What Is the RIA Custody Rule? A Complete Guide
Feb 10, 2026
·
16 min read
The RIA custody rule is essential to how investment advisors work with client assets. Although it’s been part of the regulatory landscape for years, this rule continues to shape the daily operations of advisory firms. It influences how advisors choose custodians, communicate with clients, and build their internal controls.
For firms that support newer or more complex products, the custody rule becomes even more important. It affects how these services can be offered safely and responsibly.
In this guide, you’ll learn what the custody rule covers, what situations count as custody, and what Registered Investment Advisors (RIAs) should do when the rule applies. You will also find a simple overview of common exceptions, state-level differences, and the growing impact of digital assets.
At InnReg, we help RIAs assess whether custody is triggered under the RIA Custody Rule and support firms with the related compliance requirements. From custody analysis and Form ADV disclosures to policies, procedures, and ongoing compliance operations, our team works closely with advisory firms navigating custody-related obligations. Contact us to learn more about InnReg’s RIA compliance services.
What Is the RIA Custody Rule and Why Does It Matter?
The RIA custody rule explains what happens when an investment advisor has access to a client’s money or securities. It sets clear expectations for how advisors should handle that access and helps create a relationship built on clarity and trust.
This rule matters because custody sometimes shows up in places advisors might not expect. A simple fee deduction, the ability to move funds, or even certain client arrangements can all fall under the custody umbrella. When that happens, advisors take on added responsibilities designed to keep clients well informed and comfortable with how their assets are handled.
By understanding the custody rule, firms can build stronger workflows, stay ahead of potential risks, and communicate with clients in a way that feels straightforward and supportive. It also gives advisory teams a solid foundation as they grow or explore new services that involve more complicated asset types.
Ready to register your RIA? Read our step-by-step guide to SEC RIA registration →
What the RIA Custody Rule Covers
The RIA custody rule outlines the situations where an advisor is considered to have access to client assets, as well as the steps they need to follow once access has been established. It helps advisors understand what level of responsibility applies in different scenarios so they can handle client funds and securities with clarity and care.
At its core, the rule covers:
How client assets are held
Who has the authority to move them
What kind of oversight should be in place
This includes everything from fee withdrawals to powers of attorney to the way an advisor interacts with custodians. Each of these touchpoints can create different obligations, and the rule helps advisors navigate them without confusion.
Why the Rule Exists and Its Purpose for Investor Protection
The custody rule was created to give clients confidence that their assets are handled with care. Extra transparency is called for once an advisor can withdraw funds, move money, or influence how assets are handled. The rule helps create that clarity so clients feel comfortable and informed.
The custody rule supports three goals:
Protect clients from misuse of their assets by adding layers of oversight.
Give clients clear and regular information about what is happening in their accounts.
Create a dependable structure that advisors can follow when handling client funds or securities.
These protections benefit advisors as well. When a firm understands the purpose behind the rule, it becomes easier to build simple internal habits that reduce confusion and keep daily operations running smoothly.
Learn how to apply SEC rules in our RIA compliance checklist →
Regulators Responsible for the RIA Custody Rule
Regulatory oversight plays a big part in how the custody rule works in practice. Two groups are involved: the Securities and Exchange Commission and state securities regulators. Each one oversees different advisors based on their registration status.
Role of the Securities and Exchange Commission (SEC)
For advisors registered at the federal level, the SEC sets the standards that define what custody looks like and how it should be handled. The agency reviews how firms protect client assets, what controls they have in place, and how clearly they communicate with clients.
This includes reviewing Form ADV disclosures, providing guidance on tricky custody scenarios, and conducting exams that scrutinize how firms follow the rule in practice. The SEC also publishes risk alerts, FAQs, and staff guidance that help advisors stay current when new products, technologies, and business models enter the market.
Many firms rely on these resources to shape their custody procedures and inform them on how the rule applies in real-life situations. By setting clear expectations and offering ongoing direction, the SEC helps advisors create a safer and more transparent environment for their clients.
