Adviser Oversight of Testimonials and Endorsements

Adviser oversight of testimonials and endorsements means you must be able to show, for each testimonial or endorsement you disseminate, that you had a reasonable basis to believe it complied with the SEC Marketing Rule at the time you shared it. Operationally, this requires pre-use review, promoter governance, monitoring, and retention of documentation that supports your reasonable-basis determination. (17 CFR § 275.206(4)-1)

Key takeaways:

• You need a documented “reasonable basis” file for each testimonial/endorsement as disseminated, not a general belief that your program works. (17 CFR § 275.206(4)-1)
• Oversight extends to third parties (promoters, solicitors, affiliates, platforms) when their content becomes your marketing. (17 CFR § 275.206(4)-1)
• The control objective is time-of-use compliance: approvals, substantiation, and disclosures must match the exact version and channel distributed. (17 CFR § 275.206(4)-1)

This requirement is a supervision and evidence problem, not a copywriting exercise. The rule standard is “reasonable basis,” and the timestamp is “at the time of dissemination.” That combination drives how you design your workflow: you need (1) a repeatable review process before anything goes live, (2) a way to control and monitor promoter behavior and edits after approval, and (3) records that let you reconstruct what you believed, why you believed it, and what exactly you disseminated.

For most advisers, testimonials and endorsements show up in more places than expected: review sites, social posts by employees, influencer content, referral partner pages, podcasts, conference decks, and client quotes embedded in pitch materials. Oversight breaks down when marketing is decentralized and when third parties publish “about your firm” content outside your tools. Your job as CCO or GRC lead is to build a narrow, enforceable operating model: define what counts as a testimonial/endorsement in your environment, route it through a gating mechanism, and retain artifacts that survive an exam.

This page gives you requirement-level implementation guidance you can put into policy, procedures, and a review checklist immediately. (17 CFR § 275.206(4)-1)

Regulatory text

Requirement (verbatim): “The investment adviser must have a reasonable basis for believing that the testimonial or endorsement complies with the requirements of this section at the time of dissemination.” (17 CFR § 275.206(4)-1)

What the operator must do: establish and follow a supervisory process that, before any testimonial or endorsement is shared (and each time it is re-shared or materially edited), produces documented support for your conclusion that the content complies with the Marketing Rule’s conditions for testimonials/endorsements. Your controls must also address ongoing oversight so that what gets disseminated continues to match what was reviewed and approved. (17 CFR § 275.206(4)-1)

Plain-English interpretation (what “reasonable basis” means in practice)

“Reasonable basis” is an evidentiary standard. Examiners will expect you to produce records showing:

• What the testimonial/endorsement said and where it appeared (the “as disseminated” version).
• Who reviewed it and under what authority.
• Why you believed it complied (the specific disclosures, conditions, and any substantiation you relied on).
• When the review happened relative to dissemination, including re-posts and revisions. (17 CFR § 275.206(4)-1)

If your process cannot reliably answer those questions, you do not have a defensible reasonable-basis posture.

Who it applies to (entity and operational context)

Applies to: SEC-registered investment advisers and other advisers subject to the Marketing Rule requirements, including advisers acting as fund managers, when they disseminate marketing that includes testimonials or endorsements. (17 CFR § 275.206(4)-1)

Operational contexts where this commonly triggers:

• Your website “reviews” page, client quotes, case studies, or video testimonials.
• Third-party review platforms where you highlight or repost reviews.
• Referral arrangements where partners promote you publicly.
• Employee/representative social media posts that include client praise or recommendations and are adopted by the firm as marketing (for example, you repost it, link it from your site, or include it in decks).
• Paid or compensated endorsements (including non-cash benefits) that increase disclosure and oversight expectations under the Marketing Rule framework. (17 CFR § 275.206(4)-1)

What you actually need to do (step-by-step)

1) Define and inventory testimonial/endorsement touchpoints

Create a living inventory of channels where testimonials/endorsements appear:

• Owned: website, email, pitchbooks, podcasts, webinars.
• Paid: ads, sponsored posts, lead gen pages.
• Earned/third party: review sites, partners, influencers, conference pages.

