On January 4, FINRA released its Annual Regulatory and Examination Priorities Letter, which outlines the areas it plans to review over the coming year.  FINRA President and CEO, Robert Cook, says that attention to these core regulatory requirements will “serve investors and markets well.”

The first focus area for FINRA will be high-risk and recidivist brokers.  The agency will look at brokerages’ hiring and monitoring practices, including whether firms have established appropriate supervisory and compliance controls for brokers.  FINRA will continue its investigation of brokers who pose a high risk to investors, by reviewing their compliance with suitability, know-you-customer, outside business activities, private securities transactions, commissions and fees rules.  FINRA will also scrutinize firms’ association with recidivist and disqualified brokers.

The second focus area for FINRA is investment sales practices. FINRA will continue to focus on protecting senior investors, with a particular emphasis on whether the recommended investments are suitable given the investor’s profile and risk tolerance.  One example FINRA notes is microcap (or “penny”)  stock schemes.  For all investors, FINRA will continue to watch product suitability and concentration.  FINRA will examine how firms implement training and conduct customer reviews to monitor these investment risks.  Excessive short-term trading of long-term products is another area of concern, as is brokers’ outside business activities and private securities transactions.  Finally, FINRA expressly noted that given the importance that all types of social media and electronic communications, they will continue to require firms’ compliance with supervisory and records-retention obligations.

FINRA’s third focus area is on financial risks associated with brokerage firms.  Liquidity risk was at the top of the list, and FINRA will assess firms’ funding and liquidity plans.  FINRA will also review firms’ risk management governance.  The new margin requirements for covered agency transactions will be another area for review.

Fourth on FINRA’s list is operational risk.  Cybersecurity threats remain one of the most significant risks for firms.  FINRA will review how firms are handling and protecting customer data and employee information, including personally identifiable or sensitive information.  FINRA will monitor controls, such as passwords, encryption, use of portable storage devices, and virus protections and patches.  They will also assess firms’ supervisory controls testing.  FINRA will determine if firms have implemented the required controls and supervision to protect and segregate customer assets, and to monitor suspicious activity and money laundering.

Finally, FINRA will continue to promote market integrity.  It will detect and deter behavior designed to engage in market manipulation.  It will remind firms of their best execution obligations for receiving, handling, routing, or executing customer orders.  FINRA will continue to insist firms address audit trail issues appropriately, comply with the market access rule, and review alternative trading disclosures.