2016 FINRA Actions - Enforcement

2016 FINRA Actions - Enforcement


 You can download a full copy of the slides from this webinar. 



Full video transcript available below:


Welcome and thank you for joining today's webinar hosted by me Joe Boyhan of MCO and Brian Rubin and Adam Pollet of Eversheds Sutherland. With that I'll hand you over to my co-hosts.


Now we'll discuss some other enforcement trends we found in 2016 that likely will continue in 2017. Compliance officers, probably something that many of you folks don't want to hear, but compliance officers appear to be in FINRA's cross-hairs.


There were 27 cases reported in 2016 that involved some type of sanction against the firm's compliance officer. Now it should be noted that some of these COs were multiple hacks, so in addition to being compliance officers they acted in other capacities. But in 11 cases the CEO was acting in a compliance role. In the largest AML case that I discussed earlier, the firm's former AML compliance officer was fined $25,000 and suspended for three months for failure to ensure that the suspicious activity reviews were conducted.


There are two general areas that typically we found will draw the attention of FINRA by a compliance officer. The first is wrong-doing, so bad conduct, ignoring or lying to FINRA. The second not fulfilling compliance responsibilities, so failing to implement adequate supervisory systems or failing to follow the systems that were implemented. This is an area that we'll be watching closely this year.


Suitability did not crack the top enforcement issues list this year or in 2016 for only the third time in eight years. It's typically an issue FINRA devotes significant resources to. Although it didn't make the list, you can see it was still an important issue in 2016 by the amount of fines. This issue is one that firms shouldn't overlook.


The types of cases we saw last year related to the sale of non-traditional ETFs to retail investors, mutual fund share classes and municipal bonds and closed-end funds. We saw the indicator of how FINRA continues to view suitability. The 2017 priorities letter emphasized fundamental suitability issues addressing one, whether customers and registered reps understand product features, two, how firms conduct reasonable basis and customer specific suitability reviews, and three how firms that products and supervise recommendations including and in particular focusing on excessive concentration in customer accounts.


Cyber security and before we get into that, there's a tough question. In a firm that focuses on real estate investments specifically and only archives emails of licensed broker employees, does FINRA frown on them not archiving all employee emails? The issue deals with the business as such. That's how the rule is phrased so if the other employees do not deal with the securities business as such and if it's clear that that's the case and they may have different email addresses from the licensed broker employees, then you might be okay.


If it's the same email domain name, it may be difficult for the firm to separate out which ones should be saved or archived and which ones should not be. If a licensed brokers wear multiple hats, that another potential issue that firms deal with.


Cyber security, while the rest of the country and France as it turns out focused on cyber security breaches during the presidential elections, FINRA was also looking at these issues. As we noted before, the WORM cases dealt with cyber security even though there were no breaches alleged there and FINRA has brought sort of a more basic hacking type case last year as well and fined a firm $650,000. In that case, the firm allegedly failed ... It's systems failed because it allowed hackers with foreign internet protocol addresses to access the firm's server, exposing confidential records and information of approximately 5,400 of the firm's customers.


Given all the issues that we've seen with cyber security, with breaches, it's likely that we will see more of these types of cases in 2017 and beyond and I also think that FINRA and possibly the SEC will bring cases where there aren't necessarily breaches, but more sort of nuts and bolts cases where firms don't have adequate WSPs or they didn't do risk assessments, or they didn't have firewalls and that sort of thing.


I think FINRA will start focusing on that and to the extent you haven't looked at your cyber security system's policies and procedures for that it may make sense to do so.


Senior investors, FINRA's past three priorities letters discussed a tightened focus on senior investors and retirement accounts and we found that in 2016 there were 19 cases focused on this issue. I won't go into the details of the one significant case that we highlight there, but if you haven't looked at the 2017 priorities letter you should do that. FINRA discusses it's heightened scrutiny around three main areas.


First it talks about supervisory controls saying that FINRA will be examining firms to see if they have supervisory controls to protect senior investors from fraud, abuse, and improper advice. Second suitability, FINRA will be reviewing policies and procedures addressing product suitability and over-concentration examining firms' product vetting processes, supervisory systems and controls to review recommendations. Then third, with regard to complex products FINRA will be focused on firms' sales of complex novel, illiquid and highly speculative products for seniors.


You should also note that the SEC recently approved FINRA's rule addressing financial exploitation of seniors and there are two key issues here. First firms will be required to make reasonable efforts to obtain names and contact information for trusted contact persons for a customer's accounts and second firms will be permitted to place a temporary hold on a disbursement of funds or securities when there's reasonable belief of financial exploitation and a lot of firms are focusing on that issue and wanted some relief for that issue because they do want to protect the seniors.


We've also put out a number of alerts on recent senior issues so if you're interested in that you can go to our website or contact us because as we mentioned the SEC and FINRA have been focusing on this issue a fair amount recently.


Eversheds - Sutherland

Find out how MCO can help

Request a demo today to learn how MyComplianceOffice puts you in command of your compliance program, synchronizing your business needs with regulation. 

Request a Demo



Download our four page Portfolio of Solutions to learn about;

  • Personal Trade Monitoring
  • Gifts & Entertainment
  • Political Contributions
  • Third Party vendor risk management
  • Trade surveillance
  • And more

Brochure Download