SEC Marketing Rule - Testimonial and Endorsement Standards

To meet the SEC marketing rule - testimonial and endorsement standards requirement, you must prevent any testimonial or endorsement in an advertisement from creating an untrue or misleading statement, and you must be able to substantiate every material claim the testimonial implies before you disseminate it. Operationally, that means pre-approval, claim-by-claim substantiation, and immutable records for what was published and why it was compliant. ¹

Key takeaways:

• Treat testimonials/endorsements as “advertisements” and apply false/misleading controls before anything is posted. ¹
• Build a repeatable substantiation workflow for implied performance, experience, and “results” statements embedded in third-party quotes.
• Expect exam attention: SEC exams continue to focus on Marketing Rule compliance. ²

Testimonials and endorsements are high-risk marketing content because they often smuggle in implied promises: “best returns,” “always responsive,” “beat the market,” “saved me taxes,” or “risk-free.” Under the SEC Marketing Rule’s general prohibitions, an investment adviser cannot disseminate an advertisement containing an untrue statement of material fact or that is otherwise false or misleading. ¹ For a Compliance Officer, the operational objective is simple: every testimonial/endorsement must be (1) accurate, (2) balanced in context, and (3) supportable with documentation that exists before the post goes live.

This page gives you a requirement-level playbook to implement that standard quickly across channels (website, pitch decks, email, social, podcasts, third-party lead-gen pages). It assumes your marketing team will move fast and that third parties (solicitors, placement agents, influencers, referral partners, platforms that host reviews) will publish content outside your direct systems. The core approach is to treat testimonials/endorsements as regulated content that flows through a documented review, substantiation, disclosure management, and archiving process, with testing to catch drift after publication. SEC exam priorities reinforce that Marketing Rule compliance remains an active focus area, so you should prepare for document requests and sampling. ²

Regulatory text

Requirement (general prohibition): An investment adviser must not disseminate an advertisement that includes any untrue statement of a material fact, or that is otherwise false or misleading. ¹

Operator interpretation (what you must do in practice):

1. Classify testimonials and endorsements you distribute as advertisements subject to anti-fraud/anti-misleading controls. ¹
2. Pre-clear testimonial/endorsement content for accuracy and balance before dissemination, including the implied messages a reasonable investor would take away. ¹
3. Substantiate each material claim, including implied claims (for example, “consistent outperformance” or “lower risk”), with documented support that you can produce promptly in an exam. ¹
4. Retain records of the final disseminated piece, the review/approval, and the supporting substantiation and disclosures tied to that exact version.

Plain-English requirement: “testimonial and endorsement standards”

For operational purposes, apply this plain-English rule: If a testimonial or endorsement could lead an investor to believe something material about your advisory services, performance, fees, conflicts, or client experience, you must be able to prove it’s true in context and not misleading at the time you publish it. ¹

A testimonial can be “true” but still misleading if:

• It cherry-picks an unusual outcome without context.
• It implies all clients get similar results.
• It omits a condition that drove the outcome (market environment, client constraints, time period).
• It uses absolute language (“always,” “guaranteed,” “never lost money”) that you cannot support.

Who it applies to

Entity scope: Registered Investment Advisers and their supervised persons disseminating advertisements. ¹

Operational scope (where this shows up):

• Firm website “reviews,” “client stories,” and embedded third-party ratings/reviews
• Social media posts, reshared posts, comments you highlight
• Pitch decks, RFP responses, one-pagers, newsletters, podcasts/webinars
• Third-party lead generation sites, referral platforms, solicitations where you approve language
• Placement agents or other third parties speaking “on your behalf” in marketing contexts

Practical boundary: If your team can influence, request, edit, approve, script, or republish the statement, treat it as your advertisement and run the same controls. ¹

What you actually need to do (step-by-step)

1) Build a testimonial/endorsement intake gate

Create a single entry point (form, ticket, workflow) that marketing must use before publishing:

• Source of statement (client, promoter, platform, partner)
• Channel(s) and intended audience
• Exact draft language and any accompanying visuals
• Whether the statement references performance, fees, service levels, outcomes, comparisons, or superlatives

Control outcome: Nothing gets posted until it has a compliance disposition: approve, approve with edits, or reject.