Output: a “Testimonials & Endorsements Register” with channel owner, publishing tools, and whether third parties can post without your approval.

2) Establish a pre-dissemination approval gate

Set a hard rule: no testimonial/endorsement goes out without compliance approval recorded in a system of record.

Minimum checklist items for approval:

• Exact content captured (text, audio/video, screenshots).
• Proposed placement/channel and audience.
• Required disclosures prepared for that channel and format.
• If a promoter/third party is involved, confirm governance steps below are complete. (17 CFR § 275.206(4)-1)

Practical control: require a ticket number to publish. If the channel is outside your tooling (for example, a partner’s webpage), require written confirmation of the approved final copy and a screenshot once posted.

3) Implement promoter (third-party) oversight controls

Where a third party is making the endorsement or publishing the testimonial in a way you disseminate or adopt, build promoter oversight into onboarding and periodic monitoring:

• Role classification: identify the promoter, relationship owner, and whether any compensation or benefit is involved.
• Content controls: provide pre-approved language, prohibited claims list, and required disclosures.
• Approval and change management: require promoter to submit drafts and notify you of edits before posting.
• Monitoring: periodically check promoter channels for drift from approved content; document findings and remediation. (17 CFR § 275.206(4)-1)

Contracting note: put oversight hooks in agreements (approval rights, disclosure obligations, recordkeeping cooperation, and takedown requirements). Keep the clause set short so business teams will actually use it.

4) Ensure “as disseminated” capture and retention

Reasonable basis fails if you cannot show what the audience saw.

• Capture final materials as disseminated (PDF, screenshot, recording, landing page archive).
• Store required disclosures alongside the item, not in a separate folder that can’t be mapped later.
• Keep a record of distribution dates and channels. (17 CFR § 275.206(4)-1)

5) Re-review triggers (because the rule is time-of-use)

Define triggers that require a new reasonable-basis review:

• Material edits to the statement, context, headline, or visuals.
• Changes to disclosures, compensation, or promoter relationship.
• Channel change (for example, moving from a long-form webpage to a short-form ad where disclosures may truncate).
• Reposting older content where current conditions differ from when originally approved. (17 CFR § 275.206(4)-1)

6) Supervision, training, and escalation

• Train marketing, investor relations, and relationship managers on what counts as a testimonial/endorsement and the routing process.
• Add escalation paths for “found in the wild” content (for example, a partner posts an unapproved endorsement).
• Track issues to closure, including takedown requests and corrective disclosures where needed. (17 CFR § 275.206(4)-1)

7) Use a system that makes the evidence easy to retrieve

Daydream can help operationalize this by turning each testimonial/endorsement into a controlled record: intake, review checklist, approval, “as disseminated” capture, and a complete audit trail tied to the promoter and channel. The goal is not a prettier workflow; it is faster evidence production during an exam. (17 CFR § 275.206(4)-1)

Required evidence and artifacts to retain

Keep these artifacts mapped to each testimonial/endorsement instance:

• Intake request (who requested, purpose, channel, proposed timing).
• Final approved content and the “as disseminated” version (screenshots/recordings).
• Disclosure text as shown in the channel, with placement evidence.
• Reviewer identity, approval date/time, and approval rationale notes (what you checked and why it passed). (17 CFR § 275.206(4)-1)
• Promoter file (if applicable): relationship owner, communications, contractual terms relevant to marketing oversight, and monitoring logs.
• Change log and re-approval records for edits/reposts.
• Incident records for exceptions (unapproved posts, late disclosures) and remediation steps.

Common exam/audit questions and hangups

Expect variations of:

• “Show me the last three testimonials you used and your basis for believing each complied when disseminated.” (17 CFR § 275.206(4)-1)
• “How do you control third-party promoters’ statements about you?”
• “How do you know the version you approved is the version that went out?”
• “What triggers re-approval, and who enforces it?”
• “How do you monitor social media reposts and review-site highlights?”

Hangups often come from decentralized marketing and weak record linkage (approvals stored in email; final content stored elsewhere; no proof of what was posted).

