Articles Tagged with Compliance

|

The Securities and Exchange Commission (SEC) recently released the 2022 Examination Priorities from the Division of Examinations, formerly known as the Office of Compliance Inspections and Examinations. This annual release provides insight into the areas that the SEC plans to highlight when examining investment advisers during the coming year.

While the SEC notes the continued impact of COVID-19 on investment advisers and the investment industry, the SEC reported an increase in examinations conducted during FY21, with the total number of completed examinations close to the pre-pandemic levels of FY19.

For FY22 examinations, the SEC will place a significant focus on (1) private funds; (2) environmental, social, and governance (ESG) investing; (3) standards of conduct: Regulation Best Interest (Regulation BI), fiduciary duty, and Form CRS; (4) information security and operational resiliency; and (5) emerging technologies and crypto-assets. Many of these focus areas, such as ESG and Regulation BI, are carried over from previous years and mark a multi-year emphasis for the SEC.

Continue reading ›

|

Earlier this month the National Society of Compliance Professionals, a nonprofit membership organization that supports compliance personnel and programs in the financial services industry, published a report entitled “Firm and CCO Liability Framework.” The report is designed as an aid to compliance professionals and as a proposal to regulators, including the Securities and Exchange Commission, to determine situations in which liability of Chief Compliance Officers should be mitigated.

The SEC has provided its own guidance regarding when CCOs may be held liable, some of which we have highlighted in a previous post. Additionally, the New York City Bar Association’s Compliance Committee released a comprehensive report last year that contains a description of the history of regulatory comments and guidance provided on the issue of CCO liability and proposes its own framework of liability.

The NSCP report was motivated in part by a widespread belief among compliance professionals that financial services regulators have expanded the situations in which CCOs will face liability for firm compliance failures. According to a survey contained in the report, 72% of compliance professionals share that belief. Additional survey results contained in the report include: that 35% of compliance professionals claim to have insufficient resources to adequately carry out the obligation to provide firm training on compliance issues; that 20% claim to have insufficient authority either to enforce or to develop compliance policies and procedures; and that 25% claim to be unable to meaningfully raise compliance concerns to the firm’s senior management.

Continue reading ›

|

The SEC, on June 5th, adopted a comprehensive set of rules and interpretations that will have a profound effect on the brokerage and advisory industries going forward, first and foremost by revising the standard-of-conduct applicable to broker-dealers and their registered representatives in dealings with retail customers. Even casual observers will likely be familiar with the various proceedings just concluded at the SEC, which resolve debates that have raged in the investment industry for decades as to the need to align the higher fiduciary “standard-of-conduct” applicable to investment advisers with the lesser suitability standard applicable to broker-dealers. While the June 5th releases do not equalize the two standards—as many commentators would have desired—they do significantly raise the standard applicable to broker-dealers from suitability to “best interests.” The SEC’s releases number four separate documents, each covering a distinct aspect of the standard-of-conduct controversy, and run over 1200 pages. Accordingly, this note will seek to identify the major headlines from the various releases. Look for future writings, wherein we will explore the nuances of the June 5th releases in greater detail.

As noted, the SEC released a package of Final Rules and Interpretive Releases comprising four separate components: (1) Final Rules implementing Regulation Best Interest (“Reg BI”), the new enhanced standard for brokers; (2) Final Rules implementing a new Form CRS Relationship Summary (“Form CRS”), a new disclosure document applicable to both brokers and advisers (that, for advisers, will function as a new Part 3 to Form ADV); (3) an Interpretive Release clarifying the SEC’s views of the fiduciary duty that investment advisers owe to their clients; and (4) an Interpretive Release intended to more clearly delineate when a broker-dealer’s performance of advisory activities causes it to become an investment adviser within the meaning of the Advisers Act. All four components of the regulatory package were approved by a 3-1 vote of the SEC’s Commissioners, with Commissioner Robert Jackson being the sole dissenter.

While the June 5th releases are the culmination of a decades-long controversy, they are the proximate result of a formal rulemaking commenced on April 18, 2018, at which time the SEC published initial proposed versions of Reg BI, Form CRS and the advisory interpretations. The Final Rules for Reg BI and Form CRS will become effective 60 days after they are formally published in the Federal Register; however, firms will be given a transition period until June 30, 2020 to come into compliance. The two Interpretive Releases will become effective upon formal publication.  Continue reading ›

|

The North American Securities Administrators Association—also known as “NASAA”—a cooperative association consisting of the chief securities regulators for each of the 50 United States, as well as Canadian and Mexican jurisdictions, has recently voted to adopt a model information security rule. NASAA’s new model information security rule could—if widely implemented by the individual NASAA Member jurisdictions—ultimately have a broad impact on the compliance programs of state-registered investment advisers.

