| FIRM | McNaughton Wealth Management, LLC |
| CRD | 300330 |
| DATE | 2026-07-02 |
| ATTESTATION | 0x1509ca94ac905d46... |
This memo documents a governance review of the written compliance policies and procedures maintained by McNaughton Wealth Management, LLC (“the Firm”) as they relate to the use of artificial intelligence and machine learning tools by supervised persons, with specific attention to the requirements of Rule 206(4)-7 under the Investment Advisers Act of 1940. The review identified a material gap between the current Item 11 Code of Ethics framework — which addresses personal securities trading, pre-clearance, and fiduciary conduct — and the SEC’s documented examination expectation that investment advisers maintain written AI governance policies wherever AI tools are used in any operational or client-facing capacity.
This memo establishes a timestamped record of the Firm’s AI policy review event, documents the specific gap between existing written procedures and current regulatory expectations, and provides model written policy language the Firm may adopt as a supplement or addendum to its existing compliance manual. This memo has been cryptographically attested and anchored on Gnosis Chain, creating a tamper-evident record of the date, content, and scope of this governance review that is available for presentation to SEC examiners upon request.
The Firm’s Form ADV Part 2A Item 11 describes a Code of Ethics framework that addresses personal securities trading, pre-clearance obligations, quarterly holdings reporting, and fiduciary standards of conduct. The compliance section contains no reference to artificial intelligence, machine learning, generative AI tools, algorithmic outputs, or any related technology. There is no reference to an approved AI tool list, no requirement that supervised persons disclose their use of AI tools to a principal, no output review or human-in-the-loop requirement, and no employee training obligation specific to AI use. The ADV is similarly silent in Item 8 (Methods of Analysis) and Item 17 (Voting Client Securities) with respect to any AI-assisted workflow.
The absence of AI governance language is not itself a deficiency if the Firm and all supervised persons use no AI tools in any capacity. However, where supervised persons use commercially available generative AI tools — including but not limited to ChatGPT, Microsoft Copilot, Google Gemini, or AI-embedded features within financial planning or portfolio management software — the complete absence of a written supervisory framework for those activities creates examination exposure that is difficult to remediate after the fact.
Rule 206(4)-7 under the Investment Advisers Act of 1940 requires each registered investment adviser to adopt and implement written policies and procedures reasonably designed to prevent violations of the Advisers Act and the rules thereunder. The rule does not enumerate specific technologies; its scope is defined by the Firm’s actual business activities and risk profile. Where a supervised person uses an AI tool to generate client-facing content, conduct research, or produce planning outputs, the absence of any written policy governing that use means the Firm cannot demonstrate, in a regulatory examination, that it exercised supervisory control over those activities.
The SEC’s 2024 and 2025 Examination Priorities explicitly identified AI governance as a targeted area for investment adviser examinations, noting that staff would review whether advisers have written policies and procedures governing AI use, whether disclosures to clients accurately reflect actual AI practices, and whether recordkeeping obligations are being met with respect to AI-generated content. Enforcement actions in 2024 against Delphia (USA) Inc. and Global Predictions, Inc. established that misrepresentations or omissions regarding AI use in investment advisory activities constitute fraud under Sections 206(1) and 206(2) of the Advisers Act — confirming that the SEC treats AI disclosure as a substantive obligation, not a discretionary best practice.
For a firm of McNaughton Wealth Management’s profile — a boutique registered investment adviser with approximately $291 million in combined AUM, insurance-adjacent referral relationships, and a small supervised person population — the risk is not primarily one of AI washing or overstated AI capabilities. The risk is the inverse: if supervised persons are using AI tools for client communications, financial planning document drafts, research summaries, or portfolio commentary without a written policy, the Firm has no documented basis to demonstrate supervisory control over those activities when an examiner asks the threshold question: “Show me your written AI governance policy and when it was adopted.” An examiner who does not receive a responsive answer to that question proceeds immediately to document review, and the absence of any policy becomes the finding. The Firm’s existing Code of Ethics framework — while substantive with respect to personal trading and fiduciary obligations — creates no safe harbor for AI-related supervisory deficiencies because it does not address that domain at all.
The following is model language that the Firm may consider adopting as a supplement to its existing compliance manual or as a standalone AI Governance Policy addendum. This language is drafted to reflect a legally conservative, operationally realistic posture for a small registered investment adviser. It does not assert AI capabilities the Firm does not have, and it does not create obligations the Firm cannot fulfill. A production version would be tailored to the Firm’s specific tool inventory and supervised person count following onboarding.
