On September 27, 2012, the Securities and Exchange Commission's Office of Compliance Inspections and Examinations (OCIE) issued a summary report (the "Summary Report") describing the best practices of broker-dealers to protect against the misuse of material nonpublic information (MNPI) under Section 15(g) of the Securities Exchange Act of 1934 (the "Exchange Act"). This provision requires broker-dealers to establish, maintain and enforce written policies and procedures reasonably designed to prevent its misuse, taking into consideration the nature of their business. While the Summary Report focused primarily on the broker-dealer industry, OCIE specifically noted that Section 204A of the Investment Advisers Act of 1940 (the "Advisers Act") requires similar policies and procedures for MNPI for registered investment advisers. The Summary Report supplements a 1990 report issued by the Division of Market Regulation of the New York Stock Exchange (NYSE) on "Broker-Dealer Policies and Procedures Designed to Segment the Flow and Prevent the Misuse of Material Nonpublic Information," which, among other things, provided an overview of then-current broker-dealer information barrier practices. Since 1990, however, as businesses have evolved, best practices have evolved correspondingly. As explained in more detail below, the Summary Report provides some helpful insight into the issues broker-dealers and investment advisers should consider in order to be in compliance with regulations regarding MNPI.

EXECUTIVE SUMMARY

The Summary Report reflects the findings of examinations of nineteen broker-dealers conducted by the OCIE, FINRA and the NYSE's Division of Market Regulation. These examinations took into account new business practices, new technologies and new controls that may impact the compliance efforts of registered broker-dealers.

The Summary Report discussed potential sources of MNPI and controls that many broker-dealers have in place to fulfill their Exchange Act Section 15(g) obligations. The Summary Report also analyzed areas where many broker-dealers lack reasonably-designed controls to effectively monitor their usage of MNPI, along with other areas of concern that the government will continue to monitor. The Summary Report cautions that members of the financial community "should continually reassess both potential sources and uses of MNPI and whether reasonable controls are in place," and that reasonable practices may vary among broker-dealers and investment advisers depending on such factors as size and business model.

The report focuses, in part, on the differences between "private-side" and "public-side" MNPI in terms of conforming to agency regulation. Private-side groups have routine or ongoing access to MNPI; public-side groups do not. A few broker-dealers use an "above the wall" classification for persons and groups to whom MNPI is provided on a need-to-know basis. It cautions broker-dealers and investment advisers from classifying people as "above the wall" where technological and physical barriers, as well as procedures and documentation, are absent or incomplete.

The Summary Report identified four key components of effective information barriers programs: (1) removing decision-making authority from the business unit; (2) formal procedures and documentation; (3) limiting the sharing of information; and (4) surveillance techniques.

  1. REMOVING DECISION-MAKING AUTHORITY FROM THE BUSINESS UNIT

Effective control structures remove decision-making authority from the business unit, which is incentivized to bring in fees for the firm and gives it to the control room, which is a group within compliance whose function is to protect the firm from potential liability for misuse of MNPI. For the control room to have complete decision-making authority, it is important that they independently verify information about trading activity, rather than relying solely on the business unit to report transactions.

To achieve this, many broker-dealers use independent checks to learn if the firm has gained or will gain MNPI. These include automatic notices from conflicts systems and review of confidentiality agreements. Automatic notices help combat the problem of delay in reporting transactions. Additionally, some control rooms review pipeline reports, commitment letters, committee minutes or news articles that reference the broker-dealer to identify items that the business unit may have missed.

Finally, when it comes to assessing the materiality of transactions to determine whether a company should be placed on a monitoring list, it is the control room in consultation with the business unit -- not the business unit alone -- which makes this determination.

  1. FORMAL PROCEDURES AND DOCUMENTATION

The Summary Report cited the importance of using formal, documented processes to limit the spread of MNPI. One area of concern highlighted was the lack of documentation regarding decisions on materiality, including the failure to document transactions deemed immaterial and the reasons for doing so, lack of any specific criteria used to determine materiality and failure to later identify receipt of MNPI (for example, the transaction size decreased significantly). Lack of formal procedures and documentation decreases the reliability of materiality determinations. For example, one broker-dealer excluded entire categories of transactions from consideration, yet transactions within these categories were considered material by contemporaneous public commenters. Had the broker-dealer evaluated these transactions by predetermined specific criteria, the determination of their materiality would have likely been better aligned with the prevailing views on materiality.

Formal procedures are also important in deciding whether to place transactions on monitoring lists. Broker-dealers often stated that they would make "judgment calls" but did not have "bright-line" rules in place regarding whether a transaction should be placed on a monitoring list. Having formal procedures in place could eliminate some of these "judgment calls" and would create a more consistent approach.

The Staff also expressed concern over the lack of formal controls over an employee's transition from the private side to the public side, as well as some broker-dealer's lack of controls in instances in which an employee or group had MNPI and related restrictions but now wants removal of the restrictions. The Summary Report advocated a system in which a certain number of reporting periods must go by between the time the group accessed the MNPI and the time when they may begin trading. Additionally, some firms lacked a process for identifying when private corporations became public through the issuance of securities. Again, formal procedures for such situations would create a more consistent and defensible position.

  1. LIMITING THE SHARING OF INFORMATION

Perhaps the most important function of an information barriers program is to limit the spread of MNPI. One way broker-dealers do this is by limiting information to those who need to know, for example, information on M&A and capital markets transactions are often limited to deal team members.

The distinction between public-side and private-side groups serves purpose. Public-side groups, as mentioned, are not supposed to have routine access to MNPI. If a public-side group or individual needs access to MNPI, broker-dealers employ what is known as an "over the wall" process: first, the private-side group with MNPI identifies to the control room the names of the public-side employees who will be given access to MNPI regarding a specific company. As a result, the over-the-wall employee is prohibited from both personal and firm trading in any security of that company. The grant of MNPI to a public-side employee is either pre-approved by the compliance department of the firm, or must be reported to the compliance department in a timely manner.

The Summary Report expressed concern about above-the-wall executives with unlimited access to MNPI who have management authority over "public-side" employees. It concluded that "broker-dealers are strongly encouraged to consider the benefits, in terms of statutory compliance, of maintaining a MNPI disclosure reporting and monitoring requirement for above-the-wall executives and others in such a category."

In addition to organizational structure, physical barriers and technology are also employed to limit access to unauthorized MNPI. Effective physical barriers included segregating separate functions by floors and limiting access to those floors by key card access. With regard to technological barriers, a firewall blocking electronic communications between the investment banking and research functions, for example, is no longer enough by itself.

  1. SURVEILLANCE AND MONITORING

Finally, the Summary Report notes that many broker-dealers have developed sophisticated mechanisms for identifying anomalous trading and have expanded the scope of their surveillance of trading to include credit default swaps, single stock futures, equity or total return swaps, warrants and bond options. Surveillance methods include conducting pattern-based surveillances which assessed historical patterns, conducting look-back reviews upon the announcement of information and providing surveillance personnel with greater access to relevant information.

CONCLUSION

While the Summary Report cautions that it "is not intended to be prescriptive," and that "different practices may be necessary or appropriate depending on the facts and circumstances," it suggests that information barriers will likely be a focus for the OCIE and other regulators in broker-dealer and investment adviser examinations going forward. Thus, broker-dealers and investment advisers are advised to carefully read the report and review their own practices in light of these findings and the nature of their business.