On November 2, 2015, the securities industry gathered in New York for the SIFMA C&L Regional Seminar. While a variety of topics were discussed, this Alert focuses on the important regulatory and enforcement issues that were covered. During the session on Current Issues Affecting Private Clients, Michael Rufino, Head of Member Regulation – Sales Practice at FINRA, noted several important areas of focus, including firm testing of filters to ensure the accurate flow of information to exception reports, pockets of excessive trading, complex products, senior investors (plus the physically and mentally disabled), recidivist brokers, complex products, conflicts of interest, cybersecurity, on-site branch office inspection and outsourcing. In particular, seniors and IRA rollovers were topics of lengthy discussion, with officials from both FINRA and SEC outlining the key factors for evaluating IRA rollovers. These factors included: communication/advertising, suitability, supervision, training of brokers and disclosures to investors. Some practical tips provided by the industry for dealing with seniors included obtaining emergency contact information at account opening and delaying transactions when something seems amiss.

Ken C. Joseph, Head of the SEC’s New York Regional Office for Investor Advisor/Investment Company Examination Program stated that while the 2015 examination figures have not yet been finalized, exams and recoveries are expected to increase from 2014 levels of 1878 exams and $40 million in recovery. Regarding enforcement, Joseph stated that the SEC initiated 807 enforcement actions in 2015 and obtained orders totaling $4.2 billion in penalties and disgorgement. He also outlined the SEC’s five major areas of attention for 2016, which have not yet been finalized or made public. These include: conflicts of interest; client communication and advertising; use of social media; disclosures on forms ADV; and cybersecurity.

During the Enforcement session, Aitan D. Goelman, CFTC Director of Enforcement, discussed the value of Dodd-Frank in providing the CFTC with new tools and enforcement authority. He highlighted the CFTC’s anti-manipulation authority, as well as the importance of bringing swaps into the daylight, while noting the CFTC’s concern about end-users not bearing the burden of enforcement. Goelman referenced several spoofing cases brought by the CFTC over the past few months, noting that the line between legal and illegal is intent to execute a trade. Stephanie Avakian, Deputy Director of the SEC’s Division of Enforcement, provided the enforcement statistics noted above, and stated that enforcement actions reached all corners of the SEC’s priority areas, including broker-dealer, investment advisor, conflicts, financial reporting, FCPA and hacking cases, among others. She also discussed several notable enforcement actions in the areas of private equity and cybersecurity.

Susan Schroeder, FINRA’s Deputy Chief of Enforcement, explained that firms may receive substantial credit for cooperation and may not be fined where the firms identify the problem, self-report and figure out a plan with FINRA to address the problem. Regarding several notable FINRA enforcement actions focusing on supervision and suitability, she noted the importance of firms updating tools and appropriately responding to changes in the marketplace. Interestingly, in the case of Puerto Rico, she discussed the unique economic environment there and triple tax-free investment incentives on local securities, acknowledging that concentration in local securities was common due to these unique tax benefits. Personal liability for compliance professionals was discussed at length. The regulators on the panel were in general agreement that there was no concerted effort to charge compliance professionals, and that the small number of recent cases charging compliance professionals were largely limited to egregious situations in which the individuals were affirmatively involved in the misconduct.  

Cybersecurity, while referenced in many of the other sessions, was a topic of its own session.  There was consensus among the panel that while large companies have cybersecurity policies in place, their smaller business partners, who plug into the industry and infrastructure, have not quickly adopted such policies. Richard T. Jacobs, Assistant Special Agent-in-Charge for the FBI’s Cyber Branch, noted that technology has been weaponized and that industry must continue to adapt. He noted that the key to successful cyber defense is collaboration between the government and the private sector. He attempted to assuage audience concern by stating that the FBI will largely focus on network information, such as logs and malware, but can obtain a subpoena to provide comfort or legal protection if the company requires. Brian J. Peretti, of the Treasury Department, observed that the Treasury does not have any regulatory responsibility, but provided the practical tips that every company should know its local law enforcement officials to share information, and have an instant response plan that is periodically tested.