AI Use Policy — McNaughton Wealth Management, LLC
Supplement to Compliance Manual | Effective: [DATE OF ADOPTION]
Section 1 — Purpose and Scope. This policy governs the use of artificial intelligence tools, generative AI applications, machine learning systems, and AI-assisted features embedded in third-party software (collectively, “AI Tools”) by McNaughton Wealth Management, LLC and all supervised persons. It is adopted pursuant to Rule 206(4)-7 under the Investment Advisers Act of 1940 and supplements the Firm’s existing Code of Ethics and compliance manual. This policy applies to any use of an AI Tool in connection with investment advisory services, client communications, research and analysis, financial planning outputs, or internal business operations where outputs may be retained, transmitted, or relied upon in a client-facing context.
Section 2 — Approved Tool Registry and Disclosure Obligation. The Chief Compliance Officer shall maintain a written registry of AI Tools approved for use by supervised persons (“Approved Tool Registry”). No supervised person may use an AI Tool in connection with client advisory activities unless that tool appears on the Approved Tool Registry or the supervised person has obtained prior written approval from the CCO. Each supervised person shall promptly notify the CCO if they become aware of a new AI Tool being used within the Firm’s operations. The Approved Tool Registry shall be reviewed and updated no less than annually and following any material change in the Firm’s use of technology. The CCO is responsible for assessing whether any AI Tool on the registry gives rise to disclosure obligations under Form ADV Part 2A, including but not limited to Items 8, 11, or 17.
Section 3 — Human Review and Supervisory Control. Supervised persons shall not transmit to clients, incorporate into client-facing documents, or rely upon as the sole basis for investment recommendations any output generated by an AI Tool without applying independent professional judgment to verify the accuracy, completeness, and appropriateness of that output. Where an AI Tool generates content that is transmitted to a client or incorporated into a client document — including financial planning summaries, portfolio commentary, research abstracts, or written investment recommendations — that content shall be reviewed and approved by a principal or the supervised person’s designated supervisor prior to delivery. AI-generated outputs that constitute written investment advice, within the meaning of Rule 204-2(a)(7), shall be captured and retained in accordance with the Firm’s recordkeeping policies. Supervised persons shall document the fact of AI-assisted preparation in any internal work file where AI-generated content contributed materially to a client deliverable.
Section 4 — Training and Annual Acknowledgment. Each supervised person shall complete AI governance training upon hire and no less than annually thereafter. Training shall address: (a) the Firm’s obligations under Rule 206(4)-7 and the Advisers Act with respect to AI use; (b) how to identify content or outputs generated or materially assisted by AI Tools; (c) the Firm’s human review and approval requirements; and (d) the Firm’s recordkeeping obligations with respect to AI-generated content. Each supervised person shall execute a written annual acknowledgment confirming they have read this policy, understand its requirements, and have disclosed to the CCO all AI Tools they use in connection with the Firm’s advisory business. The CCO shall retain executed acknowledgments as part of the Firm’s books and records.
Section 5 — Periodic Review. The CCO shall review this policy no less than annually and following any material change in the Firm’s business, technology environment, or applicable regulatory guidance. The annual review shall be documented in writing and retained as part of the Firm’s compliance records. Where the annual review identifies a material change in the Firm’s AI Tool use that is not reflected in the current Form ADV Part 2A disclosure, the CCO shall initiate a brochure amendment process to update Items 8 and/or 11 as appropriate.
This memo has been cryptographically anchored on Gnosis Chain. The hash below uniquely identifies this document and cannot be altered retroactively. This record is available for SEC examination on request.
| FIELD | VALUE |
|---|---|
| Hash | 0x1509ca94ac905d4633e1df9923a11cf02ec62615e5e5a1218e2af945ecc2b8bc |
| Block | 46993697 |
| Timestamp | 2026-07-02T09:30:55+00:00 |
| Contract | 0xb39B678b60D401B3f5914E2A3a38592823468B7a |
| Chain | Gnosis Chain |
| Verify | https://gnosisscan.io/tx/0x6312a9df0c9e68cfb29b8713b00aef4e63a5f5e96a88d2676dac11ab391b5626 |
The hash above uniquely identifies this document and cannot be altered retroactively. Gnosis Chain is an EVM-compatible public blockchain providing permanent, independently verifiable records. This attestation record, together with the memo content, constitutes a compliance artifact suitable for production to SEC examiners under Rule 204-2.
Generated by G-Stack Protocol | gstackprotocol.com
This demonstration memo uses publicly available Form ADV data. A production ComplianceMemo is generated from your live filing and delivered within 24 hours of onboarding.
This document does not constitute legal advice and does not establish an attorney-client relationship. McNaughton Wealth Management, LLC should consult qualified legal counsel before adopting any policy language.