Key Takeaways: FINRA’s 2019 Report on Examination Findings and Observations

On October 16, 2019, FINRA published its 2019 Report on FINRA Examination Findings and Observations.  This report is a useful resource for firms to leverage to improve their compliance and risk management programs. 

One of the findings in the report pertains to failure to effectively monitor for and react to regulatory changes.  Firms are required to review regulatory changes against their supervisory systems, including their written supervisory procedures and training programs.  FINRA found that some firms did not adequately respond to recent regulatory changes such as FinCen’s new Customer Due Diligence (CDD) obligations and requirements around Financial Exploitation of Specified Adults among other recently adopted or amended rules. 

In addition, branch supervision and inspection programs were found to be inadequate at some firms. The following areas were specifically cited as supervisory and risk management gaps:

  • Failure to fully understand the activities that are taking place at branch offices, including the unique products and services offered at each branch location;
  • Failure to conduct periodic inspections of non-branch locations;
  • Failure to determine relevant areas of review, taking into consideration the nature and complexities of product and service offerings or indicators of irregularities or misconduct;
  • Failure to reduce the inspections and reviews to a written report;
  • Failure to follow through with necessary corrective action.

Suitability once again made the Sales Practice and Supervision hit list. Specific findings included:

  • Inadequate supervision of product exchanges;
  • Failure to identify and respond to red flags;
  • Inadequate oversight around customer account information changes;
  • Failure to recognize unsuitable transaction patterns;
  • Inadequate supervision of trading activities (excessive trading or churning);
  • Inadequate training of supervisors;
  • Unsuitable options strategies to unsophisticated customers.

Digital communications made it into this year’s report.  FINRA specifically noted some firms that prohibit for business-related communications the use of text messaging, social media and collaboration applications such as Facebook, did not maintain a process to identify and respond to red flags around the use of the prohibited digital channel communications.  Red flags could have been detected through adequate customer complaint management, email monitoring, outside business activity (OBA) reviews as well as advertising reviews.  Some effective practices to manage digital communication were flagged, including: 

  • Establishing comprehensive governance structures by leveraging marketing, compliance and technology departments as well as third-party vendors;
  • Defining and controlling permissible digital channels though supervision; records retention; policies and procedures; blocking prohibited channels; restricting use of messaging and collaboration applications that limit the firm’s ability to retain records;
  • WSPs to manage the lifecycle of video content which includes live-streamed public appearances, scripted commercials or video blogs;
  • Training prior to providing RRs access to firm-approved digital channels;
  • Disciplining misuse of digital communications such as temporarily suspending or blocking channels and requiring additional training.

FINRA also shares a number of cybersecurity-related observations and best practices in their 2019 report in hopes of assisting firms with strengthening their cybersecurity programs. The report reminds firms to evaluate each of the best practices and controls described in the report. Highlighted best practices include:

  • Maintaining branch-level written cybersecurity policies to protect confidential data;
  • Implementing procedures to verify that branch office controls were implemented and are functioning adequately;
  • Documenting formal policies and procedures on vendor and third-party management that include onboarding, ongoing monitoring, off-boarding and disposal of sensitive client information;
  • Establishing and regularly testing written formal incident response plans that outline procedures to follow when responding to cybersecurity and information security incidents;
  • Establishing data protection controls such as encryption of confidential data (customer and firm information) whether it is stored internally or at vendor locations;
  • Ensuring system patching is timely applied;
  • Applying a ‘Policy of Least Privilege’ around access controls, by only granting access to systems and data when required and removing such access rights when no longer needed;
  • Implementing multi-factor or two-factor authentication controls for RRs, employees, vendors and contractors accessing firm systems and data from outside the organization;
  • Maintaining an inventory of critical information technology assets, including hardware, software, data in home and branch offices; legacy assets that vendors no longer support as well as corresponding cybersecurity controls to protect these assets;
  • Implementation of data loss prevention controls to protect sensitive customer information such as SSN, dates of birth, bank information, driver’s license numbers;
  • Training for RRs, personnel, third-party providers and consultants;
  • Implementation of change management procedures to document, review, prioritize, test, approve, manage hardware and software changes.

Training staff on how to implement firm business continuity plans (BCPs) was cited as a BCP best practice in addition to engaging in annual testing of the BCP.  Note:  FINRA is currently conducting a retrospective review of FINRA Rule 3270 ~ Business Continuity Plans and Emergency Contact Information.  See FINRA Regulatory Notice 19-06

These are just some of the numerous highlights from the 2019 Report on FINRA Examination Findings and Observations to take into consideration when assessing the adequacy and effectiveness of your firm’s supervisory and risk management operations.

