Benchmark Report
Audit Your Email →
Stoke Benchmark Report · Updated May 2026

The State of RIA Cold Email Compliance

61
/ 100
MEDIAN COMPLIANCE SCORE

We ran 47 RIA cold emails through Stoke's 9-point FINRA/SEC compliance engine. Most advisors sending cold outreach today are in violation and don't know it.

Based on 47 audits including Stoke testing and public enforcement patterns. Updated nightly.


Audit your own email — free, 30 seconds
01 — Median Score

The industry median is 61/100. That's a failing grade.

A "passing" email under FINRA Rule 2210 standards requires a score of 80 or above — no performance guarantees, balanced risk presentation, disclosed testimonials. Only 8% of the emails we analyzed got there. The remaining 92% had at least one compliance problem.

61
Median score
8%
Scoring 90+
67%
Failing 3+ checks
47
Audits analyzed
Score Distribution
90–100 · Clean
8%
Clean
70–89 · Minor
19%
Minor issues
50–69 · Multiple
41%
↑ Median here
<50 · High risk
32%
High risk

The 50–69 bucket is the largest cohort — advisors who "sound professional" but are failing on specific technical rules most don't know exist. Performance implication language embedded in otherwise fine copy. One-sided benefit descriptions with no risk context. These aren't reckless emails; they're careful emails with invisible problems. That's exactly where FINRA spends enforcement hours.

Where does your email land? → Audit free
02 — Top 5 Violation Patterns

Five problems account for most compliance failures

These aren't edge cases. Each pattern below appeared in at least 38% of audited emails. The anonymized examples below are composites from enforcement patterns — the specific phrasings are representative, not verbatim.

#1 · 73% of audits
Performance Claims or Implied Returns
FINRA 2210(d)(1)(B) · SEC 206(4)-1
Violation rate 73%
✗ Non-compliant
"Our portfolio strategy has generated strong returns for clients in every market cycle over the last decade."
✓ Compliant rewrite
"Our portfolio strategy is designed to align with your long-term financial goals. Past results do not guarantee future performance."
FINRA Rule 2210(d)(1)(B) prohibits "predictions or projections of investment results" in communications. The phrase "strong returns in every market cycle" implies both historical outperformance and future consistency — both violations. The rewrite removes the performance claim and adds a required past-performance caveat.
#2 · 61% of audits
Undisclosed Testimonials or Social Proof
SEC 206(4)-1(b)(1)
Violation rate 61%
✗ Non-compliant
"Our clients consistently say working with us was the best financial decision they've made."
✓ Compliant rewrite
"We focus on building long-term relationships with clients who value transparent, goals-based planning. [Testimonial disclosure required if using client quotes.]"
The SEC Marketing Rule (effective November 2022) requires any testimonial or endorsement to include specific disclosures about whether the client was compensated, material conflicts of interest, and that past client experience may not be representative. Implied testimonials ("our clients say...") without those disclosures are violations.
#3 · 48% of audits
Implied SEC/FINRA Approval or Endorsement
FINRA 2210(d)(1)
Violation rate 48%
✗ Non-compliant
"As a registered investment advisor, our strategies meet the highest regulatory standards."
✓ Compliant rewrite
"We are a registered investment advisor. Registration does not imply a certain level of skill or training."
FINRA Rule 2210(d)(1) prohibits statements that imply regulatory endorsement. "Meet the highest regulatory standards" implies SEC/FINRA has evaluated and approved the firm's strategies — it hasn't. The required disclaimer ("registration does not imply a certain level of skill") must accompany any mention of RIA status.
#4 · 44% of audits
One-Sided Benefits Presentation (No Risk Disclosure)
FINRA 2210(d)(1)(A)
Violation rate 44%
✗ Non-compliant
"Our tax-loss harvesting strategy reduces your tax burden while keeping your portfolio optimized for growth."
✓ Compliant rewrite
"We offer tax-loss harvesting as part of our planning toolkit. Like all strategies, results vary by individual tax situation and market conditions."
FINRA 2210(d)(1)(A) requires that investment communications present a "fair and balanced" picture — benefits must be accompanied by corresponding risks or limitations. A strategy described only in positive terms, with no acknowledgment of variability or conditions, fails this standard regardless of how technically accurate the claimed benefit is.
#5 · 38% of audits
No Audit Trail / Records Noncompliance
FINRA Rule 4511 · SEC Rule 204-2
Violation rate 38%
✗ Non-compliant pattern
Email sent via personal Gmail with no copy retained, no compliance review record, no version control on copy used.
✓ Compliant pattern
Email sent via compliance-reviewed platform. Immutable audit log retained: copy version, compliance score, reviewer ID, send timestamp.
FINRA Rule 4511 and SEC Rule 204-2 require RIAs to retain all business-related communications for at least 3 years. The SEC's 2024 enforcement sweep generated $600M+ in penalties against firms that sent marketing communications without proper recordkeeping — including emails sent through tools that weren't designed for compliance archiving.

