The 2023 Report on FINRA’s Examination and Risk Monitoring Program provides firms with insight into findings from recent oversight activities of FINRA’s Member Supervision, Market Regulation and Enforcement programs. The report outlines regulatory obligations, findings from recent oversight activities, effective practices and additional resources.
According to Greg Ruppert, Executive Vice President, Member Supervision at FINRA, “the report addresses topics that remain perennially important, with updates to reflect evolving risks, industry trends and findings from FINRA’s recent oversight activities. This year, we have also increased the breadth of the report’s coverage by adding several new topics focused on insights originating in our market surveillance activities.”
Outside Business Activities and Private Firm Transactions
“FINRA Rule 3270 (Outside Business Activities of Registered Persons) and FINRA Rule 3280 (Private Securities Transactions of an Associated Person) require registered persons to notify their member firms in writing of proposed outside business activities (OBAs), and all associated persons to notify their firms in writing of proposed private securities transactions (PSTs), so firms can determine whether to prohibit, limit or allow those activities.”
The report points out that firms should be considering whether OBA and PST activities are changing over time and lists questionnaires, due diligence, monitoring, affiliate activities, written supervisory procedures, training, disciplinary action and digital asset checklists as effective practices to manage OBA and PST compliance.
Watch the on-demand webinar Understanding OBAs: Compliance Insight on Outside Business Activities.
Books and Records
On the FINRA Unscripted podcast 2023’s Must-Read Report on FINRA’s Examination and Risk Monitoring Program, Ornella Bergeron, FINRA’s Senior Vice President of Risk Monitoring stated that the books and records section should be thoroughly checked out by all firms. According to Bergeron, “it’s important not only because it is an area that we spend a lot of time reviewing, but the SEC also adopted amendments to the books and records Rule 17a, the electronic record keeping requirements section of the books and records rule, which is great because it modernizes the electronic record keeping requirements for firms, and it makes the rules adaptable to the new technology electronic recordkeeping.”
The 2023 report contains a new section on Financial Crimes. The section covers three categories of risks:
Cybersecurity and Technology Governance
In the Cybersecurity and Technology Governance section firms are reminded of the requirement to have policies and procedures in place that address the protection of data. According to the report, cybersecurity remains one of the principal operational risks facing broker-dealers FINRA expects firms to maintain cybersecurity programs and controls that are consistent with their risk profile, business model and scale of operations. As Bill St. Louis, Executive Vice President of FINRA’s National Cause and Financial Crimes Detection Programs notes on the podcast, as with many aspects of the financial services industry, “the controls really need to be tailored to the specific firm. And it's not one size fits all, clearly.”
FINRA has also established a new Cyber and Analytics Unit to address the cyber threat landscape and evolving issues related to crypto asset-related fraud.
Does your firm have solid policies and procedures in place to manage crypto and digital asset risk? Join us for the webinar Beyond the Headlines: Crypto and Digital Asset Compliance for guidance designed to help compliance executives sort through the uncertainty and figure out the best way forward for their firm.
Anti-Money Laundering, Fraud and Sanctions
The Anti-Money Laundering, Fraud and Sanctions section highlights that FINRA Rule 3310(a) requires that firms establish and implement AML policies and procedures to detect and report suspicious transactions. Firms must also conduct training for appropriate personnel and implement appropriate risk-based procedures for conducting ongoing due diligence.
Also new to the report for 2023, the report’s section on Manipulative Trading outlines that under FINRA Rule 3110, firms are required to supervise the trading activities of associated persons. Firms must also have procedures in place to review securities transactions to identify trades that may violate regulatory rules prohibiting insider trading and manipulative and deceptive devices.
Let MCO help you meet the heightened expectations of FINRA and regulators across the globe in 2023. Our integrated solution lets compliance professionals efficiently and cost-effectively demonstrate they are proactively managing the regulated activities of the company, employees and third-party relationships and easily provide proof of regulatory compliance.
See firsthand how the integrated MyComplianceOffice platform helps firms manage Outside Business Activities, Digital Asset Compliance, Trade Surveillance, Suitability and more. Contact us today for a demo.