Compliance professionals – clear your schedule. The 2021 Report on FINRA’s Examination and Risk Monitoring Program has officially been released. The report, which sits at 46 pages in length, identifies specific areas of regulatory focus along with applicable rules and considerations, noteworthy exam findings, and best practices and emerging risks for firms to consider when evaluating their compliance programs and controls.
Below, we summarize key takeaways from the report:
Regulation Best Interest (Reg BI) and Form CRS
FINRA will continue to focus on assessing whether member firms have established and implemented policies, procedures, and a system of supervision reasonably designed to comply with Reg BI and Form CRS. Specifically, FINRA intends to expand the scope of its Reg BI and Form CRS reviews and testing to affect a more comprehensive review of firm processes, practices and conduct. As always, FINRA will take appropriate action in the event we observe conduct that may cause customer harm, would have violated previous standards (e.g., suitability), or indicates a clear disregard of the requirements of Reg BI and Form CRS.
Consolidated Audit Trail (CAT)
Under the new CAT regulations, all member firms that receive or originate orders in National Market System (NMS) stocks, over-the-counter (OTC) equity securities or listed options must report certain data to CAT. In addition, all firm proprietary trading activity is subject to CAT reporting regardless of the size or type of firm or type of trading activity. Firms must develop policies to comply with CAT, and such policies should (i) identify the responsible parties for timely reporting; and (ii) detail the firm’s processes for confirming accuracy of data posted to the CAT Reporter Portal. Like Reg BI, FINRA is still in the early stages of exams on the new CAT requirements, so the Report does not contain specific exam findings and effective practices, but FINRA specifically highlighted CAT as an area of focus across many firms in the coming year.
Newfound reliance on remote, work-from-home technology combined with increasing customer demand for convenient and on-demand account services presents member firms with an ever-changing landscape of cybersecurity risks such as system-wide outages, email and account takeovers, fraudulent wire transfers, ransomware, and “imposter” websites. FINRA suggests that firms consider whether their cybersecurity governance programs adequately address those emerging risks, including whether firms’ testing functions include reviews of (i) vendors’ controls; (ii) pre-production environments for new technology rollouts; and (iii) trading algorithm functionality in periods of market dislocation.
Communications with the Public
FINRA rules require that firms’ communications with the public must be fair and balanced and not misleading. In the Report, FINRA highlighted the importance of these rules in the context of new products (such as digital assets) and digital communication channels. FINRA specifically noted the risks around app-based trading platforms with “game-like features” that potentially understate the risks attendant to investing, particularly in the context of options trading.
In the context of digital assets, firms should confirm that disclosures “prominently” identify the unique risks and speculative nature of such investments. In addition, the Report highlights the importance of cash management account disclosures, including proper disclosures regarding a firm’s role (bank vs. broker-dealer) and potential conflicts of interest.
A frequent topic of priorities letters, best execution presents unique challenges for firms offering customers an array of security types across different trading systems. In the Report, FINRA highlights the importance of addressing potential conflicts of interest in order-routing decisions and the need to tailor the nature of the best execution reviews to the firm’s business (i.e. different reviews for different security types). In 2021, FINRA will focus regulatory efforts on firms that offer “zero commission” trades, and evaluate whether those firms use different order-routing practices for those products or rely on changes to other business lines (e.g. Cash Management Accounts) to offset lost commission income.
Sales practice concerns around the purchase of VAs are an evergreen topic in FINRA priority letters. In its Report, FINRA focuses primarily on VA exchanges and buyout offers. FINRA notes the importance of using automated surveillance tools and exception reports to both review proposed exchanges and to create historical reports with standardized thresholds to detect trends across representatives, customers and products.
The following chart shows trends in FINRA exam priorities over the past three years.
|FINRA Exam Priority||2019||2020||2021|
|Alternative Trading System Surveillance||X||X|
|Books and Records||X|
|Business Continuity Planning||X|
|Consolidated Audit Trail (CAT)||X|
|Cash Management and/or Bank Sweep Programs||X||X|
|Contractual Commitment Arising from Underwriting Activities||X||X|
|Communications with the Public||X||X|
|Credit Risk Policies, Procedures and Risk Limit Determinations||X|
|Culture, Conflicts of Interest and Ethics||X||X|
|Customer Protection/Segregation of Client Assets||X||X|
|Data Quality and Governance||X|
|Direct Market Access Controls||X|
|Disclosure of Order Routing Information||X|
|Excessive and Short-term Trading of Long-Term Products||X|
|Exchange Traded Funds (ETFs)||X|
|Financial Risk Management||X||X||X|
|Fixed Income Mark-Up Disclosure||X||X|
|Fixed Income Prime Brokerage||X|
|Initial Coin Offerings and Cryptocurrencies||X|
|Large Trader Reporting||X|
|London Interbank Offered Rate (LIBOR) Transition||X|
|Market Access Rule||X||X|
|Online Distributions Platforms||X|
|Outside Business Activities/Private Securities Transactions||X||X|
|Product Suitability and Concentration||X|
|Regulatory Events Reporting||X|
|Regulation Best Interest (Reg BI) and Form CRS||X||X|
|Sales of Initial Public Offerings (IPOs) Shares||X|
|Sales Practice Risks||X||X|
|Social Media and Electronic Communications Retention/Supervision||X||X|
|Vendor Display Rule||X||X|