For most of the last decade, US financial promotions enforcement actions named the firm. They rarely named the marketing leader. Recent enforcement patterns suggest that pattern is changing - and the implication for CMOs at US financial services firms in 2026 is worth taking seriously.
Three forces are pushing the change at once. The CFPB has increasingly framed enforcement around consumer harm rather than narrow rule violations, which surfaces individual decision-makers in a way the older rule-violation frame did not. State Attorneys General - particularly NYDFS, the California DFPI and the Massachusetts AG - have adopted a more aggressive posture on "supervisory inadequacy" inside marketing functions. And D&O insurance coverage decisions are reshaping how firms allocate personal indemnification when marketing-driven matters arise. The result is that the CMO who could once delegate compliance risk to the compliance function increasingly cannot.
What "reasonable supervision" actually means for a CMO
"Reasonable supervision" is the legal standard regulators apply to senior executives whose decisions shape regulated communications. It has existed in FINRA case law for decades, in SEC matters for longer, and in CFPB enforcement since the Bureau's earliest era. What has changed is how the standard is being applied: regulators are increasingly extending it to business leaders, including marketing leaders, whose decisions create the conditions in which violations occur.
A CMO who approved the brief, set the audience strategy, signed off on the budget, and chose the channel mix is, in the regulator's framing, exercising supervisory responsibility over the promotions function. Whether the standard is met comes down to one question: can the firm show, in writing and on demand, that the CMO exercised that responsibility reasonably?
The four exposure vectors
There are four operational areas where marketing leadership exposure tends to be highest.
Claim substantiation. When a financial promotion makes a factual claim (e.g. about returns, features, competitive comparisons or consumer outcomes) regulators expect the firm to hold documented substantiation at the time of publication. A CMO who approved the campaign without a substantiation file cannot, under examination, demonstrate the claim was supportable when made.
Audience targeting. Modern paid media allows audience selection at a granularity that creates regulatory exposure invisible to creative review. A campaign whose creative passes every test can still produce UDAAP exposure through audience selection — for example, by targeting consumers previously declined for the product, or by inadvertently excluding protected classes from a beneficial offer.
Channel use. A creative asset approved for one channel can become non-compliant when deployed unchanged on another. A static disclosure that worked in a banner ad rarely satisfies regulators when the same ad is reformatted for a six-second mobile video. CMOs carry the responsibility for ensuring channel translation doesn't introduce new risk, and for documenting the review when it does.
Vendor chain. The agency, the influencer, the platform, the data provider. Each is a node where the firm's exposure travels. Recent enforcement, including the FINRA finfluencer wave that produced settlements at M1 Finance, Public.com, Moomoo Financial and TradeZero America, has held firms accountable for what their vendors said on their behalf. The CMO is typically the executive most accountable for vendor selection and ongoing oversight.
A 30-day playbook
A CMO at a US financial services firm should be able to complete the following in 30 days. None of it requires new budget or new headcount — it requires four conversations with the CCO and four operational decisions.
Week 1. Walk through every campaign your team has shipped in the last 12 months with your CCO. For each, ask: where is the supervisory record, who was the approving principal, what is the substantiation file? Every "I don't know" is a future exposure.
Week 2. Agree with your CCO on the standard of supervisory documentation your team will produce going forward, across all four exposure vectors. Put it on one page. Sign it. Date it.
Week 3. Update your marketing brief template so every campaign captures, at intake, the four exposure-vector inputs: claims, audience parameters, channels, vendors. Compliance review begins at the brief, not at the finished asset.
Week 4. Move your campaign documentation out of email and shared drives into a single system of record. When a regulator asks "show me everything you've published in the last 12 months with approvals," the system needs to produce the answer in a working day.
How Adclear fits
Adclear is the financial promotions compliance platform that gives marketing leaders documentary proof of reasonable supervision. The platform was built around the FCA's FinProm regime in the UK and extends naturally into the US multi-regime environment. For CMOs the value is direct: every campaign, every approval, every substantiation file lives in one system, retrievable in a working day rather than reconstructed under deadline pressure.
Talk to us
Doni Hoti (CEO and Co-Founder) and Joe Jordan (CCO and Co-Founder) are hosting CMO cocktails in New York on Wednesday June 17 - the fourth stop of our Front Row series, designed specifically for senior US marketing leaders at financial services firms. Small room, off-the-record, the conversation US CMOs are currently having privately rather than in public.
Request a seat by emailing lauren@adclear.ai
FAQ
Are CMOs really being named in marketing compliance enforcement actions? Increasingly, in CFPB matters and in state AG actions where the agency's enforcement theory turns on individual decision-making rather than firm-level conduct. The trend has been most pronounced over the last 24 months.
What's the simplest way to reduce personal liability? Documentary proof of reasonable supervision. A CMO who can produce the supervisory record for any asset, on demand, has a credible defence. Without that record, the defence falls apart quickly under examination.
Should this concern be raised with the CCO or the CEO? The CCO first - most of the operational fixes live in the marketing-compliance handoff. The CEO becomes relevant when the conversation turns to budget allocation or D&O coverage scope.
Once you're booked in, we'll send you a free playbook on Financial promotions compliance for FinTechs.
