Project Execution Checklist

Document what's in scope: account types, custodians, advisor population, AUM affected. Flag any change that touches Form ADV Part 2 (services, fees, custody arrangements), Reg BI disclosures, or books-and-records under Rule 204-2 — those drive separate filing or delivery obligations downstream.

Pull the affected client list from the CRM (Wealthbox, Redtail, Salesforce FSC) and reconcile against the custodian's account master. Note IRA / qualified accounts separately — RMD-eligible and inherited IRAs often need extra handling on transitions.

Sequence milestones around custodian cutover windows, ADV annual amendment timing (120 days after fiscal year end), and quarterly billing cycles. Avoid go-live during quarter-end fee billing or RMD season unless unavoidable.

Name a single project owner plus leads for advisory, operations, IT, and compliance. CCO sign-off is non-delegable for anything that touches ADV, Reg BI, or supervisory procedures — make that explicit on the RACI.

Set the steering committee frequency, the advisor update cadence, and the client-facing communication channel. All project communications must run through archived channels — no personal email or unarchived texting per the Reg S-P / off-channel enforcement actions of 2022–2024.

Walk through the full stack: ADV Part 2 disclosure changes, Reg BI / Form CRS impact, custody rule (206(4)-2) implications, advertising rule (206(4)-1), books-and-records (204-2), and AML / CIP / OFAC. State-registered firms add NASAA model rules and state-level filings.

Rate each risk on a likelihood × impact matrix. Treat anything that could trigger a Form ADV material change, an SAR, or a client restitution event as high-impact regardless of likelihood.

For each high or medium risk: name the control, the owner, and the verification method. Attach the register file so the CCO can pull it for the next mock audit or SEC exam request.

Engage outside counsel when the project triggers a novel custody question, a no-action letter dependency, fiduciary determination under PTE 2020-02, or any potential SEC / FINRA disclosure. Cheaper to engage early than to file a corrected ADV.

Send the engagement letter, scope the deliverable (memo vs. opinion letter vs. on-call advice), and set the budget cap. Note any matters where counsel's work product becomes part of the books-and-records file.

CCO walks the register, signs off on each owner assignment, and flags any item that needs to surface in the next quarterly compliance committee.

For data migrations or system changes, write cases that cover the edge accounts: inherited IRAs, trust accounts with multiple beneficial owners, accounts with SLOAs, accounts with active fee billing schedules. Generic happy-path testing misses the cases that actually break.

Operations runs the data and reconciliation cases; advisors run the client-facing cases (statement output, performance reporting, fee invoice). Document any NIGO conditions and route them back to the build team before sign-off.

Confirm that records produced after cutover meet the five-year (two-year onsite) retention rule, that historical records remain accessible, and that any new communication channel is captured by the firm's archiving tool (Smarsh, Global Relay, Bloomberg Vault).

Each finding gets a named owner, a remediation due date, and a verification step. Open findings carry into the next steering committee — branch audits get cited for repeat findings cycle after cycle when nobody owns closure.

Map FTE allocation against the project plan. Don't pull CSAs off the new-account pipeline during onboarding crunch — late ACATS reconciliation creates client friction that outlasts any project win.

For any vendor receiving NPI: SOC 2 Type II review, written information security agreement, breach notification clause, and access controls. Document the due diligence in the vendor file — exam staff will ask.

Anyone giving advice or executing trades on the project needs current Series 65/66 (IAR) or Series 7/63 (registered rep) registration in the relevant states, plus current FINRA CE / firm element completion. Pull the CRD report for the project team.

Walk the calendar against quarter-end fee billing, ADV annual amendment, RMD season (Oct–Dec), and any planned audits. Resequence project tasks rather than let two cycles collide.

List every stakeholder group: clients, advisors, operations, custodian relationship managers, IT, board / investment committee, regulators if applicable. Note the touch frequency and channel for each.

Standing agenda: milestone status, open risk register items, QA findings, vendor blockers, decisions needed from CCO or principals. Minutes filed to the project record.

Material change to ADV Part 2A, change in custodian, fee structure change, or NPI access change all require client notification. Confirm scope and timing with the CCO before sending — premature or wrong-toned notices generate complaints.

CCO-approved notice goes out via the firm's archived channel (client portal + email). Track delivery and acknowledgment per client; chase non-acknowledgments at day 14 and day 30. File the delivery log in the client folder.

Final close package: closed risk register, QA findings status, client notification delivery log, vendor due diligence file, and any updated supervisory procedures. CCO signs off; project record archived to the books-and-records system.