What: The Division of Examinations issued a Risk Alert with preliminary observations about Marketing Rule items contained in Form ADV as well as related discussions concerning the Compliance Rule (206(4)-7), the Books and Records Rule (204-2), and the Marketing Rule’s General Prohibitions.

Who: SEC-Registered Investment Advisers (The Marketing Rule applies to investment advisers registered or required to be registered with the SEC under Section 203 of the Advisers Act.)

When: Risk Alert issued April 17, 2024.

Why: Marketing practice assessments were designated as a particular focus area in the Division of Examination’s FY 2024 examination priorities.

How: The Risk Alert provides examples of gaps in marketing policies and procedures and in the preservation and maintenance requirements under the Marketing Rule. In addition, with respect to the Marketing Rule’s General Prohibitions, the Risk Alert provides observations of deficiencies related to the following: (1) untrue statements of material fact and unsubstantiated statements of material fact; (2) omission of material facts or misleading inference, (3) fair and balanced treatment of material risks or limitations, (4) references to specific investment advice that were not presented in a fair and balanced manner, and (5) inclusion or exclusion of performance results or time period in matters that were not fair and balanced.

Why it matters: As a 2024 priority, investment advisers should expect Marketing Rule compliance to continue to be under the microscope in examinations this year. It is imperative that firms have appropriately tailored compliance procedures designed to prevent violations of the Marketing Rule and, just as importantly, that the procedures are fully implemented – including the maintenance of required books and records. Investment advisers are encouraged to review the focus areas laid out in the examination priorities letter and the initial examination observations included in the new Risk Alert relative to their specific programs and marketing practices.

CRC keeps its thumb on the pulse of the evolving regulatory landscape. Keep an eye out for additional information, including updated guidance, risk alerts, and CRC’s thoughts on how to ensure successful compliance with evolving regulatory expectations within your firm’s existing regulatory compliance program.

Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: SEC Marketing Rule Risk Alert appeared first on Compliance Risk Concepts.

Last week the SEC announced that it had settled charges against five more registered investment advisers for Marketing Rule violations, resulting in $200,000 in combined penalties (with one firm making up half the total on its own). This latest round of cases resulted from an ongoing targeted sweep concerning the Marketing Rule, and it follows another group of cases from September 2023 against nine other advisory firms.

In the present actions, the SEC’s orders found that the five firms advertised hypothetical performance to the general public on their websites without adopting and implementing policies and procedures reasonably designed to ensure that the hypothetical performance was relevant to the likely financial situation and investment objectives of each advertisement’s intended audience, as required by the Marketing Rule. Four of the five firms received reduced penalties because of the corrective steps they undertook in advance of being contacted by the SEC staff.

According to the SEC’s order, the fifth firm also violated other regulatory requirements, including by making false and misleading statements in advertisements, advertising misleading model performance, being unable to substantiate performance shown in its advertisements, and failing to enter into written agreements with people it compensated for endorsements. In addition, the SEC also found that the firm committed recordkeeping and compliance violations and made misleading statements about its performance to a registered investment company client and that the misleading statements were included in the client’s prospectus filed with the SEC.

Compliance Risk Concepts believes that the best approach to regulatory compliance is a proactive one. Staying ahead of the curve by taking note of actions by regulators and using them as a barometer to assess the current regulatory climate can help ensure that a firm is prepared for a regulatory exam.

For more information, please contact:

Mitch Avnet | p. (646) 346-2468 | mavnet@compliance-risk.com

The post SEC Charges Five More Investment Advisers for Marketing Rule Violations appeared first on Compliance Risk Concepts.

What: The SEC announced that it settled charges against two investment advisers for making false and misleading statements about their purported use of artificial intelligence (AI). The firms agreed to settle the SEC’s charges and pay $400,000 in total civil penalties.

Who: Delphia (USA) Inc. and Global Predictions Inc.

When: March 18, 2024

Why: The SEC’s concerns stem from firms selling AI solutions that they cannot deliver on or where the use or benefits of AI are overstated as part of an investment advisory service. Gary Gensler notes “[w]e’ve seen time and again that when new technologies come along, they can create buzz from investors as well as false claims by those purporting to use those new technologies. Investment advisers should not mislead the public by saying they are using an AI model when they are not. Such AI washing hurts investors.”

