The foundational rule governing all advertising and marketing by investment advisers, replacing the prior advertising rule in November 2022. Prohibits seven categories of misleading content and regulates the use of testimonials, endorsements, and third-party ratings under strict disclosure conditions.

Requires registered investment advisers to maintain copies of all advertisements and promotional materials, including drafts and revisions. Materials must be retained for five years and accessible to SEC examiners on request.

Requires registered investment advisers to maintain a written compliance program covering marketing and advertising, designate a Chief Compliance Officer, and conduct annual reviews of marketing policies.

Governs advertising and sales literature for registered investment companies. Rule 156 prohibits misleading statements about performance, risks, or fees; Rule 482 establishes requirements for omitting prospectus advertising, including what information can be included when marketing fund products without full prospectus disclosure.

Requires privacy notices when collecting and using customer data for marketing, restricts sharing of customer nonpublic personal information with affiliates and third parties for marketing purposes, and mandates that opt-out rights be disclosed and honored.

While primarily an investment advice rule, Reg BI has marketing implications: broker-dealers cannot advertise themselves as advisors in ways that imply a fiduciary relationship they do not hold, and must disclose material conflicts of interest. Form CRS is treated as a marketing communication and must be written in plain English.

In March 2024, the SEC charged two advisory firms specifically for making false claims about their use of AI in marketing materials. Advisers cannot claim to use AI systems in managing client assets if they do not, and AI-generated marketing content is subject to the same accuracy and disclosure standards as human-written content.

The central rule governing all broker-dealer marketing. Divides communications into three categories — correspondence, retail communications, and institutional communications — each with different approval and filing requirements. All communications must be fair, balanced, and not misleading.

Provides specific guidance on how FINRA Rule 2210 applies to social media. Differentiates between static content (websites, profile pages — treated as retail communications) and interactive content (real-time posts, comments — treated as correspondence). Personal accounts used for business purposes are covered.

Governs how FINRA Rule 2210 applies to influencer and third-party marketing arrangements. Firms are responsible for content created by paid promoters, and compensation arrangements with influencers must be disclosed. All influencer content must comply with fair, balanced, and non-misleading standards.

Governs the use of investment research in marketing. Research reports used in marketing must disclose analyst compensation and conflicts, and marketing materials cannot misrepresent or cherry-pick analyst conclusions.

Requires FINRA member firms to retain all marketing and advertising materials for three years (six years for certain categories). Electronic communications, including social media, must be archived and communications used in customer interactions must be retrievable for examination.

Prohibits false or misleading advertisements relating to municipal securities, and requires specific disclosures for municipal fund securities including 529 plans. Explicitly covers all digital and social media as of a 2019 amendment, and requires principal approval before publication.

Applies the same fair-and-balanced content standards to municipal advisors as Rule G-21 applies to dealers. Testimonials must be disclosed with compensation arrangements, all advertisements require supervisor approval, and social media static content is explicitly treated as advertising.

Broad prohibition on deceptive, dishonest, or unfair practices in marketing. Often cited in conjunction with G-21 advertising violations.

Governs all promotional materials for futures and commodities firms. All promotional materials must be fair, balanced, and not misleading. Strict requirements apply to performance advertising, hypothetical and simulated performance results, and documentation of all promotional materials.

Federal-level counterpart to NFA Rule 2-29. Requires specific disclosures for past performance, hypothetical performance, and risk in all promotional materials, including the CFTC-mandated risk disclosure statement.

The broadest and most flexible consumer protection standard in financial services. Prohibits marketing that is unfair, deceptive, or abusive. Financial firms can be held liable for UDAAP violations committed by their marketing agencies, affiliates, or third-party lead generators.

Specifically prohibits unfair or deceptive advertising in mortgage marketing. Prohibits misrepresentations about interest rates, APR, payment amounts, fees, loan terms, prepayment penalties, and the consumer's ability to obtain refinancing. Also prohibits deceptive use of government affiliation or endorsement imagery.

Requires deposit account advertisements to use specific standardized terms and make clear disclosures about bonuses, fees, and APY. Prohibits advertising accounts as 'free' if conditions or fees would make a typical consumer's account subject to fees.

