OCIE and FINRA Announce 2016 Examination Priorities I.

14 January 2016
Practice Groups:
OCIE and FINRA Announce 2016 Examination
Priorities
Government
Enforcement;
By: C. Dirk Peterson and Erin Ardale Koeppel
Securities
Enforcement;
I.
Investment
Management, Hedge
Funds and
Alternative
Investments;
On January 6 and January 11, 2016, respectively, the Financial Industry Regulatory
Authority (“FINRA”) and the Securities and Exchange Commission’s (“SEC”) Office of
Compliance Inspections and Examinations (“OCIE”) each published their 2016 examination
priorities.1 Both OCIE and FINRA expressly stated they are increasing their examination
focuses in 2016 on financial services to retail investors, market risks posed by technology
and potentially lax cybersecurity controls, anti-money laundering (“AML”) oversight, and
liquidity controls, among other issues. However, although OCIE’s announced areas of focus
are fairly specific, certain of FINRA’s 2016 priorities are more generally centered upon firm
culture and how it affects compliance and risk management practices.
Hedge Funds and
Venture Funds;
Broker-Dealer;
Global Government
Solutions
OVERVIEW
The regulators’ annual examination priorities memoranda underscore both current and
developing risks for the industry, namely, among other things, the adverse effects of
unmanaged conflicts of interest in a diverse and complex marketplace; general market risk,
including specific risks posed by technology and insufficient cybersecurity procedures and
controls; and inadequate oversight and supervision in the retail marketplace, including
suitability of recommendations of complex investment products or sales to seniors. In
addition to providing insight into the anticipated focuses of OCIE and FINRA’s 2016
examinations, the priorities also signal the direction of potential future enforcement activities
by both the SEC and FINRA. Financial institutions, broker-dealers, investment advisers, and
others should assess these risks, and work to ensure their compliance programs adequately
address them. To assist in those efforts, we offer a summary of some of the most significant
OCIE and FINRA 2016 examination priorities.
II.
OCIE 2016 EXAMINATION PRIORITIES
In 2016, OCIE plans to focus on the same three broad priority areas as it did in 2015: (a)
Protecting Retail Investors and Investors Saving for Retirement; (b) Assessing Market-Wide
Risks; and (c) Using Data Analytics to Identify Signals of Potential Illegal Activity. OCIE’s
exam priorities also highlighted certain other areas the examination staff plans to evaluate in
2016. According to OCIE, the priorities noted “reflect certain practices and products that [it]
perceives to present potentially heightened risk to investors and/or the integrity of the U.S.
capital markets.”
1
FINRA Regulatory and Examination Priorities Letter (January 5, 2016); OCIE Examination Priorities for 2016 (January
11, 2016).
OCIE and FINRA Announce 2016 Examination Priorities
A. Protecting Retail Investors and Investors Saving for Retirement
OCIE announced that it intends to again focus on retail investors and retirement savers in
2016, including a continuation of the multi-year Retirement-Targeted Industry Reviews and
Examinations (“ReTIRE”) initiative it announced in June 2015. The ReTIRE initiative
includes examining the reasonable basis for retirement investment recommendations made
to investors, conflicts of interest, supervision and compliance controls, and marketing and
disclosure practices. Among other transactions and issues that have been examined thus
far as a part of this initiative are rollovers of individual retirement accounts (“IRAs”).
Recognizing that variable annuities have become a part of the retirement plans of many
Americans, OCIE also stated that it plans to assess the suitability of sales of variable
annuities in 2016, as well as the adequacy of disclosure and the supervision of such sales.
A new area of focus for OCIE in 2016 will be Exchange-Traded Funds (“ETFs”) and their
compliance with applicable exemptive relief granted under the Securities Exchange Act of
1934 and the Investment Company Act of 1940 and with other regulatory requirements.
OCIE also said it plans to review the ETFs’ unit creation and redemption processes and to
focus on sales strategies, trading practices, and disclosures involving ETFs. The SEC also
announced that it will examine public pension advisers and focus on “pay-to-play” and other
key risk areas, including identification of undisclosed gifts and entertainment.
OCIE stated that it will continue to review supervisory oversight of registered representatives
and investment adviser representatives in branch offices of SEC-registered investment
advisers and broker-dealers. OCIE also said that it will advance its efforts to examine
investment advisers and dually registered investment adviser/broker-dealers that offer retail
investors a variety of fee arrangements for purposes of evaluating account types and
recommendations are in the best interests of retail investors.