How: In the case of Delphia, the SEC found that the firm made false and misleading statements in its SEC filings, in a press release, and on its website regarding its purported use of AI and machine learning that incorporated client data in its investment process. The SEC determined that the statements were false and misleading because Delphia did not in fact have the AI and machine learning capabilities that it claimed. Similarly, the SEC found that Global Predictions made false and misleading claims in 2023 on its website and on social media about its purported use of AI. The charges against both firms included violations of the SEC’s Marketing Rule.

Why it matters: At CRC, we have seen an influx of AI-driven investment advisory business. This uptick has been seen across both internet-based advisers and traditionally registered advisers incorporating AI and technology into their recommendation generation and delivery. While these settlements were IA-specific, the regulatory signaling is widely applicable. There is a continued focus on ethical marketing, and heightened scrutiny on the use of AI is going to leach into other areas of regulatory focus.

CRC keeps its thumb on the pulse of the evolving regulatory landscape. Keep an eye out for additional information, including updated guidance, risk alerts, and CRC’s thoughts on how to ensure successful compliance with evolving regulatory expectations within your firm’s existing regulatory compliance program.

Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: SEC Charges Investment Advisers with Advisers Act Violations for AI Statements appeared first on Compliance Risk Concepts.

As detailed more fully in Regulatory Notice 23-19, FINRA has adopted a short-form membership application process for certain firms that must become FINRA members due to the recent amendments to Rule 15b9-1 of the Securities Exchange Act of 1934. The amendments to Rule 15b9-1 eliminated the de minimis allowance and proprietary trading exclusion. Rescinding these provisions generally eliminated (subject to the exemptions in the amended rule) the ability for proprietary trading dealer firms to rely on Rule 15b9-1 to effect off-member-exchange securities transactions without joining FINRA.

This short-form membership application process is available only to SEC-registered, non-FINRA member firms that must become FINRA members due to the amendments to SEA Rule 15b9-1 and, as of August 23, 2023, had been a member of a national securities exchange with which FINRA has had a regulatory service agreement for the 12-month period prior to August 23, 2023.

Unlike the typical FINRA new membership application (NMA) process that involves a more extensive application and a longer time horizon for a decision (180 days after a substantially complete application), the short-form membership application process is a truncated application and process that is intended to result in a faster membership decision (generally around 60 days). Additionally, firms that apply for membership pursuant to the new process will be assessed one-half of the applicable membership application fee (unless FINRA ultimately determines that the firm must go through the full NMA process).

The SEC’s compliance date for the amended rule is September 6, 2024, but the deadline to participate in FINRA’s short-form membership process is 120 days earlier than the compliance date. The last day to submit a short-form application to FINRA is May 9, 2024.

Even so, FINRA is encouraging firms not to wait until May 9^th to submit their short-form application to allow time to work through additional information requests and to provide sufficient time should FINRA determine that the firm must instead proceed through the full NMA process. The additional buffer can also offer firms time to address potential new obligations in areas such as trade reporting and registrations. Firms that miss the May 9^th deadline will have to go through the full NMA process.

CRC has extensive experience with navigating the FINRA new member process and is also familiar with the new short-form process. Regardless of which path to FINRA membership is best for your firm, CRC has the knowledge and expertise to help you execute. Although time remains, the window for the short-form application is quickly closing. Reach out today to discuss how we can help you. Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: Deadline Approaching for Certain Proprietary Trading Broker-Dealers to Join FINRA via the Short-Form Membership Application Process appeared first on Compliance Risk Concepts.

What: The proposed rule would require some investment advisers to apply certain anti-money-laundering and countering the financing of terrorism (AML/CFT) requirements pursuant to the Bank Secrecy Act (BSA).

Who: SEC-registered investment advisers and investment advisers that report to the SEC as exempt reporting advisers (ERAs) would be included in the definition of “financial institution” under the BSA.

When: Proposed rule announced on February 13, 2024 (Federal Register publish date expected February 15, 2024). The comment period for the proposed rule is open until April 15, 2024.

Why: A risk assessment conducted by the Department of the Treasury identified that criminal actors have used investment advisers as a point of entry to invest in U.S. securities, real estate, and other assets and found that the lack of comprehensive AML/CFT requirements across the investment adviser sector contributed to its vulnerability to illicit finance activity.

