Last week, multiple regulators issued informational guidance and/or specific regulatory relief in response to the COVID-19 (coronavirus) outbreak. Additionally, FIA cancelled its annual International Futures Industry conference scheduled for March 10 - 12 in Boca Raton, Florida, while SIFMA cancelled its 2020 Law and Compliance conference planned for March 15 - 18 in Orlando, Florida. Postponed were the DC Blockchain Summit 2020 scheduled for March 11 - 12 in Washington, DC and the LME and LME Clear Member Townhall on March 11 in London, England. Many financial services industry firms have begun separating employees and imposing restrictions or bans on non-essential travel and group meetings.
In a Notice to Members dated March 4, the National Futures Association acknowledged its understanding that members developing contingency plans to deal with the impact of COVID-19 may have “specific concerns” regarding their ability to comply fully with all Commodity Futures Trading Commission and NFA requirements, particularly if some or all of their staff are unable to work from their offices or the firm’s backup locations. According to the regulated futures association, “NFA and CFTC staff intend to take a practical approach that will give Members appropriate flexibility in implementing contingency plans needed to continue to conduct business” if regulatory relief is required.
However, NFA encouraged members to review their business continuity plans to ensure they address situations like COVID-19 and contain up-t0-date information (e.g., current key persons and contact information). NFA also recommended that Members consider providing employees refresher or new training on working from remote locations.
Separately, the UK Financial Conduct Authority restated its expectation that all firms have contingency plans dealing with major events, and indicated it is currently reviewing, along with the Bank of England, “the contingency plans of a wide range of firms.” FCA indicated it expects that firms are taking “all reasonable steps” to ensure they meet their regulatory obligations, including, for example, the capability to enter orders and transactions into appropriate systems, record conversations when trading, and provide staff compliance support when required.
Although neither the Securities and Exchange Commission nor the Commodity Futures Trading Commission have issued any written guidance for brokerage firm registrants (i.e., broker-dealers or futures commission merchants), the SEC provided conditional regulatory relief for certain publicly traded companies’ filing obligations. Specifically, publicly traded companies required to file certain disclosure reports from March 1 through April 30, 2020, may have an additional 45 days to file such reports provided they give the SEC a summary of why they require the relief. The SEC also advised companies to consider their disclosure obligations under federal securities laws should they become aware of some risk to their business because of COVID-19.
The SEC’s Division of Investment Management separately indicated it would recommend no enforcement action against an investment fund board that did not comply with certain in-person voting requirements from March 4 through at least June 15, 2020, in case of “unforeseen or emergency circumstances affecting some or all of the directors.” The SEC indicated it might be open to extend its no-action position to a later date “as circumstances warrant.”
Getting the Business Done: The spread of the COVID-19 virus worldwide will continue to create unusual challenges for all businesses because of the difficulty of detecting carriers and the current lack of a vaccine. Apparently, persons may be contagious when asymptomatic, and even early tests of persons carrying the virus may not detect its presence. Additionally, it appears the virus may be transmitted without actual contact with a specific carrier – so-called “community” transmission.
As a result, the most important measure companies and individuals can take during the current crisis is to be informed by facts. The Center for Disease Control and Prevention maintains a robust website of relevant information, including frequently asked questions and answers, and persons may subscribe to automatic updates. (Click here to access the CDC website, and here for a subscription link.) It’s important that companies and individuals follow CDC’s myriad recommendations to the extent practical.
Separately, both the Financial Industry Regulatory Authority and the NFA require their members to maintain robust business continuity plans with certain prescribed elements. (Click here to access FINRA Rule 4370, here for NFA Rule 2-38, and here for NFA Interpretive Notice 9052.) Both the SEC and CFTC also require business continuity plans for certain registrants. (Click here, e.g., for CFTC Rule 23.603 related to swap dealers and major swap participants and here for SEC IM Guidance Update 2016-4 for investment companies.) The SEC proposed BCP requirements for investment advisors in 2016 but has not formally implemented any to date. (Click here to access the SEC’s proposal.) Both FINRA and NFA obligate members to provide and update the regulatory organizations with the name and contact information of key management personnel and certain other enumerated information. FINRA also provides a basic checklist of items that should be addressed in BCPs that make sense for all regulated organizations, as relevant:
- data backup and recovery;
- essential systems;
- financial and operational assessments;
- backup communications between customers and the firm;
- alternate physical locations of employees and agents;
- essential third parties and counterparties;
- regulatory reporting; and
- access to customer funds and property.
Employees should have access to a firm’s BCP even when remote.
Additionally, following Hurricane Sandy in October 2012, the SEC, CFTC and FINRA issued a joint advisory on business continuity planning. Some of the key recommendations articulated then in response to lessons learned appear timely now. According to the advisory, firms should especially consider:
- enhancing the capability of staff that work from home;
- reviewing critical vendor relationships (how robust are their BCPs);
- updating communication plans;
- evaluating regulatory and compliance requirements; and
As suggested in the current NFA guidance, training is critical. In any case, BCPs should be reviewed to ensure they address or are modified as necessary to deal with infectious disease outbreaks.
Many employment law issues will also arise because of the COVID-19 virus spread. Among other things, CDC recommends that firms:
- proactively encourage sick employees to remain home;
- separate apparently sick employees from others, including sending impacted employees home;
- routinely clean the workplace;
- potentially ban non-essential travel and gatherings; and
- follow recommended CDC steps for employees required to travel.
Additionally, it is important that employers review their policies and practices to ensure they are consistent with public health recommendations as well as prevailing state and federal workplace laws. (Click here to access CDC’s Interim Guidance for Businesses and Employers.)
It will be very important for management to promote calm among employees during the next few months until the COVID-19 outbreak diminishes. By thinking through as much as possible how the business needs to get done, and what can be done to effectuate those needs (sometimes considering non-intuitive solutions), financial service business can be conducted effectively with current technology even if many employees work remotely. To the extent there may be regulatory compliance challenges, try to discuss them in advance with relevant regulators and seek relief if possible; in all cases, ensure that all breaches are documented with as much specificity as possible.