BLOG POST
For 61 years, registered investment advisers were flatly prohibited from using client testimonials in any form of marketing. The 1961 advertising rule treated any positive client comment as inherently misleading — on the theory that one client's experience couldn't represent typical results — and the prohibition was absolute.
That changed on November 4, 2022. The SEC's modernized Marketing Rule (Rule 206(4)-1 under the Investment Advisers Act of 1940) flipped the framework: client testimonials and endorsements are now permitted in adviser marketing, subject to specific disclosure, oversight, and recordkeeping requirements. RIAs can finally collect Google reviews, embed them on their websites, and use them in marketing — for the first time in the rule's existence.
Most advisers haven't fully caught up. Either they're still operating under the old testimonial prohibition (and missing one of the most powerful trust-building tools available), or they've started collecting reviews without putting the required compliance infrastructure in place (and accumulating risk every time they post a testimonial without proper disclosures).
This guide is the practical playbook for getting it right: when and how to ask for Google reviews compliantly, what the disclosures actually need to say, how to handle reviews from existing platforms, and how to wire the whole thing into your firm's CRM so it runs without you remembering to do it — and without creating a Marketing Rule audit problem.
A note on compliance up front: This is the most heavily regulated industry covered in this blog series. The SEC Marketing Rule is principles-based, not prescriptive, and exam staff continue to refine their expectations through Risk Alerts (most recently December 2025) and enforcement actions. This post explains the major requirements as they apply to Google reviews and online testimonials. It is informational, not legal advice. Before launching or modifying a review program, run it past your firm's CCO or outside compliance counsel — RIAs face exam scrutiny on testimonials, and the cost of getting it wrong is materially higher than the cost of getting it reviewed.
Three characteristics of investment advisory services make reviews unusually decisive:
The product is intangible and trust-driven. A prospective client deciding which adviser to hire is making a decision they fundamentally can't evaluate before buying. They can't test-drive an investment philosophy. They can't sample a financial plan. They're picking based on signals: brand reputation, referrals from friends, and increasingly, online reviews. In an industry where the prohibition on testimonials kept review profiles artificially thin for decades, the firms that systematically built reviews after November 2022 have an outsized advantage.
The decision compounds for years or decades. Most clients hire one adviser and stay for 10-30 years. The decision is high-stakes precisely because it's permanent. Prospects research it deeply, and reviews are where their research lands.
Most RIAs still aren't doing this systematically. Recent industry surveys show only about 10-15% of RIAs are actively using testimonials and endorsements in their advertising, three-plus years after the rule changed. Advisers in that minority are competing for prospects against a majority that still has thin or non-existent review profiles. The gap closes through systematic review collection — and most of the competition isn't doing it yet.
The compounding effect: an RIA that builds 200+ Google reviews over the next 24 months will dominate local search rankings against competitors with 8-12 reviews, even when those competitors are equivalent or better at the actual advisory work. This is one of the few moments in any heavily regulated industry where a first-mover advantage on a marketing channel is genuinely available.
This is the part that catches most advisers off-guard. The framework has four core requirements when you use testimonials or endorsements (which includes republishing or amplifying client reviews in your marketing). Each one matters.
When you use a testimonial or endorsement in advertising — including embedding Google reviews on your website, sharing them in social media, or featuring them in a marketing email — the rule requires that at the time the testimonial is disseminated, you clearly and prominently disclose three things:
"Clear and prominent" is the operative phrase, and it's where most advisers fall short. The December 2025 Risk Alert from the SEC Division of Examinations specifically called out:
The standard the SEC is applying: a reasonable client reading the testimonial should see the disclosure at the same time, in the same field of view, in the same visual weight. If the disclosure requires an extra click, an extra scroll, or a magnifying glass, it's not "clear and prominent."
For Google reviews specifically: Google reviews on your Google Business Profile aren't typically subject to the disclosure requirement at the source — Google's interface controls the display, and reviewers leave their own opinions. The disclosure obligation kicks in when you republish or amplify those reviews — embedding them on your website, featuring them in newsletters, sharing them on social media, or otherwise using them as marketing material.
The rule requires that you have a "reasonable basis to believe" any testimonial or endorsement you use complies with the Marketing Rule's substantive requirements (no false statements, no material omissions, no misleading content).
