FINRA released its annual Regulatory and Examination Priorities Letter identifying areas of FINRA focus for 2018. FINRA announced a focus on fraud including insider trading, microcap pump-and-dump, Ponzi schemes and the resulting referrals to the SEC, even if the wrongdoing is outside of FINRA’s jurisdiction. FINRA will also target supervision practices including the hiring and review of high-risk brokers, branch offices, and outside business activities. New this year is a focus on cryptocurrency offerings and the role registered reps play in effecting transactions. FINRA also highlights best execution, cybersecurity, anti-money laundering, and business continuity. Consistent with prior years, FINRA will devote resources to customer protection and net capital, suitability, and liquidity risk.
OUR TAKE: Compli-pros should use the Priorities Letter as a checklist to review the Written Supervisory Procedures. FINRA generally means what it says and addresses these topics during exams.
FINRA has issued a report summarizing its observations on the compliance and supervision issues arising from recent examinations. Highlighted concerns include cybersecurity, outside business activities, anti-money laundering, product suitability, best execution, and alternatives in IRA accounts. FINRA found weaknesses in cybersecurity programs including failure to control access to data, insufficient risk assessments, and inadequate vendor supervision. FINRA expressed concerns about failures to report OBAs and failures to execute adequate reviews or retain documentation. AML programs fell behind as firms changed and grew but failed to properly resource growing AML volume. FINRA raised suitability concerns over recommendations of UITs, fund share classes, and complex products. FINRA hopes that firms will use the report as a “resource in tailoring their compliance and supervisory programs to their business.”
OUR TAKE: It’s always good to get more transparency into the examination program. What’s less clear is how firms should react to this information especially since FINRA generally issues its examination priorities letter in January. Regardless, expect FINRA to focus on these issues during cycle exams.
The SEC has upheld a FINRA bar of a registered rep for failing to timely respond to FINRA’s requests for information. Following the filing of a U5 indicating the rep was terminated for failure to comply with firm policies and disclosure obligations, FINRA initiated an investigation. The respondent repeatedly failed to respond to requests sent to his CRD address. Eleven months after the initial request and 9 months after the bar became effective, the respondent sought relief from the bar on the grounds that health issues prevented his timely response. The SEC rejected his argument because he continued to work and remain active and failed to timely respond as reasonably practical.
OUR TAKE: The regulators will proceed with penalties if you ignore their requests for information. Once penalties, such as an industry bar, are imposed, it becomes very difficult to demonstrate good faith.
FINRA imposed nearly double the fines on the industry in 2016, assessing $173.8 Million in fines as compared to $93.8 Million in 2015, according to its annual report. The increase in fines helped FINRA report over $57 Million in net income versus a $39 Million loss last year, even though operating income was lower in 2016. FINRA also ordered another $27.9 Million in restitution. FINRA uses fines collected for “capital expenditures and regulatory projects.”
OUR TAKE: Most of the financial regulators use their enforcement powers to collect funds to support their activities. Rather than encourage this financial incentive to bring cases, policy-makers should consider other alternatives such as third party compliance reviews or user fees.
FINRA has published a Regulatory Notice that provides guidance on the content, recordkeeping, and supervision of certain digital communications. FINRA clarifies that text and chat messages with clients must be retained as customer communications to the same extent as written or email communications. FINRA also offers guidance on when broker-dealers adopt or become entangled when using hyperlinks and other third party content. Sharing content through hyperlink will make a firm responsible for the third party content unless the third party site is dynamic, ongoing, and not influenced by the firm. However, a firm may not use a link to a third party that the “firm knows or has reason to know contains false or misleading content.” FINRA also offers guidance on the use of native advertising, mandating that such content disclose the firm’s name, any relationship, and whether mentioned products or services are offered by the firm. FINRA will allow unsolicited third party opinions posted on social media sites (e.g. “likes” on Facebook) so long as a registered representative does not subsequently endorse the third party opinion. FINRA makes clear that the guidance does not change prior rules and does not interpret SEC rules that apply to advisers.
OUR TAKE: Give FINRA credit for its ongoing regulatory guidance that reflects evolving social media and digital content. The guidance on texts, chats and hyperlinks are fairly reasonable. The challenge for compliance officers is to find emerging technologies and systems to capture the emerging content.