Looking for practical guidance on building a strong RIA Code of Ethics? Start with our in-depth guide →
State Regulators and Custody Oversight for State-Registered RIAs
State-registered advisors follow custody rules that are set and enforced by their state securities regulators. While these rules are based on the same principles as the federal version, each state can add its own requirements.
This means advisors may face different expectations for bonding, net capital, disclosures, or surprise exams depending on where they operate. State regulators also play an active role in helping firms understand how custody applies in day-to-day situations.
They review filings, conduct periodic exams, and often provide direct guidance when advisors have questions about fee deductions, Standing Letters of Authorization (SLOAs), or authority over client accounts. For many smaller firms, this creates a more hands-on regulatory relationship.
Get clarity on SEC and state oversight of RIAs in this guide →
How Registration Status Impacts Custody Obligations
An advisor’s registration status plays a major role in determining which custody rules apply. SEC-registered firms follow the federal custody rule, which sets detailed expectations for disclosures, qualified custodians, surprise exams, and client statements. These standards stay the same no matter where the firm is located.
State-registered advisors, on the other hand, work under rules created by the various states where they engage in advisory activities. The overall ideas are similar, but states can add their own bonding requirements, financial thresholds, or triggers for surprise exams. This means two advisors in different states might follow slightly different custody rules even if their businesses look very similar.
For firms that operate across several states, registration status affects how they build workflows, controls, and documentation. Knowing which rules apply helps advisors stay organized and create a smoother experience for both their teams and their clients.
What Counts as Custody Under the RIA Custody Rule?
Custody covers more than most advisors expect. It includes any situation where an advisor can access client funds, move assets, or influence an account in a meaningful way. Some triggers are obvious, while others can appear during everyday interactions with clients.
1. Direct or Indirect Possession of Client Assets
The most familiar form of custody happens when an advisor has physical or direct access to a client’s funds or securities. This can include:
Holding checks
Receiving assets on behalf of a client
Having control over accounts where money can be moved
Custody can also occur indirectly. For example, if an advisor can withdraw or transfer assets through a standing arrangement or a specific type of authority, that access may count as custody, even if the advisor never actually touches the funds.
2. Fee Deduction and Standing Letters of Authorization (SLOAs)
When a firm has authority to pull fees directly from a client’s account, it’s often considered custody under the rule. Though it’s a normal part of many advisory relationships, it still brings specific responsibilities.
Standing Letters of Authorization (SLOAs) can also create custody. A client may give written permission that allows an advisor to move funds to a third party on their behalf. Even though the client is the one who initiates the arrangement, the advisor’s ability to instruct the custodian can be treated as custody.
See also:
3. Online Account Access and Login Credentials
Custody can also arise through online access. If an advisor has login credentials that allow money to be moved, assets to be transferred, or account ownership details to be changed, regulators may view that as custody. This is true even when the advisor never uses the access to move funds.
Not all online access creates custody, however. Read-only portals, reporting tools, or dashboards that allow viewing but not transacting are generally not considered custody. The key question is whether the advisor can take an action that affects a client’s assets. When that ability exists, custody may apply.
Need help with RIA compliance?
Fill out the form below and our experts will get back to you.
4. Custody Through Related Persons or Affiliates
Custody can also arise when a related person or affiliate has access to client assets. Even if the advisor does not handle the funds directly, regulators may view the relationship as creating custody if the affiliate can move or control assets in a way that benefits the advisor or affects the client.
These situations can happen in family-owned businesses, groups of related entities, or firms that share personnel across departments and affiliated parties. The closer the connection, the more likely it is that regulators will look at the arrangement closely.
Key Compliance Requirements for RIAs With Custody
When an advisor has custody, the rule brings a set of responsibilities designed to protect clients and keep asset handling clear. These requirements touch custody arrangements, disclosures, recordkeeping, and ongoing oversight.
