The SEC and FINRA recently released their exam priorities for 2017. Both regulators have similar focuses to last year, and both include senior investors, high risk/recidivist representatives, and cybersecurity, among other priorities. The regulators’ areas of focus are summarized below:
SEC exam priorities
Like last year, the SEC Office of Compliance Inspections and Examinations (OCIE) describes its 2017 exam and regulatory priorities as focusing on three areas: examining matters of importance to retail investors, focusing on risks specific to elderly and retiring investors, and assessing marketwide risks.
All three areas of focus appeared in last year’s letter, although OCIE has reorganized them. Last year, the elderly and retiring investors focus was subsumed within the retail investors focus. Last year’s third area of focus — identifying potential illegal activity using data analytics — is no longer highlighted because the SEC notes that it has “incorporated data analytics into the vast majority of [its] examination initiatives.”
1. Protecting retail investors: Retail investors face an evolving set of choices in how to invest their money. As a result, the SEC examination priorities will continue to focus on assessing risks related to exchange-traded funds (ETFs), never-before examined investment advisers, and recidivist representatives and their employers. OCIE also announced that it will heighten its focus on electronic investment advice, wrap fee programs, multi-branch advisers, and share class selection in 2017.
2. Protecting senior investors and retirement investments: The SEC will also focus on protecting senior investors and individuals investing for retirement. In particular, the regulator is continuing its ReTIRE initiative and will continue to review advisors and broker-dealers offering variable insurance products and target date funds for retirement accounts. It will also continue to examine pension plan advisors to determine whether they are managing conflicts of interest and fulfilling their fiduciary duties. Finally, the SEC has elevated its focus on senior investors, including evaluating how firms identify financial exploitation of seniors through supervisory programs and controls.
3. Assessing marketwide risks: As with the previous priorities, OCIE’s focus on structural risks and trends that may involve multiple firms or entire industries highlights new and continuing areas of focus. OCIE will continue to focus its exams on:
- Clearing agencies – including annual compliance examinations determined through a risk-based approach in collaboration with the Division of Trading and Markets;
- Regulation Systems Compliance and Integrity (SCI) – including whether SCI entities have established, maintained and enforced written policies and procedures designed to maintain operational capacity and operate in a manner compliant with the Exchange Act;
- National Securities Exchanges – including conducting risk-based inspections.
- Cybersecurity – including testing compliance procedures and controls; and
- Anti-Money Laundering (AML) – including assessing whether broker-dealers have AML programs tailored to the firms’ specific risks.
Areas of focus new to the 2017 OCIE letter include:
- Money market funds – including whether firms comply with the 2014 SEC rule amendments;
- Payment for order flow – including whether broker-dealers are complying with their duty of best execution when routing customer orders;
- FINRA – including SEC oversight into FINRA’s operations, regulatory programs and examinations into individual broker-dealers.
4. The SEC’s other areas of focus in 2017: In addition to these three categories of 2017 exam priorities, the SEC will also continue to allocate resources to examine issues related to municipal advisors, transfer agents and private fund advisors.
FINRA exam priorities
FINRA describes its 2017 exam and regulatory priorities as focusing on core “blocking and tackling” issues of compliance, supervision and risk management. Specifically, it identified five areas of focus: (1) high-risk and recidivist brokers; (2) sales practices; (3) financial risks; (4) operational risks; and (5) market integrity.
1. High-risk and recidivist brokers: FINRA will prioritize review of firms’ hiring, retaining and monitoring of high-risk brokers, which are those that have “significant past disciplinary records or a number of sale practice complaints or arbitrations.” FINRA has created a dedicated examination unit to identify and examine high-risk brokers. In 2017, FINRA will also:
- Conduct a focused review on firms’ supervisory procedures regarding the hiring and retaining of statutorily disqualified and other high-risk brokers, including what due diligence is completed to verify a broker’s Form U-4 information;
- Review individual plans created to detect and prevent future misconduct by a particular broker; and
- Focus on branch-level supervision of high-risk brokers’ activities, including trading, advertising/social media, outside business activities, the use of consolidated account statements, and operational changes, such as to a customer’s address or investment objectives.
