Financial Industry Alert
On January 8 the Financial Industry Regulatory Authority (FINRA) published its Annual Regulatory and Examination Priorities Letter, which highlights key areas of focus for FINRA in the coming year.
In his cover letter introducing the 2018 priorities, FINRA President and CEO Robert Cook struck a note of self-reflection. Cook pointed to the "FINRA360" initiative launched last year to stimulate self-evaluation and organizational improvement within the organization. As a result of that initiative, Cook said that FINRA intends to take strides in the following areas over the next year: (1) improved information-sharing with firms; (2) an improved process for examination information requests; (3) better training for examiners; (4) more tools to help firms with compliance; and (5) improved FINRA understanding of technology. In short, Cook expressed FINRA's desire to better leverage its model as a self-regulatory organization to achieve its mission. Such improvements, if acted upon, could facilitate positive dialogue with FINRA examiners and thus help reduce the compliance burden on broker-dealers and possibly avoid low-level enforcement action.
Most of FINRA's priorities for 2018 will not come as a surprise to those who read last year's Regulatory and Examination Priorities Letter or FINRA's December 2017 Report on FINRA Examination Findings, which was issued for the first time last year as a response to firm feedback. FINRA remains focused on fraud (it's against it), high-risk firms and brokers, cybersecurity and anti-money laundering (AML) programs, and product suitability vetting, and is rolling out an expanded best execution surveillance program.
Broker-dealers should be prepared for FINRA to examine those old standbys as well as the following newly articulated issues in 2018:
Business Continuity Plans: Firms should have completed Business Continuity Plans (BCPs) that meet FINRA Rule 4370 requirements, and address, for instance, "how and under what circumstances firms activate their BCPs, how they classify systems as mission-critical or secondary, how they accomplish data backup and recovery . . . how firms coordinate with their affiliates and vendors during a business continuity situation" and "plans for restoring systems, procedures and records once they are prepared to return to normal business." This FINRA priority appears to be a reaction to natural disasters over the last year, including Hurricanes Harvey and Maria.
Technology Governance: Firms should polish their "information and technology change management policies and procedures" with an eye toward identifying "operational breakdowns" resulting from changing systems. FINRA notes that firms have experienced breakdowns resulting from "coding issues" and "system capacity limitations," and it intends to review firms' technology governance as a result. FINRA's focus on improving its own understanding of technology should hopefully contribute to a more constructive dialogue around these issues.
Cryptoassets: Along with the rest of the world, FINRA has its eye on "[d]igital assets (such as cryptocurrencies) and initial coin offerings (ICOs)." Broker-dealers engaged in effecting transactions in cryptoassets and ICOs should be aware that FINRA may review the mechanisms "firms have put in place to ensure compliance with federal securities laws and regulations and FINRA rules" (to the extent that cryptoassets can be considered securities, or an ICO can be considered a securities offering).
Options Violations: In 2017 FINRA developed "a surveillance pattern to detect potential front running in correlated options products," and in 2018 it intends to put this to use by detecting scenarios where "a market participant may engage in transactions in one product while having knowledge of a pending transaction in a correlated product." FINRA will also focus on options "marking the close" activity, where orders are sent immediately prior to close, thus impacting the national best bid or offer (NBBO).
New Report Cards: Clients can also expect several new report cards this year, including: the Auto Execution Manipulation Report Card to identify uses of "non-bona fide orders to move the NBBO"; the Alternative Trading System Cross Manipulation Report Card to identify "potential manipulation of the NBBO" resulting in changes to a security's midpoint price on an alternative trading system; and the Fixed Income Mark-Up Report Card which will provide "median and mean percentage mark-ups for each firm" to display based on "investment rating, product . . . and length of time to maturity."
New Rules: Finally, FINRA reminded its membership that a number of new rules are set to come into effect this year, including those with respect to Financial Exploitation of Specified Adults (Rule 2165), Amendments to Customer Account Information (Rule 4512), Financial Crimes Enforcement Network's Customer Due Diligence Rule, and Amendments to Customer Confirmations (Rule 2232).
Broker-dealers should be heartened by the fact that FINRA leadership appears committed to self-analysis and enhanced communication, which could take some of the guesswork out of compliance. However, our direct involvement in FINRA examinations and disciplinary proceedings shows us that FINRA continues to be highly committed to examining and addressing through enforcement action potential failures to comply with its rules. It is never too early for firms facing FINRA (or SEC) examinations to brush up on FINRA's old standby priorities and fine-tune their practices to ensure compliance with industry trends.
By: Daniel Nathan and Betsy Popken
A version of this also appeared in Volume 19 #1 of the Journal of Investment Compliance.