In our continuing coverage of FINRA’s 2018 Annual Conference, regulators and firm compliance professionals participated in discussions in a session titled “Common Examination Findings and Effective Compliance Practices.” The regulators offered insight and perspective on preparation for future examinations and best practices for medium/large firms. The session took place almost six months after the publication of FINRA’s 2018 Regulatory and Examination Priorities Letter, which was based on the 2017 Report on FINRA Examination Findings (see Bates review here). The broad discussion prioritized recent regulatory activity concerning supervisory obligations and high risk brokers (see Bates’ report here) and offered additional insight into the regulator’s evolving approach to regulatory and compliance management. Here are some highlights.
A HARD LOOK AT THE EXAM PROCESS
At the conference, FINRA executives seemed fully aware of the burdens the current exam process places on firms. President and CEO Robert Cook communicated FINRA’s intention to move to a “risk-based monitoring program” where “the riskiest [firms] will be reviewed annually.” He stated his intention to move to examinations where the “depth of the exam program will be tailored to the depth and size of firm.” Michael Solomon, FINRA’s Senior Vice President and Senior Regional Director – North East Region, described the need to complete examinations in a timely manner in order to alleviate the burdens. He provided detail of a risk based approach by identifying nine “salient” risks that might affect the examinations process. These include segregation of assets, operations, market risk, credit risk, liquidity, accuracy of capital, money laundering, sales risk, and fraud and deception.
PROBLEM AREAS AND BEST PRACTICES
Scott Gilbert, Senior Director, Sales Practice, FINRA New York District Office, shared best practices and described specific problem areas for high impact firms that have been attracting the attention of FINRA regulators. According to Mr. Gilbert, these include:
- Gifts and Entertainment – Regulators continue to review this area for improper influence and corruption.
- Investment Banking and Research – Firms should be considering whether investment banking is influencing research.
- Supervision of Electronic Communications – In particular, whether there is adequate training and supervision, especially if supervision has been outsourced. Regulators are also concerned that reviewers understand key terms and concepts that they are reviewing.
- Supervision and Exception Reports – Regulators are looking at whether an exception report highlights a particular activity, and whether the supervisor escalates concerns up the chain of command. Also, if the firm has centralized supervisory functions, regulators are looking at whether supervisors have the substantive knowledge base and appropriate experience (for example, to supervise remotely).
- Mutual Funds – In particular, improper switching of share class.
- Written Supervisory Procedures (WSPs) and Regulatory Change Management – Regulators want to make sure firms have a regulatory change management process in place to determine whether firms are addressing potential gaps or conflicts in policies and procedures. Also, is there an escalation processes in place to address inconsistencies?
- Supervision Over Branches, Visitation and Compliance – Regulators are looking at the adequacy of supervision over firm branches.
- Automated Surveillance Systems – Regulators are concerned about data integrity and encourage best practices to address concerns over automated surveillance systems, legacy systems, feeds and other parameter changes to catch red flags.
- Initial Public Offering (IPO) Allocations – Regulators want to see processes for avoiding conflicts of interest and improper quid pro quo IPO allocations.
- Debt Mark Up / Mark Down – Regulators have begun to review firm controls to ensure compliance and accuracy of disclosures under recently effective rules.
SPECIFIC FINRA EXAM DEFICIENCIES
Michael Solomon, FINRA Senior Regional Director, honed in on some specific findings the regulators had regarding exam deficiencies, specifically:
- Outside Business Activities (OBAs) and Private Securities Transactions (PSTs) – This category caused the largest number of exceptions in FINRA exams in 2017. A primary problem is that registered persons or associated persons often fail to notify their firms of OBAs.
- Anti-Money Laundering (AML), Fraud, Sales Deception – There remains a lack of AML policy and procedures across business lines, as well as continuing failures to monitor suspicious activity and filing of suspicious activity reports (SARs).
- Excessive Trading – FINRA looks for red flags based on numbers of transactions, amount of losses and whether there is proper documentation of interactions with clients.
- Short Term Unit Investment Trust (UIT) Trading – Firms need to consider what the product is, how it can be sold and adequate protections against representatives “gaming the system.”
- Suitability – FINRA sees inappropriate sales of complex products and weak controls over sales to seniors. (NOTE: Mr. Solomon stated that FINRA will be looking at suitability in the sales of mutual fund share classes; variable annuities; products that may have an over concentration by security and sector (e.g. oil and gas); non-traditional Exchange Traded Funds (ETFs); inappropriate short term products held on a long term basis (or vice versa); products inconsistent with the terms of a prospectus; the suitability of customer roll overs from a 401k to an IRA; and C or A shares of 529 accounts.)
- Uniform Transfers to Minors (UTM) – Does the firm have adequate policies in place to comply with the provisions of the Uniform Transfers to Minors Act? Mr. Solomon stated that FINRA will review to ensure that a custodian is not controlling these accounts after the minor becomes an adult.
- Fraud in Travel and Expense Reports – Firms continue to have deficiencies in policies related to travel and expense reporting, in particular, fraud in connection with dinner receipts and ride-sharing services like Uber and Lyft.
SMALL FIRM CONSIDERATIONS
While many of the above concerns apply to small firms as well, a Conference session on Exam Findings and Effective Compliance Practices for Small Firms emphasized ensuring appropriate training and sound policies related to cyber programs and suitability. FINRA reminded these firms of the existence of a cyber review team available to small firms for guidance.
The issues raised at the conference provide a snapshot of the enforcement and policy direction FINRA is heading midway through the year. The 2018 FINRA Priorities Letter remains the broadest checklist for organizations to prepare for Examinations, but the above gives all firms and counsel a window on regulator expectations and potential triggers they may invite further scrutiny.