Regulatory framework

Regulatory authorities

What national authorities regulate the provision of financial products and services?

The structure of the regulatory regime for financial products and services in the United States is arguably the most complex of any jurisdiction, due to a variety of factors including historical precedent, the federalist nature of the US and national politics. Recent changes since the financial crisis of 2008 were aimed at addressing regulatory gaps and systemic risk issues, although the financial regulatory structure has remained largely intact:

  • Banking supervisors, market regulators and a consumer financial products agency have the authority to regulate the provision of financial products and services.
  • Banks in the US may choose to be chartered at the state or federal level, and the applicable banking supervisor or supervisors depends on the charter type. The federal banking supervisors include the Board of Governors of the Federal Reserve System (the Federal Reserve), the Office of the Comptroller of the Currency (OCC) and the Federal Deposit Insurance Corporation (FDIC) (collectively, the Banking Regulators). The National Credit Union Association, which regulates credit unions, is outside the scope of this chapter.
  • Financial products and services, financial markets and certain participants in those markets are regulated by the financial markets regulators. At the national level, these regulators include the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) (collectively, the Markets Regulators). In addition to these federal regulators, state authorities may also have jurisdiction to oversee certain products and services, although these supervisors are generally outside the scope of this chapter.
  • The Consumer Financial Protection Bureau (CFPB) was formed in 2010 to focus on consumer protection with regard to financial products and services.

The complex array of supervisory agencies necessitates coordination between regulators.

What activities does each national financial services authority regulate?

The Banking Regulators are tasked with monitoring the safety and soundness of depository institutions, and supervising all activities of depository institutions within their jurisdictions. The OCC regulates national banks and federal thrifts, and the Federal Reserve and FDIC serve as the primary federal regulator for state-chartered banks and thrifts - the former regulating state-chartered banks that choose to be Federal Reserve members, and the latter regulating non-member banks and state-chartered thrifts. The FDIC also has a role in regulating all federal and state banks and thrifts, as the insurer of their deposits. Finally, in its capacity as the consolidated supervisor of bank and thrift holding companies, the Federal Reserve oversees the activities of institutions that control or are affiliated with banks or thrifts.

The SEC regulates the offer and sale of securities (which include securities options and security-based swaps), US securities markets and certain market participants such as securities exchanges, clearing agencies, broker-dealers, investment advisers and investment funds. The CFTC regulates activities relating to non-security derivatives - primarily futures, options on futures and swaps. Persons regulated by the CFTC include, among others, futures exchanges, derivatives clearing organisations, futures commission merchants (FCMs), swap dealers, commodity pool operators and ‘commodity trading advisors’.

The CFPB regulates consumer financial products and services, which include among others, extensions of credit, certain real estate settlement services, cheque cashing and financial data processing.

Many financial institutions are subject to multiple regulators to the extent that they engage in multiple financial activities or are part of a diversified holding company structure.

What products does each national financial services authority regulate?

The Banking Regulators exercise comprehensive supervisory oversight over the activities of depository institutions; however, certain Banking Regulators’ rules apply specifically to certain types of products or activities (eg, consumer lending or fiduciary services).

The Markets Regulators regulate the offers and sales of financial products within their jurisdictions. The SEC regulates securities and does so primarily through a registration and disclosure regime and its anti-fraud authority. The SEC also focuses on investor protection and market integrity issues through rules that apply to intermediaries such as exchanges, broker-dealers and investment advisers. The CFTC regulates futures and swaps, among other derivative instruments. While most of the requirements relating to these instruments apply to registered entities, some apply more generally to users of these products (such as mandatory clearing for certain standardised swaps and, in some cases, swap trade reporting requirements).

The CFPB regulates consumer financial products and services, including deposit products, secured and unsecured loans, and prepaid cards.

Authorisation regime

What is the registration or authorisation regime applicable to financial services firms and authorised individuals associated with those firms? When is registration or authorisation necessary, and how is it effected?

To accept deposits, an entity must be chartered as a depository institution by either a federal or state authority. The choice of charter determines both the legal framework that will apply and the regulator that will supervise the institution. In choosing the appropriate charter, an entity will likely consider most heavily the restrictions imposed, and the activities permitted by laws and regulations applicable to a depository institution (or its affiliates) based on the charter type.

