The Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) recently announced its 2018 examination priorities. Consistent with its 2017 priorities, the OCIE is continuing its focus on retail investors (in particular, senior investors), FINRA, cybersecurity, and money-laundering. New additions to this year’s list of priorities include the evaluation of Municipal Securities Rulemaking Board (“MSRB”), developments in cryptocurrency and initial coin offerings, and a focus on critical market infrastructure. Notably, there is significant overlap between the priorities of the SEC and OSC, with both statements of priorities reflecting current and emerging global enforcement issues.
Summary of SEC’s 2018 priorities
The SEC’s 2018 examination priorities are broken down into five categories:
- Compliance and Risks in Critical Market Infrastructure: OCIE will continue to monitor entities that provide services critical to the proper functioning of capital markets, including (among others) clearing agencies, national securities exchanges, and transfer agents, focusing on aspects of their operations and compliance with recently effective rules.
- Protecting Retail Investors, Including Seniors and Those Saving for Retirement: OCIE will continue to focus on the disclosure and calculation of fees, expenses, and other charges investors pay, the supervision of representatives selling products and services to investors, and the execution of customer orders in fixed income securities. OCIE will monitor the growth of cryptocurrencies and initial coin offerings to ensure that investors receive adequate disclosures about the risks associated with these investments.
- Financial Industry Regulatory Authority (“FINRA”) and Municipal Securities Rulemaking Board (“MSRB”): OCIE will continue oversight of the operations and regulatory programs of FINRA (the US regulatory body similar to Canada’s Investment Industry Regulatory Organization of Canada, “IIROC”), and the quality of FINRA's examinations of broker-dealers and municipal advisors. OCIE will evaluate the effectiveness of select operations and internal policies, procedures, and controls of the MSRB.
- Cybersecurity: OCIE will prioritize cybersecurity with an emphasis on, among other things, governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response.
- Anti-Money Laundering Programs: OCIE will review compliance with applicable anti-money laundering requirements, including whether firms are appropriately adapting their AML programs to address their regulatory obligations.
Significant overlap with OSC’s statement of priorities
There is substantial overlap between the SEC’s priority list and the 2017-2018 Statement of Priorities published by the Ontario Securities Commission (“OSC”) last June. Similar to the SEC, the OSC has been focusing on the following priority areas:
- Protecting retail investors, including seniors, including by defining a regulatory best interest standard and targeting reforms to improve the advisor/client relationship;
- Actively monitoring and assessing impacts of recently implemented regulatory initiatives;
- Promoting cybersecurity resilience; and
- Evaluating the use of embedded compensation structures.
Notable priority areas of the OSC which are unique to the Canadian context include a focus on enhancing the OSC Whistleblower program, harmonizing regulation across the Canadian Securities Administrators and internationally, and supporting Fintech entities.