This post first appeared in the Government Contracts Blog.
On January 22, 2019, the Financial Industry Regulatory Authority, Inc. (“FINRA”) released its annual priorities letter highlighting its regulatory program’s points of emphasis for the coming year. The most immediately recognizable difference between this year’s edition and previous ones is that its traditional title, “Examination Priorities,” has been updated to include “Risk Monitoring,” the process by which the self-regulatory organization initially identifies problem areas through surveillance, firm reporting, surveys, questionnaires, and examination findings.
FINRA’s 2019 “Risk Monitoring and Examination Priorities Letter” (the “Letter”) also discusses three entirely new priorities: online distribution platforms, fixed income mark-up disclosure, and regulatory technology. Finally, the Letter lists ongoing areas of focus, and alerts firms that it will continue to assess protocols to handle the risks posed by “bad actors” with problematic regulatory histories.
Online Distribution Platforms
FINRA expressed concern that member firms increasingly engage with online platforms that distribute securities through Rule 506(c) of Regulation D and Regulation A under the Securities Act of 1933, yet incorrectly fail to treat such engagements as the sale or recommendation of securities that would trigger FINRA’s rules.
An online platform is a web-based marketplace for securities that automatically displays orders, executes trades, and provides transaction data. If a platform meets the definition of an “exchange” under the federal securities laws, it must register as a “national securities exchange” or operate under an exemption, such as the one available in Regulation ATS requiring registration as a broker-dealer. Although some platform operators are not broker-dealers, many FINRA members support these platforms by acting as selling agents or brokers of record, or performing custodial, escrow, back-office, or financial technology-related functions.
FINRA made clear that even when its members do not act as operators, such support constitutes the sale or recommendation of securities and falls within the scope of FINRA’s jurisdiction. Accordingly, FINRA intends to evaluate how firms conduct reasonable basis and customer-specific suitability analyses, supervise communications with the public, and meet AML requirements with respect to this business. In addition, as these platforms are often widely accessible to the public via the internet, FINRA will evaluate how firms address the risks of offering documents or other communications that omit material information, contain false or misleading statements, or promise high returns.
Regulations D and A set forth exemptions to the 1933 Act’s requirement that all offerings of securities be registered with the Securities and Exchange Commission (“SEC”). Rule 506(c) of Regulation D permits broadly-advertised private offerings, but only if all investors qualify as “accredited investors” under Rule 501 (i.e., high net worth individuals, banks, insurance companies, brokers, and trusts). As such, FINRA will look closely at how member firms involved with online platforms distributing these offerings verify that all investors are accredited.
Regulation A exempts registration of public offerings that do not exceed $50 million in any one-year period, as long as issuers file offering statements with the SEC and provide investors documentation called offering circulars, similar to prospectuses (more information on offering circulars available here). Crucially, such offerings need not be limited to accredited investors, and increasingly take place via online platforms. When member firms assist with such offerings online, FINRA will evaluate the risk of excessive or undisclosed compensation arrangements between members and issuers.
Fixed Income Mark-Up Disclosure
This year, FINRA will also focus on ensuring compliance with the newest version of FINRA Rule 2232, “Customer Confirmations.” Amended in May 2018, Rule 2232 now requires a member to disclose the amount of mark-up or mark-down applied to a trade in fixed income securities with a retail customer, if the member also executes an “offsetting” principal trade in the same security on the same trading day. “Offsetting” occurs when the customer’s order must be satisfied out of the member’s prior inventory, rather than securities that the member gained through principal transactions that day. The purpose of the amendment is to ensure disclosure of transaction cost information with respect to bond trades to parallel the existing, comparable requirement set forth in Exchange Act Rule 10b-10 for equity trades. FINRA has further encouraged consistent disclosure regarding bond trades by working with the Municipal Securities Rulemaking Board to establish similar requirements through Rule G-15. In light of these goals, FINRA has pledged to monitor any changes in firms’ behavior to avoid triggering these mark-up and mark-down obligations altogether.
