K&L Gates LLP

On January 4 and January 12, 2017, respectively, the Financial Industry Regulatory Authority (“FINRA”) and the Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) each published its 2017 regulatory and examination priorities. [1]  Both OCIE and FINRA described their priorities as “risk-based” and each highlighted a focus in the coming year on retail sales practices (including robo-advisers), senior investors and retirement products, recidivist representatives, cybersecurity, anti-money laundering (“AML”), and best execution, among other issues.  Financial institutions, broker-dealers, investment advisers, and others should take heed of the risks identified by the regulatory and examination priorities memoranda and work to ensure that their compliance programs adequately address them.  To assist in those efforts, we offer a summary of some of the most significant OCIE and FINRA 2017 examination priorities.

OCIE 2017 Examination Priorities
In 2017, OCIE plans to focus on some of the same broad priority areas that it did in 2016, including retail investing and the assessment of market-wide risks.  Significantly, OCIE highlighted risks specific to elderly and retiring investors with a separate priority area this year, signaling its interest in matters of importance to senior investors.  Also, OCIE did not specifically highlight “data analytics” in a separate priority area as it had in 2015 and 2016; instead, OCIE notes that its overall objective is to be “data-driven and risk-based,” and thus, data analytics are incorporated into the vast majority of its examination initiatives.

Protecting Retail Investors
OCIE announced that it intends to again focus on matters of importance to retail investors, continuing several of its 2016 initiatives, but also undertaking examinations to review so-called “robo-advising” and wrap fee programs of investment advisers and broker-dealers. 

Among the new priorities identified by OCIE is a focus on investment advice through automated or digital platforms, including from broker-dealers and investment advisers that primarily interact with their clients online and provide automated financial services.  OCIE stated that examinations in this area likely will focus on compliance programs, marketing, the formulation of investment recommendations (including compliance practices overseeing investment recommendation algorithms), data protections, and the disclosure of potential conflicts of interest.  Also highlighted by OCIE is a priority to examine registered investment advisers and broker-dealers that offer wrap fee programs (i.e., investment programs that charge a single asset-based fee for bundled advisory and brokerage services).  OCIE said that it would likely be reviewing whether investment advisers are meeting their fiduciary duties to clients and contractual obligations with respect to these programs, as well as examining suitability, disclosures, conflicts of interest, and brokerage practices like best execution and trading away.

OCIE said it would continue to review exchange-traded funds (“ETFs”) and their compliance with applicable exemptive relief granted under the Securities Exchange Act of 1934 and the Investment Company Act of 1940.  OCIE also highlighted its intention to scrutinize compliance with regulatory requirements related to ETF unit creation and redemption processes, in addition to ETF sales practices and disclosures.

With respect to retail investors, OCIE also signaled its plan to continue pursuing several of its recently announced 2016 mid-year initiatives, including the use of data analytics to identify recidivist representatives and to examine their employers, the examination of multibranch investment advisers, and the review of the selection of share class in investment recommendations.  OCIE again announced that it would be continuing the never-before-examined investment adviser initiative that was announced in 2014. 

Focusing on Senior Investors and Retirement Investments
As noted above, risks specific to elderly and retiring investors will be one of OCIE’s examination areas for 2017.  OCIE said that it was devoting “increased attention” to this area given the aging U.S. population and investors’ growing dependence on their own investments for retirement income. 

OCIE intends to continue its multiyear Retirement-Targeted Industry Reviews and Examinations Initiative, which is concentrated on services offered to investors with retirement accounts by investment advisers and broker-dealers.  OCIE indicated that it would likely focus on variable insurance product recommendations and the management of target-date funds, as well as examine firms’ controls with respect to fixed-income cross-transactions.

OCIE also said that it would be concentrating on investment advisers to public pension advisers and evaluating firms’ compliance and supervisory programs with respect to senior investors and the identification of financial exploitation of seniors.   

Assessing Market-wide Risks
As it has for the past several years, OCIE stated that it will assess various market-wide structural risks and trends in 2017, many of which are continuations of initiatives from prior years.  Among other areas, OCIE signaled that it would continue its examinations of clearing agencies and Regulation Systems Compliance and Integrity entities and also continue to focus on cybersecurity and AML.  OCIE also highlighted several “new” areas of focus for 2017, including its intention to examine money market funds for compliance with recent amendments to rules requiring money market funds to make structural and operational reforms to address redemption risks.  OCIE also said it would examine select broker-dealers (such as market-makers and those serving primarily retail customers) to evaluate best execution of customer orders.  OCIE added it would review systemically important clearing agencies, enhance its oversight of FINRA, and conduct risk-based inspections of the operational and regulatory programs of the national securities exchanges.

Other Highlighted Initiatives
OCIE also announced that it plans to examine certain specific market participants, including municipal advisors, transfer agents, and private fund advisers, all of which were also highlighted in 2016.  With respect to private fund advisers, OCIE said that it will allocate examination resources to the evaluation of conflicts of interest and the disclosure of conflicts and other actions that “appear to benefit the adviser at the expense of investors.” 

