Cybersecurity continues to be the top compliance worry for registered investment advisors, with 83% citing it as the “hottest” compliance issue and 70% revealing they’ve increased compliance testing for cyber infractions over the past year, according to the Investment Adviser Association’s annual compliance report.

The 2019 Investment Management Compliance Testing Survey, conducted jointly by the IAA and ACA Compliance Group, polled 369 RIAs online in May and also found that the majority of CCOs (66%) continue to wear more than one hat (with 18% also serving in some legal capacity).

Advertising and marketing ranked as the second biggest compliance concern (28%), while data privacy (23%) came in third.

IAA General Counsel Gail Bernstein told ThinkAdvisor in a Wednesday email message that the SEC “is actively working on a proposal to amend the advertising rule,” and that IAA “has engaged with the staff on this important issue. We expect to see a proposal as early as the fall.”

Data privacy regulations in which firms have adopted written policies and procedures for were Regulation S-P (86%) and the Identity Theft Red Flags Rule (68%).

Only 30% of RIAs reported being subject to the EU’s General Data Protection Regulation and only 4% indicated being subject to another jurisdiction, including the California Consumer Privacy Act.

“Now in its 14th year, our survey continues to be a valuable resource for compliance professionals to benchmark their practices against others in the industry,” said Karen Barr, IAA president and CEO, in releasing the report. “Among the many key takeaways of this year’s survey — beyond the continued importance of cybersecurity — is that firms continue to strengthen their compliance programs.”

As to fees and expenses, the report found that the top three areas for testing fee arrangements include whether clients are billed in accordance with their agreements (87%), the description of fee arrangements in Form ADV is accurate (70%), and the amount of assets under management on which the advisory fee is billed is accurate (68%).

The top three tests related to expenses are making sure expenses are explicitly disclosed (52%) and are in line with their agreements (52%) or offering documents (43%).