In practice this means: before you embed a review on your website, you need a documented process showing you reviewed it, considered whether the content is accurate and not misleading, and determined that displaying it complies with the rule. This documentation has to be maintained as part of your books and records under amended Rule 204-2.
For a small RIA, this can be as simple as: a designated person reviews each testimonial before it's used in marketing, fills out a one-page substantiation memo confirming the review meets the rule's requirements, and files it. For a larger firm, it's typically integrated into existing CCO-level marketing approval workflows.
The rule requires a written agreement with any "promoter" — the person providing the testimonial or endorsement — that describes the scope of the activities and the compensation terms.
Critically: this requirement only applies to compensated testimonials, and there's a de minimis exemption. Testimonials disseminated for no compensation, or de minimis compensation of $1,000 or less in the prior 12 months, are exempt from the written agreement requirement.
For most Google reviews from real clients, you're operating in the de minimis space — clients aren't being paid, and even small thank-you gifts (a coffee, a bottle of wine) typically fall under $1,000 cumulative. Most Google review collection from clients does not require written agreements. This is the most common point of confusion, and it's worth being clear: you don't need to sign every client to a promoter agreement just to collect their Google reviews.
What does trigger the requirement: paying a referral partner more than $1,000/year for endorsements, hiring an influencer, paying a "review service" or testimonial-generation vendor. Those are compensated promoter relationships and require full written agreements with all the disclosures specified in the rule.
The rule prohibits paying compensation for testimonials to certain "ineligible persons" — individuals who have been the subject of specific regulatory bars, certain felony convictions, or certain SEC/FINRA disciplinary events within the prior 10 years. This is mostly relevant if you're paying influencers or promoters, and isn't a typical concern for collecting reviews from regular clients.
The cleanest way to think about Google reviews under the Marketing Rule:
Step 1 — On Google itself: A client's Google review on your Google Business Profile is the client's own statement. The disclosure obligations don't typically attach to the review at the moment of posting because you're not "disseminating" anything — you're letting your profile receive user-generated content.
Step 2 — When you encourage reviews: Asking clients to leave Google reviews is not, by itself, a Marketing Rule trigger. The act of soliciting a review (without paying for it) is closer to ordinary client communication than to marketing the firm's advisory services. Most advisers can request reviews freely.
Step 3 — When you use the reviews in marketing: This is where the Marketing Rule fully kicks in. Embedding Google reviews on your website, screenshotting them for social media, featuring them in your newsletter, or otherwise amplifying them as part of your firm's promotional efforts — all of this is "use in advertising." At that point, the disclosure requirements apply, and the substantiation requirements apply.
The practical implication for a typical RIA's review program:
Investment advisory has unusually clean ask-windows because the relationship has clear milestones:
At onboarding completion. When a new client's accounts are funded and the relationship is fully active, that's a natural moment. The client just made a major decision — choosing you over alternatives — and they're at their peak emotional confidence in the choice.
After a significant planning milestone. Completing a financial plan, executing a major life-event response (Roth conversion, retirement income setup, business sale planning), or hitting a goal you've been working toward together — these are the high-resonance moments that produce specific, useful reviews.
At annual review meetings. A natural recurring touchpoint. After a productive annual review where you've reviewed performance, updated the plan, and reaffirmed the relationship, ask if the client would be willing to share their experience.
Never during market downturns or right after underperformance. This sounds obvious but bears stating. The same client who'd write a glowing review in a year with strong returns may not in a year with negative ones. The reviews you collect during market stress tend to be different from those collected during calm periods, and the Marketing Rule's requirement for "fair and balanced" presentation means you need a representative review base — not just reviews collected during good years.
What doesn't work: bulk asking your full book of business at once via a single email blast. Beyond the typical low conversion rate, this creates the appearance of orchestrated marketing that compliance examiners look at carefully. Steady, transactional, milestone-triggered asks read more authentically and produce reviews collected under conditions that are easier to substantiate.
The standard rules apply: short, personal, with a direct review link. A few advisor-specific templates:
Post-onboarding:
Hi {First Name}, thanks for trusting us with your financial planning. If you have a moment, a Google review of {Firm Name} would mean a lot — it really helps our practice grow: {Review Link}
Post-annual review:
Hi {First Name}, glad we got a productive review meeting in. If you have a minute, a Google review would help others find {Firm Name}: {Review Link}. Thanks again!