Among its many roles as a confederation of individual regulators, NASAA frequently drafts and circulates “model rules” to its Members, who eventually vote on and adopt these draft rules for use by the various Member jurisdictions. A “model rule” is a familiar regulatory tool, which essentially provides a template upon which laws, rules, and other regulations can be drafted. For example, many of the individual states’ securities acts are variants of the Uniform Securities Act of 2002, a model act created by a group of legal scholars, regulators and veteran attorneys. NASAA’s new model rule is just such a template for regulators. Individual states and other jurisdictions may—at their discretion—adopt it in whole, in part, or not at all. That said, we believe that, especially given the growing importance of cybersecurity issues, it will be used more likely than not as the states come around to developing rules to parallel those already in place at the federal (SEC) level.  Continue reading ›

|

In its latest Risk Alert, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) heeds advisers and broker/dealers to take a fresh look at their policies and procedures in the area of electronic customer record storage in light of shortcomings discovered by OCIE’s staff as part of recently-conducted regular examinations. These shortcomings include weak or misconfigured security settings on a network storage device that, in the worst-case event, could result in unauthorized access to customer information.

OCIE Risk Alerts are highly useful resources for compliance professionals to consider as these published notices serve as a window into not only the recent experiences of OCIE staffers out in the field, but also the thinking of OCIE management as to where it will be directing its staff to focus on in future examinations. In other words, if the management of OCIE warrants it important enough to publish a Risk Alert on an particular topic, registrants can be assured that future exams will likely focus on deficiencies in that area.

This most recent Risk Alert zeros-in on deficiencies uncovered by examiners with respect to how advisers and brokers are protecting their customers’ electronic records—specifically, records kept in the “cloud” or on other types of networked storage solutions. OCIE defines cloud storage as the “electronic storage of information on infrastructure owned and operated by a hosting company or service provider.” Obviously, such storage systems may be especially vulnerable to hacking or other nefarious activities, and as such, warrant robust protections. Continue reading ›

|

The SEC’s Office of Compliance Inspections and Examinations recently conducted examinations of privacy notices and safeguarding policies of SEC-registered investment advisers and broker-dealers adopted pursuant to Regulation S-P. As a result of these examinations, the SEC issued a Risk Alert identifying common deficiencies that are important to keep in mind when adopting, implementing and reviewing compliant privacy notices and effective safeguarding policies.

Regulation S-P requires financial institutions such as investment advisers and broker-dealers to adopt written policies and procedures to safeguard nonpublic personal client information. These policies must be reasonably designed to protect the confidentiality and security of nonpublic personal client information from any anticipated threats or hazards and any unauthorized access or use. The policies should address administrative, technical, and physical safeguards.

Investment advisers and broker-dealers must also provide initial and annual privacy notices to their clients describing the types of information collected and disclosed, the types of affiliated and non-affiliated third parties the information is disclosed to and, unless exempted from the opt-out notice requirement, an explanation of the client’s right to opt out of disclosure of nonpublic personal information to a non-affiliated third party. The privacy notice should also generally describe the firm’s safeguarding policies and procedures.

Continue reading ›

|

On February 4, 2019, the Commissioner of Securities of the State of Georgia and the Office of the Secretary of State announced its intent to amend the rules governing examination requirements for registered representatives of a broker-dealer and investment adviser representatives.  According to the Commissioner, the primary purposes of these amendments are to harmonize Georgia’s rules with the Financial Industry Regulatory Authority’s new rules implementing the Securities Industry Essentials (“SIE”) Exam and to update the requirements regarding examinations to applicants.  The SIE Exam, which tests a FINRA registration applicant’s knowledge of securities-related topics, was launched to simplify FINRA’s qualification examination program after the program’s efforts to address new securities products and services resulted in FINRA offering multiple exams with immense content overlap.  FINRA also launched the SIE Exam in order to provide greater consistency and uniformity to the securities industry application process.

The State of Georgia requires applicants for registration as a registered representative of a broker-dealer and/or an investment adviser representative to take certain prerequisite examinations.  Georgia Rule 590-4-5-.02 details the examination requirements for registered representatives, while Georgia Rule 590-4-4.09 details the examination requirements for investment adviser representatives.

