GAO Recommends Regulators Better Protect Personal Information
GAO reviewed the collection and protection of personally identifiable information ("PII") by five federal banking regulators (the CFPB, the FDIC, the Federal Reserve Board, the OCC and the National Credit Union Administration).
In a report to the Ranking member of the Senate Finance Committee, GAO examined (i) what mission-related PII the five federal financial regulators collected, used and shared, and (ii) the extent to which the regulators ensured the privacy of the PII that they collected, used and shared in accordance with federal requirements and guidance.
The scope of the report included (i) the managing of PII, (ii) the use of contractors and third parties, (iii) training, (iv) incident response and (v) risk management framework.
GAO found that the various federal regulators had generally taken steps to protect PII but that there was room for improvement at each of the agencies.
Commentary
Although the report and the recommendations concerned the activities of the government regulators, and not of private parties, institutions that collect PII may find the structure of the report (including the framework set out on pages 6-8) useful for considering how well they protect PII, particularly given the possible penalty for failure to do so. The report is largely based on OMB Circular A-130, which describes "Managing Information as a Strategic Resource," and provides more detailed guidance as to the protection of information.
Primary Sources
President Biden Nominates Members to the Federal Reserve Board
On January 14, 2022, President Joseph R. Biden sent nominations to the Senate to fill vacancies on the Federal Reserve Board ("FRB"). The President's nominations include:
-
For Member of the FRB - Sarah Bloom Raskin, of Maryland, for an unexpired term of 14 years from February 1, 2018, replacing Randal Quarles.
-
For Vice Chairman for Supervision of the FRB - Sarah Bloom Raskin, of Maryland, for a term of four years, replacing Randal Quarles.
-
For Member of the FRB - Lisa DeNell Cook, of Michigan, for an unexpired term from February 1, 2010, replacing Janet L. Yellen.
-
For Member of the FRB - Phillip Nathan Jefferson, of North Carolina, for a term of 14 years from February 1, 2022, replacing Richard Clarida.
Treasury Secretary Janet L. Yellen expressed support for the nominees, noting (i) their diversity in backgrounds that will provide new perspectives and (ii) their commitment to achieving the board's "mandate of stable prices and maximum employment."
In separate statements, Senate Banking Committee Chair Sherrod Brown (D-OH) and House Financial Services Chair Maxine Waters (D-CA) also applauded the President's nominees. Senator Brown emphasized the nominees' perspectives that they will bring to the Board with respect to "the economic issues [of] women, Black and brown workers, and rural and industrial communities across the country face." Representative Waters noted the importance of "[d]iverse and transformative leadership at the Fed" at a time when "the economic fallout from the pandemic has hurt communities of color the most."
Primary Sources
FinCEN Acting Director Describes Transformation of the AML/CFT Regulatory Regime
FinCEN Acting Director Him Das highlighted new threats, new innovation and public-private partnerships in the transformation of the AML/Counter-Terrorist Financing ("AML/CFT") regulatory regime.
In an address before the American Bankers Association/American Bar Association, Mr. Das focused on how the AML/CFT regulatory regime must account for new threats, such as ransomware, and new innovations, such as digital assets. He praised the success of regulatory "sandboxes" and promoted greater public-private partnerships "to modernize and enforce this regime." Mr. Das said that he wants to transform the AML/CFT regime from post-9/11 to post-pandemic with a focus on artificial intelligence and digital assets.
Primary Sources
NFA Highlights Common Regulatory Deficiencies
In three separate notices, NFA reminded (i) futures commission merchants, forex dealers, and introducing brokers, (ii) CPOs and CTAs, and (iii) swap dealers on reporting requirements, and common deficiencies in regulatory compliance. Common deficiencies in cybersecurity, third-party service providers and supervision were applicable to all registration groups.
Notice I-22-02 addressed futures commission merchants, forex dealer members and introducing brokers. Common deficiencies included inadequate self-examination questionnaires, failure to supervise communications and trading, inadequate review of third-party service providers and failure to adopt an information security program.
Notice I-22-03 covered CPOs and CTAs. Among the common failures for these types of entities were those relating to financial reporting.
