Luthor

Consolidating vendors can reduce surface-area complexity. But in regulated marketing and communications workflows, fewer vendors does not automatically mean lower risk. The highest-risk control points still require depth, configurability, and clear accountability. This is why teams evaluating compliance infrastructure should separate two ideas that often get conflated: - commercial bundling - compliance depth They are not the same. A bundled platform may simplify procurement while providing only surface-level enforcement across multiple compliance domains. If review logic becomes weaker, policy traceability less transparent, or critical controls harder to adapt, the organization may reduce administrative overhead while increasing operational risk. ⚖️ #RegTech #Compliance #Banking #MarketingCompliance

One of the most rewarding parts of building Luthor is watching compliance teams go from “marketing review is a constant bottleneck” to running a fast, scalable approval process without sacrificing oversight. One of our customers, a large 11-figure asset manager, is a perfect example of this. Like a lot of fast-moving financial firms, their marketing + compliance teams were buried in review cycles. Every campaign, deck, fact sheet, and DDQ required layers of manual review, which slowed deals down and pulled senior team members into repetitive work. After implementing Luthor, the impact showed up almost immediately. In just 60 days, they achieved: + 83% faster approval times (from 4.7 to 0.8 days on average) + 3x increase in compliance review throughput + 358 hours of compliance workload processed What’s been especially exciting is that the gains aren’t just operational. Their team is now reviewing and approving significantly more marketing content while moving faster than before. Marketing can execute with more confidence, and compliance can focus on higher-value review work instead of repetitive back and forth. This is exactly why we built Luthor in the first place. Marketing compliance shouldn’t be the thing that slows growth down. The best firms are realizing that AI can dramatically reduce review friction while actually improving consistency and oversight. Still early, but the results so far have been incredible to watch. 🙏

Version control isn’t broken. Your approval system is. Most asset managers don’t have a file problem. They have a state problem. When legal and compliance say version control is broken, what they actually mean is: > The pitch deck in Dropbox isn’t the one Legal reviewed > The DDQ answers in Excel don’t match the latest numbers > Compliance approved a screenshot — not the final version And nobody knows what’s actually going to investors. That’s not a naming issue. It’s a system-of-record failure. The hard part isn’t storing versions. It’s showing, in one place: > what changed > who reviewed it > which policy applied > whether it’s actually approved Because the moment your team has to reconstruct this from Slack, email, and shared drives… Everything slows down. And risk creeps in. The better question isn’t: “Where is the file?” It’s: “Can everyone see the same truth about this asset?” -- If your IR decks and DDQs still rely on file versions, you’re already behind. Top asset managers are already moving past this. We built Luthor for that shift.

Most teams try to fix false positives by editing the rule. That’s usually the wrong first move. Before you relax a threshold or add an exemption, you need to understand why the rule is noisy in the first place. A simple decision tree helps: 1. Kill the rule if it shouldn’t exist 2. Route it to human review if the decision is too ambiguous 3. Refine the logic only after you’ve compared false positives against real bad outcomes That third step is where teams skip the work. If you can’t clearly separate the harmless pattern from the harmful one, you’re not ready to automate the change. This shows up everywhere: - fraud, - compliance, - approvals, - AI governance. Bad automation usually starts as an unexamined edge case. At Luthor we've seen the teams that improve fastest aren’t the ones with the most rules. They’re the ones that know when to delete, when to escalate, and when to refine. And having the infrastructure to due that automatically is key. #regtech #Finance #Banking #MarketingCompliance

Point-in-time evidence is no longer enough for AI-assisted marketing workflows. Screenshots, exported docs, and approval threads can show that something existed once. They rarely show whether the final asset stayed compliant as versions changed. As content velocity rises, the real requirement becomes continuous control: - policy-aware review - clear approval state - traceable changes after signoff - durable audit trails across teams The organizations that scale safely will not rely on evidence collection alone. They will operationalize controls inside the workflow itself. That shift is becoming foundational for marketing compliance, approvals, and enterprise trust. The best teams are using Luthor to do exactly this. Find out how: https://lnkd.in/gUikke-w #compliance #grc

As Regulatory Oversight Tightens, Marketing Reviews Are Becoming a Front-Line Compliance Control The U.S. Treasury is moving toward more centralized enforcement of AML rules. The broader signal is clear. Regulators expect consistent oversight, clear accountability, and defensible controls across all areas of compliance. For regional banks, that includes marketing and mortgage advertising. Marketing materials are not just branding assets. They are regulated communications tied to fair lending, consumer protection, and reputational risk. When review processes are manual, fragmented, or informal, they create both operational bottlenecks and real compliance exposure. This is why modernizing marketing reviews matters. We helped a regional bank transform its mortgage ad reviews by moving from weeks-long, manual approval cycles to a self-serve, audit-ready process using AI. Read the customer story: https://lnkd.in/g6TgHfJA #RegTech #Compliance #RegionalBanks #MarketingCompliance

