Every year at about this time, I like many other securities attorneys write a post about the examination priorities letters that are issued by the SEC and FINRA. From year to year the emphasis may change slightly but usually we know what the priorities will be.
This year many thought the letters might change. FINRA has a new CEO, and some senior staff has started to leave both organizations. The SEC will have a new chair and perhaps more importantly a new US President.
As is always the case if you are a chief compliance officer and/or attorney in a broker-dealer or investment adviser you should read these letters and make sure that your firm has in place appropriate procedures.
But will these organizations have the leadership to enforce these priorities. It is clear that on January 23 you will still be bound by these priorities. I would caution against letting down your focus on compliance based upon statements from politicians that they are going to undo regulation. Any lessening of regulatory standards will take a while to achieve and even if the SEC steps back from some of its programs going forward you are still bound by regulations of other regulators, including the states.
There are some items that need to be highlighted from each letter.
The three thematic groups, that will be the focus of the examinations this year, for the Office of Compliance Inspections and Examinations (“OCIE”) are:
- Examining matters of importance to retail investors;
- Focusing on risks specific to elderly and retiring investors; and
- Assessing market-wide risks
Within the first group one of the priorities is the expansion of Never-Before Examined Adviser initiative. Also being expanded is the focus on registered investment advisers and broker-dealers involved in wrap fee programs.
In the market -wide risks group the traditional priorities of cybersecurity, and AML are still present.
However, OCIE has also indicated that it will enhance its oversight of FINRA with a focus on “assessing the quality of FINRA’s examinations of individual broker-dealers”. There is not an explanation of what this means and it may mean something different under new leadership at the SEC.
Other initiatives that do not fall within the three focus groups include the ongoing examination of private fund advisers with particular attention to conflicts of interests and the disclosures of potential conflicts.
FINRA is initiating electronic, off-site reviews as a supplement to the traditional on-site examination cycle. It seems that these exams will focus on a particular area in the priorities list for firms that are not due for an on-site examination within the year. These exams will be initiated by limited information requests but the review will be off site.
The priority groups for FINRA examinations are:
- High-risk and recidivist brokers
- Sales practices
- Financial risks
- Operational risks
- Market integrity
FINRA states that it will focus on the hiring and supervision of high-risk brokers. Supervision of such brokers must show that it is reasonably designed to prevent the conduct that the broker has previously been found to have engaged in. The review of firms hiring brokers with disciplinary issues will not only occur during your normal examination cycle but also in applications filed with the Membership Application Program.
In the sales practice area the review of outside business activities and private securities transactions will focus on the supervision of written notifications of proposed outside business activities. Smaller firms that often use a less formal process should make sure that they have the requests and approvals in writing.
In the area of financial risks all firms should have in place a liquidity plan and should make sure that there are no covenants that could delay funding in the event of a liquidity event.
Operational risks review will focus on cybersecurity. Two areas of particular concern are independent contractor branch offices. FINRA believes that data controls tend to be weaker in these offices. If you are an independent contractor for a broker-dealer you may find your non-broker-dealer business presented with new requirements from your member firm.
The other area of concern is compliance with Rule 17a-4(f) which deals with the way in which firms preserve data.