To receive a charter, a proposed depository institution must apply to:

  • the appropriate regulatory authority (ie, the OCC for national banks and federal thrifts);
  • state regulators (for state banks and thrifts); and
  • the FDIC in order to obtain deposit insurance.

In addition, if the proposed bank or thrift is under the control of a parent company, the parent company must apply to the Federal Reserve to become a bank or thrift holding company. The application process requires the submission of extensive materials, including detailed business plans, pro forma financial statements, and biographies and financial reports for proposed shareholders, directors and officers.

With regard to the Markets Regulators, the registration regime depends on the particular activity engaged in by a firm. For example, unless an exemption applies, a firm will have to register with:

  • the SEC as an investment adviser if it is engaged in the business of providing investment advice to others for compensation;
  • the SEC as a broker-dealer if it is engaged in the business of effecting transactions in securities for the account of others or buying and selling securities for its own account, other than in an ordinary trader capacity;
  • the CFTC as a swap dealer if it is engaged in swap dealing activities above a de minimis threshold; and
  • the CFTC as an FCM if it solicits or accepts orders to buy or sell futures or options on futures and accepts money or other assets from customers to support such orders.

Many firms regulated by a Markets Regulator must also become members of a self-regulatory organisation (SRO), which are subject to oversight by the relevant Markets Regulator. For example, broker-dealers must generally become members of the Financial Industry Regulatory Authority (FINRA) and swap dealers and FCMs must become members of the National Futures Association (NFA).

Registration for firms involves submitting an application to the relevant Markets Regulator or SRO. The application requirements vary but will generally request information regarding the ownership of the applicant, certain prior criminal, civil or regulatory history, evidence of financial and capital adequacy, information relating to its proposed operations and compliance capabilities, among others. Certain firm personnel are also subject to individual licensing and qualification requirements.

Legislation

What statute or other legal basis is the source of each regulatory authority’s jurisdiction?

Each of the primary financial regulators in the US was created by statute to address a national crisis or market event:

  • the OCC was created by the National Bank Act of 1864 as part of an effort to create the financial infrastructure necessary to finance the American Civil War;
  • the Federal Reserve System was established under the Federal Reserve Act of 1913 in response to instability in the financial sector best represented by the Banking Panic of 1907, and the Federal Reserve has additional jurisdiction over depository institution holding companies and their non-depository institution subsidiaries under the Bank Holding Company Act of 1956 and the Home Owners’ Loan Act;
  • the FDIC and the system of federal deposit insurance were created during the Great Depression under the Banking Act of 1933 (which has since been replaced by the Federal Deposit Insurance Act of 1950) in response to the panic and bank runs that accompanied the economic downturn;
  • the SEC was initially established pursuant to the Securities Exchange Act of 1934 (the Exchange Act), following the stock market crash of 1929, to oversee the US securities market and has additional jurisdiction relating to the offer and sale of securities under the Securities Act of 1933 (the Securities Act);
  • the CFTC was created in 1974 pursuant to the Commodity Futures Trading Commission Act. At the time, the predecessor to the CFTC generally regulated only agricultural commodities. The CFTC, however, was granted with the authority to regulate the growing trading in futures and options on non-agricultural commodities; and
  • the CFPB was established after the financial crisis of 2008 by the Consumer Financial Protection Act of 2010.

What principal laws and financial service authority rules apply to the activities of financial services firms and their associated persons?

The primary statute applying to national banks is the National Bank Act, which sets out the parameters for the activities in which national banks may engage. Bank holding companies and their non-bank subsidiaries are subject to activities limitations imposed by the Bank Holding Company Act of 1956. Federal thrifts and thrift holding companies are subject to the activities restrictions of the Home Owners’ Loan Act. The activities of state banks and thrifts are primarily limited by state banking laws, but are also subject to federal limits set in the Federal Deposit Insurance Act. The Federal Reserve Act also imposes restrictions on the inter-affiliate activities of bank holding companies and thrift holding companies and their subsidiaries.