Using a Qualified Custodian to Hold Client Assets
A core part of the custody rule is the use of a qualified custodian. These are banks, broker-dealers, or other approved institutions that are allowed to safeguard client funds and securities. Their role is to keep assets separate from the advisor’s business and provide clients with independent oversight.
Working with a qualified custodian gives clients a reliable point of contact for statements, transaction records, and account confirmations. It also helps advisors keep their operations organized, since the custodian handles the actual movement and safekeeping of assets.
For many firms, this partnership becomes the foundation of a smooth and transparent custody process.
Providing Timely Client Notifications and Written Disclosures
When an advisor has custody, clients need clear information about how their assets are handled. This usually involves written notices about where assets are held, how the advisor interacts with the custodian, and what authority the advisor has over the account.
These notifications help clients understand the relationship between the advisor and the custodian, which builds comfort and trust. Keeping these disclosures up to date also supports smooth communication and reduces confusion when clients review their account activity or statements.
Delivering Regular Account Statements Directly From Custodians
A key part of the custody rule is that clients receive account statements straight from the qualified custodian. This gives clients an independent view of their holdings and transactions, separate from anything the advisor provides.
These statements help clients track activity, spot any unusual changes, and feel comfortable that their assets are being handled properly. For advisors, this setup also supports transparency, since clients can compare the advisor’s reports with the custodian’s information whenever they want.
Maintaining Accurate Records and Documentation for Custody Activities
Good recordkeeping is an integral part of meeting custody requirements. Advisors need clear, organized documentation that shows how client assets move, who approved transactions, and how instructions were handled. This helps create a reliable history that supports both compliance checks and client conversations.
Strong records also make it easier for firms to spot patterns, answer questions, and stay organized during exams. When documents are complete and easy to follow, custody oversight becomes much smoother for both advisors and regulators.
Completing the Annual Surprise Examination by an Independent Auditor
Many advisors with custody are required to undergo an annual surprise examination performed by an independent public accountant. The purpose of this exam is to give clients added confidence by having an outside expert review how assets are handled.
During the exam, the auditor looks at account records, client holdings, and the advisor’s custody processes. The unexpected timing helps the auditor get an accurate picture of day-to-day operations. And while the exam can feel detailed, it often highlights areas where firms can tighten controls and strengthen their overall approach to asset handling.
Reporting Custody Details Accurately on Form ADV
Form ADV plays a big role in how advisors communicate their custody status to clients and regulators. When a firm has custody, it must clearly describe the type of access it has, how assets are handled, and what safeguards are in place. These details appear in both Part 1 and Part 2, so clients and examiners can easily understand the advisor’s responsibilities.
Accurate reporting helps set the right expectations and reduces confusion if questions come up during an exam or a client review. It also keeps the advisor’s public disclosures aligned with how the firm actually operates, which supports transparency and stronger client relationships.
Establishing Internal Controls and Ongoing Custody Monitoring Procedures
Strong internal controls help advisors manage custody responsibilities with confidence. These controls often include clear approval steps for transactions, documented workflows for handling client instructions, and regular reviews of account activity. When these processes are well defined, teams know exactly how to handle situations that involve access to client assets.
Ongoing monitoring is just as important. By reviewing custody-related tasks on a regular basis, advisors can spot issues early, adjust procedures, and keep their operations consistent. This steady attention helps firms stay organized and maintain a smooth experience for both clients and staff.
Exceptions and Limited Custody Scenarios Under the RIA Custody Rule
Not every situation involving access to client assets triggers the full custody rule. Regulators recognize that some arrangements carry lower risk, so certain exceptions and special conditions apply.
