In the blog I posted yesterday, I discussed a late Xmas present that the 10th Circuit gave everyone who is subject to the SEC’s jurisdiction. Today, let’s talk about FINRA’s New Year’s gift to its member firms: the annual Regulatory and Examination Priorities Letter, which was released this week. As is typically the case with these letters, there is nothing particularly surprising about the topics that FINRA says it intends to focus its exams on; indeed, many are repeats, not just from last year, but from the last century (e.g., adequate supervision of branch offices, review of outside business activities, suitability). In his cover letter to the first Exam Priorities Letter to be issued under his stewardship, new(ish) FINRA President Robert Cook flatly admits that “[m]ost of the topics addressed in this year’s letter have been highlighted in prior years.” So, with that said, let’s review, briefly, what FINRA says is on its mind, and its exam radar screen.

But, first, let me comment on something that’s not in the Letter, and that’s any mention – whatsoever – about the so-called “culture of compliance” that was the star of last year’s letter. I don’t know about you, but I was more than a bit troubled by FINRA’s stated intent to measure something that I, for one, don’t believe is particularly susceptible to objective measurement. FINRA could not even define what it meant by culture of compliance; rather, it simply provided a list of things it expected to see at broker-dealers that maintain a good culture of compliance.

During the course of 2016, FINRA started mentioning “culture” in some Enforcement actions it brought (and which I blogged about), but, even then, the standard to which the respondent firms were being held was never really articulated. It was more like Justice Potter Stewart’s famous quote regarding obscene material – “I know it when I see it” – or, more accurately, from an Enforcement perspective, “I know when I don’t see it.” The problem for firms, of course, became how does one comply with a standard that isn’t really capable of being defined.

Perhaps Mr. Cook has recognized that, and perhaps that is the reason that the 2017 Letter omits any references to culture of compliance. I am hardly suggesting that FINRA no longer cares about culture of compliance; to the contrary, I believe that FINRA still expects firms to demonstrate the sorts of controls and procedures and attitudes previously identified by FINRA as the indicia of a culture of compliance. But, sensibly, maybe FINRA will be focusing more on examining the various parts that, when viewed in the aggregate, comprise a culture of compliance, rather than the unmeasurable sum of those parts.

Now, what was in the Letter worth mentioning:

  • Starting this year, FINRA will initiate “electronic, off-site reviews to supplement [its] traditional on-site cycle examinations.” A “select group” of firms not scheduled for a cycle exam in 2017 will receive “targeted and limited information requests,” the responses to which will be analyzed off-site. FINRA supplied no clue who the lucky recipients of these reviews might be, or the anticipated subjects of the reviews.
  • “Rogue Reps” are back in style (although FINRA doesn’t use that phrase, it calls them “high-risk and recidivist brokers”). First, FINRA will work to “identify” and “rigorously review these brokers’ interactions with customers.” Second, FINRA will reviews firms’ “supervisory procedures for hiring and retaining” recidivist brokers. Third, FINRA will look at firms’ branch inspection programs and supervisory systems for branch and non-branch locations. This, of course, has been on the regulators’ radar screen since the 1990s.[1]
  • FINRA has senioritis. That is, FINRA is extremely interested in anything having to do with sales to seniors, particularly when those sales involve “speculative or complex products in search of yield.” (As an aside, FINRA just loves touting how many calls its Helpline for seniors gets! Indeed, it has even trademarked the acronym: HELPSTM.)
  • Suitability. Nothing new here, except, perhaps, a special shout-out for “excess concentration in customers’ accounts.” Undoubtedly, that has to be a result of the hundreds of arbitrations filed in Puerto Rico based on allegations of accounts being overly concentrated in Puerto Rico securities.)
  • FINRA is concerned about short-term trading in products that it considers to be long-term, e.g., mutual funds, variable annuities and UITs. To that end, FINRA is already engaged in a sweep, of sorts, regarding UIT rollovers, and those exams will continue.
  • The Supplementary Material to FINRA Rule 3270, the Outside Business Activity rule, requires that firms undertake a review of proposed outside business activities to consider whether the OBA will “(1) interfere with or otherwise compromise the registered person’s responsibilities to the member and/or the member’s customers or (2) be viewed by customers or the public as part of the member’s business based upon, among other factors, the nature of the proposed activity and the manner in which it will be offered.” The Letter states that FINRA will be evaluating firm procedures governing this undertaking, so be sure that you are actually conducting these OBA reviews and, equally important, documenting them.
  • Various specific “risks” will be evaluated, namely “liquidity risk” – to ensure that firms have sufficient funding; “financial risk management” – interestingly, FINRA says it wants to “assess these practices to understand whether the approach appears reasonable in light of the risks to the firm’s business, not with an expectation of a ‘right way’ or ‘wrong way’ to deal with the scenario”; cybersecurity risks – FINRA wants to assess firms’ “programs to mitigate those risks,” particularly in branch offices; and AML risks – particular areas being scrutinized include automated trading and money movement surveillance, foreign currency transactions, and accounts held by nominee companies.
  • After “reminding” firms of their best execution obligations in Reg Notice 15-46, FINRA is now going to examine just how well they are fulfilling those obligations.
  • Finally, Robert Cook showed some love for “small firms,” whose role in “facilitating capital formation by small and emerging growth companies” he characterized as “vital.” He stated that he already asked his staff to develop more compliance tools and resources specifically designed to assist small firms, and that such efforts would continue.