The SEC dismissed the appeal of a terminated broker that FINRA barred for failing to deliver requested information. FINRA delivered several notices and warnings by mail to the broker’s address of record in the CRD, but the broker claimed not to have received the notices in a timely fashion because he had a new address. The SEC cited precedent whereby FINRA may rely on the CRD address unless it has actual knowledge of a different address. Also, FINRA has no obligation to send notices by email or other means. The SEC also opined that the broker failed to exhaust his FINRA administrative remedies, which included the opportunity for a hearing on the substantive issues.
OUR TAKE: “I didn’t get the memo” is not a valid defense to a regulator seeking information. The registrant has an obligation to ensure the validity of contact information filed in regulatory databases such as CRD and IARD.
FINRA has filed a proposal that would allow individuals to return to a broker-dealer without re-taking their exams for up to 7 years so long as they fulfill continuing education requirements. The proposal seeks to correct the current rule whereby a licensed representative loses his/her license after 2 years even though s/he merely transferred to a financial services affiliate. The proposal also allows a person associated with a firm to obtain any qualification and registration permitted by the firm so as to allow such person to “demonstrate proficiency for new roles” and “help firms better manage unanticipated needs.” FINRA will also create a new Securities Industries Essentials exam for those interested in joining the securities industry but may not yet be associated with a registered firm. Those passing the SIE will then take a second specific proficiency exam upon joining a firm.
OUR TAKE: FINRA offers a long overdue revamping of the outdated examination rules. The 2-year rule really makes little sense in the modern world populated by financial services firms that are not necessarily organized by regulatory designation. Also, the contemplated SIE is a brilliant idea to get new blood in the industry and rid the current exams of duplicative questions.
The SEC charged two brokers with churning and excessive trading in customer accounts. The SEC accuses the brokers of engaging in excessive short-term trading that had little chance of benefiting customers after payment of fees. Both brokers, who had significant disciplinary histories, used telemarketing and cold-calling to find clients who they pressured with pre-filled agreements and margin arrangements. An SEC official commented, “This case marks another chapter in the SEC’s pursuit of brokers who deploy excessive trading as a strategy in customer accounts to enrich themselves at customers’ expense.”
OUR TAKE: It is very unusual for the SEC to bring suitability and churning cases against individual brokers. These types of cases are usually FINRA’s jurisdiction. Perhaps this is the beginning of the SEC moving to regulate retail brokers in response to the DoL fiduciary rule.
FINRA has published its annual Regulatory and Examination Priorities Letter, which focuses on high risk and recidivist brokers, protecting senior investors, and cybersecurity. FINRA will examine how firms hire and supervise brokers with disciplinary records. FINRA will evaluate branch-office inspection programs including client communications and outside business activities. Examination staff will scrutinize sales practices for senior investors including suitability when recommending complex products and penny stocks. FINRA expressed significant concern about cybersecurity including how firms prevent data loss, monitor passwords, ensure physical security, and maintain records. In addition to these central themes, FINRA will continue to examine product suitability and concentration, outside business activities, liquidity risks, supervisory controls, anti-money laundering, and best execution. FINRA CEO Robert Cook characterized FINRA’s priorities as a “focus on core ‘blocking and tackling’ issues of compliance, supervision and risk management.”
OUR TAKE: In past years, FINRA exams closely followed the Exam Priorities Letter. Compli-pros should tailor their compliance programs and training to the topics and practices described in the Letter.
FINRA fined a large broker-dealer $6.25 Million for failing to prevent customers from using lines of credit to purchase securities, thereby violating the margin rules. The BD offered a program whereby customers could borrow against their brokerage accounts and use the proceeds for purposes other than buying securities. However, FINRA alleges that the firm failed to implement adequate supervisory procedures to educate and train employees and customers and prevent the misuse of the lending proceeds. FINRA maintains that customers often borrowed and invested in securities within 14 days.
OUR TAKE: This case shows the difference between policies and procedures. A policy states a firm’s position on a course of conduct or practice. Procedures are then required to implement that policy and ensure compliance. Firms that stop at broad policy statements have not implemented an adequate compliance program.