How: The proposed rule would require SEC-registered investment advisers and ERAs to:

• implement an AML/CFT program;
• file certain reports, such as Suspicious Activity Reports (SARs), with FinCEN;
• keep records such as those relating to the transmittal of funds (i.e., comply with the Recordkeeping and Travel Rule); and
• fulfill other obligations applicable to financial institutions subject to the BSA and FinCEN’s implementing regulations.

The proposed rule would also apply information-sharing provisions between and among FinCEN, law enforcement government agencies, and certain financial institutions, along with Section 311 special measures.

The proposed rule does not include a customer identification program (CIP) requirement or a requirement to collect beneficial ownership information (BOI) for legal entities. However, FinCEN plans to address these separately in future rulemaking. The proposed rule would also not require the covered investment advisers to apply AML/CFT and SAR reporting requirements to mutual funds they advise.

Why it matters: Although some investment advisers have adopted voluntary AML/CFT measures, this proposal represents a significant set of potential new mandatory obligations for covered investment advisers. With plans for subsequent rulemaking regarding CIP and BOI requirements, this proposal appears to be simply an opening salvo in what is an extended regulatory push for more consistency between broker-dealers and investment advisers as access points to the US financial system.

CRC keeps its thumb on the pulse of the evolving regulatory landscape. Keep an eye out for additional information, including updated guidance, risk alerts, and CRC’s thoughts on how to ensure successful compliance with evolving regulatory expectations within your firm’s existing regulatory compliance program.

Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: FinCEN Notice of Proposed Rulemaking for Registered Investment Advisers and Exempt Reporting Advisers appeared first on Compliance Risk Concepts.

Today FINRA issued its latest iterative report on its examination and risk monitoring program. This article focuses on the new topics and material introduced this year, specifically selected examination findings. It also covers topics that FINRA noted in the report as “Emerging Risks,” which represent potentially concerning practices that may pose new or additional risk. Lastly, several targeted exam or sweep updates are referenced from the report.

New Topics for 2024 – Selected Examination, Surveillance, Investigation, or Enforcement Findings

1. Crypto Asset Developments
   1. Failing to appropriately and accurately address relevant risks and include appropriate disclosures in communications with the public.
   1. Disseminating promotional materials that contain material misstatements or omissions in connection with securities offerings.
   1. Failing to conduct appropriate due diligence on crypto asset private placements recommended to customers.
   1. Failing to establish and implement AML programs reasonably designed to detect and cause the reporting of:
      1. suspicious crypto asset transactions occurring by, at or through the broker-dealer; and
      1. suspicious trading involving issuers with a purported involvement in crypto asset-related activities.
   1. Related new crypto asset communications findings:
      1. Failing to clearly differentiate in communications, including those on mobile apps, between crypto assets offered through an affiliate of the member or another third party, and products and services offered directly by the member itself.
      1. Making false statements or implications that crypto assets functioned like cash or cash-equivalent instruments, or making other false or misleading statements or claims regarding crypto assets.
      1. Comparing crypto assets to other assets (e.g., stock investments or cash) without providing a sound basis to compare the varying features and risks of these investments.
      1. Providing misleading explanations of how crypto assets work and their core features and risks.
      1. Failing to provide a sound basis to evaluate crypto assets by omitting explanations of how crypto assets are issued, held, transferred or sold.
      1. Misrepresenting the extent to which the federal securities laws or FINRA rules apply to crypto assets.
      1. Making misleading statements about the extent to which certain crypto assets are protected by SIPC under the SIPA.

• OTC Quotations in Fixed Income Securities
  • Not maintaining controls and procedures reasonably designed to monitor quoting activity in fixed income securities; and not reviewing the firm’s activity to determine applicability of the Exchange Act Rule 15c2-1.
  • Stating that the firm only quotes in exempt securities without conducting an analysis.
  • Not implementing procedures and controls—including a process for complying with the Exchange Act Rule 15c2-1—to ensure that the firm does not quote a covered security prior to confirming the availability of public financial information (unless an exception under Exchange Act Rule 15c2-1 is available).

• Advertised Volume
• Overstating, or inflating, the firm’s trading volume due to technological or procedural failures or errors.
• Failing to establish and maintain supervisory systems that are reasonably designed to achieve compliance with Rule 5210, including with respect to trading information disseminated by third-party service providers.