The proposed amendments to Rule 590-4-5-.02, detailing registered representative examinations, would require an applicant applying for registration as a broker-dealer to present proof to the Commissioner that its personnel have passed at least one of a list of specified examinations within a two-year period preceding the date of the application.  The amendments also eliminate the Series 87 Research Principal Examination as a potential examination that could be passed.  The amendments also would provide that an applicant who is applying to be a registered representative would need to present the Commissioner with proof that he or she has passed the required examinations within either a two-year period immediately preceding the application date or a four-year period in the case of an applicant who has taken the SIE Exam.  The amendments also provide that the Commissioner “may reserve the right to find the applicant qualified by other examinations or significant and comprehensive experience in the securities business.”

Continue reading ›

|

FINRA has alerted its Member Firms to be on the watch for a fraudulent phishing email scheme targeted at compliance personnel. A phishing scheme typically uses email or some other type of electronic message to trick the recipient into clicking a malicious link or infected file attachment by mimicking a message from a trustworthy party. This particular scheme employs an email purportedly originating from an Anti-Money Laundering compliance officer at an otherwise apparently legitimate Indiana-based credit union. The email—which was received recently by a number of FINRA Member Firms—specifically targets compliance personnel by appearing to be a communication regarding an attempted transfer of money by a client of the recipient’s firm to the credit union which has been placed on hold due to concerns about potential money laundering. The scam is designed to get the recipient to open an attachment, which, according to FINRA “likely contains a malicious virus or malware designed to obtain unauthorized access to the recipient’s computer network.”

FINRA noted the following additional aspects of the fraudulent email that recipients should be alert for:

  • An otherwise legitimate reference to a provision of the USA Patriot Act allowing financial institutions to share information with each other.
  • An actual email address that appears to be from Europe, rather than the U.S.-based credit union.
  • Numerous instances of poor grammar and sentence structure.

Continue reading ›

|

FINRA has announced a new self-reporting initiative covering potential violations by its Member Firms of various rules governing share class recommendations relating to 529 Plans. See FINRA Regulatory Notice 19-04 (Jan. 28, 2019). Similar to the SEC’s recent self-reporting initiative regarding mutual fund share class selection in connection with 12b-1 marketing fees (which we have blogged about last month and in May of 2018), this new FINRA initiative (the “Initiative”) offers potential leniency in return for Member Firms coming forward to self-report likely violations pursuant to the terms of the Initiative.

529 Plans are tax-advantaged municipal securities that are structured to facilitate saving for the future educational needs of a designated beneficiary. While the sale of 529 Plans is governed by the rules of the Municipal Securities Rulemaking Board (“MSRB”), FINRA is responsible for enforcing the MSRB’s rules. These rules, in turn, require that recommendations of 529 Plans be suitable in light of the customer’s investment profile, and that Member Firms selling 529 Plans have a supervisory system in place to achieve compliance with the MSRB’s rules.

Continue reading ›

|

At this time of year, it is important for registered investment advisers to assure that they are in compliance with federal and/or state rules requiring them to monitor their supervised persons’ security holdings and transactions for compliance with the firm’s code of ethics. Even seasoned compliance professionals will encounter questions regarding application of the rule from time to time. While this article is no substitute for a detailed analysis of the rule and its application to a specific firm and its supervised persons, an overview of the rule may be helpful.

As background, all SEC-registered investment advisers are required to adopt a Code of Ethics, which must describe the standards of conduct expected for representatives of the firm and address conflicts that arise from personal trading by advisory personnel. This federal requirement, which governs SEC-registered advisers only, derives from SEC Rule 204A-1, which took effect in 2005. Since then, many state securities administrators have adopted identical or similar requirements, either by adopting SEC Rule 204A-1 “by reference”—i.e., verbatim—into state law, or by crafting similar “me too” provisions. Accordingly, if your firm is SEC-registered, it will be bound by Rule 204A-1; but, if your firm is currently a state-registered adviser, it may be bound by the same or similar requirements. Continue reading ›

Contact Information
2987 Clairmont Rd
#200
Atlanta, GA 30329
Toll Free: (855) 322-2057Local: (404) 490-4060Fax: (404) 490-4058 jsparker@parkmac.com

Attorney Advertising

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please do not include any confidential or sensitive information in a contact form, text message, or voicemail. The contact form sends information by non-encrypted email, which is not secure. Submitting a contact form, sending a text message, making a phone call, or leaving a voicemail does not create an attorney-client relationship.

Copyright © 2024, Parker MacIntyre
JUSTIA Law Firm Blog Design