FINRA’s 2018 Report on Examination Findings provides important lessons learned from the prior year’s examination, surveillance and risk monitoring programs. Released on December 7, 2018, the Report highlights five “primary” observations and ten “additional” observations for firms to consider in developing and enhancing their business practices and supervisory procedures. Member firms should review FINRA’s findings and consider whether their policies and procedures should be updated or enhanced. Below is a chart comparing the topics from the 2017 Report against the 2018 Report. After the 2017-2018 comparison, we have summarized FINRA’s findings and best practices for each observation set forth in the 2018 Report.
Examination Findings Topics: 2017 v. 2018
Details from the 2018 Examination Findings Report
Suitability Assessments: FINRA stressed the importance of considering all the factors in Rule 2111 (Suitability) when making recommendations to retail clients – particularly a product’s commissions and sales charges. Complex products present additional challenges, and FINRA noted that the “failure to understand the specific features and terms” by representatives was a “common contributor” to challenges examiners observed. The 2017 Report focused on suitability assessments for UITs and mutual funds, and the 2018 Report highlights those products again as ones that continue to concern FINRA examiners.
- Overconcentration in illiquid or complex securities (e.g., REITS and structured notes) in accounts for unsophisticated retail investors.
- Failure to review alerts generated by clearing firms and other compliance tools to investigate excessive trading.
- Variable annuity exchanges that are inconsistent with a customer’s objectives and time horizon. FINRA also noted the importance of supervising VA exchanges to ensure that a representative’s analysis of surrender costs and/or differences in available benefits or features support the purchase of or exchange into a new variable annuity.
- Implement supervisory practices that identify the specific risks associated with complex products and tailor the firm’s controls to address those risks.
- Consider restricting recommendations of certain products for vulnerable investors and establish controls that enable supervisors to review such recommendations.
- Develop required training on complex or high-risk products that representatives must complete before recommending such products to clients.
Volatility-Linked Products: FINRA noted that volatility-linked products present unique risks, exemplified by periods where the broader market indices had modest declines and volatility-linked products suffered drastic losses. A FINRA sweep exam specifically assessed firms’ supervisory systems and controls around these complex products.
- Marketing products to unsophisticated clients despite explicit warnings in prospectuses for those products about sales to retail customers.
- Failing to address the unique characteristics and risks of volatility-linked products during the product due diligence process.
- Failing to establish operational controls to enforce restrictions on the sale of complex products to retail clients.
- Establish comprehensive controls that specifically address the risks of the complex product and ensure that the firm has the capability to enforce them.
- Document the firm’s due diligence on volatility-linked products and specifically address the unique risks associated with those products.
Fixed Income Mark-up Disclosure: Pursuant to recent amendments to FINRA Rule 2232 (Customer Confirmations), FINRA recommends that firms consider performing a regular review of client confirmations, familiarize themselves with their clearing firms’ and vendors’ processes for providing markup disclosures, and examine whether fixed income disclosures are consistent and accurate when executed across different vendors, platforms or trading desks.
- Failure to enter all required information into the order entry system, including prevailing market price (“PMP”), time of execution, and mark-ups or mark-downs. FINRA also found that some firms improperly adjusted PMP to account for a representative’s concessions or sales credit.
- Inadequate disclosure of the firm’s capacity (e.g., principal or agent), mark-ups and PMP for structured notes – largely due to firms failing to realize that structured notes are subject to FINRA Rule 2232 (Customer Confirmations). FINRA found that some firms disclosed inaccurate PMP due to a reliance on vendors that did not use proper calculations.
- Ensuring that representatives are properly designating institutional accounts in accordance with FINRA Rule 4512(c) (Customer Account Information) and MSRB Rule G-8(a)(xi).
- Failure to include a brief description of the information a customer can find via the security-specific hyperlink on confirmations.
- Regularly review confirmations to ensure that they include the new, required disclosures, as well as the correct mark-up or mark-down, time of execution, and security-specific hyperlink information.
