On January 8, the Financial Industry Regulatory Authority (FINRA) released its annual Regulatory and Examination Priority Letter detailing various issues that will be the subject of particular regulatory focus and scrutiny this year. Many of the areas noted are carry-overs from previous years, including the protection of senior investors and other retail customers, new product suitability reviews, and enhanced scrutiny of high-risk brokers. However, the letter also reflects various new issues that have caught FINRA’s attention and will require increased attention by FINRA member firms. Highlights include:
- Cybersecurity and anti-money laundering continue to be areas of primary concern for FINRA. Firms can expect the regulator to assess the sufficiency of their cybersecurity preparedness, technical defenses, and resiliency measures. In terms of AML, FINRA noted ongoing concerns about, among other things, the adequacy of firms’ policies and procedures to detect and report suspicious transactions and of firms’ independent testing of their AML programs.
- FINRA will closely monitor developments in the rapidly expanding market for digital assets such as cryptocurrencies and initial coin offerings (ICOs). When member firms are involved in effecting transactions in such assets or ICOs and such assets are securities or the ICO involves the offer or sale of securities, firms should have the appropriate supervisory, compliance, and operational infrastructure in place to ensure compliance with regulatory obligations. Nonetheless, it remains unclear how various regulatory obligations might apply in this context.
- FINRA intends to review member firms’ business continuity plans (BCPs), including how and when firms activate their BCPs, how they accomplish data back-up and recovery, and how they restore systems and records after a business disruption. FINRA also expressed concerns about increased incidences of customer service and regulatory problems arising from deficiencies in firms’ information and technology change management policies and procedures.
- With respect to SEC Rule 15c3-5 (the Market Access Rule), FINRA noted that many firms have not maintained reasonable documentation to support pre-trade financial controls and have not conducted the necessary periodic reviews to assess the appropriateness of the thresholds adopted.
- FINRA intends to evaluate firms’ compliance with Rule 201 of Regulation SHO, which requires member firms to implement policies and procedures to prevent the execution or display of a short sale order at a price that is equal to or less than the national best bid when a short sale circuit breaker is in effect. Member firms should test to confirm that their controls work properly and, if a firm relies on an exemption to Rule 201, it must ensure that its activity or short sale transactions qualify for such exemption.
The Regulatory and Examination Priority Letter also identifies several planned enhancements to FINRA’s examination program, new compliance resources for member firms, and various new rules set to become effective in 2018.
FINRA’s 2018 Regulatory and Examination Priority Letter is available here