• Market Access Rule
  • Not establishing pre-trade order limits, pre-set capital thresholds and duplicative and erroneous order controls for accessing ATSs, including those that transact fixed income transactions.
    • Setting pre-trade order limits at unreasonable thresholds based on a firm’s business model.
    • Not demonstrating, and failing to maintain, documentation demonstrating the reasonability of assigned capital, credit and erroneous order pre-trade financial controls.
    • Not establishing adequate policies and procedures to govern intra-day changes to firms’ credit and capital thresholds, including requiring or obtaining approval prior to adjusting credit or capital thresholds, documenting justifications for any adjustments and ensuring thresholds for temporary adjustments revert back to their pre-adjusted values.
  • Failing to consider a firm’s business model when setting pre-trade order limits or other regulatory requirements (e.g., Limit Up-Limit Down (LULD) thresholds and exchanges’ Limit Order Price Protection thresholds), as well as historical and available liquidity, and the time required for liquidity replenishment, when determining erroneous price and size control thresholds.
  • Excluding certain orders from a firm’s pre-trade erroneous controls based on order types (e.g., excluding limit on close orders from a firm’s price controls).
  • For firms with market access, or those that provide it, unreasonable capital thresholds for trading desks and unreasonable aggregate daily limits or credit limits for institutional customers and counterparties.
  • Relying on third-party vendors’ tools, including those of an ATS or exchange, to apply their financial controls without performing adequate due diligence, not understanding how vendors’ controls operate, or both; and not maintaining direct and exclusive control over controls by allowing the ATS to unilaterally set financial thresholds for firms’ fixed income orders without the involvement of the firm, instead of establishing their own thresholds.
  • Failure to document the firm’s review, conducted at least annually, of the effectiveness of its risk management controls and supervisory procedures (e.g., no inventory of the specific systems, controls, thresholds or functionality that were reviewed), including the reasonableness of the firm’s market access controls applicable to each business/product line in which the firm provides market access.

Emerging Risks That May Receive Increased Scrutiny by FINRA

1. Artificial Intelligence (AI)

FINRA noted that the development of AI tools has been marked by concerns about accuracy, privacy, bias and intellectual property, among others. FINRA encouraged member firms to be mindful of how these new technologies, including generative AI tools, may implicate their regulatory obligations.

• Before deploying AI technologies member firms may consider paying particular attention to the following areas:
  • Anti-Money Laundering
  • Books and Records
  • Business Continuity
  • Communications With the Public
  • Customer Information Protection
  • Cybersecurity
  • Model Risk Management (including testing, data integrity and governance, and explainability)
  • Research
  • SEC Regulation Best Interest
  • Supervision
  • Vendor Management

• New Account Fraud

FINRA has observed an increase in suspicious and fraudulent activity related to new account fraud (NAF), which occurs when a bad actor uses stolen or synthetic identification14 information to fraudulently open an account.

• NAF may be a precursor to other fraud schemes. Examples observed in FINRA examinations and investigations include, but are not limited to:
  • fraudulent requests to the ACATS to steal securities and other assets from an investor;
  • fraudulent ACH transfers and wire transfers, including instances in which accounts opened through NAF were used as conduits to steal money from customers at other financial institutions; and
  • deposit or movement of fraudulently obtained funds from government benefit programs (e.g., fraudulently obtained COVID-relief funds).
• FINRA encourages firms, especially those that offer fully online account opening services and rely on automated account opening or customer verification services, to:
  • evaluate their review of red flags of NAF during the account opening process;
  • evaluate their monitoring of ongoing customer account activity for NAF and other known fraud schemes; and
  • enhance these processes, as needed, to ensure compliance with Regulation S-ID and other applicable rules.

FINRA Targeted Exam (Sweep) Mentions & Updates

1. FINRA Provides Update on Sweep: Special Purpose Acquisition Companies (SPACs)
2. FINRA’s review focuses on a cross-section of firms that participated in SPAC offerings and included, among other things, reasonable investigation, best interest, disclosure of outside activities or potential conflicts, net capital and supervision.
3. The update highlights several initial themes from our reviews of firms’ offering of, and services provided to, SPACs and their affiliates (e.g., sponsors, principal stockholders, board members and related parties), and includes questions for firms to consider as they evaluate whether their supervisory systems are reasonably designed to address risks of their SPAC-related activities, including:
   1. reasonable investigation of the issuers and the securities they recommend, including SPACs;
   1. underwriting compensation and disclosures;
   1. identifying, addressing and disclosing potential or actual conflicts of interest when underwriting or
   1. recommending transactions in SPACs; and
   1. firms’ supervisory systems, procedures, processes and controls for underwriting and recommending transactions in SPACs.

