The Financial Industry Regulatory Authority, Inc. (FINRA) released its 2020 Risk Monitoring and Examination Priorities Letter (2020 Priorities Letter) on January 9, 2020. This annual publication describes the focus areas for FINRA’s risk monitoring, surveillance, and examination program in the coming year. Broker-dealers should be cognizant of these focus areas when reviewing their compliance program and preparing for exams.
The 2020 Priorities Letter shares several focus areas from FINRA’s 2019 Risk Monitoring and Examination Priorities Letter. Among other items, both address FINRA’s concern regarding sales practices and suitability, emerging digital asset business models, and cybersecurity policies and procedures.
FINRA is also implementing an integrated examination program, categorizing firms by the following business models: Retail, Capital Markets, Carrying and Clearing, Trading and Execution, and Diversified. This new examination structure allows FINRA to better align risk profiles with broker-dealers.
The 2020 Priorities Letter’s focus areas are as follows:
1. Sales Practice and Supervision
Sales practice and supervision continues to be a focus area for FINRA. FINRA will assess firms’ compliance with sales practice obligations including complex products, variable annuities, private placements, fixed income mark-up/mark-down disclosures, representatives acting in certain positions of trust or authority, and senior investors. FINRA will also focus on several new or emerging areas related to firms’ compliance with obligations concerning the following:
a. Regulation Best Interest (Reg. BI) and Form Client Relationship Summary (Form CRS): After the June 30, 2020 Reg. BI compliance date, FINRA may consider the compliance and application of the best interest standard to (i) recommendations of types of accounts; (ii) account monitoring related to explicit and implicit hold recommendations; (iii) elements of care, skill, and cost when making a recommendation; and (iv) consideration of reasonably available alternatives.
Additionally, FINRA will review policies, procedures, and controls in place to (i) assess recommendations using a best interest standard; (ii) provide disclosures required by Reg. BI; (iii) identify and address conflicts of interest; (iv) file, update, and deliver Form CRS; and (v) guard against excessive trading. For additional information, please see our other advisories: FINRA Provides Guidance on Regulation Best Interest and Form CRS and FINRA to Broker-Dealers Gearing Up for Regulation BI, “Don’t Panic–Prepare!”
b. Communications with the Public: FINRA is expanding its focus beyond the core obligations regarding communications with the public, supervision, and books and records requirements to look at private placements and digital channels.
For private placements, FINRA will look to firms using traditional channels and online distribution platforms and evaluate how firms review, approve, supervise, and distribute retail communications. A communication may be reviewed to determine whether (i) it is fair and not misleading with regard to investment characteristics, such as liquidity, or promissory statements or claims; (ii) it balances promotional content with issuer-specific key risks; (iii) its forecasts are reasonable and include clear explanations about assumptions; and (iv) it contains investment performance predictions that are generally prohibited by FINRA.
For digital channels, such as texting, social media, or collaborative workflow tools, FINRA may review their use and supervision to assess whether firms have (i) processes in place to evaluate new tools to determine whether digital communications should be captured and periodic testing to ensure communications are being captured; and (ii) identified and followed up on red flags during routine supervisory reviews.
c. Cash Management and Bank Sweep Program: When evaluating a firm’s Bank Sweep Program, FINRA will assess compliance with FINRA and SEC rules, and consider factors such as the clear communication of the nature of the sweep arrangement and cash management alternatives, as well as accurate disclosures of the brokerage account features and avoiding the implication that a brokerage account is similar to a checking and savings account or that it is insured by the Federal Deposit Insurance Corporation. FINRA may also consider whether firms have documented processes regarding reconciling customer balances at destination banks in the Bank Sweep Program and treatment of customer balances in the reserve formula computation.
2. Market Integrity
a. Best Execution/Vendor Display Rule: FINRA will focus on four key areas:
i. Routing Decisions: The process indicating why the market receiving the order flow was the best market, with particular focus on the impact of zero-commission brokerage activity and any conflicts of interest created through payment for order flow.
ii. Odd-Lot Order Handling: Whether for odd-lot orders a firm is trading for itself at the better proprietary feed price and then trading against its customers at an inferior National Best Bid or Offer (NBBO) price.
iii. Vendor Display Rule: FINRA will review the adequacy of firms’ controls and supervisory systems to ensure a current and reliable NBBO is provided to customers.
iv. U.S. Treasury Securities: Ensure policies and procedures adequately take into account the characteristics and liquidity of U.S. Treasuries.
v. Options: Surveillance will be focused on scenarios in which smaller child orders are executed at various price levels, and the larger remaining order is executed at an inferior price level.
3. Financial Management
In addition to the areas discussed below, FINRA will continue to focus on the adequacy of a firm’s compliance program as it relates to the Customer Protection and Net Capital Rules.
a. Digital Assets: FINRA is cognizant of the unique questions raised by digital assets and their applicability to federal securities laws, regulations, and FINRA rules. As an increasing number of FINRA applications include digital asset activities, FINRA will consider, among others, the following factors regarding digital asset business activities: (i) whether a firm adding digital asset activities has filed a Continuing Membership Application; (ii) whether marketing materials and retail communications are fair and balanced and appropriately disclose relevant risk factors; (iii) whether digital asset services are offered through the firm or an affiliate, for purposes of supervision, clearance, and custody; and (iv) the controls and procedures established to support the facilitation of transactions, including initial issuance and secondary market trading.
b. Liquidity Management: A firm’s liquidity management practices are critical and should be properly documented. FINRA will review these practices with a particular focus on the areas addressed in Regulatory Notice 15-33 and whether such practices (i) include the staff responsible for and the steps required to address specific stress conditions and a process for accessing and using liquidity during a stress event; and (ii) take into consideration the quality of the collateral, term mismatches, and the potential counterparty loss of financing desks. FINRA will also review liquidity management for Fixed Income Clearing Corporation (FICC) members with a specific focus on operational risks.
4. Firm Operations
FINRA will continue to assess a firm’s supervisory controls relating to customer confirmations and anti-money laundering compliance programs. FINRA will also focus on:
a. Cybersecurity: FINRA will assess such cybersecurity policies to ensure they are reasonably designed to protect customer records and information and tailored to their business model and scale.
b. Technology Governance: Firms must be cognizant of technology-related compliance risks and adapt their policies and procedures to reflect such risks. FINRA will focus its reviews on the following technology governance issues: (i) whether the Business Continuity Plan (BCP) (a) reflects material changes to a firm’s business, (b) addresses customer access to funds and securities, and (c) manages back-office operations in a BCP event; (ii) the controls implemented to mitigate system capacity performance and integrity issues; (iii) documentation of system change requests and approvals; (iv) testing performed prior to a system change moved to a production environment; and (v) procedures for tracking information technology problems and their remediation, and whether these problems are categorized based on business impact.
The items listed in the 2020 Priorities Letter are not exhaustive, and the scope of any examination is determined through a risk-based approach that includes analysis of a firm’s history, business lines, operations, and other risk factors. Firms should ensure that their compliance programs and procedures are tailored to address their business and client base, and, once under examination, should seek to be responsive to FINRA’s inquiries.
Please contact one of the listed authors of this Client Alert or your regular Lowenstein Sandler contact if you have any questions concerning FINRA’s 2020 Priorities Letter or would like assistance reviewing your compliance program, including policies and procedures and disclosures.