Notice I-22-04 addressed swap dealers, noting deficiencies in (i) daily trading records, (ii) business conduct standards, (iii) market practices, (iv) portfolio reconciliation and (v) swap data reporting.
NFA also provided reminders of recent amendments to the requirements applicable to each type of regulated entity.
Primary Sources
Firm Settles FINRA Charges for Intermarket Sweep Order Violations
A broker-dealer settled FINRA charges for violations of intermarket sweep order ("ISO") regulations and supervisory rules.
In a Letter of Acceptance, Waiver and Consent, FINRA found that the firm allegedly violated Rule 242.611(c) ("Order Protection Rule: Intermarket Sweep Orders") of SEC Regulation NMS, which requires broker-dealers to take "reasonable steps" to ensure that routed ISO orders meet the definitions set by Rule 242.600(b)(30) ("Effective transaction reporting plan"). FINRA stated that orders that failed to meet these definitions were not routed against other exchanges' protected quotes. FINRA charged the firm with violating the "reasonable steps" requirement by failing to (i) inform its compliance department that it was routing ISOs, (ii) develop policies and procedures for complying with ISO regulations and (iii) maintain firm-specific quotation data or conduct periodic reviews to prevent trade-throughs. FINRA found this violative of FINRA Rule 2010 ("Standards of Commercial Honor and Principles of Trade").
Additionally, FINRA stated that the firm incorrectly marked immediate-or-cancel ("IOC") orders as ISOs. In fixing a coding issue to address this, it created another error, resulting in the routing of IOC orders instead of ISOs. Again, FINRA determined that the firm failed to take "reasonable steps" to ensure the accuracy of its routed ISOs.
As a result of these alleged violations, FINRA also asserted that the firm's supervisory system was not reasonably designed to ensure compliance with Rule 611, thereby violating FINRA Rule 3110 ("Supervision").
In settling the charges, the broker-dealer agreed to (i) censure and (ii) a $200,000 fine, with $42,765 payable to FINRA.
Primary Sources
Investment Adviser Settles SEC Charges for Disclosure and Records Failures
An investment adviser settled SEC charges for improperly promoting hypothetically back-tested performance information.
The SEC found that the adviser did not disclose that its investment strategy was not entirely consistent with its promoted hypothetical strategy. The SEC also found that the adviser distributed tear sheets with hypothetical performance results to third-party advisers, but failed to preserve copies of these advertisements.
The SEC charged the adviser with violations of IAA Rules 206(4)-7 ("Compliance Procedures and Practices") and 204-2 ("Books and Records to Be Maintained by Investment Advisers"). The SEC noted that the adviser voluntarily took prompt remedial action, including implementing a policy prohibiting the advertisement of hypothetical performance results.
Without admitting or denying the SEC findings, the adviser agreed to (i) a cease-and-desist order, (ii) a censure and (iii) a $70,000 civil penalty.
Primary Sources
Firm Settles FINRA Charges for Failure to Monitor for Manipulative Trading
A broker-dealer settled FINRA charges for failing to monitor sufficiently for improper trading.
In a Letter of Acceptance, Waiver and Consent ("AWC"), FINRA alleged that the firm's supervisory system was not reasonably designed to detect possible manipulative trading as to:
-
Wash Trades - The firm would flag potential wash sales only if the trade value were greater than $1,000, regardless of the underlying security's price.
-
Prearranged Trading - The firm's surveillance reports would not detect such trades if both sides of the transaction were executed more than one second apart.
-
Marking-the-Close - The firm's surveillance reports were too restrictive to detect marking-the-close activity.
FINRA found that the firm's surveillance was not reasonably designed to detect trading that "artificially increased or decreased the price of thinly traded stocks" and that its surveillance reports were not reasonably designed to detect possible intraday manipulative trading. FINRA charged that the firm violated FINRA Rules 3110 ("Supervision") and 2010 ("Standards of Commercial Honor").
To settle the charges, the broker-dealer agreed to (i) a censure, (ii) a $350,000 fine, with $144,500 payable to FINRA, and (iii) submit a signed and dated letter or e-mail affirming that the firm has implemented a reasonably designed supervisory system to detect the manipulative trading activity described in the AWC.