Earlier this year, FINRA released its eleventh annual Regulatory and Examinations Priorities Letter. As with prior editions, the purpose of the letter is to highlight the areas of risk and concern that will drive FINRA’s examination and regulatory programs. For 2016, the letter is structured differently from those in prior years, with an introductory section on three broad areas of focus—culture, conflicts of interest and ethics; supervision, risk management and controls; and liquidity—and then a discussion of specific issues and practices that FINRA will target this year.
In this alert, we provide an overview of some of the most significant issues contained in FINRA’s letter. Of course, FINRA continually assesses the market and is likely to identify additional areas of concern throughout the course of the year. Firms should continue to monitor FINRA’s website for developments and update their practices as needed to address changes in regulatory risk. Earlier this month, for example, FINRA sent a “sweep” letter to more than a dozen firms, seeking general information on firm culture, with a particular focus on how management communicates firm culture and measures compliance with cultural values. This sweep follows FINRA’s priority letter, which listed firm culture as a key priority for the current year.
For a complete listing of FINRA’s priorities, see the full letter here.
Three Broad Areas of Focus
Culture, Conflicts of Interest and Ethics. In the news release issuing the Priorities Letter, FINRA’s Chairman and CEO explained that “FINRA will be looking for firms to focus on their culture and whether [they are] putting customers first and promoting risk management adaptable to a changing business environment.” For its part, FINRA seeks to formalize its process for assessing “firm culture,” which FINRA defines as the set of explicit and implicit norms, practices, and expected behaviors that influence how firm executives, supervisors, and employees make and implement decisions.
In assessments, FINRA will focus on five indicators of a firm’s culture:
- whether control functions are valued within the organization;
- whether policy or control breaches are tolerated;
- whether the organization proactively seeks to identify risk and compliance events;
- whether supervisors are effective role models of firm culture; and
- whether subcultures (e.g., at a branch office, a trading desk or an investment banking department) that may not conform to overall corporate culture are identified and addressed.
In this regard, FINRA’s goal is not to dictate a specific culture, but rather to understand how each firm’s culture affects compliance and risk management practices.
Supervision, Risk Management and Controls. FINRA will focus on management of conflicts of interest, technology, outsourcing, and anti-money laundering (AML).
- Management of Conflicts of Interest – In 2016, FINRA will complete the targeted examination it launched in late 2015. In that regard, FINRA will focus on a number of topics, including incentive structures, investment banking and research business lines, information leakage, and position valuation. In particular, FINRA will assess firms’ supervision, control, and validation of the pricing of illiquid, level 3 assets to ensure positions are fairly valued.
- Technology – FINRA will continue to focus on firms’ supervision and risk management of their technology infrastructure, with a particular focus on cybersecurity, technology management, data quality, and governance. With respect to cybersecurity, FINRA will review and assess cybersecurity risk management, and, depending on a firm’s business and risk profile, issues such as governance, risk assessment, technical controls, incident response, vendor management, data loss prevention, and staff training. In particular, with respect to technology management, FINRA has noted deficiencies in firms’ risk management practices, such as (i) a lack of written procedures and evidence of supervision, (ii) insufficient segregation of duties, and (iii) insufficient user acceptance testing and quality assurance.
- Outsourcing – FINRA will review firms’ due diligence and risk assessment of providers of outsourced services and their supervision of those services. Although outsourcing offers a number of potential benefits, each firm remains responsible for supervising its service providers for compliance with applicable laws, regulations, and FINRA rules.
- Anti-Money Laundering – FINRA continues to assess the adequacy of firms’ monitoring for suspicious activity, including surveillance of both money movements and trading activity, particularly for high-risk customer accounts and transactions. In terms of specific highrisk activity, FINRA flagged microcap securities as an area of focus. In this area, firms should have processes in place to identify suspicious trading activity, such as securities that exhibit “red flags” of “pump-and-dump” schemes or manipulative trading.
Liquidity. FINRA will continue to review firms’ management of funding and liquidity, including the adequacy of firms’ contingency funding plans. In addition, FINRA will focus on the adequacy of high-frequency trading (HFT) firms’ liquidity planning and controls.
Highlights from FINRA’s List of Specific Acts and Practices
Sales Practice – Suitability and Concentration. According to FINRA, firms have a fundamental obligation to understand the products they recommend to customers, especially recommendations regarding complex, speculative or longer-duration, interest-rate sensitive, and alternative products. FINRA will therefore focus on firms’ suitability obligations in 2016 by assessing firms’ policies and processes that govern monitoring for excessive concentrations, as well as suitability determinations for recommended transactions or investment strategies, including whether registered representatives adequately consider factors such as credit risk, duration, and leverage as relevant to specific fixed-income, complex, and alternative products. In addition, FINRA has observed that some firms have failed to tailor their systems to the specifics of their product offerings, including shortcomings in new product review committees and training programs for registered representatives and supervisors.
Sales Practice – Sales Charge Discounts and Waivers. In 2015, FINRA expressed a concern regarding the failure of firms to provide appropriate volume discounts (breakpoints) or sales charge waivers for products such as mutual funds, unit investment trusts (UIT), non-traded Real Estate Investment Trusts (REITs), and Business Development Companies (BDCs). These concerns resulted in multiple enforcement actions in 2015. The targeting of this issue in the 2015 Priorities letter, a number of recent enforcement actions, and the 2016 Priorities letter underscore the need for firms to establish and maintain controls to ensure that customers receive the volume discounts and fee waivers they are due.