2) Perform “claim-by-claim” review (including implied claims)

Reviewers should map the statement to discrete claims and test each for truthfulness and context.

Claim mapping example (how to operationalize):

• Statement: “They helped me outperform my old advisor and I finally feel safe investing.”
  • Claim A: “Outperform” implies comparative results.
  • Claim B: “Safe” implies reduced risk or better risk management.
  • Claim C: “Helped me” implies causal impact attributable to the adviser.

For each claim, require one of:

• Substantiation (documentary evidence)
• Edit (narrow to a verifiable claim)
• Remove (if unsubstantiable or likely misleading)

This is the heart of the requirement: do not disseminate untrue or misleading statements. ¹

3) Substantiation package: document first, publish second

For every testimonial/endorsement, assemble a substantiation packet tied to the exact language that will be disseminated:

• What is being claimed?
• What evidence supports it?
• What assumptions/limitations apply?
• What edits or qualifiers were applied to reduce misleading implications?

Common evidence sources:

• CRM/ticket metrics for service claims (response time, cadence) if you track them consistently
• Client onboarding materials for scope-of-services claims
• Portfolio accounting/performance systems for performance-related implications (be cautious with any performance inference)
• Fee schedules and ADV for fee-related statements

If you cannot support it, change the claim or do not publish it. ¹

4) Standardize required disclosures and version control them

Even when a testimonial is accurate, it can be misleading without context. Treat disclosures as controlled content:

• Maintain a disclosure library with approved language for common testimonial scenarios (client experience, performance-adjacent statements, comparisons, conflict prompts).
• Track disclosure versions and link the version to each published piece.

Your goal is consistency: the same type of testimonial should carry the same disclosure logic across channels.

5) Pre-dissemination approval and final “what went live” capture

Implement a hard pre-approval step that records:

• Approver identity and date
• Final copy and creative
• Substantiation references (links/attachments)
• Disclosure version ID
• Publication channel and date

Then capture immutable proof of what actually went live:

• PDF/screenshot export
• Web archive file
• Social post permalink plus screenshot (posts can be edited or deleted)

6) Post-publication testing (sampling) across channels

Run periodic sampling to catch:

• Edits made after approval
• Missing disclosures on one channel
• Inconsistent risk language between a deck, a landing page, and a social post
• Third-party republishing that changes context

SEC exams are explicitly focused on Marketing Rule compliance, so assume they will request evidence that your process works in practice, not just on paper. ²

Required evidence and artifacts to retain

Keep a “produce-in-48-hours” record set for each testimonial/endorsement:

Core artifacts

• Final disseminated content (exact version)
• Compliance approval record (who/when/conditions)
• Claim-by-claim substantiation memo or checklist
• Supporting evidence files (reports, screenshots, system exports, policies)
• Disclosure text and version used
• Distribution log (channels, dates)

Program-level artifacts

• Written marketing review procedures
• Training records for marketing and client-facing teams
• Content inventory (where testimonials/endorsements appear)
• Testing log and remediation tickets

Daydream fits naturally here if you need a workflow that ties together approvals, substantiation attachments, disclosure versioning, and immutable archiving in one place, with sampling tasks and an audit-ready export.

Common exam/audit questions and hangups

Expect questions that force you to prove operational control:

• “Show me all testimonials/endorsements disseminated in the last period and the approval records for each.”
• “How did you substantiate this statement, and where is the evidence?”
• “Who can post to social media, and how do you prevent unapproved edits?”
• “How do you ensure disclosures are consistent across channels?”
• “How do you supervise third parties who promote the adviser?”

The hangup is usually traceability: the firm can’t tie the live post back to a specific approval and substantiation record.

