The Financial Industry Regulatory Authority kicked off the new year by issuing its annual Regulatory and Examination Priorities Letter. This year, FINRA indicated that its emphasis will be on three areas: (1) culture, conflicts of interest and ethics; (2) supervision, risk management and controls; and (3) liquidity.
To evaluate a firm’s culture, FINRA indicated it will endeavor to determine if control functions “are valued” at the organization; whether breaches of policies and controls are tolerated; whether the organization proactively endeavors to identify potential risk and compliance issues; whether supervisors embody the firm’s culture; and whether subcultures that might develop within the organization contrary to the firm’s culture—for example, in branches or on trading desks—“are identified and addressed.”
FINRA likewise indicated it would key in on four areas to assess the effectiveness of members’ supervision, risk management and controls: handling of conflicts of interest, technology (including maintaining effective cybersecurity and data quality), outsourcing and anti-money laundering. According to FINRA, “[w]hile many firms have improved their cybersecurity defenses, others have not—or their enhancements have been inadequate.”
FINRA also noted it has observed “significant operational breakdowns” related to the rollout of new compliance systems. FINRA claimed,
[t]hese breakdowns can arise from coding issues, flaws that prevent the entry of information to facilitate proper implementation of controls and inadequate procedures leading to the suppression and override of automated alerts. This can lead to inadequate retention and supervision of email and other electronic communications, inaccurate position reports and problems with the identification of activity in customer accounts for review, among other things.
Additionally, FINRA said it would review whether firms’ funding plans are adequate in light of their business models. According to FINRA, this is because “[f]ailures to manage liquidity have contributed to both individual firm failures and systematic crisis.” In particular, FINRA noted it would focus on the liquidity planning and controls of high-frequency trading firms.
Finally, FINRA disclosed it anticipates issuing monthly report cards to firms that focus on layering and spoofing. According to FINRA, “[t]he report cards will provide information both with respect to instances where all of the potentially manipulative activity is occurring through the firm and where at least one portion of the activity is occurring through the firm while the remainder is effected outside the firm.” FINRA said it would monitor how firms use this information.
This is the 11th year FINRA has articulated its examination priorities at the beginning of the new year. (Click here to compare this year’s priorities with FINRA’s 2015 priories by reviewing the article, “FINRA Highlights Member Examinations Focus for 2015” in the January 11, 2015 edition ofBridging the Week.)
My View: It is very important that any reports members receive from the Financial Industry Regulatory Authority regarding potential layering or spoofing activity occurring at their organizations be of very high quality. Practically, members will feel obligated to evaluate all if not most all of any situations identified by FINRA as potentially problematic. However, the problem with any compliance report is usefully defining the parameters of the purported bad conduct that is sought to be detected. This involves an iterative process that typically takes time and a fair amount of resources. The securities industry can only hope that FINRA does not overload them with reports of potentially problematic transactions that contain mostly false positives and distracts them from using existing resources to more effectively review ongoing conduct.