Fri, Feb 1, 2019
On January 22, 2019, FINRA published its Annual Risk Monitoring and Examinations Priorities Letter (“the Letter”) highlighting new priorities and identifying areas of ongoing concern that FINRA will continue to focus on in the coming year. Firms should use the Letter to review their compliance and supervisory procedures carefully and make any necessary revisions. While many of 2019’s focus areas are largely the same as in 2018 (sales practice risks, senior investors, cybersecurity, fraud and market manipulation), FINRA announced it is shifting its focus to include three new areas of concern. These include online distribution platforms, firms’ compliance with FinCEN’s Customer Due Diligence (CDD) rule and fixed income mark-up disclosures.
Among other things, FINRA will focus on the following items in 2019:
Online Distribution Platforms
In connection with the increasing involvement of firms in the distribution of securities through online platforms in reliance on Rule 506(c) of Regulation D and Regulation A under the Securities Act of 1933 (Securities Act), FINRA will evaluate how firms conduct business distributing securities through online platforms and how they conduct their reasonable basis and customer-specific suitability analyses, as well as how firms supervise communications with the public and meet their AML requirements using such platforms. FINRA will also focus on how firms address the risks presented when providing offering documents to the public through online platforms. FINRA’s stated reason that this is a priority is the assertion by some member firms that they are not selling or recommending securities when involved with online distribution platforms despite what FINRA described as “evidence to the contrary, including handling customer accounts and funds or receiving transaction-based compensation.”
Fixed Income Mark-Up Disclosure
FINRA will review firms’ compliance with their mark-up or mark-down disclosure obligations on fixed income transactions with customers pursuant to amendments to FINRA Rule 2232 (Customer Confirmations) and MSRB Rule G-15, which became effective on May 14, 2018. FINRA will also review any changes in firms’ behavior that might be undertaken to avoid their mark-up and mark-down disclosure obligations.
Regulatory Technology
FINRA will engage with firms to understand how they are using RegTech tools and addressing related risks, challenges or regulatory concerns, including those related to supervision and governance systems, third-party vendor management, safeguarding customer data and cybersecurity.
Suitability
Suitability remains one of FINRA’s top priorities. Specific areas of focus include:
Outside Business Activities and Private Securities Transactions
FINRA is particularly concerned about fundraising activities for entities that the associated persons control or in which they have an interest. As such, FINRA will continue to assess firms’ controls related to associated persons’ activities raising funds from their customers away from their firm and outside of their supervision.
Supervision of Digital Assets Business
Firms are encouraged to notify FINRA if they plan to engage in activities involving digital assets, even where a membership application is not required. FINRA will review firms’ activities related to digital assets and assess how firms determine whether a particular digital asset is a security and whether firms have implemented adequate controls and supervision over compliance with rules related to the marketing, sale, execution, control, clearance, recordkeeping and valuation of digital assets, as well as AML/Bank Secrecy Act rules and regulations.
Customer Due Diligence and Suspicious Activity Reviews
In connection with FinCEN’s Customer Due Diligence (CDD) rule, which became effective on May 11, 2018, FINRA will focus on the data integrity of suspicious activity monitoring systems, as well as decisions associated with changes to those systems. The CDD rule requires that firms identify beneficial owners of legal entity customers, understand the nature and purpose of their accounts, conduct ongoing monitoring of customer accounts to report and identify suspicious activities and update customer information on a risk basis.
Best Execution
FINRA is concerned about firms failing to use reasonable diligence to assure customer order flow is directed to the best market given the size and types of transactions. In this regard, FINRA will review the following:
Market Manipulation
FINRA will focus on manipulative trading in correlated ETFs, including those that track common, broad market indices, as well as, potential manipulation across correlated options products (e.g. options on broad market indices and options on ETFs overlying the same indices).
Credit Risk
FINRA will review firms’ policies and procedures for identifying, measuring and managing credit risk, including risk exposures that may not be readily apparent (e.g., under clearing arrangements, prime brokerage arrangements, “give up” arrangements, sponsored access arrangements or principal letters). FINRA will also assess the extent to which firms identify and address all relevant risks when they extend credit to their customers and counterparties, including an examination of firms’ compliance with FINRA Rule 4210(f)(1) (Margin Requirements), which requires substantial additional margin on long and short positions in securities that are subject to “unusually rapid or violent changes in value, or do not have an active market on a national securities exchange, or where the amount carried is such that the position(s) cannot be liquidated promptly.”
Funding and Liquidity
FINRA will continue to evaluate firms’ liquidity planning and will focus on the following:
For further information, you can find the entire report here.
End-to-end governance, advisory and monitorship solutions to detect, mitigate, drive efficiencies and remediate operational, legal, compliance and regulatory risk.
With expertise in diverse regulatory frameworks, including the FCA, the SEC, AMF, SFC, MAS and more, Kroll offers practical support, from initial authorization to ongoing compliance support.