Governs advertising of consumer credit products. The 'trigger terms' rule requires full APR disclosure whenever any specific credit term is mentioned. Specific rules apply to credit cards, teaser rates, and mortgage advertising.

Prohibits using race, color, religion, national origin, sex, disability, or familial status as factors in targeting or excluding advertising audiences. Digital 'redlining' violations can occur through exclusionary geographic or demographic targeting. Marketing agencies can be held liable for discriminatory targeting practices.

The foundational federal advertising law. Prohibits any advertising that is deceptive or unfair, and requires advertisers to have a 'reasonable basis' for any objective claim before publication. Covers all media.

Requires that all material connections between an advertiser and an endorser be clearly and conspicuously disclosed. Revised in July 2023 with explicit definitions of 'clear and conspicuous,' expanded coverage to virtual influencers and AI-generated avatars, and explicit liability for agencies and intermediaries.

FTC guidance and enforcement actions establishing that marketing claims about AI capabilities must be accurate and substantiated. 'AI washing' — claiming to use AI when you do not — is a deceptive practice. The FTC is developing further rulemaking on AI in advertising.

Sets requirements for all commercial email, including accurate sender identification, truthful subject lines, a physical mailing address, and a functioning opt-out mechanism. Opt-out requests must be honored within 10 business days. Financial content in email remains subject to all other applicable regulations.

Requires prior express written consent before sending automated calls, pre-recorded messages, or text messages for marketing purposes. Do-Not-Call list compliance is mandatory. One of the most actively litigated consumer protection laws, with significant class action exposure.

Requires financial institutions to provide clear privacy notices explaining what data is collected and how it's used. Consumers must have an opportunity to opt out of sharing with non-affiliated third-party marketers. Privacy notices must be available on websites and renewed annually.

FDIC-insured banks must include the official FDIC membership statement in all advertising. The FDIC sign and statement cannot be used in advertising for non-deposit products such as mutual funds, annuities, or stocks, and cannot be used in ways that imply non-deposit products are FDIC-insured.

All marketing for investment products sold through a bank must clearly state the product is 'Not FDIC-insured,' 'Not a deposit,' 'Not guaranteed by the bank,' and 'May lose value.' These disclosures must be prominent and cannot be buried in fine print.

Banks cannot market services in ways that exclude low- and moderate-income (LMI) communities. Geographic targeting of marketing must not systematically exclude LMI areas. Marketing channel selection can be examined for CRA compliance.

Grants California consumers the right to opt out of the sale or sharing of their personal information, which includes targeted advertising and data sharing with ad tech platforms. Requires a 'Do Not Sell or Share My Personal Information' link on websites. CPRA (2023) added the right to opt out of sharing for cross-context behavioral advertising.

Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), and other states have enacted privacy laws following a similar model to CCPA. Firms with national marketing campaigns need a framework that satisfies all applicable state laws. Key marketing implications mirror CCPA: opt-out rights, data transparency, and limitations on behavioral advertising.

Requires a lawful basis for processing personal data for marketing, with consent being the typical basis for direct marketing. Consent must be freely given, specific, informed, and unambiguous. Fines can reach €20 million or 4% of global annual revenue, whichever is higher.

Firms are responsible for all content published through any channel, including personal social media accounts used for business. Static posts are treated as retail communications requiring principal approval; interactive content may be treated as correspondence but remains subject to supervision. All business-related social media must be archived.

AI-generated advertising is held to the same accuracy and disclosure standards as human-created content. No AI-specific marketing rules have been finalized yet, but the FTC, SEC, and CFPB have all signaled increased scrutiny. Key risk areas include unsubstantiated performance claims, hallucinated regulatory citations, disclosure omissions, and AI washing.

When a financial services firm engages influencers, affiliates, lead generators, or any third-party marketer, multiple regulations apply simultaneously across the FTC, FINRA, SEC, MSRB, and CFPB. Firms bear responsibility for third-party content and compensation must be disclosed across all regulatory frameworks.

Across all applicable regulations, financial services firms must meet documentation standards for pre-publication review, archiving, and retention of all marketing materials. In regulatory examinations, examiners will ask to see copies of all marketing materials, records of approval, regulatory basis for claims, third-party relationship documentation, and consumer complaint records.