• FINRA Provides Update on Sweep: Social Media Influencers, Customer Acquisition and Related Information Protection

In September 2021, FINRA launched a sweep to review firms’ practices related to their acquisition of customers through social media channels, as well as firms' sharing of customers’ usage information with affiliates and non-affiliated third parties. The first part of the review focuses on firms’ use of social media influencers and referral programs to promote their products and services and recruit new customers. The second part of the review addresses firms’ privacy notices (and options to opt-out) regarding the collection and sharing of their usage information.

• FINRA Provides Update on Sweep: Option Account Opening, Supervision and Related Areas

In August 2021, FINRA launched a sweep to review firms’ practices and controls related to the opening of options accounts and related areas, including account supervision, communications and diligence. FINRA’s review focuses on a cross-section of retail and diversified firms that offer options trading to their customers.

• Sweep Letter: Crypto Asset Communications
• Crypto asset-related retail communications reviewed by FINRA’s Advertising Regulation Department have had a non-compliance rate that is significantly higher than that of other products.
• As a result, in November 2022, FINRA launched a targeted exam to review practices of certain member firms that actively communicate with retail customers concerning crypto assets and crypto asset-related services.
• FINRA is working to complete this review and publish an update on findings and effective practices.

The post Compliance Highlight: FINRA Issues 2024 Regulatory Oversight Report appeared first on Compliance Risk Concepts.

What: The SEC recently adopted new Rule 13f-2 and related Form SHO and an amendment to the national market system plan governing the consolidated audit trail (CAT) to provide greater transparency of short sale-related data.

Who: Institutional investment managers (“Managers”). Managers are any person, other than a natural person, investing in or buying and selling securities for its own account, and any person exercising investment discretion with respect to the account of any other person - typically includes brokers and dealers, investment advisers, banks, insurance companies, pension funds and corporations.

When: Rule and plan amendment adopted on October 13, 2023, and they become effective on January 2, 2024. The compliance date for Rule 13f-2 and Form SHO will be 12 months after the effective date of the adopting release – with public aggregated reporting to follow 3 months later. The compliance date for the amendment to the CAT NMS Plan will be 18 months after the effective date of the adopting release.

Why: The SEC is adopting Rule 13f-2 and Form SHO to help enhance transparency regarding short selling in equity securities—including both exchange-listed and over-the-counter securities, and ETFs. The SEC believes that, through the publication of short sale-related data to investors and other market participants, the information reported by Managers will provide important additional context to market participants regarding short sale activity in these equity securities by Managers.

How: Under Rule 13f-2, institutional investment managers that meet or exceed certain prescribed reporting thresholds will report on Form SHO certain short position and short activity data for equity securities. The SEC will thereafter aggregate and publish certain data collected from Form SHO.

Why it matters: The SEC estimates that approximately 1,000 Managers per month will trigger a reporting threshold for at least one security and therefore be required to file the new Form SHO.  The SEC concluded that it would take about 20 hours per Form SHO filing.

CRC keeps its thumb on the pulse of the evolving regulatory landscape. Keep an eye out for additional information, including updated guidance, risk alerts, and CRC’s thoughts on how to ensure successful compliance with evolving regulatory expectations within your firm’s existing regulatory compliance program.

Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: SEC Adopts New Rule Enhancing Short Sale Disclosure appeared first on Compliance Risk Concepts.

December 13, 2023

What: The SEC’s Division of Examinations has initiated a sweep of investment advisers on how AI-based tools are being deployed by the firms across the industry.

Who: Investment advisers in receipt of examination notifications should expect requests related to AI practices, governance, and oversight.

When: Several investment advisers have reported AI-focused request lists in conjunction with recent examinations. CRC expects this trend to continue into 2024.

Why: In light of the SEC’s recent focus on AI-driven investment management services, as well as the proposed rule related to conflicts associated with such activity, a sweep initiative is a commonly-practiced next step for the regulator, and serves primarily as a data collection exercise. In light of findings, advisers should expect modifications to proposed rulemaking, risk alerts, and guidance in this area.