Frequent implementation mistakes (and how to avoid them)

1. Approving the concept, not the exact language.
   Fix: approve the final copy/creative and archive the final disseminated version.

2. Ignoring implied claims.
   Fix: require claim mapping. If a reasonable investor could infer performance, risk reduction, or comparative superiority, treat it as a claim that needs support. ¹

3. Relying on “marketing says it’s true.”
   Fix: attach substantiation evidence to the approval ticket and make it reviewable.

4. Channel drift (deck has disclosures, website doesn’t).
   Fix: maintain a channel inventory and test cross-channel consistency with a sampling plan.

5. Third-party platform content without supervision.
   Fix: contract and process: define what the third party can say, require pre-approval where you can, and monitor what is actually published.

Enforcement context and risk implications

The SEC has stated that examinations will focus on compliance with recently adopted SEC rules including the Marketing Rule. ² For a CCO, the practical risk is not abstract: testimonials and endorsements are easy for exam teams to sample, and weak recordkeeping or substantiation gaps are easy to document. Your control design should assume a reviewer will ask for the “show your work” file on any single quote pulled from your website.

Practical execution plan (30/60/90-day)

You asked for speed; the plan below emphasizes sequencing and deliverables. Timelines are illustrative phases, not a guarantee.

First 30 days (stabilize and inventory)

• Freeze new testimonials/endorsements unless they go through compliance review.
• Build a content inventory: every place testimonials/endorsements appear (web, decks, social, third-party platforms).
• Publish a one-page “testimonial/endorsement review checklist” with claim mapping + substantiation requirements. ¹
• Stand up an archive method for “what went live” capture.

Day 31–60 (workflow + evidence)

• Implement pre-dissemination approval workflow with required fields and attachments.
• Create a substantiation repository structure (by campaign/channel/date) and link it to approvals.
• Create disclosure library + version control discipline (even a simple controlled document register works).
• Train marketing, IR/sales, and supervised persons who post content.

Day 61–90 (testing + supervision)

• Start cross-channel sampling and log remediation actions.
• Extend controls to third parties: contract language, monitoring, and documented oversight routines.
• Run a mock exam request: pick a testimonial and produce the full file (final content, approval, substantiation, disclosures, distribution).

Frequently Asked Questions

Do we need to substantiate “soft” testimonials like “great service”?

If it’s a general opinion with no measurable implication, it’s lower risk, but still cannot be misleading. If it implies a material fact (for example, “always available,” “responds in minutes,” “reduced my risk”), keep evidence or edit the statement. ¹

Are we responsible for what a third-party promoter says about us?

If you disseminate it, approve it, script it, or republish it, treat it as your advertisement and apply the same controls and recordkeeping. Build contractual and monitoring controls where the third party markets on your behalf. ¹

Can we post testimonials on social media if we add disclosures in the comments?

You need a reliable method to keep the testimonial and the required context together in the form it’s disseminated. Operationally, that means your review should confirm the disclosure placement will travel with the post and remain visible after publication.

What’s the minimum record set we should expect to produce in an exam?

For any testimonial/endorsement, be able to produce the final disseminated version, the pre-approval record, and the substantiation for each material claim. If you can’t recreate what was live and why it was compliant, you will struggle in an exam focused on the Marketing Rule. ³

How do we handle testimonials that mention performance indirectly (“my portfolio grew so much”)?

Treat indirect or implied performance as a material claim that can be misleading without context. Either remove the performance implication or build substantiation and contextual disclosures appropriate to the wording before you disseminate it. ¹

What if marketing wants to A/B test different testimonial language?

Require pre-approval for each variant and archive each final disseminated version with its disclosure version and substantiation. A/B testing creates multiple “finals,” and exams often sample exactly what was shown to investors. ¹

Footnotes

1. 17 CFR 275.206(4)-1

2. 2025-exam-priorities

3. 17 CFR 275.206(4)-1; 2025-exam-priorities