B. Assessing Market-wide Risks
OCIE highlighted its mission of “maintaining fair, orderly, and efficient markets,” and stated
that it will continue to examine firms for firm-specific or industry-wide risks and trends.
Notably, OCIE announced a continuation of its current initiative to examine broker-dealer and
investment adviser cybersecurity compliance and controls, including testing to assess the
implementation of such procedures and controls, as announced in a September 2015 OCIE
Risk Alert. OCIE also specified that it intends to examine Regulation Systems Compliance
and Integrity (“SCI”) entities, which include certain alternative trading systems and clearing
agencies, to evaluate whether they have “established, maintained, and enforced written
policies and procedures reasonably designed to ensure the capacity, integrity, resiliency,
availability, and security of their SCI systems.”
OCIE’s 2016 priorities highlighted market-side risks and OCIE stated it will focus on liquidity
controls and will examine advisers to mutual funds, ETFs, and private funds that have
exposure to potentially illiquid fixed-income securities. OCIE also plans to examine
registered broker-dealers that have become new or expanding liquidity providers in the
marketplace with respect to their controls over market risk management, valuation, liquidity
management, trading activity, and regulatory capital. OCIE also noted that it will continue its
annual examinations of clearing agencies designated as systemically important, pursuant to
the requirements of the Dodd-Frank Wall Street Reform and Consumer Protection Act.
2
OCIE and FINRA Announce 2016 Examination Priorities
C. Data Analytics to Identify Signals of Potential Illegal Activity
As in 2015, OCIE highlighted several of initiatives using its data analytics capabilities,
including the identification of recidivist representatives and the firms that employ them, AML,
microcap fraud, and excessive trading. These data analytics are expected to detect the
promotion of new, complex, and high-risk investment products and potential sales practice
issues.
Additionally, OCIE’s data analytics extend to AML programs, particularly those implemented
by clearing and introducing broker-dealers. That is, OCIE will use analytic capabilities to
detect firms that have not filed the number of suspicious activity reports (“SARs”) that would
be consistent with their business models or have filed incomplete or late SARs. Independent
testing of AML programs will focus on the extent to which a firm’s AML program is
adequately adapted to current money laundering and terrorist financing risks.
D. Other Highlighted Initiatives
OCIE also announced that it plans to focus on the following market participants or issues:
• Municipal Advisors. OCIE stated that it will examine newly registered municipal advisors
to assess their compliance with recently adopted SEC and Municipal Securities
Rulemaking Board rules.
• Private Placements. OCIE will examine private placements, including offerings pursuant
to Regulation D under the Securities Act of 1933 or the Immigrant Investor Program (“EB5 Program”).
• Never-Before-Examined Investment Advisers and Investment Companies. OCIE will
continue to apply its risk-based examination approach to select registered investment
advisers and investment company complexes that have not yet been examined and that,
because of size or business, may pose greater risk to investors or markets.
• Private Fund Advisers. OCIE plans to examine private fund advisers, focusing on fees
and expenses and evaluating controls and disclosure for side-by-side management of
performance-based and purely asset-based fee accounts.
• Transfer Agents. OCIE identified transfer agents and their timely turnaround of items
and transfers, recordkeeping and record retention, and safeguarding of funds and
securities, as well as providing paying agent services for their issuers, focusing on the
safeguarding of security-holder funds.
III.
FINRA 2016 EXAMINATION PRIORITIES
FINRA also plans to focus on retail investors in its 2016 examinations and identified three
broad areas of emphasis: (a) Firm Culture, Conflicts, and Ethics; (b) Supervision, Risk
Management and Controls; and (c) Capital Funding. According to Richard G. Ketchum,
FINRA’s current (but soon to retire) Chairman and CEO, each of these areas highlight both
emerging and existing risks that, if not properly addressed, could adversely affect investors
and market integrity in 2016. 2
2
Richard G. Ketchum Cover Letter to FINRA Regulatory and Examination Priorities Letter (January 5, 2016).
3
OCIE and FINRA Announce 2016 Examination Priorities
A. Firm Culture, Conflicts, and Ethics
FINRA continues to emphasize the importance of a firm’s culture of compliance, with a
particular focus on conflicts management. FINRA identified five basic guideposts against
which a firm’s culture of compliance is expected to be measured: (1) value given to conflicts
and risk controls across the enterprise, (2) tolerance for breaches of firm policy and controls,
(3) proactive review of risks and compliance events, (4) the extent that supervisors convey a
culture of compliance, and (5) how effectively business units and other departments comply
with policy and controls established on an enterprise-wide basis (i.e., existence of rogue
divisions within an enterprise).
