The Ultimate Compliance Checklist for SEBI-Registered Investment Advisors

Stay Audit-Ready, Save Time, and Protect Your RIA License

As a SEBI-registered Investment Advisor (RIA), compliance is not a box you tick once — it’s an ongoing process. Between client onboarding, documentation, disclosures, and audits, it’s easy to miss a step and risk penalties or worse — suspension of your license.

This guide brings you the ultimate compliance checklist, tailored for solo advisors and small firms managing under ₹100Cr AUM. Whether you’re preparing for an audit or just tightening your internal processes, this checklist will help you stay ahead.

1. Client Onboarding Documentation

• PAN & Aadhaar validation
  
• Signed Investment Advisory Agreement
  
• Timestamped Risk Profiling
  
• KYC and CKYC verification
  
• Client Risk Category Mapping
  
• Fee Structure Disclosure with client signature
  
• Welcome Email with grievance redressal officer details
  

Pro Tip: Use automation tools to collect and timestamp onboarding documents. Manual tracking leads to audit gaps.

2. Client Risk Profiling & Suitability

• Use a structured, SEBI-compliant risk profiling questionnaire
  
• Document client’s financial goals and constraints
  
• Maintain records of why each recommendation suits the client
  
• Update risk profile at least once every 12 months
  

Most Missed: Not timestamping the risk profile or failing to link it to portfolio suggestions.

4. Disclosures & Recordkeeping

• Disclosure of conflicts of interest
  
• Fees disclosed in writing (and accepted) before rendering advice
  
• Maintain logs of every email, WhatsApp chat, and call summary
  
• Quarterly report of advice given and portfolio summary
  

Quick Win: Use CRM systems or onboarding tools like ITmines to log every client interaction automatically.

4. SEBI Reporting & Internal Audit

• File SEBI half-yearly reports (Form A, B) on time
  
• Maintain internal audit report every 6 months
  
• Keep record of fees collected vs fees disclosed
  
• Backup all client documentation digitally
  

Risk Alert: Inconsistency between your invoices and disclosed fees is a major audit red flag.

5. Business Continuity & Grievance Redressal

• Appoint a dedicated grievance redressal officer
  
• Maintain logs of complaints and resolution timelines
  
• Display complaint escalation matrix on website
  
• Have a documented business continuity plan
  

Small firms often miss: Grievance officer details not being shared in the onboarding stage or publicly.

6. Marketing & Communication Disclaimers

• Include “SEBI does not approve investment advice” disclaimer
  
• No performance promises in public content
  
• Avoid testimonials unless backed by proper disclaimers
  
• Archive all social media communication for at least 5 years
  

Hot Tip: If you’re running ads or sharing advice online, ensure every post meets SEBI advertising norms.

7. Tech, Access & Security Controls

• All client documents password protected
  
• Limit access to sensitive files internally
  
• Encrypted storage (preferably Indian servers)
  
• Two-factor authentication for staff logins
  

Tool Tip: If you’re using third-party tools, ensure they’re compliant with Indian data protection laws.

Final Thoughts

Compliance doesn’t need to be a burden. With the right structure and tools, even a one-person advisory firm can be fully SEBI-ready and audit-proof.

If you want to digitize your onboarding, automate documentation, and stay on top of compliance without hiring a team, ITmines can help.

Let’s make compliance your growth edge — not your bottleneck.