Our detailed review reveals six priorities shared by the SEC and FINRA:
- Recidivism – As in years past, the SEC emphasized that it will use its analytic capabilities to identify individuals with a track record of misconduct and examine firms that employ them. In 2017, FINRA added the examination of high-risk and recidivist brokers as a new area of focus. Specifically, FINRA is strengthening its approach to these firms in three ways: rigorously reviewing these brokers’ interactions with customers through a recently established examination unit dedicated solely to the issue; reviewing firms’ supervisory procedures for hiring or retaining statutorily disqualified and recidivist brokers; and continuing to evaluate firms’ branch office inspection programs and supervisory systems for branch and non-branch locations.
- Senior investors – Following the June 2015 launch of its “ReTIRE” initiative, which focuses on the services offered by registered investment advisers and broker-dealers to investors with retirement account, the SEC will continue to prioritize examinations under the program. In 2017, the SEC will focus on, among other things, recommendations and sales of variable insurance products, the sales and management of target date funds, and the controls surrounding cross-transactions, particularly with respect to fixed income securities. As in past years, FINRA will focus on protecting senior investors from fraud, abuse, and improper advice, specifically as such advice pertains to speculative or complex products in search of yield. FINRA will also focus on microcap fraud schemes, especially those targeting the elderly.
- Cybersecurity – In 2014, the SEC launched an initiative to perform examinations of broker dealers’ and investment advisers’ compliance and controls. In 2017, the SEC will continue to examine for cybersecurity compliance procedures and controls, including testing the implementation of those procedures and controls. Recognizing that there is “no one-size-fits-all approach to cybersecurity,” FINRA will tailor its assessment of cybersecurity programs to each firm based on a variety of factors, including its business model, size, and risk profile. Among other things, FINRA may review firms’ methods for preventing data loss, including understanding their data, and its flow through the firm and possibly to vendors. In addition, FINRA may assess firms’ controls to monitor and protect this data.
- Exchange-Traded Funds (ETFs) – For the second time, the SEC included ETFs on its list of examination priorities, and intends to examine them for compliance with exemptive relief granted under the Exchange Act and the Investment Company Act and review their unit creation and redemption process. FINRA, which has observed concerns regarding the sale of complex or novel exchange-traded products, including ETFs, emphasizes that firms should make sure they perform and supervise customer-specific suitability determinations. FINRA also notes that firms should carefully evaluate their supervisory programs in light of the products they offer, the specific features of those products, and the investors they serve.
- Anti-Money Laundering (AML) – The SEC will continue to examine broker-dealers to assess whether AML programs are “tailored to the specific risks” they face, including whether they consider and adapt their programs to current money laundering and terrorist financing risks, as appropriate. The SEC will also review how broker-dealers are monitoring for suspicious activity and the effectiveness of independent testing, as well as compliance with suspicious activity report (SAR) requirements and the timeliness of SARs filed. FINRA will also focus on firms’ AML programs, especially with respect to areas where it has observed shortcomings, including gaps in automated trading and money movement surveillance systems, poorly set parameters or surveillance patterns that do not capture problematic behavior, and systems monitoring foreign currency transactions and transactions that flow through suspense accounts.
- Municipal advisors – As in years past, the SEC will conduct examinations of municipal advisors to evaluate their compliance with SEC and Municipal Securities Rulemaking Board (MSRB) rules. The SEC will continue its industry outreach and education. FINRA added a new section to its 2017 letter noting that it has found that some firms are not registering correctly with the SEC and MSRB, or are not properly updating their registration information as it changes. Accordingly, FINRA said it will assess whether firms are complying with the SEC’s registration requirements, and whether firms are properly applying exemptions and exclusions to these requirements.
The fact that these priority areas are being targeted by both the SEC and FINRA suggests they are especially important and should likely be a top priority for securities firms as well.
In a statement accompanying FINRA’s 2017 priorities letter, FINRA President and CEO Robert Cook noted that, starting this year, FINRA will publish a summary report outlining key findings from examinations in selected areas. The document will alert firms to what FINRA is seeing from a national perspective and will “serve as an additional tool firms can use to strengthen the control environment for their business.”
Importantly, for the first time, the SEC noted that it will examine registered investment advisers and broker-dealers that offer electronic investment advice, including so-called “robo-advisers” that primarily interact with clients online and firms that utilize automation as a component of their services. These examinations will focus on registrants’ compliance programs, marketing, formulation of investment recommendations, data protection, disclosure relating to conflicts of interest, and the oversight of algorithms that generate recommendations.
The SEC also announced that, for the first time, it will examine money market funds for compliance with newly effective amendments, focusing on boards’ oversight of the funds’ compliance with the amendments and policies and procedures relating to stress testing and periodic reporting to the SEC.
The full 2017 examination priorities can be found on the SEC and FINRA websites.
For a broader perspective on key regulatory trends in the securities industry, refer to the recently released Deloitte report entitled “Navigating the year ahead: Securities regulatory outlook for 2017.”