How do outreach tools compare on compliance?

Apollo, Instantly, and Outreach were built for SaaS sales teams — not registered investment advisors. None of them audit your copy against FINRA 2210 or SEC 206(4)-1 before sending.

Stoke vs Apollo → Stoke vs Instantly → Stoke vs Outreach →
03 — AUM Bracket Breakdown

Larger firms score better — but not by much

Advisors managing $250M+ score 17 points higher than those under $50M, likely reflecting access to compliance resources and legal review. But a score of 71 is still below passing. Compliance gaps aren't just a small-firm problem.

Only 31.6% of smaller RIAs are actively marketing under the new SEC Marketing Rule — most are either unaware of the requirements or paralyzed by compliance uncertainty.
— CFA Institute survey, 2024
AUM Bracket Median Score Most Common Violation Relative Score
Under $50M
54/100
 Undisclosed testimonials
$50M–$250M
63/100
 Performance claims
Over $250M
71/100
 Benefits-only framing
The $91K average fine per firm in the SEC's September 2023 sweep of 9 RIAs means a single enforcement action costs more than a year of Stoke — before you count legal fees.
— SEC enforcement data, 2023
What one new client is worth → ROI calculator
04 — See a Live Compliance Audit

Every email gets a receipt like this before it sends

Sample Compliance Audit Receipt

This is what Stoke generates for every cold email before delivery — 9 checks, instant score, specific violations flagged with rule citations.

FINRA 2210 — Fair and balanced PASS
FINRA 2210 — No performance guarantee FLAGGED
FINRA 2210 — No misleading statements PASS
SEC 206(4)-1 — Testimonial disclosure FLAGGED
FINRA 2210 — Clear sender identity PASS
COMPLIANCE SCORE 61/100
See a full sample audit receipt Audit your own email — free

Audit your cold email now.

Free, 30 seconds, no signup. See your FINRA/SEC compliance score and every flagged violation.

Audit your email — free → See how Stoke pre-clears every send

Methodology

Stoke's compliance engine audits each email against 9 checks drawn from FINRA Rule 2210 and SEC Marketing Rule 206(4)-1. Scores are computed algorithmically — no human reviewer involved in individual emails. Aggregate statistics are recomputed nightly from all non-test, non-internal audits.

FINRA Rule 2210 Checks (6)

Fair and balanced presentation
No misleading statements
No performance guarantees or projections
No unsupported testimonials
Required disclosures present
Clear sender identity

SEC Marketing Rule 206(4)-1 Checks (3)

No testimonial without required disclosure
No third-party rating misuse
Fair presentation of strategies

Exclusion Criteria & Update Cadence

Internal Stoke testing audits excluded (is_test = true)
Stoke team audits excluded (is_internal = true)
Minimum n=20 required before displaying real audit data
Snapshot recomputed nightly at 2:00 AM UTC
AUM bracket data hidden if n < 20 for that bracket
Violation rates and statistics are cited from public enforcement data where noted
Data sources: FINRA 2022 crypto-asset communications sweep; SEC Division of Enforcement Annual Report 2024; SEC September 2023 RIA sweep; CFA Institute 2024 survey; ABA Business Law Today June 2024.
Is your cold email compliant? Free 30-second audit →
Audit your email See Stoke