Contract Review Checklist

Identify whether this is a custody / sub-custody agreement, sub-advisor / solicitor agreement, vendor / SaaS MSA, marketing / referral arrangement, or client IAA. Tier as critical, high, moderate, or low based on access to client data, funds, or material business processes — the tier drives EDD depth and CCO sign-off requirements.

Screen the legal entity and any disclosed beneficial owners through Refinitiv World-Check, LexisNexis Bridger, or ComplyAdvantage. Document the screen ID and any near-match adjudications. PEP hits trigger enhanced due diligence before counsel review begins.

Pull current Form ADV (advisors), BrokerCheck / IAPD records (BDs, IARs), state insurance producer licensing, or applicable charter for banks. Confirm registrations are active in every state where the relationship will operate — not just home state.

Common gotcha: producer licensed resident-state but not in states where binding will occur.

Check the contract substance against the rules that govern this relationship — Advisers Act 206(4)-1 (advertising), 206(4)-2 (custody), 206(4)-3 (solicitors), FINRA 2210 (communications), 3110 (supervision), Reg BI for retail recommendations. Bank-side: TILA / Reg Z, RESPA, ECOA, GLBA where applicable.

Confirm governing law, venue, and arbitration forum (FINRA arbitration if BD-side; AAA / JAMS otherwise). Reject class-action waivers that conflict with state RIA rules. Note: client agreements with mandatory pre-dispute arbitration require ADV Item 11 disclosure.

If the contract introduces a new conflict (revenue share, soft dollar, principal trading, affiliated product), confirm ADV Part 2A Items 5, 10, 11, 12, and 14 will be amended and Form CRS updated. Material changes require interim ADV amendment within 30 days, not annual cycle.

For AUM-based fees, document whether billed on average daily balance, period-end, or period-start — these produce materially different invoices. For sub-advisor splits, confirm the breakpoint schedule. Three-way reconciliation logic (invoice, custodian debit, internal calc) must be implementable.

Look for ticket charges, custody fees, platform fees, 12b-1 / sub-TA payments, soft dollar credits, and termination fees buried in schedules or addenda. Anything not disclosed in ADV Item 5 needs to be added before execution.

Confirm pro-rata fee refund, data return / destruction obligations, transition assistance period, and any liquidated damages. For custodian agreements, confirm ACATS support and bulk repapering assistance during transition.

Collect a current COI naming the firm as additional insured where appropriate. Minimums for vendors with client data access: $5M E&O, $5M cyber, $2M general liability. Custodians and sub-advisors typically require $10M+ E&O. Confirm tail coverage on termination.

Force majeure should not excuse failure to maintain books and records, custody safeguards, or breach notification. Confirm the counterparty has a tested BCP / DR program with documented RTO and RPO compatible with our regulatory obligations.

Contract must obligate the counterparty to maintain a written information security program meeting Reg S-P safeguards and the SEC's amended Reg S-P incident response and customer notification requirements. State-level overlays (NY DFS Part 500, MA 201 CMR 17.00) where applicable.

AES-256 at rest, TLS 1.2+ in transit, MFA on privileged access, role-based access, and key management standards documented in the security exhibit. Subcontractor / sub-processor list with flow-down obligations required.

72 hours from discovery is the typical floor; 24-48 hours preferred for vendors handling client funds or non-public personal information. Notification must include enough detail to support our 30-day Reg S-P customer notice obligation and any state AG filings.

Trade execution timing, NAV / performance reporting deadlines, system uptime, support response, and GIPS-compliant reporting where applicable. Tie SLA misses to fee credits or termination-for-cause triggers.

Advisers Act Rule 204-2 records held by a vendor remain ours — the contract must guarantee access for the firm, our auditors, and SEC / FINRA examiners. Five-year retention minimum (first two years easily accessible). Bank-side: regulator examination access for OCC / FDIC / state DFI.

Critical and high-risk contracts require CCO sign-off plus an additional principal (CEO, COO, or General Counsel). Document the rationale for engaging this counterparty and any negotiated deviations from standard terms.

If the contract is rejected, capture the deal-breaker terms, the proposed redlines, and the renegotiation owner. Re-run this checklist after counterparty returns a revised draft.