The Financial Industry National Regulatory Authority’s (”FINRA’s”) annual examination letter is more opaque and difficult to understand than those of prior years, but fear not; the breakdown that that you need is contained below.
A) Culture, Conflicts of Interest and Ethics
According to FINRA, a firm’s culture is a “set of implicit and explicit norms, expected behaviors and practices that effect how employees and supervisors make and make decisions in conducting a firm’s business.” FINRA’s test of a culture will take five (5) factors into account:
i) Whether breaches of control or policy are tolerated;
ii) Whether the broker-dealer (“BD”) proactively seeks to identify compliance and risk events;
iii) Whether the BD values so called “control functions;”
iv) Are supervisors effective role models of the BD culture; and,
v) Does the BD allow deviations from overall culture in certain sub-cultures like a department or branch?
B) Supervision, Risk Management and Controls
FINRA will use perceived problem areas in the past to focus on the following items in the current year. They are: 1) conflict of interests; 2) outsourcing; 3) anti-money laundering (“AML”); and 4) technology. These issues are explored below.
Among the types of conflicts that FINRA will likely examine are:
i) compensation plans for registered representatives;
ii) the sale of proprietary or affiliated products;
iii) revenue sharing where a third-party payment is made;
iv) valuation of positions by those that establish the position and are compensated thereon; and,
v) information leakage to improper areas of the firm or outside the BD.
FINRA reminds its members that they are ultimately responsible for compliance with the securities laws and FINRA rules whether or not they have outsourced this function. FINRA will also be looking at supervision of outsourced functions and the “due diligence” that the BDs did on various retained providers.
FINRA will be examining BDs hardware, software and personnel systems. More specifically, FINRA will be examining: i) Cybersecurity. This relates to unauthorized internal and external access to client accounts or online trading systems and asset transfers and data loss. This will relate to the confidentiality of client information and the ability that electronic records are stored in a way that is fully compliant with SEC regulation.
4) Anti-Money Laundering – FINRA will be testing firms’ detection and reporting of suspicious activity in both trading activity and movement of funds. This includes testing of the same and following higher risk activity and accounts. BDs should understand the business purpose of the activity is understood and that the firm measures the actual activity from that which was originally anticipated.