The primary statutes applying to financial services firms regulated by the SEC include:

  • the Securities Act, which is generally designed to ensure that investors receive sufficient information regarding securities offered for public sale, and to prevent misrepresentations and other fraud in the sale of securities;
  • the Exchange Act, which, among other things, authorises the SEC to regulate various securities market participants;
  • the Investment Advisers Act of 1940 (the Advisers Act), which governs the regulation of investment advisers; and
  • the Investment Company Act of 1940, which governs the regulation of investment companies, including mutual funds.

The primary statute applying to financial services firms regulated by the CFTC is the Commodity Exchange Act (CEA), which governs, among others, futures, options on futures and swaps, and certain persons that engage in activities with regard to those products.

The primary rules applying to financial services firms include the rules adopted to implement the foregoing statutes.

Scope of regulation

What are the main areas of regulation for each type of regulated financial services provider and product?

The principal areas of regulation for depository institutions and their holding companies include activities restrictions; safety and soundness requirements; capital and liquidity requirements; lending restrictions; fiduciary regulations; consumer protection laws and regulations; and affiliate transaction restrictions.

For persons and entities regulated by the Markets Regulators, the principal areas of regulation include registration requirements; capital and margin requirements; clearing requirements; business conduct standards; reporting requirements; requirements to adopt policies and procedures; and record-keeping obligations.

Additional requirements

What additional requirements apply to financial services firms and authorised persons, such as those imposed by self-regulatory bodies, designated professional bodies or other financial services organisations?

As described in question 4, many firms regulated by a Markets Regulator must also become members of an SRO, such as FINRA or the NFA, and certain firm personnel must register with the same SRO and pass a qualification examination.

Securities and derivatives exchanges and clearing organisations are also SROs. As a result, market participants that have direct access to such exchanges or clearing organisations must become members of these institutions and comply with their rules.

Requirements imposed by SROs on their members vary depending on the type of regulated entity and the type of SRO. In some instances, SRO rules implement existing federal statutory or regulatory requirements. In other cases, SROs are provided with discretion to adopt additional or more detailed requirements. FINRA, for example, in addition to extensive obligations on all aspects of a broker-dealer’s activities, requires its member broker-dealers to comply with ‘just and equitable principles of trade’, which is a higher conduct standard than the anti-fraud standard that the SEC can impose under the Exchange Act.

Enforcement

Investigatory powers

What powers do national financial services authorities have to examine and investigate compliance? What enforcement powers do they have for compliance breaches? How is compliance examined and enforced in practice?

The Banking Regulators, the CFPB, the Markets Regulators and SROs have broad authority to examine the entities they supervise (and, in some cases, their affiliates) for compliance with applicable laws, rules and regulations. They also have enforcement powers to address legal and regulatory violations. How these authorities are exercised in practice varies by regulator.

The Banking Regulators are prudential regulators, supervising institutions within their jurisdiction to monitor their safety and soundness, as well as their compliance with federal banking laws and regulations. Each of the Banking Regulators regularly conducts on-site safety and soundness examinations to assess the financial and managerial soundness of the regulated institution. In addition, the Banking Regulators conduct examinations that focus on compliance with particular legal and regulatory requirements, such as anti-money laundering laws or community investment and lending requirements. To address violations of laws or regulations or the finding of unsafe or unsound practices, the Banking Regulators may informally require regulated institutions to remediate or may bring formal enforcement actions.

The CFPB is a new federal agency formed in 2010, which has the authority to supervise and examine banking institutions with more than US$10 billion in assets, as well as their affiliates (unless excepted), for compliance with federal consumer financial protection laws. The CFPB has the authority to bring enforcement actions not only against institutions it supervises, but against any institution that engages in financial transactions with consumers, for violations of applicable federal consumer financial laws or for engaging in acts or practices that are deemed unfair, deceptive or abusive.

The Markets Regulators examine regulated institutions for compliance with applicable laws and regulations both directly and indirectly through examinations by the SROs. In addition, the Markets Regulators have the authority to conduct informal or formal investigations of potential misconduct and to bring enforcement actions. Such potential misconduct may come to the attention of the Markets Regulators through a variety of channels, including through examinations, complaints from the public or referrals from other government agencies. Markets Regulators are generally viewed as having more of an enforcement focus than the Banking Regulators.

