In the past six months, your compliance department has likely juggled many new and unique situations. Situations that, back in January, may not have even been on your radar. As we enter the second half of the year, now may be as good of a time as any to conduct a mid-year compliance check-up to identify any areas that may require some additional attention.
Ask yourself – Have your priorities as a firm shifted in the last six months? What parts of your compliance program are working? What areas could require a reevaluation of sorts? Use this time to take stock in what business risks you want to focus most on. Need a little inspiration? Below are five topics your compliance team should keep tabs on, especially as we enter the back half of 2021.
Continue to be vigilant about cybersecurity threats
FINRA has continued to warn member firms about phishing and other cyber fraud scams, and those have only grown since the start of the pandemic. Concerns about cyber fraud are compounded by the rise of self-directed online investment platforms. Firms need to be on the lookout for increased account takeovers, synthetic identification and China-linked trading scams. The following topics should also be made top priorities at your firm: Governance and Risk Management; Access Rights and Controls; Data Loss Prevention; Mobile Security; Incident Response and Resiliency; Vendor Management; and Training and Awareness.
Start reviewing the SEC’s new advertising and cash solicitation rule
Toward the end of December 2020, the SEC announced the release of a new comprehensive marketing rule. As many of you are aware, the original advertising rule had not been substantively amended or updated since its adoption in 1961. In other words, it was older than the personal computer, the internet, smartphones, and many advisers. If you haven’t started to do so already, advisers will need to update their archives of and revisit their archiving solutions under the new rule, including updating their standards around what advertising records they need to capture to ensure compliance.
To learn more about Quest CE’s e-learning course on the rule, click here.
Assess your firm’s compliance with Reg BI/Form CRS
Early Reg BI exams zeroed in on broker-dealers’ “broad approach to implementation.” However, going forward, FINRA and the SEC are really expecting nothing short of compliance with the rule. Specifically, regulators will be looking to see if firms have implemented policies and procedures that are designed to ensure compliance with Reg BI and Form CRS requirements. Disclosure and conflict requirements will also be front and center, as well as compliance with the “care obligation” – i.e. do recommendations comply with the care obligation? Now is the time to assess your current compliance program and to address any identified gaps or weaknesses.
Additionally, more and more states have started to adopt the NAIC’s best interest standard for annuity sales. For more information on which states are blazing the way, click here.
Focus on your digital asset footprint
Regarding digital assets, examinations of market participants will continue to assess whether investments are in the best interests of investors; and will also assess portfolio management and trading practices; safety of client funds and assets; pricing and valuation; effectiveness of compliance programs and controls; and supervision of representatives’ outside business activities. In fact, just this past month, FINRA released another Regulatory Notice that continues to encourage firms to notify the self-regulatory authority if they engage in activities related to digital assets. Earlier this year, the SEC also released a Risk Alert on the division’s continued focus of digital asset securities. By all accounts, these announcements are clear indicators that the SEC and FINRA will remain focused on digital assets for the next six months and beyond.
Prepare for implementing regulations related to the AML/CFT Priorities
On June 30, 2021, FinCEN announced the first set of government-wide AML/CFT Priorities, as required by the Anti-Money Laundering Act of 2020 (“AML Act”). FinCEN and federal and state financial institution regulators (the “Agencies”) have stated they will issue revised regulations within the next six months addressing how to integrate the national policy priorities into risk-based Bank Secrecy Act (“BSA”) and AML/CFT compliance programs. While this means there is still time for firms to comply, FinCEN does recommend that institutions start considering how to incorporate the AML/CFT Priorities into their compliance programs prior to the effective date of such regulations by assessing the risks arising from the products and services they offer, the customers they serve, and the geographies in which they operate.