The reminder (5-7 days later):
Hi {First Name}, just a quick reminder — if you have a minute, we'd really appreciate a Google review of {Firm Name}: {Review Link}. No pressure if you're busy!
Subject line options:
Email body:
Hi {First Name},
Thanks again for trusting {Firm Name} with your financial planning. We genuinely appreciate the relationship.
If you have a minute, would you mind leaving a Google review? Honest feedback from clients like you helps other people in {City} find a firm they can trust — and reviews from real clients are one of the most meaningful ways our practice grows.
[Leave a Google Review →]
Thanks so much,{Your Name}{Firm Name}
A compliance note on these templates: the request itself is asking for an honest review, not steering toward a specific outcome. Don't suggest what the client should write ("if you'd mention how we helped reduce your tax bill"), don't offer compensation ("as a thank-you, we'll..."), and don't filter who you ask based on predicted sentiment. Each of these crosses into territory that creates Marketing Rule problems.
If you're embedding Google reviews on your firm's website (or using them in any marketing material), here's a template for the disclosure block that should appear with the reviews. Adapt with your CCO before using.
About these reviews: The reviews displayed are from current and former clients of {Firm Name}. None of the individuals providing reviews received cash or non-cash compensation in exchange for their review. Material conflicts of interest, where any exist, are disclosed alongside the relevant review. Reviews represent the views of the individual clients posting them and are not necessarily representative of the experience of all clients. Past performance is not indicative of future results, and individual experiences may vary materially based on each client's specific facts and circumstances.
A few notes on this template:
The placement matters as much as the wording. Per the December 2025 Risk Alert, this disclosure should appear adjacent to the reviews themselves, not in a footer link, not in a separate disclosures page, not in smaller font than the testimonials.
The advisers consistently building 30+ reviews in their first year aren't doing it manually client-by-client. They've integrated the ask into their firm's existing workflow — meaning it happens automatically at the right moments, every time.
A typical setup:
Step 1: Set the expectation early. During the new-client onboarding, mention that the firm asks for client feedback at certain milestones. "After we get you fully onboarded and you've experienced our process, we'll ask if you'd be willing to leave a Google review. It's how we grow, and we appreciate clients who take the time." This sets expectations and removes the awkwardness when the request comes.
Step 2: Trigger requests from your CRM. When a new client is fully onboarded in your CRM (Redtail, Wealthbox, Salesforce Financial Services Cloud, RightCapital + Redtail, eMoney + a CRM, etc.), or when an annual review meeting is closed, that action fires off an automated review request 24-48 hours later. Most modern advisor CRMs support this through native integrations or Zapier.
Step 3: Send the right sequence. A typical sequence for a newly onboarded client:
For annual reviews:
Step 4: Maintain the substantiation file. Each review that gets used in firm marketing (embedded on the website, featured in social, etc.) should have a corresponding substantiation memo on file showing the review was assessed for Marketing Rule compliance. This becomes important during SEC examinations, where examiners specifically test whether you can produce documentation demonstrating "reasonable basis to believe" each used testimonial complies.
The Marketing Rule technically applies only to SEC-registered investment advisers (generally, advisers with $100M+ AUM or those with specific exemptions). State-registered advisers — typically those with under $100M AUM in most states — follow their own state insurance commissioner / state securities regulator rules.
In practice, most state regulators have moved toward alignment with the SEC rule, but some states have variations or hold-overs from older frameworks. Specifically:
The practical takeaway for state-registered advisers: don't assume the SEC Marketing Rule applies to you (it doesn't), and don't assume your state has the same testimonial rules (it might not). Check with state regulators or compliance counsel before deploying a review program. The framework in this post applies most directly to SEC-registered RIAs.
If your firm has been included in best-of-advisor lists (Barron's, Forbes, Financial Advisor Magazine, regional best-of lists), the same Marketing Rule framework treats those as third-party ratings, with their own specific disclosure requirements:
The December 2025 Risk Alert specifically called out third-party ratings as an enforcement priority alongside testimonials. Many firms display awards prominently without the required disclosures, and that's a common deficiency examiners now look for.
A few specifics for how to embed reviews on a firm site without creating exam exposure:
Pair reviews with the disclosure block. The disclosure template above, placed immediately adjacent to the embedded review widget, satisfies the "clear and prominent" placement standard.
Don't cherry-pick. Selecting only the most flattering reviews for embed creates a "fair and balanced" problem under the Marketing Rule's general prohibitions. If you display reviews on your site, the population should reasonably represent the broader review base — not just the 5-stars.
