As the regulatory landscape is constantly evolving, Compliance Risk Concepts (“CRC”) is issuing its monthly […]
As the regulatory landscape is constantly evolving, Compliance Risk Concepts (“CRC”) is issuing its monthly review and summary of FINRA, SEC, and NFA notices and bulletins to assist our clients in keeping abreast of notable regulatory developments and deadlines in an effort to strengthen their compliance and regulatory initiatives.
Per Notice 21-28, FINRA has adopted new Rule 6439 (Requirements for Member Inter-Dealer Quotation Systems), which implements additional requirements for firms that operate systems that regularly disseminate the quotations of identified broker-dealers in OTC Equity Securities (each an “inter-dealer quotation system” or “IDQS”). Rule 6439 will become effective on October 1, 2021, except for paragraph (d)(1)(B), which relates to the collection of order-level information. The effective date for this paragraph will be announced at a later date to better coordinate, and avoid regulatory duplication, with reporting obligations to the Consolidated Audit Trail (CAT) under Rule 6830 (Industry Member Data Reporting).
FINRA also is deleting the Rule 6500 Series and other rules related to the OTC Bulletin Board (OTCBB) – a FINRA-operated inter-dealer quotation system – and ceasing its operation. The permanent closure of the OTCBB will not occur prior to October 1, 2021. FINRA will announce the effective date of the deletion of the OTCBB-related rules and its closure in a separate communication.
Per Notice 21-29, FINRA is publishing this Notice to remind member firms of their obligation to establish and maintain a supervisory system, including written supervisory procedures (WSPs), for any activities or functions performed by third-party vendors, including any sub-vendors (collectively, Vendors) that are reasonably designed to achieve compliance with applicable securities laws and regulations and with applicable FINRA rules. This Notice reiterates applicable regulatory obligations; summarizes recent trends in examination findings, observations and disciplinary actions; and provides questions member firms may consider when evaluating their systems, procedures and controls relating to Vendor management.
This Notice—including the “Questions for Consideration”—does not create new legal or regulatory requirements or new interpretations of existing requirements. Many of the reports, tools or methods described herein reflect information firms have told FINRA they find useful in their Vendor management practices. FINRA recognizes that there is no one-size-fits-all approach to Vendor management and related compliance obligations, and that firms use risk-based approaches that may involve different levels of supervisory oversight, depending on the activity or function Vendors perform. Firms may consider the information in this Notice and employ the practices that are reasonably designed to achieve compliance with relevant regulatory obligations based on the firm’s size and business model.
FINRA also notes that the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency recently published and requested comment on proposed guidance designed to help banking organizations manage risks associated with third-party relationships. FINRA will monitor this proposed guidance and consider comparable action, where appropriate.
Per Notice 21-30, FINRA warns member firms of an ongoing phishing campaign that involves fraudulent emails (see sample in Appendix) purporting to be from FINRA and using one of at least three imposter FINRA domain names:
The email asks the recipient to click a link to “view request” and provide information to “complete” that request, noting that “late submission may attract penalties.”
FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident.
None of these domain names are connected to FINRA and firms should delete all emails originating from any of these domain names.
FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding, opening any attachments or clicking on any embedded links.
FINRA has requested that the relevant Internet domain registrars suspend services for all three domain names.
For more information, firms should review the resources provided on FINRA’s Cybersecurity Topic Page, including the Phishing section of our Report on Cybersecurity Practices - 2018.
There were no Special Notices in August.
Per Release No. 34-92727, the Securities and Exchange Commission (“Commission”) is making an amendment to the Commission’s Freedom of Information Act (“FOIA”) regulations to remove a provision stating that records that the FOIA requires to be made available for public inspection in an electronic format will be available to persons who do not have access to the internet in the Commission’s Public Reference Room. The Commission’s FOIA regulations will continue to provide that persons who do not have access to the internet can obtain the documents required to be made available for public inspection by telephone or email request to the Office of FOIA Services.
Effective Date: August 26, 2021
There were no proposed rules in August.
There were no interim final rules in August.
There were no interpretive releases in August.
Per Release No. 34-92565, The Securities and Exchange Commission (“Commission” or “SEC”) is issuing this statement to clarify how the SEC will proceed when addressing certain issues under Exchange Act Rule 21F-3(b)(3) and Exchange Act Rule 21F-6 while the staff is preparing and the Commission is considering potential amendments to those rules (“Interim Policy-Review Period”). These procedures will remain in effect until withdrawn by the Commission.
Per Notice I-21-27:
NFA Financial Requirements Section 12 requires forex dealer members to collect and maintain a minimum security deposit of 2% of the notional value of transactions in ten listed major currencies and 5% of the notional value of other transactions. In 2016, NFA's Executive Committee, pursuant to its authority under Section 12, increased the minimum security deposit for currency pairs involving the British pound to 5% and the minimum security deposit for currency pairs involving the Japanese yen to 4%.
The Executive Committee recently reviewed these increases and determined to reduce the minimum security deposit for currency pairs involving the British pound to 3% and for currency pairs involving the Japanese yen to 2%. The decreases are effective immediately.
August 5, Chicago—NFA has ordered New York, N.Y. introducing broker Tullett Prebon Financial Services LLC(TPFS) to pay a $150,000 fine.
The Decision, issued by NFA's Business Conduct Committee (BCC), is based on a Complaint issued by the BCC and a settlement offer submitted by TPFS, in which it neither admitted nor denied the allegations. The Committee found that TPFS failed to keep full, complete and systematic records of all transactions relating to TPFS's business of dealing in commodity interests. The Committee also found that TPFS failed to supervise its employees' recordkeeping activities and failed to review and supervise its associated persons' communications.
The complete text of the Complaint and Decision can be viewed on NFA's website.
Cybercrime is constantly developing. With attacks becoming more prevalent and sophisticated. Now is the time to perform a cybersecurity check for your firm to ensure not only compliance with industry standards, but confirm the firm’s ability to prevent, detect, and respond to evolving cyber threats. Prevention begins with training; make certain that in addition to proper security measures, applicable personnel has been rigorously trained with respect to information and technology security measures.
Regulators have been out in force throughout the pandemic and continue to do so. We have observed trends toward lengthy, deeper dive exams, conducted remotely. Firms should consider initiatives aimed at identifying and remediating regulatory gaps in their programs, particularly with respect to current exam focus area trends.
Regulators continue to demonstrate their commitment to protecting investors by aggressively pursuing bad actors and reviewing and updating regulations to guard investors against constantly evolving threats.
The best approach to regulatory compliance is a proactive one. Staying ahead of the curve by taking note of statements and guidance released by regulators and using them as a barometer to assess the current regulatory climate can help ensure that a firm is prepared for a regulatory exam. Rather than scrambling to rectify issues or meet deadlines, a thorough, active compliance program that considers and incorporates regulatory developments is in a better position to satisfy regulators and preserve operations so they can best serve their clients.
For more information, please contact:
p. (646) 346-2468
p. (917) 568-6470
Leave a Reply