FINRA Enforcement head Susan Schroeder offers member firms clarity on arguments most likely to move FINRA to decline an Enforcement action.

The Financial Industry Regulatory Authority (FINRA) relies on a framework of core principles in deciding whether to bring an Enforcement action in response to a given set of facts, and the key consideration is an assessment of “risk.” These core principles were designed to promote consistent, foreseeable outcomes to effect change in member firms, if appropriate. Susan Schroeder, Head of Enforcement at FINRA, has been conveying this message during several appearances, in conjunction with addressing the merging of two previously distinct FINRA enforcement branches into a unified Enforcement group. Member firms may find this message helps them to better understand the FINRA Enforcement landscape.

The Newly Merged Enforcement Group

In early 2017, FINRA launched a “comprehensive self-evaluation and organizational improvement initiative called FINRA360.”1 One of the key changes to emerge from this review was the decision in late July 2017 to create a unified Enforcement group by merging two previously distinct enforcement teams within the organization: one team handled disciplinary actions related to trading-based matters found through Market Regulation’s surveillance and examination programs, and the other handled cases referred from other regulatory oversight divisions including Member Regulation, Corporate Financing, the Office of Fraud Detection and Market Intelligence, and Advertising Regulation.2 Together with the announcement, Susan Schroeder was promoted to Executive Vice President and Head of Enforcement, and tasked with overseeing the unification process.3 According to FINRA, the unified structure “will improve [FINRA’s] ability to streamline investigations and provide a more coordinated and consistent approach to oversight.”4 Indeed, Ms. Schroeder stated that the decision to create a unified Enforcement group “was driven in part by what we were hearing: that there was a perceived inconsistency in approach at times between the two enforcement teams” — a perception she found “troubling.”5

Ms. Schroeder addressed this perception in two appearances that shed light on the Enforcement group’s core principles and how they operate in practice. In February 2018, she gave a speech at a SIFMA conference on Anti Money Laundering.6 More recently, she appeared on the “FINRA Unscripted” podcast for an interview published July 31, 2018. 7 In both appearances, Ms. Schroeder provided insight into these core principles, which offer valuable clues to regulated entities cognizant of the risk of FINRA Enforcement action. According to Ms. Schroeder, the goal is to be transparent in order to make FINRA’s members aware of the “checks and balances” within FINRA.8

The Three Principles Guiding FINRA Enforcement Action

The principles boil down to three fundamental questions that guide internal decision-making and discussion:

• Is an Enforcement action appropriate?

• If an Enforcement action is appropriate, what is the most effective sanction?

• How does FINRA ensure it is being "fair and effective" as a regulator?

Arguably of most interest to regulated entities — and the scope of this Client Alert — is the first question: is an Enforcement action appropriate? According to Ms. Schroeder, this question rests on three interrelated inquiries:

• Is there demonstrated financial harm resulting from the misconduct?

• Has there been a significant impact to market integrity?

• Did the misconduct create significant risk of either?

Unsurprisingly, if misconduct results in actual harm to investors or to market integrity, FINRA expects the wrongdoer to make injured customers whole and/or to take steps to fix the conduct and ensure it does not happen again. Yet, situations involving the third inquiry — wherein the misconduct created risk of harm only — comprise the bulk of FINRA’s work, and are those in which FINRA decision-making is perhaps at its most opaque. Ms. Schroeder has thus attempted to clarify FINRA’s approach to assessing whether risk might require Enforcement action.

FINRA’s Risk Assessment Criteria

FINRA evaluates and assesses risk in myriad overlapping ways:

First, a high likelihood of harm may evidence risk. In one example provided by Ms. Schroeder, this includes a firm that employs a high number of brokers with disciplinary histories, but fails to implement a reasonable system to supervise those “high risk” brokers.

Second, the potential for widespread harm may evidence risk. For example in cases involving firms’ capital reserves and custody obligations — even if a large firm with millions of customers is highly unlikely to fail overnight and be unable to return securities, capital, and custody issues to customers — such firms carry the risk of widespread harm.

Third, intentional or reckless misconduct obviously increases risk. A firm that engages in “good faith” efforts to understand and abide by a rule — but nevertheless violates it — poses less risk than a firm that intentionally or recklessly disregards the same rule.

Fourth, FINRA considers recidivism as an important barometer for risk. In other words, repeated misconduct is a compelling reason for an Enforcement response.

Fifth, FINRA believes that widespread violationsi.e., violations of a number of different rules — indicates a fundamental lack of supervision that likely should be addressed through Enforcement action. This aims to incentivize the supervising person or entity to approach their responsibilities with more care, and also to demonstrate to others with supervisory responsibilities the importance of the role they play.

Although these factors are necessarily flexible and somewhat fluid, they provide a helpful starting point for member firms hoping to better understand the Enforcement action decision-making process. The factors can also be useful in guiding effective responses to FINRA investigations and Enforcement actions.

Enforcement Action in Context

A key consideration for FINRA in deciding whether to bring an Enforcement action after considering the principles outlined above is whether the rule at issue is understood by the membership at large. If not, this might influence a decision to issue guidance rather than bring an Enforcement action. As both Ms. Schroeder and FINRA head Robert Cook have stated, FINRA wants to avoid any perception of “rulemaking by enforcement.”9 Thus, FINRA looks to “identify any novel issues early, and ensure that we flag and discuss these issues with the rest of FINRA to develop the most effectively regulatory response on behalf of the organization.” In other words, if a rule is particularly unclear, a firm may find raising the rule with a broader group at FINRA helpful to ensure that the issue is addressed comprehensively and cohesively.

Ultimately, the decision whether to bring an Enforcement action is still largely discretionary, since there is “no magic algorithm” that instructs FINRA staff on how and when to proceed under a particular set of circumstances.10 According to Ms. Schroeder, an Enforcement action is an appropriate regulatory response if FINRA “identif[ies] misconduct that caused financial harm, significantly affected market integrity, or created significant risk for customers, member firms or the market as a whole.”11 Ms. Schroeder emphasizes that although Enforcement actions are remedial in nature, they should also have a preventive or deterrent effect and should “create an overall incentive structure so that non-compliance has more difficult and expensive consequences than compliance.”12

FINRA’s lifting of the lid on the black box of Enforcement decision-making provides a roadmap of the arguments most likely to move FINRA to decline an Enforcement action if the conduct under investigation did not cause actual harm or market impact. Firms defending FINRA investigations with such facts should address the risk factors FINRA uses, and if possible demonstrate that the risk factors weigh against an Enforcement action.