2. Sales practices: FINRA will focus on reviewing sales practices related to senior investors, product suitability, excessive and short-term trading of long-term products, outside business activities and social media. Specifically it will:
- Assess firms’ controls to protect senior investors from fraud, abuse and improper advice, especially in connection with recommendations in speculative or complex products and microcap or “penny” stock fraud schemes;
- Evaluate reasonable-basis and customer-specific suitability reviews, including excess concentration;
- Review firms’ monitoring for short-term trading of long-term products and activity intended to evade automated surveillance for excessive switching activity;
- Assess firms’ procedures for reviewing registered persons’ written notifications of proposed outside business activities, handling associated persons’ notifications of proposed private securities transactions, and supervising associated persons’ approved private securities transactions for compensation; and
- Review firms’ supervisory and record-retention systems to ensure that firms capture business-related communications that may occur electronically or via social media.
3. Financial risks: FINRA identified the following financial risks as areas of interest in 2017:
- Liquidity risk: FINRA will review firms’ funding and liquidity plans and assess whether firms adequately evaluate their liquidity needs, develop contingency plans and conduct stress tests and other reviews of their contingency plans. FINRA previously provided guidance on Liquidity Risk Management Practices.
- Financial risk management: FINRA will ask a select group of firms to explain how they would react to a specific stress scenario that affects a firm’s market, credit and liquidity risks and then assess areas such as readiness, communication plans, risk metrics, triggers and contingencies.
- FINRA Rule 4210: FINRA will assess firms’ implementations of the amended FINRA Rule 4210, including written risk policies, procedures and risk limit setting processes.
4. Operational risks: FINRA identified the following operational risks as areas of interest in 2017:
- Cybersecurity: FINRA will review firms’ methods for preventing data loss, controls to monitor and protect data, management of vendor relationships and controls to protect sensitive information from insider threats.
- Customer protection/segregation of client assets: FINRA will assess whether firms have adequate controls and supervision to protect customers’ assets pursuant to SEA Rule 15c3-3. FINRA will also examine transactions with little economic substance meant to reduce firms’ reserve requirements, transactions that result in outsized profit for a client as compared to transactions of similar risk, and transactions that shift profit or loss between a broker-dealer and its affiliates.
- Regulation SHO – close out and easy to borrow: FINRA will assess firms’ compliance with SEC Regulation SHO, including whether firms have reasonable grounds to believe securities are available for borrowing prior to accepting a short sale and firms’ preparation of the easy-to-borrow list
In addition these three categories of operational risks, FINRA will also focus on operational risks related to:
- Firms’ testing of their internal supervisory controls;
- Anti-money laundering and suspicious activity monitoring; and
- Whether firms properly apply exemptions and exclusions to municipal advisor registration requirements under the SEC rules.
5. Market Integrity: The FINRA priorities letter recognized the following topics related to market integrity as areas of focus in 2017:
- Manipulation: FINRA reminds firms of their obligation to comply with FINRA’s amended Order Audit Trail System (OTAS) reporting requirements and to review any report card issued to a firm as a result of FINRA’s Cross Market Equity Supervision Report Cards.
- Best execution: Under Regulatory Notice 15-46, firms owe best execution obligations to customers when firms receive, handle route, or execute customer orders in equities, options, and fixed-income securities. FINRA urges firms to consider how continuing automation of markets and advances in trading technology and communications affect their order-handling decisions.
- Audit Trail Reporting Early Remediation Initiative and Expansion: FINRA expects firms to use the alerts provided by FINRA’s Audit Trail Reporting Early Remediation Initiative to correct systems issues. In some cases, if the issue is limited in scope and promptly addressed, firms may be able to avoid a formal investigation.
- Tick Size Pilot: The data collection obligations of the Tick Size Pilot will continue in 2017. Firms must submit accurate Order Audit Trail Systems (OATS) and market marker data, and FINRA will review for compliance with the data requirements of the Tick Size Pilot, as well as compliance with its quoting and trading restrictions.
- Market Access Rule: In 2017, FINRA continues to see a need for firms’ compliance with the Market Access Rule. FINRA suggests that firms consider the effective practices described in Regulatory Notice 15-09.
- Trading examinations: In 2017, FINRA’s trade examination priorities include:
○ Reviewing the adequacy of alternative trading systems’ disclosures to customers;
○ Identifying potential conflicts of interest; and
○ Evaluating whether floor brokers and upstairs firms are handing manual option orders consistently with their best exaction obligations.
FINRA’s 2017 trading examination priorities also include a pilot trading examination program, to determine the value of conducting targeted examinations of some smaller firms that have historically not been subject to trading examinations due to their relatively low trading volume.
- Fixed Income Securities Surveillance Program: FINRA will continue to review firms’ written supervisory procedures and systems to ensure they are reasonably designed to monitor for manipulation-based conduct, such as wash sales and interpositioning.