As it does every January, FINRA released its annual Regulatory and Examinations Priorities Letter identifying areas of examination focus for the coming year, recurring challenges faced by firms, and possible risks impacting the financial sector. FINRA’s 2018 exam priorities for the first time identify cryptocurrencies and related initial coin offerings (ICOs). Other first-mentions include technology governance, business continuity plans, and non-purpose loans. FINRA’s highest listed priorities this year are the repeated priorities of fraud and recidivist brokers.
Protecting senior investors was a prominent part of FINRA’s Exam Priorities in 2014, 2015, 2016, and 2017. In 2018, protection of seniors was not a delineated priority issue but permeated most all other topics.
Despite the fact that FINRA has announced a more strategic use of its resources, most of the old favorites make an appearance including suitability, AML, and cybersecurity.
FINRA’s High Priorities and Stated New Areas of Concern
While fraud is always a major concern of FINRA, the context in which it is discussed focuses on microcap securities, insider trading, stock price inflation schemes, Ponzi schemes and issuer fraud. FINRA will expect SARs to be filed as appropriate and for firms to be aware of related AML issues that arise from fraudulent activity. FINRA notes that in the past it has referred many fraud cases to the SEC and will continue to do so, but does not say that it will step aside in those cases that it refers to the SEC. Thus, in these types of cases it would not be surprising to see multiple regulators investigating the same conduct and issuing subpoenas to and taking testimony from the same firms and individuals.
High Risk Brokers and Firms
FINRA’s “High Risk Broker” program was implemented in 2013 and expanded in 2014. The program utilizes two computer algorithms, the “Broker Migration Model” and the “Problem Broker Model,” to monitor brokers’ disclosure events and movement between firms. Like 2017, in 2018, FINRA will direct attention to firms’ hiring and monitoring of high-risk and recidivist brokers, including whether firms establish appropriate supervisory and compliance controls for such persons. FINRA has indicated that several conduct related infractions within a short time period or similar conduct repeated over a longer time frame qualify a representative as a recidivist broker.
Business Continuity Plans
This is a new addition to the exam priorities. FINRA Rule 4370 – the emergency preparedness rule — requires firms to have in place a business continuity plan. In light of last year’s catastrophic hurricanes, FINRA will review firms’ Business Continuity Plans, under what circumstances they will be activated, how they will be classified, coordinate with vendors, returning to normal, among other things.
FINRA will review firms’ information and technology change process, especially where there have been break-downs in technology upgrades and new system implementations at firms. In the past, these breakdowns from coding issues and other flaws have caused significant impacts on order entry, execution, and protection of customers and data. This is an area where FINRA has consistently generated large enforcement penalties. We do not expect this to change.
Initial Coin Offerings and Cryptocurrencies
FINRA includes in the Letter a three sentence mention about cryptocurrencies and ICOs. There is no doubt that cryptocurrencies are the new hot place for investors to put money to work. There are approximately 2100 cryptocurrencies now trading, the most talked-about being Bitcoin.
In the Letter, FINRA indicates that it will "closely monitor developments in this area," but does not indicate much more than that. It is not currently believed that cryptocurrencies themselves (rather than tokens) are securities and no FINRA member currently sanctions the direct trading of cryptocurrencies; however, according to recent media reports, some appear to have it in their plans for 2018. There are two possible areas of concern for FINRA members. One, of course, is selling away, which FINRA mentions in the Letter. Indeed, it is not uncommon during periods of extended and continuous increases in the broad securities markets that some brokers look to extra-curricular means to add alpha and attract clients. It is a real concern.
Second, but not mentioned by FINRA, is the Bitcoin Investment Trust (GBTC) which is a tradable ETF that presumably tracks the turbocharged price of Bitcoin. If recommended by a broker, GBTC transactions would presumably be subject to suitability and supervisory obligations just like any other security. That said, it appears that GBTC may have significant "tracking error" relative to the Bitcoin and, in fact, the two at times may even appear to trade in opposite directions. Although a number of major firms have prohibited GBTC transactions, thus avoiding related regulatory scrutiny, this prohibition is not universal. For those firms that allow it, it would not be a surprise to see FINRA take notice.