Exception | Applies To | Key Conditions |
|---|---|---|
Fee-only deduction exception | Advisors who withdraw advisory fees | Custodian sends statements. The fee schedule is clear and disclosed. |
SLOA relief (2017 no-action letter) | Transfers to third parties through a Standing Letter of Authorization | Client signs instructions. The advisor cannot change them. Custodian controls the movement of funds. |
Private fund audit exemption | Advisors managing private funds | Fund completes an annual audit by an independent public accountant. Audited statements go to investors. |
Operational independence of related custodians | Custodians that share ownership or affiliation with the advisor | Custodian operates independently with its own systems, staff, and controls. An advisor cannot influence asset handling. |
Fee-Only Deduction Exception
Fee deduction often counts as custody, but advisors can rely on a limited exception when certain conditions are met. If the qualified custodian sends regular statements directly to clients and the advisor has a clear fee schedule in place, the firm may avoid the entire set of custody requirements.
This exception allows advisors to withdraw fees in a transparent and straightforward way while still protecting clients. It also helps keep administrative work manageable, especially for firms that offer ongoing portfolio management with routine billing.
SLOA Relief and 2017 No-Action Letter
Standing Letters of Authorization can create custody because they allow advisors to move a client’s money to a third party. To help advisors manage these situations, regulators issued a 2017 no-action letter that offers relief when specific conditions are met.
Under this framework, advisors can follow a simplified set of steps. If the custodian controls the movement of funds, the client signs an explicit authorization, and the advisor cannot change the instructions. This approach keeps the client in control while giving advisors a practical way to handle common transfer requests.
Private Fund Audit Exemption
Advisors to private funds can rely on an audit exemption that reduces their custody obligations. Instead of completing a surprise examination each year, they can provide investors with annual audited financial statements prepared by an independent public accountant.
This option helps investors stay informed while giving advisors a practical alternative to the surprise exam. It is invaluable to firms that oversee multiple funds, since the annual audit already offers a detailed look at how assets are valued and managed.
See also:
Operational Independence of Related Custodians
Sometimes a related company serves as the custodian for client assets. This setup might look like custody at first glance, but advisors can avoid full custody treatment when the custodian is truly operationally independent. In this scenario, the related company must act on its own, follow its own controls, and handle client assets without influence from the advisory firm.
When that independence is real and well documented, regulators may view the custodian’s role as separate enough that the advisor does not gain custody simply through the relationship. This approach helps firms with shared ownership structures maintain clarity while still keeping client protections in place.
State Custody Rules and How They Differ From SEC Requirements
State custody rules follow the same basic principles as the SEC’s version, but individual states often add their own requirements. These differences can affect bonding, financial thresholds, and how advisors document their custody status.
Financial and Bonding Requirements in Key States
Many US states add their own financial or bonding requirements when an advisor has custody. These rules help protect clients by confirming that the advisor has the financial stability to handle access to their assets. Here are examples of how several well-known states set these thresholds in 2026.
California
California has some of the most well-defined requirements in the country. As of 2026, advisors with custody must maintain a minimum net worth of $35,000. If the advisor has discretionary authority but doesn’t have custody, the minimum net worth requirement drops to $10,000. Advisors who accept large prepaid fees must also maintain a positive net worth, even if they don’t have custody.
Illinois
Illinois requires advisors with custody to maintain at least $35,000 in net worth. If the advisor’s net worth falls below that amount, the state may require a surety bond.
Florida
Florida asks advisors with custody to hold a minimum net worth of $25,000. If the advisor does not meet this threshold, the state may require a bond.
New York
New York does not specify a single fixed minimum net worth for advisors with custody, but it does require firms to maintain “adequate financial resources.” When an advisor has custody, the state may ask for additional documentation, financial statements, or bonding, depending on the structure of the advisory business.
Texas
Texas does not set a specific minimum net worth or bonding requirement solely because an advisor has custody. Instead, the state reviews the advisor’s financial condition and overall controls. Firms that have custody are still required to follow the state’s custody safeguards and maintain financial stability that fits their business model.
These differences show why advisors working across multiple states often spend extra time reviewing state-specific requirements. Understanding each jurisdiction’s approach helps firms stay organized and support a consistent client experience.
