Project Execution Checklist

Document what's in scope: account types, custodians, advisor population, AUM affected. Flag any change that touches Form ADV Part 2 (services, fees, custody arrangements), Reg BI disclosures, or books-and-records under Rule 204-2 — those drive separate filing or delivery obligations downstream.

Pull the affected client list from the CRM (Wealthbox, Redtail, Salesforce FSC) and reconcile against the custodian's account master. Note IRA / qualified accounts separately — RMD-eligible and inherited IRAs often need extra handling on transitions.

Sequence milestones around custodian cutover windows, ADV annual amendment timing (120 days after fiscal year end), and quarterly billing cycles. Avoid go-live during quarter-end fee billing or RMD season unless unavoidable.

Name a single project owner plus leads for advisory, operations, IT, and compliance. CCO sign-off is non-delegable for anything that touches ADV, Reg BI, or supervisory procedures — make that explicit on the RACI.

Walk through the full stack: ADV Part 2 disclosure changes, Reg BI / Form CRS impact, custody rule (206(4)-2) implications, advertising rule (206(4)-1), books-and-records (204-2), and AML / CIP / OFAC. State-registered firms add NASAA model rules and state-level filings.

Rate each risk on a likelihood × impact matrix. Treat anything that could trigger a Form ADV material change, an SAR, or a client restitution event as high-impact regardless of likelihood.

For each high or medium risk: name the control, the owner, and the verification method. Attach the register file so the CCO can pull it for the next mock audit or SEC exam request.

Engage outside counsel when the project triggers a novel custody question, a no-action letter dependency, fiduciary determination under PTE 2020-02, or any potential SEC / FINRA disclosure. Cheaper to engage early than to file a corrected ADV.

Send the engagement letter, scope the deliverable (memo vs. opinion letter vs. on-call advice), and set the budget cap. Note any matters where counsel's work product becomes part of the books-and-records file.

For data migrations or system changes, write cases that cover the edge accounts: inherited IRAs, trust accounts with multiple beneficial owners, accounts with SLOAs, accounts with active fee billing schedules. Generic happy-path testing misses the cases that actually break.

Operations runs the data and reconciliation cases; advisors run the client-facing cases (statement output, performance reporting, fee invoice). Document any NIGO conditions and route them back to the build team before sign-off.

Confirm that records produced after cutover meet the five-year (two-year onsite) retention rule, that historical records remain accessible, and that any new communication channel is captured by the firm's archiving tool (Smarsh, Global Relay, Bloomberg Vault).

Map FTE allocation against the project plan. Don't pull CSAs off the new-account pipeline during onboarding crunch — late ACATS reconciliation creates client friction that outlasts any project win.

For any vendor receiving NPI: SOC 2 Type II review, written information security agreement, breach notification clause, and access controls. Document the due diligence in the vendor file — exam staff will ask.

Anyone giving advice or executing trades on the project needs current Series 65/66 (IAR) or Series 7/63 (registered rep) registration in the relevant states, plus current FINRA CE / firm element completion. Pull the CRD report for the project team.

List every stakeholder group: clients, advisors, operations, custodian relationship managers, IT, board / investment committee, regulators if applicable. Note the touch frequency and channel for each.

Standing agenda: milestone status, open risk register items, QA findings, vendor blockers, decisions needed from CCO or principals. Minutes filed to the project record.

Material change to ADV Part 2A, change in custodian, fee structure change, or NPI access change all require client notification. Confirm scope and timing with the CCO before sending — premature or wrong-toned notices generate complaints.

CCO-approved notice goes out via the firm's archived channel (client portal + email). Track delivery and acknowledgment per client; chase non-acknowledgments at day 14 and day 30. File the delivery log in the client folder.