Note: RegEd is not engaged in rendering legal, accounting or other professional services. If legal or other professional advice is warranted, the services of an appropriate professional should be sought.

About the Author

Margie Webber is the Director, Regulatory Compliance BD/IA at RegEd, Inc.

Related RegEd Solutions:

RegEd Advertising Review

RegEd Audit Management

RegEd Complaint Management

RegEd Education & Training

RegEd Incident Management

RegEd Outside Business Activities

RegEd Policies & Procedures Management

RegEd Regulatory Change Management

RegEd Thought Leader Awarded 2019 SILA Bruce Saenger Award

Award acknowledges a passion for insurance and/or securities related education topics.

RegEd, the leading provider of compliance technology solutions to the financial services industry, participated in the 2019 SILA National Education Conference in San Diego, CA on Sept. 15-18, 2019. During the conference Brandi Brown, RegEd Senior Vice President of Regulatory Affairs, was awarded the 2019 Bruce Saenger Education Award, which is presented to an individual who demonstrates a passion for insurance and/or securities related education topics including pre-licensing/pre-registration, continuing education, and professional development.

Brandi Brown, RegEd Senior Vice President of Regulatory Affairs, stated, “I want to offer sincere appreciation to the committee at SILA for selecting me as the recipient of this year’s Bruce Saenger Education Award. I cannot express how grateful I am to have been nominated by my peers for this award.” Brown continued, “At RegEd we have been avid supporters of SILA and their mission for decades and look forward to our continued partnership with the organization and its members.”

Outstanding individuals and organizations in the compliance industry are recognized and honored through the SILA Awards program. SILA Awards are presented annually at the National Education Conference to recipients who are nominated by their peers. The recipient of the Bruce Saegner Award demonstrates a passion for insurance and/or securities related education topics: pre-licensing/pre-registration, continuing education, and professional development. Bruce Saenger was a long time member of SILA who had a passion for the insurance industry in particular, education and professional development. Bruce actively participated in the SILA Education Committee and was subsequently elected to chair the Committee as Education Director. He shared his talents and passion for education with the SILA Foundation where he led the development of the current SILA Certification Program.

A number of RegEd compliance thought leaders and subject matter experts participated in sessions at SILA 2019. Margie Webber, Governance Chair on the SILA Board of Directors and a Senior Member of RegEd’s Regulatory Affairs Group, facilitated the Securities Open Forum discussion, led the NASAA Task Force meeting, and moderated the Legislative Update Panel. Kaitlyn Small, Regulatory Specialist at RegEd, was a panelist on the Navigating the Choppy Waters of Adjuster Licensing session and Michael Pouliot, SVP of Sales at RegEd, was a panelist on the The Impact of Technology on Insurance & Securities Distribution session.

About RegEd

RegEd is the market-leading provider of RegTech enterprise solutions with relationships with more than 200 enterprise clients, including 80% of the top 25 financial services firms.

Established in 2000 by former regulators, the company is recognized for continuous regulatory technology innovation with solutions hallmarked by workflow-directed processes, data integration, regulatory intelligence, automated validations, business process automation and compliance dashboards. The aggregate drives the highest levels of operational efficiency and enables our clients to cost-effectively comply with regulations and continuously mitigate risk.

Trusted by the nation’s top financial services firms, RegEd’s proven, holistic approach to RegTech meets firms where they are on the compliance and risk management continuum, scaling as their needs evolve and amplifying the value proposition delivered to clients. For more information, please visit www.reged.com.

Open post

RegEd to Participate in 2019 FINRA Advertising Regulation Conference and Host Client Advisory Board

Client Advisory Board will provide important forum for RegEd’s enterprise Advertising Review solution product roadmap and future innovation.

RegEd, the leading provider of compliance and risk management technology to broker-dealers and other financial services firms, including the industry-leading Advertising Review solution, announced its participation in the 2019 FINRA Advertising Regulation Conference in Washington, DC, on October 24-25, 2019.

FINRA’s Advertising Regulation Conference provides a forum to learn about practical changes and new developments involving communications rules, and the opportunity to gain guidance on the advertising standards from industry and FINRA experts. The comprehensive agenda is designed for new and experienced advertising professionals. Industry and regulatory speakers will facilitate interactive, forward-looking discussions on current practices, policies, priorities and emerging regulations. This year’s conference also includes opportunities to network with industry peers and meet one-on-one with Advertising Regulation Department staff during office hours and throughout the event.