Date-stamp visibly. Reviews that are visibly current help avoid the implication that the firm's practices are static or that older reviews still reflect current operations.
Document substantiation per use. For each review embedded, maintain a substantiation file showing your reasonable-basis review.
TrueReview's review widget supports content filtering, source attribution, and the ability to display reviews with the date prominently shown, which makes the compliance setup easier. Configure the widget to display the disclosure block above the review feed, set a minimum-rating filter that's broad enough to include a representative sample (not just 5-star reviews), and you've covered the core requirements. Run the implementation past your CCO before publishing.
Negative reviews in financial advisory are sensitive — clients are sharing their experience with their wealth, and the substance often involves factual claims about performance, advice, or service that you may legitimately disagree with.
A few principles:
Don't disclose client-specific information in responses. Confirming someone is a client, referencing their account, or discussing the nature of advice provided creates client confidentiality and SEC privacy issues. Even if the reviewer publicly described the relationship.
Don't argue performance claims publicly. Even when a reviewer's performance characterization is wrong, public response that includes specific performance numbers can trigger TILA-equivalent issues under the Marketing Rule (performance disclosures need full compliance with the rule's performance requirements). The cure is worse than the disease.
Move it offline. Provide a number to call. Most won't, but the offer reads well to prospects scanning the response.
A safe response template:
Thank you for sharing your feedback, {Name}. We take all client concerns seriously. Federal privacy regulations and our firm's own client confidentiality standards prevent us from discussing any individual's specific situation publicly. If you'd like to discuss your concerns directly, please contact our office at {phone number} so we can address them in an appropriate setting.
For positive reviews, keep responses short and warm, without confirming specifics:
Thanks for taking the time to leave a review, {Name}. We appreciate it.
Resist the urge to confirm planning specifics or relationship details ("So glad we got the Roth conversion handled before year-end!"). Generic warmth avoids both the privacy concern and the small risk of inadvertently disclosing something that triggers a separate Marketing Rule issue.
A few practices that show up in advisor review marketing but should be avoided:
Compensating clients for reviews. This is the most direct way to convert a casual review into a written-agreement-required testimonial under the rule. Don't do it. If a client genuinely volunteered a review without solicitation, no compensation issue. If you offer them anything in exchange — even something small — you've potentially triggered the full written-agreement requirement.
Asking for reviews on Google's "preferred" topics. Telling clients what to write ("if you could mention how we reduced your tax burden") creates orchestrated-testimonial issues that the SEC has flagged in enforcement actions. Ask for honest reviews, not specific outcomes.
Cherry-picking which reviews to embed. Showing only 5-star reviews on your website while a representative sample of clients have given lower ratings creates a "fair and balanced" problem.
Paying lead generation services that include endorsements. Many lead-gen services for advisors include "vetted advisor" or "trusted advisor" endorsement-like marketing. These trigger the full Marketing Rule framework, including written agreements, disclosures, and substantiation. Many advisers don't realize this and have ongoing exposures.
Using third-party rankings without disclosures. If your website displays "Top 100 Financial Advisor in [State]" awards or similar, you need the third-party rating disclosures specified in the rule. Many firms display awards prominently without them.
Not maintaining the substantiation file. The recordkeeping requirement under amended Rule 204-2 is real. SEC examiners specifically request it. A firm that's collected reviews and used them in marketing but can't produce the substantiation memos is going to have a deficiency cited.
A financial advisor or RIA running a well-built, compliance-friendly Google review program has all of these in place:
Advisers who get this right tend to see two compounding effects within 12-24 months: their local search visibility improves dramatically (reviews are one of Google's strongest ranking signals for "financial advisor near me" queries), and their conversion rate on inbound prospects goes up because the social proof closes the trust gap before the first call.
Advisers who don't tend to either avoid reviews entirely (and miss the channel) or implement them carelessly (and accumulate Marketing Rule exposure that surfaces during SEC examinations).
Ready to set up SEC-compliant Google review collection for your advisory practice? Start your free 14-day trial of TrueReview — automated SMS and email workflows, embeddable review widgets that support Marketing Rule disclosure placement, content filtering for compliance, integrations with most advisor CRMs, and per-advisor dashboards for multi-advisor firms. No setup fees, no contracts. Run it past your CCO before deploying.
