By Jessica HambyShare Article
7 Enforcement Trends You Should Address
At the 2022 FINRA Annual Conference, Melissa Hodgman, Associate Director of the Division of Enforcement for the SEC and Jessica Hopper, Head of Enforcement for FINRA discussed current enforcement trends. The major theme of the discussion was cooperation, with both regulators suggesting that a helpful manner from firms could potentially avoid more stringent enforcement actions. Several areas of focus for enforcement actions were highlighted along with suggestions for effective practices in these areas. It was emphasized that firms are expected to review enforcement cases brought against other firms and review their own policies and procedures in light of these cases.
Enforcement Areas of Focus
Text and Electronic Messaging. Recent cases highlight the need for record keeping and monitoring of text and electronic messaging. The May 2022 SEC case against a large firm for messaging violations is an example of more enforcement to come from regulators on this issue. Firms should consider using compliant text and electronic messaging technology that can be supervised and maintained as books and records.
Coordination between Compliance and Supervision. A recent FINRA case was discussed that highlights the need for communication and coordination between Compliance and Supervision departments within the firm. Silos within firms are unhelpful, and information should be shared between these groups for effective risk management; otherwise, trends and patterns that could be problematic for clients or the firm could be missed. An example of information sharing would be a shared database between the two groups that listed all disciplinary investigations and actions taken.
Cybersecurity. This is a primary focus for the SEC and FINRA. Effective practices include policies and procedures that address cyber hygiene, incident response and recording, notifying clients promptly of any breaches and reporting incidents to regulators. The SEC has increased its staff by almost double in this area, and both the SEC and FINRA encourage firms to reach out for guidance and assistance with cybersecurity matters.
AML. Enforcement actions from FINRA for AML violations are resulting in high fines to firms. Findings often include new business lines not being evaluated sufficiently for AML risk and not being included in the firm’s AML program. Findings also include a lack of enforcement of the firm’s existing AML policies and delayed, missed or inaccurate SARs reporting of suspicious activity.
Best Execution. Best execution is a large focus of SEC and FINRA exams. FINRA expects firms to consider all best execution rule requirements including price improvement, fill rates and speed of execution when routing orders. Payment for order flow was mentioned as a focus by both regulators. Learn more by reading 8 Recommendations for Best Execution and Reg NMS.
Complex Products. Complex products are a large and broad focus of FINRA. Alternative mutual funds are a particular focus. FINRA has been finding that some alternative mutual funds are being sold as conservative products when they are actually options strategies. Firms should review these products and others listed as complex to ensure the marketing materials and training for representatives are clear and that risks are being communicated to clients appropriately. FINRA suggests when onboarding any new product that supervisory procedures, marketing materials and training are updated to include the risk factors of the new product. Effective best practices include creating a New Product Committee to evaluate new products and implementing policy and procedure updates as needed for the product.
Margin. Margin may become a focus of regulators due to the changing interest rates and increased cost of borrowing. Firms should review how increasing margin costs affect the complex products they offer and be sure to review disclosures and training materials to consider these costs.
What happens when findings are referred to Enforcement?
FINRA will often recommend that the firm conduct an “undertaking,” during which they would hire an outside consulting group to review the problems and recommend improvements. Undertakings are being used to facilitate investor restitution and correct problems at firms. If these can be accomplished with cooperation from the firm, then fines or required independent testing can be avoided. If regulators feel that the firm has instituted a culture of compliance and the problems found have been corrected, the firm will benefit from “cooperation credit.” If the firm does not present a desire to comply or change and FINRA does not believe it cannot be relied upon to fix the issue, then other actions will be necessary.
What can your firm do for the best outcome of an enforcement investigation?
SEC and FINRA Enforcement expressed a desire to partner with firms and foster a cooperative relationship. Firms do get credit for cooperating with regulators in the form of more lenient sanctions.
If the firm or outside counsel presents unnecessary delays or does not respond fully to regulatory requests, Rule 8210 cases may be brought against the firm.
Regulatory Sanctions will be higher for repeat findings than initial findings. This includes findings that are public information, even if they were not against your firm. The SEC and FINRA believe that firms should be reviewing orders, disciplinary actions, exam findings reports, guidance, press releases and public statements by regulators and implementing updated procedures as needed based on these. In short, regulators suggest that a proactive, cooperative response to an enforcement investigation is the key to the best outcome.
Oyster will continue to post blogs and podcasts on topics covered at the FINRA Annual Conference. Take advantage of the insights our consultants offer though our blogs and podcasts.
Oyster Consulting’s experts have the industry and FINRA, SEC and state regulatory experience to help solve complex regulatory challenges that are critical to your business. We provide compliance support that is agile, reasonable and satisfies regulatory requirements.