 “In today’s evolving industry, managing the advertising review, approval and document management processes can present significant challenges for financial services firms,” stated Kevin Goodman, RegEd’s Advertising Review Product Manager. “The process must fully address compliance requirements pursuant to FINRA Rule 2210 and other customer communication regulations, while facilitating a seamless review process that enables all stakeholders to increase the quality and effectiveness of the firm’s marketing communications, while speeding time to market.”

Goodman continued, “The FINRA Advertising Regulation Conference provides an important forum for regulators, industry firms and solution providers, like RegEd, to engage in dialogue about evolving regulation and solving the related compliance and operational challenges.”

Prior to the start of the conference, RegEd will host its Advertising Review Client Advisory Board (CAB).  The CAB will focus on best-practice implementation of recent and upcoming enhancements to RegEd’s Advertising Review Enterprise solution, while providing an important forum for RegEd’s Advertising Review product roadmap and future innovation.

The RegEd booth #9 will be located in the main exhibit hall of the Renaissance Washington, DC Downtown Hotel. For more information on RegEd or its attendance at the 2019 FINRA Advertising Regulation Conference, please call 800-334-8322 or email sales@reged.com.

About RegEd

RegEd is the market-leading provider of RegTech enterprise solutions with relationships with more than 200 enterprise clients, including 80% of the top 25 financial services firms.

Established in 2000 by former regulators, the company is recognized for continuous regulatory technology innovation with solutions hallmarked by workflow-directed processes, data integration, regulatory intelligence, automated validations, business process automation and compliance dashboards. The aggregate drives the highest levels of operational efficiency and enables our clients to cost-effectively comply with regulations and continuously mitigate risk.

Trusted by the nation’s top financial services firms, RegEd’s proven, holistic approach to RegTech meets firms where they are on the compliance and risk management continuum, scaling as their needs evolve and amplifying the value proposition delivered to clients. For more information, please visit www.reged.com.

Open post

RegEd to Showcase Enterprise Compliance Solutions at 2019 NSCP National Conference

Enterprise solutions for managing compliance obligations associated with conflicts of interest, advertising review, branch audits, and licensing and registration will be showcased at the event.

RegEd, the leading provider of compliance technology solutions to the financial services industry, is pleased to announce its participation in the 2019 National Society of Compliance Professionals (NSCP) National Conference in Baltimore, MD, on October 21-23, 2019.

The NSCP National Conference offers more than 80 sessions, covering topics that are relevant to investment advisers, broker-dealers, private funds and investment companies, and has been recognized as one of the most comprehensive educational offerings within the securities compliance industry. This year, the conference agenda will focus on new regulatory developments, enforcement trends, compliance best practices, and the benefits of diversity and inclusion.

RegEd representatives will be on-site during the conference to highlight the firm’s innovative enterprise compliance solutions:

Advertising Review: Streamlines the end-to-end processes for advertising and customer communication submission, review, collaboration and approval, reducing time to market for marketing and sales initiatives. The solution fully supports SEC 17(a)-4 compliance. Learn More.

Branch Audits: Enables firms to fully plan, schedule, conduct, resolve and report on branch audits. Significantly reduces manual and paper-driven processes, creating a seamless and efficient end-to-end process for branch audit reviews. Learn More.

Conflicts of Interest: Integrated solutions that enable firms to seamlessly monitor, identify and remedy conflicts of interest and code of conduct issues among the firm’s registered population. Includes expanded, industry-leading capabilities to manage Gifts, Gratuities & Contributions. Learn More.

Onboarding, Licensing and Registration: Unified solution is powered by an extensive compliance rules engine, and enables firms to seamlessly manage and track representatives’ licensing and registration, compliance and education requirements. Data-reuse, automatic validations, and complex hierarchy management simplify onboarding across distribution channels. Learn More.

RegEd is exhibiting at the conference and can be located at Booth #8 in the main exhibit hall of the Hilton Baltimore. For more information on RegEd or its attendance at the 2019 NSCP National Conference, please call 800-334-8322 or email sales@reged.com.

About RegEd

RegEd is the market-leading provider of RegTech enterprise solutions with relationships with more than 200 enterprise clients, including 80% of the top 25 financial services firms.

Established in 2000 by former regulators, the company is recognized for continuous regulatory technology innovation with solutions hallmarked by workflow-directed processes, data integration, regulatory intelligence, automated validations, business process automation and compliance dashboards. The aggregate drives the highest levels of operational efficiency and enables our clients to cost-effectively comply with regulations and continuously mitigate risk.

Trusted by the nation’s top financial services firms, RegEd’s proven, holistic approach to RegTech meets firms where they are on the compliance and risk management continuum, scaling as their needs evolve and amplifying the value proposition delivered to clients. For more information, please visit www.reged.com.

Scroll to top