Disciplinary powers

What are the powers of national financial services authorities to discipline or punish infractions? Which other bodies are responsible for criminal enforcement relating to compliance violations?

The Banking and Markets Regulators and the CFPB have civil enforcement powers and can pursue a variety of civil remedies.

The Banking Regulators have the power to pursue a variety of civil remedies, both informal and formal, against depository institutions and their affiliates, as well as associated individuals, for unsafe and unsound practices or compliance violations. Informal remedies include commitment letters, memorandums of understanding or the issuance of findings entitled ‘matters requiring attention’. Formal remedies against firms may include cease-and-desist orders, formal written or supervisory agreements, prompt corrective action directives and civil money penalties. Formal remedies against individuals associated with depository institutions include removal and prohibition orders, cease-and-desist orders, restitution orders and civil money penalties.

The Markets Regulators have the power to seek a variety of civil remedies against both firms and individuals. Sanctions include injunctions or cease-and-desist orders, revocation or suspension of an individual’s or entity’s registration and exchange trading privileges, restitution orders, disgorgement of ill-gotten profits and civil money penalties. Certain industry and conduct-related bars may also be available.

SROs, such as FINRA and the NFA, also have authority to discipline infractions committed by their members in violation of the application statutes and their rules. SROs generally have the authority to fine, suspend or bar individuals and firms from the industry, among others.

To the extent that regulated entities’ or individuals’ compliance failures constitute violations of criminal law, the Department of Justice, a US attorney’s office or local law enforcement agencies may institute a criminal proceeding, either on their own initiative or upon a referral from the applicable Banking or Markets Regulator.

Tribunals

What tribunals adjudicate criminal and civil financial services infractions?

Federal district courts in the US adjudicate violations of both civil and criminal federal law. The Banking Regulators, the CFPB and the Markets Regulators may pursue civil violations of federal financial laws and regulations in the federal district courts, although the Banking Regulators generally elect to use administrative proceedings rather than court proceedings. Criminal financial services violations are also adjudicated in the federal district courts. To the extent that compliance failures constitute violations of state law, whether civil or criminal, such infractions would generally be tried in a state civil or criminal court, although federal courts may hear certain civil claims involving parties from different states.

The Banking Regulators, Markets Regulators and CFPB may also seek civil penalties and other remedies in administrative proceedings. Administrative proceedings are presented before administrative law judges (ALJs), who may be employees of the particular financial services authority. These proceedings may result in non-judicial findings of fault or wrongdoing. Certain financial services authorities, such as the SEC, rely heavily on administrative proceedings, while others, like the Federal Reserve, use administrative proceedings less frequently.

Finally, SROs may institute disciplinary proceedings against members that are heard before their own internal bodies, although these may ultimately be appealable to the Markets Regulator itself.

Penalties

What are typical sanctions imposed against firms and individuals for violations? Are settlements common?

The majority of enforcement actions pursued by the Banking and Markets Regulators are resolved via settlement, including through cease-and-desist orders, removal and prohibition orders, civil money penalties, and disgorgement orders. The size of monetary sanctions imposed in a given case ranges significantly depending on the nature of the case. The largest penalties tend to be imposed in settlements in which the respondent knowingly violated the law and caused a pecuniary loss as a result.

In addition to imposing penalties, the Banking and Markets Regulators often require settling institutions to undertake substantial remediation efforts to improve policies, procedures, controls and governance, among other things, to mitigate the risk that the activity giving rise to the settlement will reoccur.

A unique and often-criticised aspect of the US financial regulators’ settlement practices is the ability of respondents to settle with the regulators without admitting wrongdoing. Commonly referred to as ‘neither-admit-nor-deny’ settlements, the Banking and Markets Regulators justify this practice by asserting that it allows them to impose consequences on respondents quickly and obtain necessary relief for victims, while also avoiding burdensome litigation costs.