FINRA 2017 Examination and Regulatory Priorities
The 2017 examination and regulatory priorities announced by FINRA emphasize protecting retail investors and maintaining market integrity.  FINRA identified five broad areas of focus for 2017: (a) high-risk and recidivist brokers; (b) sales practices; (c) financial risks; (d) operational risks; and (e) market integrity.  According to Robert Cook, FINRA’s president and CEO, as of August 2016, these areas highlight the “core ‘blocking and tackling’ issues of compliance, supervision and risk management.” [2]  FINRA’s 2017 priorities continue its 2016 focus on a “culture of compliance,” addressing fundamental topics that touch upon the core of FINRA’s mission and its desire to promote investor confidence.   

FINRA also expects to implement an electronic, off-site examination program that will rely on targeted information requests and reviews that will be performed outside of FINRA’s normal on-site examination and inspection program.

High-Risk and Recidivist Brokers; Office Inspections
Like OCIE, FINRA is focused on identifying and examining brokers who pose a high risk to investors and their firms.  FINRA identified three specific priorities in the context of firms hiring brokers with adverse disciplinary histories and operating multiple office locations: (a) via a recently established examination unit, FINRA has dedicated examination resources to identify and examine high-risk brokers and review their interactions with customers, especially in matters of compliance, with sales-practice and oversight rules tailored to suitability, know-your-customer, outside business activities, private securities transactions, and fair and reasonable commissions and fees; (b) FINRA expects to review firms’ supervisory procedures for hiring or retaining statutorily disqualified and recidivist brokers; and (c) FINRA intends to evaluate inspection programs and supervisory systems for branch and nonbranch office locations, including independent contractor branches, with a focus on the supervision of customer accounts and communications between customers and brokers no matter the medium (social media, seminars, radio shows, or podcasts).

Sales Practices
To protect vulnerable investors, FINRA, like OCIE, reiterated that among its top priorities will be a focus on sales practices targeting the elderly.  To protect senior investors from fraud, abuse, and improper advice, FINRA will assess firms’ controls on (a) speculative or complex products with high yields; and (b) microcap (or “penny”) stock fraud schemes, including manipulative trading activities.

FINRA identified four other areas concerning sales practices that it intends to monitor in 2017: (a) product suitability and concentration, especially in situations where brokers either do not understand important product features or make recommendations that result in an investor’s excessive concentration in a particular type of product or industry sector; (b) excessive and short-term trading in long-term products, such as open- and closed-end mutual funds, variable annuities, and unit investment trusts; (c) outside business activities and private securities transactions, with an emphasis on potential conflicts these activities may have on clients and the firm’s business; and (d) firms’ compliance with their supervisory and record-retention obligations regarding social media and other digital communications for all mediums and devices.

Financial Risks
FINRA will continue to focus on how firms measure financial risk in stressful situations across their organizations and conduct strategic reviews to assess the readiness and effectiveness of firms’ plans. 

FINRA expects to review firms’ funding and liquidity plans to assess whether firms adequately evaluate liquidity needs relative to market-wide and unique stresses, develop contingency plans to respond to those stresses, and conduct internal stress tests or other reviews to gauge contingency plan effectiveness.  In this regard, FINRA urged member firms to consider the “effective practices” discussed in Regulatory Notice 15-33, which issued “best-practices” guidance to senior management and risk managers of full-service firms that hold securities inventories and/or clear and carry customer funds and securities. 

To assess risk management practices, FINRA stated that it will ask a number of full-service firms to explain how they would react to a specific stress scenario that affects a firm’s market, credit, and liquidity risks.  Importantly, FINRA seeks to ascertain whether a firm’s risk testing is reasonable given the specific risks to the firm’s business, as opposed to finding a right or wrong way to implement an effective financial risk assessment. 

On December 15, 2016, the first phase of amendments to FINRA’s complex margin rules, FINRA Rule 4210, became effective, which established margin requirements for covered agency transactions.  FINRA expects to review firms’ implementation of their new obligations and assess their supervisory systems in complying with these recently effected requirements.

Operational Risks
Several areas of focus are highlighted with respect to operational risks:

Cybersecurity.  FINRA continues to review and assess how firms mitigate cybersecurity threats, particularly when it comes to (a) managing vendor relationships and their access to customer or employee information; (b) cybersecurity controls at branch offices; and (c) firms’ compliance with the SEC’s electronic recordkeeping requirements, including (based on enforcement actions) obligations to preserve electronic records in a nonrewriteable, nonerasable format (also known as write once read many (“WORM”) format).   

Supervisory Controls Testing.  Based on FINRA’s observations, FINRA believes regular testing of a firm’s internal supervisory controls is critical to identify and mitigate gaps or inadequate controls to avoid significant, systemic control breakdowns.  FINRA observes that these problems can occur when firms increase the scale or scope of their business or migrate from one compliance system to another.   