Reasonable Diligence for Private Placements: FINRA observed instances where firms failed to conduct or were unable to provide evidence of their reasonable diligence into private placements. The 2018 Report highlighted the importance of independently verifying information, particularly research performed by consultants that may have a conflict of interest with the underlying issuer.
- Failure to perform additional diligence on a new offering based on prior experience with the same issuer.
- Failure to independently verify material aspects of an offering or investigate red flags that arose during the due diligence process, including over-reliance on third-party conclusions and reliance on reports that were paid for by the issuer.
- Firms should be able to show meaningful review of private placements that includes identifying red flags and potential risks, as well as follow up on those red flags and independent verification of research provided by the issuer or an affiliated consultant.
- Large firms should utilize a due diligence committee structure, while small firms should formally designate a qualified person to investigate and determine whether offerings should be sold to their customers.
Abuse of Authority: FINRA’s Report highlighted the risks presented by discretionary trading activity and the enhanced controls that firms should implement for compliance with NASD Rule 2510 (Discretionary Accounts). FINRA cautions firms that allow their registered representatives to act on their customers’ behalf to implement appropriate controls.
- Unauthorized discretionary trading when a representative executes transactions in the same security across multiple customer accounts in a short period of time.
- Intentional misconduct, ranging from mismarking order tickets as unsolicited, having clients execute blank account forms, and convincing senior clients to establish trusts that name the representative as trustee.
- Representatives executing trades in accounts with expired authorizations.
- Document the firm’s regular testing of procedures and controls on discretionary accounts.
- Have customers complete questionnaires or annual attestations to confirm their intent to have representatives act in roles of authority (trustee, power of attorney, executor, etc.).
In addition to the highlighted “primary” points above, the 2018 Report also discussed the following “additional” issues observed in the exam process:
- Increased trading by foreign legal entity accounts in low-float and low-priced securities where, in some instances, the entities have common beneficial owners.
- Failing to document investigations into suspicious activity.
- Failing to conduct (and document) reviews of FinCEN’s Secure Information Sharing System on a bi-weekly basis.
- Firms should compare the quality of execution obtained via their existing order routing arrangement against competing markets.
- When conducting a “regular and rigorous review” pursuant to Rule 5310 (Best Execution and Interpositioning), firms must consider all the factors set forth in the Rule.
- Inaccurate disclosures of trading capacity (agent, principal, etc.) and failing to properly label disclosures of firm compensation.
- Failing to disclose the average price for customer orders executed at multiple prices and failing to disclose market-maker status.
DBAs and Communications with the Public
- Communications with the public should prominently disclose the firm name and not just the DBA.
- Representatives’ websites should contain a “readily apparent reference” and hyperlink to BrokerCheck.
- Stress tests should be performed using multiple time horizons and firms should incorporate stress test results into their business model.
Market Access Controls
- Some firms did not maintain effective pre-trade controls and could not substantiate credit and capital thresholds on record for their clients.
- Overreliance on third-party vendors with ineffective controls.
Net Capital Computations
- Failing to maintain documentation to substantiate the firm’s methodology for allocating specific broker-dealer costs via expense-sharing arrangements.
- Lack of policies and procedures for assessing the creditworthiness of issuers of securities with “minimal credit risk.”
- Miscalculating operational charges due to misinterpretations of the Net Capital Rule.
Operations Professional Registration
- Using unregistered individuals to (i) approve general ledger journal entries; (ii) act as supervisors of financial functions; and (iii) approve business requirements of trading systems related to covered functions.
Segregation of Client Assets
- Failing to complete reserve formula calculations because of errors in coding.
- Check forwarding issues with firms using the independent contractor business model.
- Firms using fully-paid-for or excess margin securities to fund operational needs.
- Overreliance on FINRA’s list when a reportable transaction involved a TRACE-eligible security that was not yet set up in TRACE at the time of the transaction.
- Late or inaccurate reporting.
- Insufficient WSPs.
FINRA expects that the 2018 Report will enable firms to reinforce their control environments and address potential deficiencies before their next exam. A copy of the report is available here.