Compliance programmes

Programme requirements

What requirements exist concerning the nature and content of compliance and supervisory programmes for each type of regulated entity?

The Banking Regulators, who act as prudential supervisors, are focused on monitoring the safety and soundness of depository institutions and their holding company system in a comprehensive manner. Thus, the Banking Regulators expect supervised institutions to adopt an effective risk-management programme that manages compliance risk alongside the other risks present in an institution’s business. As a general matter, the Banking Regulators expect that a regulated institution’s risk-management programme will reflect its size, resources and complexity, and will be proportionate to the risks present in its business.

No matter the size of the entity, an effective compliance programme for entities subject to the Banking Regulators’ supervision will include, among others, adequate policies and procedures to safeguard and manage assets; a clear organisational structure that establishes responsibility for monitoring adherence to established policies; controls that facilitate effective assessment of risks; and an internal audit system.

The Markets Regulators have similar requirements for the content of their regulated entities’ compliance programmes, although the precise expectations may depend on the type of regulated entity. In general, the Markets Regulators, either directly or through SRO rules, require their regulated institutions to:

  • adopt and implement written policies and procedures reasonably designed to prevent violations of applicable law;
  • periodically review the adequacy and effectiveness of such policies and procedures; and
  • designate a chief compliance officer to administer such policies and procedures.

Gatekeepers

How important are gatekeepers in the regulatory structure?

The national financial services authorities place great emphasis on internal gatekeepers, such as chief compliance officers (CCOs), internal auditors, risk-management personnel and others who have a general obligation to identify and prevent potential misconduct.

As discussed above, regulatory expectations for risk management in depository institutions vary depending on a regulated institution’s size, resources and complexity. Currently, national banks and federal thrifts with more than US$50 billion in consolidated assets are expected to implement a ‘three lines of defence’ risk-management programme, which requires the business line to assume first-line responsibility for compliance, an independent risk-management function headed by a chief risk executive (second line), and an independent audit function headed by a chief audit executive (third line). In this structure, the chief risk executive and chief audit executive have unrestricted access to the institution’s board of directors. In large institutions, the second and third lines of defence are crucial for monitoring and assessing the institution’s activities, as well as recommending areas for improvement. The Banking Regulators often look to second- and third-line reports as part of their own examination processes.

The Markets Regulators similarly place great emphasis on internal gatekeepers. Since the financial crisis, regulations have assigned additional responsibilities and increasing accountability to such personnel through periodic certifications. For example, the CFTC adopted a rule requiring CCOs of FCMs and swap dealers to take reasonable steps to ensure compliance with applicable rules, and prepare and sign an annual report that (i) provides an assessment of the effectiveness of the firm’s policies and procedures, and (ii) describes any material non-compliance issues identified and the corresponding action taken. This report must also include a certification by the CCO or chief executive officer that the information contained in the annual report is accurate and complete in all material aspects. Markets Regulators also view their regulated institutions as themselves acting as gatekeepers to the industry, and in some cases expect them to surveil for and prevent misconduct by third parties using their services.

Directors' duties and liability

What are the duties of directors, and what standard of care applies to the boards of directors of financial services firms?

State corporate laws and common law generally govern the duties of the directors of US corporations, including financial services firms. Directors are ultimately responsible for the overall direction and strategy of the firm. A board carries out this responsibility primarily by selecting, retaining and overseeing the firm’s managers, who direct daily operations. The board retains, however, the responsibility to evaluate and approve major decisions in the life of the firm.

When carrying out their responsibilities, directors of a US corporation owe the firm and its stockholders certain fiduciary duties, namely, the duties of care and loyalty. The duty of care generally requires directors to act with the care that a reasonably prudent person in a like position would use under similar circumstances. The duty of loyalty generally requires directors to act in good faith and in the best interests of the firm and its stockholders (and not for their own interests). In general, the business judgment rule applies to protect directors from judicial second-guessing when they have acted on an informed basis, in good faith and in the honest belief that the action was taken in the best interests of the company.

Bank directors may be held to a heightened standard with regard to these fiduciary duties, as courts have found that they must be concerned with the welfare of depositors as well as stockholders.