Sales Practice – Private Placements, the JOBS Act, and Public Offerings.
Private Placements: FINRA will focus on specific concerns related to private placements, including suitability, disclosure, and due diligence. In particular, FINRA notes that certain private placement communications have not reflected the significant risks of loss of principal and lack of liquidity.
Public Offerings: Regulation A+ amendments went into effect in 2015. FINRA will review the filings required under Regulation A+ for possible red flags, such as broker-dealers or insiders of the issuer with a problematic regulatory history, conflicts of interest, noncompliance with escrow requirements, and disclosures indicating inadequate due diligence by the underwriter.
Non-Traded REITs, Direct Participation Programs (DPPs) and BDCs: In anticipation of the amendments to the Customer Account Statement Rule and the DPP Rule becoming effective in April of 2016, FINRA notes that certain sponsors of unlisted REITs and DPPs are in the process of restructuring and repositioning their product lines. FINRA observes that the associated increase in information and choices may add complexity to these illiquid investments, and BDCs in particular may expose retail investors to high commissions and fees, illiquidity risks, and uncertainty in the time period in which BDCs will hold funds prior to investment. FINRA advises that it “will subject all of these products to rigorous reviews” (emphasis added).
Excessive Charges to Customers in New Bond Sales: FINRA will review whether firms have processes in place to ensure that investors are treated fairly, that firms are complying with fair pricing obligations, and that they conduct bona fide public offerings. FINRA will also assess secondary market trading, particularly by syndicate participants, subsequent to the completion of the offering to ensure customers are receiving fair and reasonable prices.
Financial and Operational Controls – ExchangeTraded Funds (ETFs). FINRA will review brokerdealers’ role as Authorized Participants (APs) in the ETF creation and redemption process. In the primary market for ETFs, broker-dealers acting as APs serve as ETF liquidity providers through a process of creating and redeeming ETF shares. This function is critical to maintaining ETF market structure integrity and efficiency; however, AP activities may also result in pressure on the financial integrity of broker-dealers in some conditions, and this, in turn, could impair the liquidity provision function of broker-dealers when acting as an AP. FINRA will review the processes firms use to measure and monitor the impact of overnight counterparty credit risk, and to reflect this accurately in their net capital computations pursuant to SEA Rule 15c3-1.
Financial and Operational Controls – Transmittal of Customer Funds. FINRA has recently brought a number of enforcement actions where firms failed to supervise the transmittal of customer funds to third-party accounts. For 2016, FINRA reminds firms of their responsibilities related to the transmittal of customer funds pursuant to FINRA Rule 3110 (Supervision). FINRA will assess whether firms implement adequate supervisory controls to test and verify systems to prevent the improper transmittal of customer funds. This will include firms’ controls to review and monitor transmittals of funds (e.g., wires or checks) or securities from customer accounts to (i) third-party accounts that would result in a change of beneficial ownership; (ii) outside entities (e.g., banks, investment companies); (iii) locations other than a customer’s primary residence (e.g., post office box, “in care of” accounts, or alternate address); and (iv) firms’ registered representatives (including the hand delivery of checks).
Market Integrity – Regulation SHO. FINRA will assess firms’ compliance with SEC Regulation SHO to ensure they close out fails to deliver by the designated close-out date pursuant to Rule 204. FINRA has observed deficiencies in compliance with the requirement to be net flat or net long on the Rule 204 close-out date. If a firm has a failure to deliver in an equity security that must be closed out pursuant to Rule 204, the firm must borrow or purchase shares on the close-out date and have a net-flat or net-long position on its books and records on that close-out date in order to meet the requirements of Rule 204. FINRA will assess whether firms are implementing supervisory processes to ensure compliance with the net-flat or net-long position requirement of Rule 204, and whether they are correcting deficiencies. In addition, FINRA will evaluate the adequacy of APs’ controls on ETP redemption orders. FINRA is particularly concerned that APs ensure they—and their customers, to the degree required by each specific AP agreement—have sufficient shares in their possession to prevent over-redemptions and potential violations of Rule 204 for failures to deliver shares.
Other areas of focus include (i) Seniors and Vulnerable Investors; (ii) 529 College Savings Plans (529 Plans); (iii) Outside Business Activities; (iv) Market-Maker Net Capital Exemptions; (v) Fixed Income Prime Brokerage; (vi) Internal Audit; (vii) Client Onboarding; (viii) Vendor Display Rule; (ix) Market Access; (x) Fixed Income; (xi) Cross-Market and Cross-Product Manipulation; and (xii) Audit Trail Integrity.
In 2016, FINRA will continue to focus on the importance of establishing a culture of compliance and the implementation of supervisory controls that are tailored for a firm’s business. Each of the specific areas noted by FINRA should be considered from this perspective. FINRA will continue to provide additional guidance throughout the year on these and other topics. Firms should monitor FINRA’s website (www.finra.org), conferences, Regulatory Notices, alerts, and Weekly Upd