How: Advisers can prepare for AI-focused examinations and request list items by conducting a brief mock-audit of its AI-related policies, procedures, and practices. Firms should be prepared to produce the documents relating to AI use in the event of an SEC request, including (but not limited to):

• Itemization of areas and instances where AI-based tools are deployed across the firm, particularly with respect to investment recommendations;
• Data security measures relative to AI use;
• Policies and procedures related to the use of AI within the firm, particularly with respect to investment recommendations;
• An itemization of inputs that drive AI-based recommendations and other activity, including how such information is collected and updated;
• Advertising materials and disclosures, including Form ADV, that reference the use of AI, particularly with respect to investment recommendations;
• Information related to the development, testing, and ongoing management and oversight of AI tools; and
• Plans in place to identify, resolve, and disclose AI system failures, AI-driven errors, and other issues related to AI use.

CRC keeps its thumb on the pulse of the evolving regulatory landscape. Keep an eye out for additional information about the SEC’s AI-driven conflicts proposed rule and new sweep exam initiative, including updated proposals, rule finalization details, and CRC’s thoughts on how to ensure successful integration of new or updated rules within your firm’s existing regulatory compliance program.

Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: SEC Sweep Initiative Targeting AI-Driven Investment Advisers appeared first on Compliance Risk Concepts.

What: The SEC recently approved FINRA’s amended rule proposal (SR-FINRA-006) to adopt new Supplementary Material .19 (Residential Supervisory Location) under FINRA Rule 3110, which will permit certain broker-dealers to treat an eligible private residence in which an associated person engages in specified supervisory activities as a non-branch location (subject to various conditions and limitations).

Who: FINRA member broker-dealers who allow supervisors to work from a private residence.

When: The SEC order approving the rule change was issued on November 17, 2023. FINRA will announce the effective date of the rule change in a Regulatory Notice.

Why: During the recent pandemic many FINRA member firms developed hybrid workforce models, and many of the supervisors who began working from home during the pandemic continue to do so, at least on a part-time basis. Under the pre-RSL regulatory framework, those supervisors likely conduct activities that would require the registration and designation of their private residence as supervisory branch offices or OSJ.

How: Generally, a private residence at which supervisory functions described in Rule 3110(f)(1) or (2)(B) occur must be registered and designated as a branch office or OSJ and inspected at least annually. The rule change will permit eligible FINRA members to treat such locations as non-branch locations (subject to terms and conditions under the rule), which would permit inspections to be conducted on a regular periodic schedule rather than annually.

Why it matters: Sooner or later the temporary pandemic regulatory relief related to Form BR reporting of new temporary office locations created due to Covid will end. Broker-dealers with hybrid/remote supervisory operations would be well-served to begin evaluating the eligibility criteria and associated requirements that will be necessary to utilize the RSL designation once it becomes effective. Likewise, broker-dealers who will be ineligible at the firm-level and those with one or more ineligible locations should begin evaluating what adjustments will need to be made to maintain compliance with Rule 3110 after the discontinuation of the Covid relief.

CRC keeps its thumb on the pulse of the evolving regulatory landscape. Keep an eye out for additional information, including updated guidance, risk alerts, and CRC’s thoughts on how to ensure successful compliance with evolving regulatory expectations within your firm’s existing regulatory compliance program.

Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: New FINRA “Residential Supervisory Location” (RSL) Approved by SEC appeared first on Compliance Risk Concepts.

What: The SEC approved FINRA’s amended rule proposal (SR-FINRA-2023-007) to adopt a voluntary, three-year remote inspections pilot program.

Who: Eligible FINRA member firms who opt-in to the pilot.

When: The SEC order approving the rule change was issued on November 17, 2023. FINRA will announce the effective date of the program in a Regulatory Notice.

Why: FINRA has explained that the pilot program will provide it the opportunity to gauge the effectiveness of remote inspections as part of a modernized, reasonably designed supervisory system that reflects the current work environment and availability of technologies that did not exist when the on-site inspection originally was conceived.

How: The new rule will permit participating member firms to perform required inspections of OSJs, branch offices, and non-branch locations remotely under the applicable provisions of FINRA Rule 3110(c)(1), subject to specified safeguards and limitations. The pilot program will automatically sunset on a date that is three years after its effective date.