In addition to these general corporate responsibilities, the Banking and Markets Regulators have issued rules and guidance outlining specific responsibilities of boards of directors of financial institutions, which can be extensive.

When are directors typically held individually accountable for the activities of financial services firms?

Directors of financial services firms may be held individually liable (to shareholders or the applicable regulator) if they breach their fiduciary duties; however, as described above, the business judgment rule applies to protect directors from judicial second-guessing when they have acted on an informed basis, in good faith and in the honest belief that the action was taken in the best interests of the company.

In addition to being held accountable for breaches of fiduciary duties, directors of depository institutions could be subject to enforcement actions brought by the Banking Regulators for violating federal banking laws or engaging in unsafe or unsound practices, with the degree of the penalty - and the likelihood of an enforcement action - heightened depending on the director’s mens rea and the extent of the consequential loss to the bank or pecuniary gain or benefit to the director. In addition, if a director of a national bank knowingly violates, or knowingly permits officers or agents of a bank to violate, federal banking laws, the bank could be dissolved and the director could be held liable in a personal and individual capacity for all damages that the bank, its shareholders or others may have sustained as a consequence of the violation.

Directors of financial services firms that are regulated by the Markets Regulators are considered to be ‘control persons’ and, as a result, may be held personally liable for the acts of the controlled entity if he or she failed to act in good faith or otherwise knowingly induced or engaged in the acts constituting the violation.

Private rights of action

Do private rights of action apply to violations of national financial services authority rules and regulations?

Whether a private right of action would or likely could exist for a violation of a national financial services authority statute or rule depends on the particular statute or rule at issue and how courts have interpreted them. Generally, a private right of action is available only where such a right is provided for in the statute or rule that is alleged to have been violated. Even where a private right of action is not specifically enumerated in a statute or rule, courts have occasionally found private rights of action to be implied based on legislative intent and other factors. Most financial services authority rules and regulations, however, have not been found to carry private rights of action.

Standard of care for customers

What is the standard of care that applies to each type of financial services firm and authorised person when dealing with retail customers?

The standard of care that applies when dealing with retail customers varies by the type of financial services firm and, in some cases, the particular capacity in which the financial services firm is servicing the customer.

Depository institutions must take care not to engage in unfair, deceptive or abusive acts or practices (UDAAPs) in any interaction with retail customers. These terms have been interpreted by the Banking Regulators, the CFPB and courts, which have developed tests for determining if an activity rises to the level of a UDAAP. The Banking Regulators only have the power to take action against depository institutions that conduct unfair or deceptive acts or practices. The CFPB has the full complement of powers and can take action against unfair, deceptive or abusive acts or practices. There are also a multitude of laws and regulations that relate to the delivery of specific products and services by depository institutions, many of which are designed to protect the consumer.

Generally, depository institutions are not subject to fiduciary duties with regard to retail customers, unless they are acting in a fiduciary capacity (eg, a trustee or executor), in which case, state law governing duties owed by a fiduciary or, in some cases, federal law, may apply.

SEC-registered investment advisers are deemed fiduciaries under the Advisers Act and must accordingly comply with the duties of loyalty and care when interacting with all of their customers, including retail customers. The SEC and courts have interpreted these fiduciary duties as requiring investment advisers to act with utmost good faith in the best interests of their clients, make full and fair disclosure of all material facts, and employ all reasonable care to avoid misleading clients. The Advisers Act imposes further limitations on an investment adviser’s dealings with customers.

Broker-dealers are generally not considered fiduciaries, although they nevertheless are subject to a duty of fair dealing. This duty is derived from common law agency principles and the anti-fraud provisions of the federal securities laws, and is also reflected in SRO rules. For example, FINRA requires its member broker-dealers to observe high standards of commercial honour and just and equitable principles of trade. In addition, broker-dealers must comply with other requirements that affect how they interact with customers, including:

  • suitability requirements, which generally require broker-dealers to recommend only those specific investments or overall investment strategies that are suitable for their customers; and
  • the duty of best execution, which generally requires broker-dealers to seek to obtain the most favourable terms available under the circumstances for their customer orders.

Does the standard of care differ based on the sophistication of the customer or counterparty?