Frequent implementation mistakes (and how to avoid them)

1. Approving concepts instead of final artifacts.
   Fix: require “as disseminated” capture as a condition of closing the approval ticket. (17 CFR § 275.206(4)-1)

2. Treating third-party posts as “not our marketing.”
   Fix: define adoption and redistribution rules internally; if you repost, link, embed, quote, or feature it, route it through review.

3. No re-review triggers.
   Fix: document a short trigger list and train marketing to treat reposting as a new dissemination event.

4. Disclosure drift across formats.
   Fix: maintain channel-specific disclosure templates; verify placement and prominence with screenshots for each format.

5. No monitoring evidence.
   Fix: keep a monitoring log with date checked, channels checked, findings, and actions taken. Even clean checks matter because they prove oversight. (17 CFR § 275.206(4)-1)

Enforcement context and risk implications

No public enforcement cases were provided in the source catalog for this page, so this section is limited to risk mechanics. The risk is examination deficiency and potential Marketing Rule violations if you cannot demonstrate a reasonable basis at dissemination or if third parties publish noncompliant endorsements that you adopt or fail to supervise. Your exposure increases as marketing distribution becomes more decentralized and as third parties control publication environments. (17 CFR § 275.206(4)-1)

Practical 30/60/90-day execution plan

First 30 days (stabilize and stop the bleeding)

• Freeze new testimonials/endorsements unless they go through a single approval gate.
• Build the channel inventory and identify third parties who post about you.
• Create a one-page review checklist and minimum evidence list.
• Start capturing “as disseminated” screenshots/recordings for anything currently live. (17 CFR § 275.206(4)-1)

Next 60 days (operationalize oversight)

• Stand up the register and workflow in a system of record (ticketing or a purpose-built tool).
• Implement promoter onboarding requirements and contract addendum language for approval/recordkeeping/takedown.
• Train marketing, IR, and relationship managers; publish “what counts” examples tailored to your channels.
• Start a monitoring cadence for third-party channels and social reposts; document results. (17 CFR § 275.206(4)-1)

By 90 days (make it exam-ready)

• Run a mock exam: pull a sample of items and prove reasonable basis end-to-end.
• Validate re-review triggers by testing edits/reposts through the process.
• Produce management reporting: open issues, monitoring findings, exceptions, and remediation cycle time.
• If you adopt Daydream, configure standardized evidence bundles so each item exports as a complete file on demand. (17 CFR § 275.206(4)-1)

Frequently Asked Questions

Does “reasonable basis” require us to investigate whether a testimonial is true?

The rule requires a reasonable basis to believe the testimonial or endorsement complies with the section’s requirements at dissemination. Your process should document what you checked and why that was sufficient for the specific content and channel. (17 CFR § 275.206(4)-1)

If a client posts a positive review on their own, do we have oversight obligations?

If you do not disseminate or adopt it, your obligations are different than if you feature, repost, quote, or embed it in your marketing. If you plan to use it, route it through the same approval and evidence process as any other testimonial. (17 CFR § 275.206(4)-1)

What counts as “time of dissemination” for a webpage?

Treat dissemination as the moment the content becomes publicly available in that channel and any later moment you materially update or re-promote it. Keep “as disseminated” captures tied to the date the page version was live. (17 CFR § 275.206(4)-1)

Do we need to re-approve a testimonial every time we reuse it in a new deck?

If the context, disclosures, or format change in a way that could affect compliance, re-approval is the safer operational rule. At minimum, document the reuse and confirm the disclosures and presentation still match what was approved. (17 CFR § 275.206(4)-1)

How do we supervise a third-party promoter who controls their own social media?

Put approval and disclosure requirements in the relationship terms, provide pre-approved language, and maintain monitoring logs with documented follow-up when you find drift. You need records that show you exercised oversight, not just that you asked them to comply. (17 CFR § 275.206(4)-1)

What is the single most common evidence gap?

Teams often cannot produce the exact “as disseminated” version tied to the approval record. Fix it with mandatory screenshots/recordings at publish time and a system that binds the artifact to the approval. (17 CFR § 275.206(4)-1)