Why it matters: The potential operational flexibility to eligible firms comes at a cost.Firms that are interested in opting into the pilot should carefully weigh the various eligibility criteria and participation conditions (e.g., quarterly data collection and reporting to FINRA) to determine if the voluntary election makes sense for the firm.

CRC keeps its thumb on the pulse of the evolving regulatory landscape. Keep an eye out for additional information, including updated guidance, risk alerts, and CRC’s thoughts on how to ensure successful compliance with evolving regulatory expectations within your firm’s existing regulatory compliance program.

Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: FINRA Voluntary Remote Inspection Pilot Program Approved by the SEC appeared first on Compliance Risk Concepts.

October 20, 2023

What: The Securities Investor Protection Corporation (“SIPC”) is nearing the launch of an online portal for Broker-Dealers.

Who: Broker-Dealers (including Broker-Dealers claiming exclusion from SIPC membership)

When: Portal launches on November 1, 2023.

Why: The new portal will allow Broker-Dealers to file forms, pay assessments, and communicate with SIPC.

How: Initial access to the SIPC Portal will be on a staggered basis, based on the broker-dealer’s fiscal year. Each Broker-Dealer’s Chief Compliance Officer (CCO) must either act as the Broker-Dealer’s Portal Administrator or delegate this responsibility to another individual. Check out SIPC’s Portal Administrator Delegation webpage for more details.

Why it matters: Once the SIPC Portal is operational, SIPC will no longer accept filings by mail, email, or fax. Broker-dealers that fail to use the SIPC Portal will not be able to submit required filings with SIPC.

CRC keeps its thumb on the pulse of the evolving regulatory landscape. Keep an eye out for additional information, including updated guidance, risk alerts, and CRC’s thoughts on how to ensure successful compliance with evolving regulatory expectations within your firm’s existing regulatory compliance program.

Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: SIPC Nearing Launch of Broker-Dealer Portal appeared first on Compliance Risk Concepts.

October 19, 2023

What: The Securities and Exchange Commission (SEC) announced its examination priorities for fiscal year 2024.

Who: Priorities for Broker-Dealers, Investment Advisers, Investment Companies, SROs, Clearing Agencies, and Other Market Participants (Municipal Advisors, Security-Based Swap Dealers, and Transfer Agents)

When: October 16, 2023. Although typically provided in Q1 of the same calendar year, the SEC is re-aligning its publication of examination priorities with the beginning of its fiscal year.

Why: The SEC prioritizes examination of certain practices, products, and services that it believes present potentially heightened risks to investors or the integrity of the U.S. capital markets.

How: In addition to focus areas for specific market participants, the SEC highlighted four areas applicable across the multiple participants: 1) Information Security and Operational Resiliency, 2) Crypto Assets and Emerging Financial Technology, 3) Regulation Systems Compliance and Integrity, and 4) Anti-Money Laundering and OFAC Sanctions.

Why it matters: The SEC has explained that it will allocate significant resources to the 2024 examination priorities. It is worth noting that the multiple participant topics noted above were similarly identified in the prior year’s priorities, which means that participants have now had two publication cycles of notice from the SEC regarding the importance of addressing these matters. As we close out 2023, firms should thoughtfully evaluate their compliance programs in light of the recent priorities to ensure they are particularly responsive to the SEC’s focus areas.

CRC keeps its thumb on the pulse of the evolving regulatory landscape. Keep an eye out for additional information, including updated guidance, risk alerts, and CRC’s thoughts on how to ensure successful compliance with evolving regulatory expectations within your firm’s existing regulatory compliance program.

Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: SEC Publishes 2024 Exam Priorities appeared first on Compliance Risk Concepts.

September 25, 2023

What: Sources close to relevant investigations indicate that at least a dozen advisory firms and hedge funds have been subject to deep-dive probes of employee electronic communications.  

Who: While relevant fines and enforcement actions to date have typically centered around broker-dealers, this move signals a shift in focus to the electronic communication practices of investment advisers.

When: CRC anticipates that this area of focus will be the star of the SEC’s examination priorities list once it is released in early 2024.