The SEC’s Enforcement Focus Has Shifted and Advisers Need to Pay Attention SEC enforcement data shows a clear change in FY 2025. While actions against public companies declined, enforcement against investment advisers and broker-dealers now represents about 50% of all SEC actions, the highest share in nearly a decade. This means adviser compliance remains a top regulatory priority. Disclosure accuracy, reporting standards, and internal controls are under increasing scrutiny, and firms are expected to show that their compliance programs work in practice. At Luthor, we see proactive compliance reviews as essential. Regular reviews help firms identify issues early, stay aligned with evolving rules, and maintain clear documentation that demonstrates due diligence to regulators. With advisers now accounting for half of all enforcement actions, strengthening your compliance framework is no longer optional. Learn more about effective compliance reviews here: https://lnkd.in/g8FqMtxj #WealthManagement #Compliance #SEC #RIA #BrokerDealer #RegTech #FinancialServices #RegulatoryCompliance

Cybersecurity Isn’t Optional: SEC Hits Firm With $325,000 Cyber and Identity Theft Penalty The SEC recently fined a dual-registered broker-dealer and investment adviser $325,000 after years of weak cybersecurity and identity theft controls led to 17 email account takeovers and exposed the data of about 8,500 individuals. According to the SEC, the firm did not have firm-wide information security policies for its branch network until 2020. Even after adopting policies, many branches were still missing foundational safeguards such as MFA, incident response plans, and security training through 2024. The firm’s identity theft program also went essentially unchanged for nearly a decade, even as cyber incidents continued to occur. For RIAs and broker-dealers, the message is clear: outdated policies and fragmented branch controls now create real enforcement risk. At Luthor, we are seeing more firms shift from having policies on paper to implementing evidence-based cybersecurity and compliance workflows that centralize controls, document reviews, and create audit-ready records. https://lnkd.in/eqqskmRe #SEC #Cybersecurity #Compliance #RIA #InvestmentAdvisers #WealthManagement #RegSP #RegSID

The SEC’s recordkeeping and Marketing Rule crackdowns are starting to meet in the same place: your email. Examiners are no longer looking only at off channel texts and chats. They are pulling email campaigns, templates, newsletters and even “one to many” advisor updates, then treating them as full advertisements under the Marketing Rule. If a firm cannot show how those emails were reviewed, what disclosures were included, how performance was calculated, or where every version is archived, the risk of findings goes way up. At Luthor, we are seeing more RIAs move email into a proper compliance workflow instead of treating it as simple outreach. That means pre clear campaigns and templates, standardize disclosures for performance, testimonials and endorsements, and make sure every send and every version is automatically archived so you can actually defend it during an exam rather than trying to rebuild the trail after the fact. If you are rethinking how your firm handles email under the Marketing Rule and recordkeeping rules, we broke down what the SEC is really focusing on and how to build a defensible process here: https://lnkd.in/gjuXF6S3 #RIA #Compliance #SEC #MarketingRule #EmailMarketing

The SEC just told RIAs what 2026 exams will look like. The real question is: can your firm prove it’s ready? The SEC’s Division of Examinations has released its 2026 Examination Priorities with a clear focus on fiduciary duty and standards of conduct, the effectiveness of your compliance program in practice (not just having a manual), new Reg S-P privacy and incident response requirements, and how firms use technology, data, and AI in their advisory business. Most RIAs still prepare for exams with scattered spreadsheets, shared drives, and last-minute document hunts when the exam letter arrives. It feels manageable until examiners start asking for evidence that your policies are actually being followed. At Luthor, we are working with firms to map these 2026 priorities into concrete workflows across books and records, ADV and CRS, marketing, and Reg S-P. The goal is to centralize policies, evidence, and reviews in one place and move away from manual, after-the-fact checks toward continuous monitoring that reflects how the firm actually operates. If you are reading the 2026 priorities and wondering what they mean for your next exam, now is a good time to rethink whether your exam readiness is a one-time scramble or a year-round process. https://lnkd.in/eYnHmgMM #SEC #RIACompliance #InvestmentAdvisers #Compliance #SECExams #RegSP