Banks acting as fiduciaries and SEC-registered investment advisers must exercise their fiduciary duties, including the duties of loyalty and care, no matter the sophistication of the customer or client. The standards for satisfying their fiduciary duties, however, may become more stringent as the sophistication decreases, as care that is reasonable when dealing with an institutional investor may not be reasonable when dealing with a retail customer.

Other aspects of US financial services rules and regulations may apply differently depending on the characteristics of a customer that serve as a proxy for sophistication. For example, a broker-dealer recommending a security to an ‘institutional account’ is exempted from its obligation to conduct a customer-specific suitability analysis provided specified conditions are met.

Rule making

How are rules that affect the financial services industry adopted? Is there a consultation process?

The Banking and Markets Regulators are federal agencies and, thus, are subject to the US Administrative Procedure Act (APA), which sets out the process by which agencies may promulgate rules. These agencies generally use the APA’s notice-and-comment process to promulgate rules pursuant to either their general statutory rulemaking power, or an express statutory directive.

To initiate the notice-and-comment process, the agencies issue a notice providing the public a draft of a proposed rule and explaining the statutory authority and purposes for that rule. The public is given a period of time - typically 60 to 90 days - to review and comment on the proposed rule. Agencies may also meet with financial institutions or trade associations to discuss the proposed rule and comment letters.

After considering the comments submitted, the regulators may issue final rules, which typically become effective 60 days to one year after the final rule is issued. Any person with standing to challenge the rule in court may do so on certain stipulated grounds, including by bringing a claim that the agency acted in an arbitrary and capricious manner. SRO rulemaking is also indirectly subject to the APA. For example, FINRA rules must be approved by the SEC, and therefore the SEC promulgates these proposed SRO rules for notice and comment before they may take effect.

Cross-border issues

Cross-border regulation

How do national financial services authorities approach cross-border issues?

The way in which the Banking and Markets Regulators approach cross-border issues varies by type of financial services firm and, in some cases, the type of activity. In many cases, the applicable statute takes a territorial view when drawing the perimeter of US regulatory jurisdiction. For example, unless an exemption applies, a non-US entity will generally need to obtain a bank charter, establish a bank branch, agency or representative office, or register as a broker-dealer if it (i) solicits banking or broker-dealer services to persons located in the US or (ii) engages in such activities within the US. A non-US entity could, however, provide banking or broker-dealer services to persons located outside the US without triggering the application of US banking and broker-dealer laws, respectively, so long as the interactions with the customer occur outside the US. Other categories of registrants, however, such as investment advisers and swap dealers may be required to register with the SEC or CFTC, respectively, if they provide services to US persons, regardless of their location.

With regard to certain cross-border transactions, the Banking and Markets Regulators have adopted exemptions and mutual recognition frameworks. For example, the Bank Holding Company Act of 1956 broadly exempts non-US activities of non-US banks, and under the uncleared swap margin rules adopted by the Banking Regulators and the CFTC, certain non-US swap dealers with regard to some swap transactions are permitted to comply with such rules by complying with the margin rules of another jurisdiction, if the applicable US regulator issues a determination that such other jurisdiction’s rules are comparable to the US requirements. With regard to broker-dealer registration, non-US firms may be permitted to engage in limited activity in the United States without US registration pursuant to exemptions, including in some cases where the non-US firm is ‘chaperoned’ by a US registered broker-dealer.

International standards

What role does international standard-setting play in the rules and standards implemented in your jurisdiction?

The Banking and Markets Regulators actively participate in international standard-setting organisations. For example, the Banking Regulators are members of the Basel Committee on Banking and Supervision (BCBS), an international forum focusing on banking supervisory matters; the Federal Reserve and the SEC are members of the Financial Stability Board, an international body that promotes international financial stability; and the SEC and CFTC are members of the International Organization of Securities Commissions (IOSCO), a multilateral organisation that develops and promotes adherence to internationally recognised standards for securities regulation.

While the agreements reached by these international organisations are not self-executing, the Banking and Markets Regulators may implement the agreed-upon standards by promulgating rules pursuant to their general statutory grants of authority.