:

This article is for informational purposes only and is not intended to provide, and should not be relied on for, legal, compliance, tax, or investment advice. The descriptions of SEC rules and custody exams in this article are summaries based on our understanding as of the date of publication and may not reflect all applicable requirements. The scope, timing, and conduct of any exam are determined by regulators and your service providers, and can vary by firm and fact pattern. Use of BILL products does not ensure compliance with any law, rule, or regulation, or successful completion of any regulatory examination. You should seek advice from your own legal, compliance, tax, or other professional advisers before taking any action based on the information in this article.

* As of June 30, 2025 

Wealth Management

Continue learning with BILL

The information provided on this page does not, and is not intended to constitute legal or financial advice and is for general informational purposes only. The content is provided "as-is"; no representations are made that the content is error free.