As part of the Financial Industry Regulatory Authority’s (FINRA) efforts to protect investors, FINRA regularly conducts examinations of its broker-dealer members. Despite requests to release the reports to assist other FINRA members in improving their compliance with securities rules and regulations, FINRA has traditionally kept the reports private. That all changed this month.
On December 6, FINRA released a Summary Report of several observations from recent examinations. FINRA selected key issues based on their “potential impact on investors and markets or the frequency with which they occur.” The Summary Report will help FINRA members address potential areas of concern and improve their compliance and supervisory programs prior to their own examinations.
The Summary Report provides observations in 11 exam areas, and the notable ones include:
Anti-Money Laundering Compliance Program: Key problem areas included a failure to establish and implement risk-based policies and procedures to detect and report suspicious transactions; placing anti-money laundering program responsibilities with inadequately trained personnel; lack of adequate resources provided to anti-money laundering departments; and failure to ensure the independent testing required under FINRA Rule 3310(c) included a review of how the firm’s anti-money laundering program was implemented.
Best Execution: FINRA determined that firms were failing to fully review the quality of the executions of customer’s orders, including: a) failing to compare the quality of execution by the firms against the quality of executions from competing markets; b) failing to conduct reviews of certain types of orders; and, c) failing to consider factors set out in FINRA Rule 5310 (including speed of execution, price improvement, and likelihood of execution).
Cybersecurity: FINRA found key areas where firms could improve their cybersecurity programs against common threats, including: a) enhancement of access management programs; b) formal processes for risk assessments; and c) segregation of duties for requesting, implementing, and approving cybersecurity rules and system changes.
Market Access Controls: FINRA identified problems relating to the failure to establish reasonable pre-trade financial thresholds or to perform adequate due diligence to substantiate firm-assigned thresholds; failure to consider capital and credit usage in the aggregate; failure to tailor erroneous or duplicative order controls to particular products, situations or order types; failure to consider the character of the market at the time of order entry; and allowance of an alternative trading system to set capital thresholds for fixed income orders.
Outside Business Activities and Private Securities Transactions: FINRA identified issues include registered representatives’ failure to notify firms of proposed OBAs and PSTs; weaknesses in OBA and PST reviews (such as failure to implement written supervisory procedures); and problems after approval of PSTs for compensation (such as failing to retain necessary documentation to demonstrate compliance or failure to supervise effectively).
Product Suitability: Concerns FINRA had during the course of examinations with regard to the suitability of certain products and their supervision did not vary materially by firm size, but did occur more frequently in connection with certain product classes, specifically unit investment trusts (UITs) and certain multi-share class and complex products, such as leveraged and inverse exchange-traded funds (ETFs).
The Summary Report also included additional observations of alternative investments held in individual retirement accounts (IRA), net capital and credit risk assessments, order capacity, regulation SHO, and TRACE reporting. A full copy of the report is available here.
The material contained in this communication is informational, general in nature and does not constitute legal advice. The material contained in this communication should not be relied upon or used without consulting a lawyer to consider your specific circumstances. This communication was published on the date specified and may not include any changes in the topics, laws, rules or regulations covered. Receipt of this communication does not establish an attorney-client relationship. In some jurisdictions, this communication may be considered attorney advertising.