RIAs are certainly in the cross-hairs of the SEC. The SEC, recently, sanctioned a RIA for misrepresenting its use of performance models that were actually hypotheticals relating to backtested performance. http://www.sec.gov/litigation/admin/2012/ia-3516.pdf.
The SEC alleged that the RIA played with certain computer software models providing a false impression of performance over various time periods. The SEC claimed these models did not exist during these time periods, but were back-tested hypotheticals. The SEC accused the RIA of violating the anti-fraud and compliance rules since the RIA was also the Chief Compliance Officer, and had no policies or procedures in place to prevent such a scheme. The RIA had to pay a six-figure fine, and retain an outside consultant.
Accordingly, RIAs need to have effective compliance programs to monitor these types of hypothetical models.