Why: Chairman Gensler has defended his standing position that diving into advisers’ communications at recordkeeping practices is a crucial component of investor protection, despite industry backlash and an open letter from SIFMA stating the overreach of the SEC’s regulatory scope.

How: While during previous sweep efforts, the SEC has previously required firms under examination to sample employee electronic communications and report back, their new approach is much more invasive and ups the ante considerably. Exam staff is requesting the phones of specific employees, including executives, and reviewing all communications themselves.

Why it matters: Firms using a certification only or “wait and see” approach are operating at a disadvantage and need to evaluate their existing policies and procedures relative to electronic communications to ensure they are clear and reasonably designed for the size and scope of their operations. The question is not if, but when the SEC review adviser communications, and it seems the scope and methodology of their investigation are escalating.

CRC keeps its thumb on the pulse of the evolving regulatory landscape. Keep an eye out for additional information about the SEC’s continued focus on electronic communications, including updated guidance, risk alerts, and CRC’s thoughts on how to ensure successful compliance with evolving regulatory expectations within your firm’s existing regulatory compliance program.

Contact Mitch Avnet for further details: (646)346-2468 | mavnet@compliance-risk.com

The post Regulatory News Update: SEC Probes Investment Adviser Electronic Communications appeared first on Compliance Risk Concepts.

On October 12, 2022, the SEC adopted amendments to the electronic recordkeeping, prompt production of records, and third-party recordkeeping service requirements that are applicable to broker-dealers. The broker-dealer compliance date for the new requirements is six months after the date of the publication of the adopting release in the Federal Register. 

Some key highlights of the amendments to Rule 17a-4:

• Adds an audit-trail as an alternative to the existing WORM requirement for electronic recordkeeping systems.
  • Under the audit-trail alternative, a broker-dealer will need to use an electronic recordkeeping system that maintains and preserves electronic records in a manner that permits the recreation of an original record if it is modified or deleted.
  • Electronic regulatory records may be preserved using an electronic record keeping system that meets either the audit-trail or the WORM requirement.
• Adds an option for a designated executive officer (DEO) of the firm to make the required undertakings instead of a designated third party (D3P) when using an electronic recordkeeping system.
  • DEO must be a member of the broker-dealer’s senior management.
  • Subject to the organization’s reporting structure, DEO can designate in writing a limited number of other broker-dealer employees who have the knowledge, credentials, and information necessary to access and provide the records.
• Adds an alternative undertaking for third parties who hold electronic regulatory records for the broker-dealer (e.g., cloud service provider) in lieu of the traditional undertaking under 17a-4(i).
  • Records must be preserved by electronic recordkeeping system as defined in Rule 17a-4(f), utilizing servers or other storage devices that are owned or operated by a third-party (including an affiliate) and the broker-dealer must have independent access to the records.
• Adds a requirement for electronic recordkeeping systems to be able to produce copies of a record and its audit trial (if applicable) in a reasonably useable electronic format.
  • Such formats would be common and compatible with commonly used systems for accessing and reading electronic records.
• Eliminates 90-Day DEA notice requirement before employing an electronic recordkeeping system.
• Designates a broker-dealer’s DEA as a SEC designee for the purposes of the various provisions of the Rule that refer to “representatives and designees of the Commission.”

Important things for broker-dealers to note moving forward:

• Existing WORM-compliant electronic recordkeeping system can continue to be used, but firms will be subject to the requirement to be able to produce a record in both a human readable format and a reasonably useable electronic format.
• Existing designated third parties can continue to be used, however, updated undertakings will need to be filed with DEA.
• If cloud storage providers are being used for electronic regulatory records and a traditional undertaking has not already been filed with DEA, firms must either file a traditional or alternative undertaking.

CRC believes that the best approach to regulatory compliance is a proactive one. Staying ahead of the curve by taking note of this rulemaking activity can help ensure that a firm is prepared for a regulatory exam. Rather than scrambling to rectify issues or meet deadlines, a thorough, active compliance program that considers and incorporates regulatory developments is in a better position to satisfy regulators and preserve operations so they can best serve their clients.

For more information, please contact:

Mitch Avnet

p. (646) 346-2468  

mavnet@compliance-risk.com

David Amster

p. (917) 568-6470

damster@compliance-risk.com

The post Broker-Dealer Regulatory Update: Amended Electronic Recordkeeping Requirements appeared first on Compliance Risk Concepts.