Customer Protection/Segregation of Customer Assets.  FINRA expects to evaluate whether firms have implemented adequate controls and supervision to protect customer assets for purposes of complying with the SEC’s customer protection regime.  Particular attention will focus on firms maintaining sufficient documentary evidence to demonstrate compliance with their customer-protection obligations.  FINRA addressed a specific concern with firms avoiding reserve or segregation requirements by engaging in transactions whose only rational purpose would be to avoid these requirements. 

Regulation SHO – Close Out and Easy to Borrow.  Based on recent SEC enforcement actions, FINRA will concentrate on the locate process to ensure firms have reasonable grounds to believe securities are available to borrow prior to accepting a short-sale order.  Specific emphasis will be on firms’ preparation and use of the easy-to-borrow list and the adequacy of automated locate models.   

AML and Suspicious Activity Monitoring.  To address observed shortcomings in AML programs, FINRA will focus on deficiencies in firms’ automated trading and money movement surveillance systems caused by data integrity problems, unrealistic parameters, and inadequate surveillance patterns that do not capture red-flag issues, such as suspicious microcap activity.  FINRA will continue to focus on foreign currency transactions and firms’ controls around accounts held by nominee companies.   

Municipal Advisor Registration.  In 2013, the SEC adopted a comprehensive set of rules governing the activities of so-called “municipal advisors” pursuant to directives of the Dodd-Frank Wall Street Reform and Consumer Protection Act.  FINRA expects to examine firms and their compliance with the municipal advisor regulatory regime.  Specifically, FINRA intends to review the substantive requirements of registration, examination compliance via the Series 50 Municipal Advisor Representative Qualification Examination, membership with the Municipal Securities Rulemaking Board, and the permissibility of relying on exclusions and exemptions from the municipal advisor regulatory regime.      

Market Integrity
Seven areas of focus reflect FINRA’s continued commitment to maintaining fair and orderly markets.

Manipulation.  FINRA developed a cross-product surveillance pattern to detect layering in an underlying equity to influence options prices.  In 2017, it will expand surveillance for cross-product manipulation to trading in exchange-traded products and related securities.  In addition, FINRA will closely monitor whether market participants are trading in a potentially manipulative manner at or near the open or close through the use of aggressive and dominant trading on one side of the market to benefit a position on the other side.

Best Execution.  FINRA cautions firms to consider how the ever-increasing automation of the markets in equities and standardized options, as well as trading technology and communication advances in the fixed-income markets, affect their order-handling decisions as it relates to the execution quality they provide customers.    

Audit Trail Reporting Early Remediation Initiative and Expansion.  This initiative allows firms to avoid formal investigations when firms respond to FINRA’s alerts by remediating systems issues in a timely fashion.  Among other areas, FINRA will expand its initiative in 2017 to include Regulation NMS trade-throughs and locked and crossed markets.

Tick Size Pilot.  As part of its continuing obligation to collect trading data, FINRA will consolidate broker-dealer and exchange data, as well as collect trade data on behalf of tick size market-makers.

Market Access Rule.  Based on a continuing need to improve their market access compliance, FINRA reminds firms to consider a number of outlined best practices and to consider the practices FINRA describes in Regulatory Notice 15-09 in the context of algorithmic trading.  

Trading Examinations.  FINRA’s priorities include reviewing the adequacy of alternative trading systems’ disclosures to customers about how they operate and evaluating whether best execution obligations are being met by floor brokers and upstairs firms when handling manual options orders.  As part of a pilot program focused on smaller firms, FINRA will seek to determine the value of conducting targeted examinations on such firms that have not been subject to trading examinations due to their relatively low trading volume.

Fixed-Income Securities Surveillance Program.  FINRA will continue its manipulation-based surveillance patterns.  Specifically, it will (a) review firms’ supervisory systems to ensure they are reasonably designed to monitor for such conduct; (b) review and investigate potential misrepresentations and misleading conduct by position and sales traders in securitized products; and (c) seek to develop a data integrity program to monitor for the accuracy of submitted data with new TRACE reporting requirements for transactions in U.S. Treasury securities (effective in July 2017), and develop customer protection patterns focusing on compliance with rules applicable to U.S. Treasury securities and abusive algorithms.  

OCIE’s and FINRA’s 2017 examination and regulatory priorities underscore key risk areas for the securities industry and provide notice of the anticipated focus of examinations in 2017, as well as potential regulatory investigations and enforcement actions by both the SEC and FINRA.  Firms should consider assessing their compliance and supervisory programs in connection with these identified risks and priorities, continue to tailor these programs to their business model and practices, review any changes or expansions of business lines in light of required regulatory obligations, and evaluate their sales practices to ensure they are in compliance with all applicable rules and securities laws.

[1] FINRA Regulatory and Examination Priorities Letter (January 4, 2017); OCIE Examination Priorities for 2017 (January 12, 2017).

[2] Cover Letter from FINRA President and CEO, Robert Cook (January 4, 2017).