What’s the Financial Industry Regulatory Authority (FINRA) looking at this year? Much of the same, according to the recently released Risk Monitoring and Examination Activities Report. The Report updates insights garnered from the Authority’s ongoing regulatory operations. It:

1. Identifies the applicable rule and key related considerations for member firm compliance programs;
2. Summarizes noteworthy findings from recent examinations and outlines effective practices that FINRA observed during its oversight; and
3. Provides additional resources that may be helpful to member firms.

The Report addresses several key regulatory topics for each of the four categories:

1. Firm Operations;
2. Communications and Sales;
3. Market Integrity; and
4. Financial Management.

FINRA also highlights areas that impact compliance programs across a large population of member firms, including:

 Regulation Best Interest (Reg BI) and Form CRS.

In 2021, the regulator intends to expand the scope of Reg BI and Form CRS reviews and testing to effect a more comprehensive review of firm processes, practices, and conduct. FINRA underscored its willingness to “take appropriate action in the event we observe conduct that may cause customer harm, would have violated previous standards (e.g., suitability), or indicates a clear disregard of the requirements of Reg BI and Form CRS.”

In discussing Reg BI and Form CRS, FINRA urges member firms to inform themselves of the review considerations its staff will use when examining a firm for compliance with Reg BI and Form CRS. It will be looking at member firms that receive or originate orders in National Market System (NMS) stocks, over-the-counter (OTC) equity securities, or listed options must report to CAT. Additionally, all proprietary trading activity, including market-making activity, will be subject to CAT reporting. According to FINRA, there are no exclusions or exemptions for the size or type of firm or type of trading activity. FINRA is in the early stages of reviewing for compliance with certain CAT obligations; accordingly, exam findings or effective practices are not included in this Report but will be provided later when more information is available. In the interim, member firms should review the list of recommended steps provided in the Notice and assess their CAT compliance programs’ adequacy.

Cybersecurity

Member firms’ ongoing and increasing reliance on technology for many customer-facing activities, communications, trading, operations, back-office, and compliance programs—especially in our current remote work environment—requires them to address new and existing cybersecurity risks, including risks relating to cybersecurity-enabled fraud and crime. FINRA notes that a firm’s cybersecurity program should be reasonably designed and tailored to the firm’s risk profile, business model, and scale of operations. The Authority will review members’ cybersecurity programs for compliance with business continuity plan requirements, as well as the SEC’s Regulation S-P Rule 30, which requires member firms to have policies and procedures addressing the protection of customer records and information. Given the increase in remote work and virtual client interactions, combined with an increase in cyber-related crimes, we encourage member firms to review the considerations, observations, and effective practices.

Communications with the Public

FINRA continues to evaluate member firms for compliance with FINRA Rule 2210 (Communications with the Public), which includes principles-based content standards designed to apply to ongoing developments in communications technology and practices. The Authority is increasingly focused on communications relating to certain new products and how member firms supervise, comply with recordkeeping obligations, and address risks relating to new digital communication channels. This focus includes risks associated with app-based platforms with interactive or “game-like” features intended to influence customers, their related forms of marketing, and the appropriateness of the activity that they are approving clients to undertake through those platforms. The Report also addresses the communications relating to cash management services that sweep customer cash into affiliate or partner

Best Execution

FINRA routinely reviews member firms for compliance with best execution obligations under FINRA Rule 5310 (Best Execution and Interpositioning). It will continue to focus on potential conflicts of interest in order-routing decisions, appropriate policies and procedures for different order and security types, and the sufficiency of member firms’ reviews of execution quality. FINRA also has and will continue to conduct targeted reviews of member firms that do not charge commissions for customer transactions to evaluate the impact that not charging commissions has or will have on member firms’ order-routing practices and decisions and other aspects of member firms’ business.

Variable Annuities

FINRA continues to evaluate variable annuity exchanges under FINRA Rule 2330 (Members’ Responsibilities Regarding Deferred Variable Annuities) and, when applicable, under Reg BI. In early 2020, FINRA engaged in an informal review of buyout written supervisory procedures (WSPs), training, and disclosures for member firms whose customers were impacted by a recent announcement from an insurer with sizable variable annuity assets stating it will terminate servicing agreements, cancel specific trail commissions for registered representatives, and provide buyout offers to its variable annuity customers.

How does this impact you and your compliance team?

It will, mostly, be business as usual. Particularly for those professionals who have their compliance processes and procedures in order. And that’s where Patrina delivers. For more than 25 years, Patrina has been helping compliance professionals like you stay on the “straight and narrow” efficiently and cost-effectively. So, let’s talk. Call 212-233-1155 to ask about Patrina’s cost-effective, designated third-party services, comprehensive, 8-module compliance solution, compliant data capture, file storage, and records archiving specifically designed for the financial services community. Be smart. Be covered. Let’s talk.