We don’t relish the idea of a regulator that has to fill a large financial deficit, especially since it could use fines to fill some of this hole. We expect the lower fine numbers during the last 2 years to be more of an aberration.
On the positive side, requiring what amounts to a net capital penalty should get the attention of senior leaders at these problem firms. On the other hand, FINRA needs to be careful that such a firm doesn’t make a cold calculation to hire a bad broker if the broker’s production offsets the additional financial obligation.
At the very least, member firms should review their 529 Plan recommendations to see if they have exposure and then take action to remediate. Because of the broader implications of an enforcement action and individual liability, we recommend consulting counsel about whether to self-report.
FINRA has fined a large broker-dealer $10 Million for widespread anti-money laundering compliance failures arising from failed systems, insufficient resources, and poorly-designed supervision. FINRA charges that the firm’s wire transfer surveillance system failed to collect required data and thereby omitted information that should have been transmitted to the AML surveillance system. FINRA also faults the firm for significantly understaffing the AML surveillance team, resulting in cursory reviews. The firm was also faulted for improperly allocating supervisory responsibility over surveillance of penny stock trades. FINRA rules require member firms to implement an anti-money laundering program to ensure compliance with the Bank Secrecy Act. A FINRA Enforcement official chided the industry, noting that the regulator “continues to find problems with the adequacy of some firms’ overall AML programs, including allocation of AML monitoring responsibilities, data integrity in AML automated surveillance systems, and firm resources for AML programs.”
Anti-Money Laundering compliance remains a huge challenge for broker-dealers that must spend significant resources on both technology and personnel to ensure adequate monitoring. Regardless, we recommend upgrading your systems and processes before the regulators force your hand with enforcement actions and multi-million fines.
released its 2019 Examination Priorities Letter, spotlighting new areas
including online distribution platforms and fintech, regulatory technology, digital
assets, and fundraising for outside business activities. FINRA will closely scrutinize member firms’
participation with online securities distribution platforms and whether firms
are aiding the unlawful distribution of unregistered securities by handling
customer accounts and/or receiving transaction-based compensation. When using regulatory technology tools, firms
will be asked how they supervise third party vendors and how they protect customer
information. FINRA will work with the
SEC to ensure that member firms implement adequate controls and supervision when
engaging with digital asset offerings through marketing, clearing, and
recordkeeping activities. FINRA continues
its focus on outside business activities with a special emphasis on fundraising
for personal benefit. FINRA also makes
clear that it will continue to review firms for compliance with longstanding
priorities including suitability, fund share classes, private placements,
communications, AML, cybersecurity, senior investors, best execution, and
Compli-pros should read this Examination Priorities Letter together with the recently released Examinations Findings to create an inventory of compliance risks that the firm should immediately address through gap analysis and enhanced procedures. Our experience is that the FINRA examiners hew closely to the announced priorities.
FINRA has issued a report on cybersecurity best practices to assist firms in the development of their cybersecurity programs. FINRA notes that it continues to see “problematic cybersecurity practices” during examinations and that firms identify cybersecurity as a “primary operational risk.” The report focuses on strengthening cybersecurity controls in branch offices, ways to limit phishing attacks, how to mitigate insider threats, the elements of an effective penetration testing program, and adequate controls for mobile devices. The report also includes an appendix that lists core cybersecurity controls for small firms including patch maintenance, access management, vulnerability scanning, and email protection.
The 19-page report does a good job describing every cybersecurity nightmare scenario, which may be instructive for those C-suite executives still in denial. The best part of the report is the small firm appendix that focuses on key issues.
FINRA has released its 2018 Examinations Findings as a “resource for firms to strengthen their compliance programs and supervisory controls.” FINRA says the report selected certain observations because of “their potential significance, frequency, and impact on investors and the markets.” The report highlights widespread deficiencies in suitability policies and procedures including “quantitative suitability” (i.e. series of transactions), overconcentrations, excessive trading, and variable annuities. FINRA also cites widespread failures to ensure fulsome disclosure of fixed income mark-ups, reasonable private placement due diligence, and abuse of discretionary authority. The broker-dealer regulator summarizes other concerns including anti-money laundering, net capital and customer protection calculations, best execution and outside business activities.
This extensive list (15 pages) covers many of FINRA’s greatest regulatory hits. It’s a great document for new compliance officers because it covers a wide range of broker-dealer compliance requirements. Rather than helping compli-pros focus resources, it works better as a checklist to verify that the firm has addressed the most serious regulatory requirements.
OUR TAKE: The regulators will react swiftly and harshly to a registrant that knows about compliance problems but appears to flout the requirements by failing to take remedial action. When assessing compliance programs, senior executives should first ask whether the firm has addressed previously-identified deficiencies.
Ray Calvano of Cipperman Compliance Services recently attended the FINRA Annual Conference in Washington. Major speakers included FINRA President and CEO Robert Cook and SEC Chairman Jay Clayton. Mr. Clayton cited the SEC’s continuing concerns about cryptocurrencies and ICO offerings. He also tried to offer some insight into the new Regulation Best Interest and what it means for broker-dealers. The Conference also addressed how FINRA could tailor its regulations to the needs of smaller firms. Feel free to contact Ray if you want more information.
FINRA released its annual Regulatory and Examination Priorities Letter identifying areas of FINRA focus for 2018. FINRA announced a focus on fraud including insider trading, microcap pump-and-dump, Ponzi schemes and the resulting referrals to the SEC, even if the wrongdoing is outside of FINRA’s jurisdiction. FINRA will also target supervision practices including the hiring and review of high-risk brokers, branch offices, and outside business activities. New this year is a focus on cryptocurrency offerings and the role registered reps play in effecting transactions. FINRA also highlights best execution, cybersecurity, anti-money laundering, and business continuity. Consistent with prior years, FINRA will devote resources to customer protection and net capital, suitability, and liquidity risk.
OUR TAKE: Compli-pros should use the Priorities Letter as a checklist to review the Written Supervisory Procedures. FINRA generally means what it says and addresses these topics during exams.