Lastly, FINRA will monitor firms’ use of technological tools meant to streamline compliance with the securities laws, to catch any risks arising from supervision and governance systems, third-party vendor management, safeguarding customer data, and cyber security.
In addition to these three new areas, the Letter also discussed ongoing areas of focus. These include Sales Practice Risks, Operational Risks, Market Risks, and Financial Risks. Although these areas have long held FINRA’s attention, the Letter emphasized aspects of these topics that will be particularly important in 2019.
Sales Practice Risks
Within Sales Practice Risks, FINRA highlighted the importance of monitoring protection of senior investors, as well as controls related to outside business activities and private securities transactions. In light of the increasing number of “baby boomer” customers who are seniors, FINRA will assess firms’ supervisory systems to ensure that they exercise heightened scrutiny over these types of accounts to prevent conflicts of interest and financial exploitation. In particular, FINRA will examine how firms stop representatives who act as fiduciaries to elderly clients outside of their employment—i.e., by holding power of attorney or acting as trustee—from using their broker roles to direct funds to themselves. FINRA will also review controls instilled to meet the requirements of new FINRA Rule 2165, which permits a member to temporarily hold disbursements of funds or securities from the account of a “specialized adult” if the member believes that the client is being exploited.
FINRA continues to keep eye on outside business activities and private securities transactions, and particularly cited situations in which associated persons raise funds from their customers for outside entities beyond the reach of their firms’ supervision. The Letter emphasized this scenario is especially concerning when an associated person controls or has an interest in such outside entity, and when the entity has a potentially misleading name similar to the name of an established issuer. FINRA also pointed readers towards proposed FINRA Rule 3290, which would replace its current rules regarding outside business activities and private securities transactions. FINRA is currently considering public comments to this proposal.
Among Operational Risks, FINRA will focus on customer due diligence and supervision of digital assets. FINRA plans to monitor compliance with FinCEN’s Customer Due Diligence Rule, which became effective last year, requiring firms to identify the beneficial owners of customers that are legal entities, and monitor their accounts to recognize and report suspicious activity.
As digital assets are increasingly transacted in the securities marketplace, FINRA is particularly focused on how member firms handle these assets in compliance with the securities laws. The Letter prioritizes review of the approach firms use to determine whether a particular digital asset is a security, and whether firms have appropriate protocols in place to mitigate the risks of these transactions. FINRA pledged to pursue these goals in close coordination with the SEC.
One prominent market risk FINRA continues to monitor is market manipulation. This year, FINRA will do so with attention to correlated exchange-traded products and correlated options that track broad market indices. FINRA will use pattern exploration to better identify the exploitation of unique characteristics of these products through machine learning.
Finally, FINRA will continue to evaluate firms’ business models, particularly with respect to liquidity funding and plans in place to address potential financial crisis. The Letter specified that firms may need to update their stress test assumptions, in light of increased volatility in the market last year. Additionally, as the government securities repurchase agreement (“repo”) market experienced significant rate spikes in 2018, FINRA will check whether firms whose liquidity plans rely on government repo funding have established protocols to account for similar disruptions in the future.
In Step with the SEC
Some of FINRA’s concerns overlap with the SEC’s priorities for the coming year, which were released in December by the Office of Compliance Inspections and Examinations (“OCIE”). OCIE is a department within the SEC that examines market participants to ensure compliance with the securities laws and monitor risk.
Like OCIE’s letter, FINRA’s Letter flagged digital assets and potential conflicts of interest arising from an advisor’s fiduciary status as critical areas for regulatory focus. Given the recent uptick in use of digital assets in the securities space, for the first time, OCIE considered digital assets important enough to be its own prioritized category in the coming year. FINRA also echoed OCIE’s attention to potential abuse when an advisor acts as a fiduciary to a client.
As the foregoing reflects, FINRA’s 2019 regulatory slate is a mix of the old and new, reflecting the Wall Street watchdog’s intent to remain true to its core regulatory mission while simultaneously staking out fresh ground. FINRA’s three new priorities represent an effort to keep pace with today’s ever-evolving technological landscape, and to warn its member firms this landscape is not without regulatory risk.