State custody requirements are subject to change. Advisors should verify current net worth, bonding, and custody obligations with the applicable state regulator.
Multi-State RIA Compliance Challenges
Working across several states often means navigating different versions of the custody rule. Even slight variations can add extra steps for advisory firms. Here are some of the most common challenges advisors run into when they register in multiple states:
Different net worth and bonding thresholds that change depending on the state’s view of custody or discretion.
Varying interpretations of what counts as custody, especially for SLOAs, fee deductions, and authority over third-party transfers.
Different filing expectations, including state-specific forms, timelines, or documentation requirements.
Inconsistent surprise exam triggers, where one state may require an exam, and another may rely on financial or bonding requirements instead.
Additional reporting rules, such as more detailed financial statements or supplemental disclosures.
Operational strain from maintaining separate procedures for each jurisdiction.
These differences can feel overwhelming, but a clear understanding of each state’s expectations helps firms stay organized and offer clients a consistent, reliable experience.
The RIA Custody Rule and Digital Assets
Digital assets have added a new layer of complexity to custody. Crypto, tokenized securities, and other blockchain-based products often raise questions about safekeeping, authority, and the role of qualified custodians.
As the market grows, advisors need to understand how the custody rule applies in this evolving space.
How the Rule Applies to Crypto and Tokenized Assets
Applying the custody rule to tokenized assets can be challenging because crypto doesn’t always work like traditional securities. Wallet structures, private keys, and blockchain transfers all create new questions about who has access and how assets are protected.
In most cases, regulators look at the same core idea: if an advisor can move or control a client’s digital assets, custody may apply. This can happen through shared wallets, authority over private keys, or arrangements where the advisor can initiate or approve blockchain transactions.
Because digital assets are still developing, advisors often need to take extra care to understand how their role fits into these rules.
SEC’s 2025 No-Action Relief for Crypto Custody
The SEC’s 2025 no-action relief gave advisors more clarity on how to handle custody when working with crypto assets. The relief allows advisors to rely on certain third-party crypto custodians as long as the custodians meet specific operational, security, and reporting standards.
This gives advisors a more straightforward path to offering crypto services without taking on unintended custody risks. The guidance also helps advisors understand what regulators expect regarding private key management, wallet structures, and transaction oversight.
By creating a more predictable framework, the relief makes it easier for advisors to explore digital asset services while keeping client protection at the center of their practices.
See also:
Compliance Tips for Fintech Advisors with Digital Assets
Here are some practical tips for advisors who work with digital assets:
Use established crypto custodians that offer strong security practices and independent reporting.
Avoid shared private keys or wallet setups that give the advisor direct control over client assets.
Document every step of how digital assets move, from client instructions to custodian confirmations.
Review wallet access and permissions regularly to make sure nothing has changed quietly in the background.
Stay close to new guidance from the SEC and state regulators, since digital asset expectations continue to evolve.
These habits help advisors reduce confusion, support client trust, and build a smoother digital asset offering.
—
The RIA custody rule shapes how advisors handle client assets, communicate with clients, and design their internal processes. While the rule can feel technical at first, it provides a helpful framework for keeping asset access transparent and well-organized.
Understanding what triggers custody, how custodians fit into the picture, and what regulators expect allows advisory firms to operate with confidence and clarity. As products evolve and digital assets play a bigger role, custody questions will continue to grow. Staying familiar with the rule helps advisors adapt without losing sight of client protection.
How Can InnReg Help?
InnReg is a global regulatory compliance and operations consulting team serving financial services companies since 2013.
We are especially effective at launching and scaling fintechs with innovative compliance strategies and delivering cost-effective managed services, assisted by proprietary regtech solutions.
If you need help with RIA compliance, reach out to our regulatory experts today:
Last updated on Feb 10, 2026
Related Articles
Featured LinkedIn Posts
