Tuesday morning, 9:47 AM
The letter
arrives.
You've known this was coming.
Not if—when.
It's been three years since your last exam. You're due. Everyone gets their turn.
Erica Brunderman, Chief Compliance Officer
CMH Investments, LLC · 800 Third Avenue, New York, NY 10022
Dear Ms. Brunderman:
The staff of the Division of Examinations of the U.S. Securities and Exchange Commission is conducting an examination of CMH Investments, LLC pursuant to Section 204 of the Investment Advisers Act of 1940.
Please provide the documents identified in the enclosed Information Request List no later than April 23, 2026 (10 business days from the date of this letter).
- All marketing materials distributed during the Examination Period, including performance presentations
- Documentation substantiating all performance claims, including GIPS verification records
- Vendor due diligence files and CCO risk determinations for material third-party service providers
- Annual employee compliance training records and completion evidence
If you have any questions, please contact Catherine M. Reyes at (202) 551-4720. You may also contact David S. Park, Examination Manager, at (202) 551-4700.
What happens next?
You forward the letter to your team. Someone starts a shared doc titled “SEC Exam 2026 - Document Request.”
The marketing director starts pulling files.
“Which version of the pitch deck did we actually send to clients?”
“Do we still have the backup for the 5-year return we cited?”
You think so.
It was a spreadsheet Sarah made.
Sarah left the firm last year.
And that's just the marketing records.
Now they're asking about your vendor contracts. Which custodians did you classify as low-risk, and what due diligence supports that?
And training — who completed the annual compliance program? Can you prove it with timestamps? Or is there a sign-in sheet somewhere in a drawer?
The Assembly
You spend the next week pulling it together.
You probably have your shit together.
You're just doing a fire drill to prove it.
This is the reality most CCOs live with.
And it's insane.
How did we get here?
You know the answer. You've lived it.
Three months later, when the SEC asks “what supports this claim?”, you have to reconstruct the reasoning. You have to remember which file mattered and why.
You're running a compliance function
on institutional memory.
And when the exam letter arrives, you realize: this is insane.
What if there was another way?
Not just that you approved it.
But WHY.
The evidence chain. The reasoning. The complete forensic record. Captured at the moment of approval. Ready when you need it.
The Section Map
Nine sections. One for every question
an examiner is trained to ask.
This is the Blue Folio.
A self-contained forensic document built automatically from your Redan data.
Everything the examiner needs. Nothing they don't.
Every claim. Every piece of evidence. Every decision.
Timestamped. Hashed. Watermarked. Logged.
Exam Day
The examiner arrives.
You open one document.
They ask about your marketing compliance program. You open §3. Every claim, every piece of evidence, every CCO determination — timestamped and immutable.
They ask about your vendors. You open §4. Every vendor risk classification, every DDQ, every CCO memo.
They ask about annual training. You open §5. Every employee, every completion date, every certification — verified and logged.
They move on. In minutes, not hours.
“If this is how buttoned up their documentation is,
the rest of this firm is probably fine too.”
— The examiner's internal monologue
Not because you're avoiding scrutiny.
Because professionalism doesn't invite it.
Your Blue Folio
How complete is yours?
§6–9 Oversight Suite — coming 2026
Build your
defense.
The Blue Folio is built for you — day forward — from your normal compliance workflow. No scrambling when the letter arrives.
Book a DemoJoin CCOs building forensic compliance infrastructure for the 2026 exam cycle.