The compliance landscape is shifting faster than it has in years. At ACA Group’s recent spring media roundtable, ACA experts gathered to discuss the regulatory developments, operational pressures, and enforcement trends shaping the year ahead for investment managers.
According to ACA Group, five themes consistently rose to the top of the conversation — areas where chief compliance officers are being asked to move faster, make harder decisions, and demonstrate greater oversight across their organisations.
ACA Group recently detailed five things every CCO needs to know, whilst providing insights from its spring 2026 media roundtable.
Deregulation is not a green light
Despite a lighter regulatory tone emanating from Washington, the real pressure on compliance teams is coming from a different direction: private fund limited partners. Capital raising has fallen to its lowest level since 2020, and allocators deploying scarce capital are now asking sharper questions about governance, risk management, and compliance infrastructure. Firms that interpret deregulation as an invitation to ease up are, according to ACA, reading the situation backwards.
The SEC’s enforcement focus is both narrower and broader
The previous administration’s enforcement approach generated more than $4bn in fines tied to books-and-records violations — a posture that no longer appears to reflect current direction. Yet the recordkeeping rules themselves remain unchanged, at least for now, and a future SEC could take a dim view of firms that failed to address those gaps in the interim. The regulator has signalled it is concentrating enforcement resources on fraud and investor harm, but meaningful risks persist beneath those headings.
Recent cases have found investor harm flowing from negligence, conflicts of interest, and valuation issues in private credit. Jay Clayton, the former SEC chair now leading the Southern District of New York, has publicly questioned whether marks on the books reflect reality. For firms operating in private credit or private equity, valuation governance must be defensible, documented, and independently tested.
AI adoption is outpacing AI governance
ACA’s proprietary research reveals that more than 80% of investment management firms are now using artificial intelligence — up from roughly 20% three years ago. Most use cases remain surface-level: desktop tools, question-and-answer prompts, and basic drafting assistance. Only around 8% of firms have integrated AI into client-facing workflows, and deep compliance integration remains limited. The governance infrastructure to oversee AI has not kept pace with adoption.
ACA noted that conversations with CCOs today are less about which tools to adopt and more about how to govern tools already running inside the firm — often deployed by business units before formal compliance oversight was established. Regulators and LPs are now testing firms across five areas: whether they have an authorised use policy; a governance framework; model testing and validation; cybersecurity controls around AI; and oversight of how vendors are using firm data within AI systems.
Cybersecurity exams have shifted from checkbox to evidence
A risk assessment alone is no longer sufficient. Regulators and operational due diligence teams are now asking a more pointed question: what did a firm actually do with the findings? SEC examiners have moved from reviewing documentation of process to demanding demonstration of action. Firms that can present an audit trail showing how a risk was identified, flagged, and remediated — with evidence — are in a fundamentally different position from those presenting a high-level checklist, even a fully completed one. The same shift is playing out in LP due diligence.
The retail alternatives door is open, but the education gap is real
The regulatory infrastructure enabling retail access to alternative investments is advancing on several fronts simultaneously. The White House, the Department of Labour, and the SEC have all taken meaningful steps, including the DOL’s proposed fiduciary safe harbour, the SEC’s removal of the 15% illiquid cap for closed-end funds, and co-investment relief for registered vehicles.
The products and vehicles are increasingly in place. What remains absent is the educational infrastructure to support advisers selling these products to retail clients who may not fully understand what illiquidity means when markets turn volatile. Marketing requirements for retail investors are also substantially more demanding, particularly around performance information. The SEC is aware of the issues, and its examination sweep of interval funds and private credit vehicles is expanding. Private fund advisers considering a move into retail distribution must evaluate not only product compliance but also whether their distribution channels are genuinely ready.
The compliance environment in 2026 is not simpler than it was — it is simply different. Rules are changing, risks are shifting, and expectations from LPs, regulators, and the broader market have never been higher.
Read the full ACA Group post here.
Copyright © 2026 FinTech Global