Securities Backed Lines of Credit
With equities markets hitting new highs, investors are considering non-purpose loans, also called a Securities Based Line of Credit (SBLOC), to access cash without selling securities. However, the SBLOC is not without risk in a volatile market. Firms must be certain that customers are aware of those risks. FINRA will review firms’ disclosures to customers related to SBLOCs, as well as internal controls to earmark collateral securing the SBLOC for potential dual pledging (especially when a third party or another member firm is involved). Firms should also monitor to ensure SBLOCs are not being used to carry margin stock or improperly arranging for credit.
Customer Protection/Verification of Assets and Liabilities
FINRA will focus on protection of customer assets and accuracy of firms’ financial data, specifically with respect to firms’ net capital requirements and reserve computations. Like last year, FINRA will evaluate whether firms have implemented adequate controls and supervision to protect customer assets pursuant to SEA Rule 15c3-3. FINRA will be paying special attention to foreign custodians, a new addition to this repeated topic. We expect FINRA member regulation to take a closer look at firm’s foreign depositories, clearing agencies, and custodial banks.
Anti-Money Laundering (AML) is a recurrent concern for FINRA; it has appeared in the last six letters. In 2018, FINRA will continue to focus on firms’ AML programs, especially gaps in firms’policies and procedures, resources devoted to AML monitoring, and independent testing of the AML system. FINRA suggests that firms should be attentive to and monitor the use of foreign affiliates to conduct high risk transactions. FINRA also advises firms to surveil accounts used in connection with securities-backed lines of credit and aggregate activity across accounts. Given the new rule coming into effect on May 11, 2018 (see below), and the potential FinCEN corporate ownership database, we anticipate firms will have to dedicate even more of their resources to this area of compliance.
Cyber security was discussed in the 2013, 2014, 2015, 2016, and 2017 letters. It will be a concern for the foreseeable future. Among the areas FINRA may review are firms’methods for protecting sensitive information from both internal and external threats. FINRA will also review firms’ technical defenses.
Similar to last year, FINRA will continue to review suitability with an eye toward vetting new products – the diligence process, approvals, and training of representatives – and pay particular attention to recommendations of new products to unsophisticated, vulnerable investors. FINRA will pay special attention to Unit Investment Trusts, multi-share class products, concentration in interest-rate-sensitive instruments, and recommendations that result in short-term trading of products intended to be held long term. FINRA will also focus on employer-sponsored retirement plans and suitability of plan recommendations. This area of focus is new for FINRA member regulation. Also, FINRA will be on the lookout for switches between brokerage accounts and advisory accounts that disadvantage the customer, especially where a customer invested in a product with a front-end sales charge in the brokerage account before the switch.
In 2017, FINRA’s examiners reviewed best-execution practices related to fixed-income transactions (which FINRA intends to expand this year) and focused on firms’ pricing practices, including whether firms were obtaining the best price for their customers of debt securities and not charging excessive markups or markdowns. This year, FINRA is expanding the equity best execution surveillance program and will review the degree that firms provide price improvement when routing customer orders versus internal customer orders. FINRA will also continue to review conflicts of interest that may compromise the execution quality of customer orders. This issue has been an area of concern, particularly where brokers receive order routing inducements or firms’ proprietary interests conflict with the duty of best execution.
New Rules and Amendments to Rules
With 2018 will come some significant rule changes, as a reminder, these rule changes include:
- FINRA Rule 2165 – Financial Exploitation of Vulnerable Clients – Effective February 5, 2018
- Amendments to Rule 4512 – Customer Account Information – Effective February 5, 2018
- FinCEN Customer Due Diligence Rule – Effective May 11, 2018
- Amendments to FINRA Rule 2232 – Customer Confirmations – Effective May 14, 2018
- Amendments to FINRA Rule 4210 – Margin Requirements for Covered Agency Transactions – Effective June 25, 2018
- Consolidation of FINRA Rules 1210-1240 – Registration Rules – Effective October 1, 2018