B. Supervision, Risk Management, and Controls
FINRA stressed in its priorities letter that supervisory oversight moves “hand-in-glove” with
firm culture. A serious culture of compliance is expected to produce robust supervisory
oversight, enabling the firm to effectively manage conflicts of interest and to ensure the
ethical treatment of clients. Thus, for example, FINRA examiners will review how material
breaches of firm policies and procedures are treated, as well as the devotion of resources to
compliance. Additionally, FINRA echoed some of OCIE’s highlighted priorities by identifying
four areas of repeated concerns in this area: (1) conflicts management, (2) technology, (3)
outsourcing, and (4) AML.
With respect to conflicts management, FINRA announced it expects to complete the review
of its 2015 sweep concerning the extent to which compensation structures may exacerbate
conflicts of interest in the retail brokerage space. FINRA stated that it expects to publish
findings concerning the distribution of proprietary or affiliated investment products, as well as
the effect revenue sharing and similar payments from third parties may have on a firm’s
conflicts management. FINRA also noted that it will continue to scrutinize information flow
across enterprises, as well as the effective separation of research from investment banking,
and the extent to which research and/or research analysts may tacitly operate as an
impermissible marketing arm of a firm’s investment banking department. The valuation of
illiquid or hard-to-value proprietary positions also will be part of FINRA’s review of a firm’s
conflicts management.
Because technology failures can have adverse effects on securities markets, clients, and a
firm, FINRA expects to focus on technology infrastructure and oversight for 2016. Not
surprisingly, FINRA expects to review a firm’s oversight and risk management policies to
evaluate cybersecurity preparedness, as well as the effectiveness or failures of system
upgrades and modifications, reporting, and day-to-day operations. FINRA also announced
that it will review the oversight of outsourcing arrangements, including a firm’s diligence and
risk evaluations of outsourcing vendors.
FINRA again stated that it will review AML controls, with an emphasis on money movements
and oversight of high-risk client accounts, such as trading in microcap securities, an area
that FINRA identified as experiencing repeated compliance deficiencies overall.
C. Capital Funding
FINRA expects to review firms’ funding needs and liquidity risks in the context of their
financial responsibility and financial health. Noting that a firm’s financial health and oversight
4
OCIE and FINRA Announce 2016 Examination Priorities
has long been a focus of review, FINRA announced it expects to focus this review on highfrequency-trading firms in particular.
D. Other Areas of Focus
The letter highlighted several other areas of focus, including:
• Suitability and Concentration. FINRA announced it will examine a firm’s suitability
practices, concentration in investment sales and product training particularly for complex,
interest-rate sensitive and alternative products, such as high-yield debt, unlisted equities,
alternative mutual funds, emerging market funds, structured products, exchange-traded
products, and securities-backed lines of credit.
• Seniors. In keeping with its focus on the retail space, FINRA expects to examine the
oversight of sales practices and product distribution to seniors and other vulnerable
investors.
• Sales Charges and Discounts. FINRA expressed its continued concerns for lax
controls over awards of breakpoint discounts and sales-charge waivers for mutual funds,
non-traded real Estate Investment Trusts (“REITs”), unit investment trusts (“UITs”) and
Business Development Companies (“BDCs”).
• 529 Plans. FINRA intends to focus on the expense structures of 529 College Savings
Plans having different share classes and whether there is a basis for a firm to offer share
classes that may have higher expenses than another available share class.
• Private and Public Offerings. FINRA expects to scrutinize a firm’s private offering
activities in the context of suitability, disclosure, and issuer diligence, as well as
distributions in compliance with permissible general solicitation conditions and recently
adopted crowdfunding rules. FINRA also addressed offerings of direct participation
programs and municipal bonds, and the fees and expenses associated with the
distribution of those types of securities investments.
• Outside Business Activities. FINRA announced that it will review a firm’s assessment
of outside business activities, with an emphasis on a review of any potential conflicts of
interest that an associated person’s outside business may have on the firm and its clients.
• Financial and Operational Controls. FINRA announced that it will assess firm financial
responsibilities and risk management in the case of activities as market maker, ETF
authorized participant, and prime broker, as well as a firm’s operational controls in the
case of internal audits, client-account intake, and movement of customer funds.
• Market Integrity. As additional areas of focus in 2016, FINRA highlighted compliance
with Regulation NMS’ vendor display rule, the effectiveness of a firm’s market access
program, surveillance of order handling of debt securities, compliance with Regulation
SHO, surveillance of any cross-market or cross-product manipulation, and trade reporting
compliance. Notably, in its 2016 examination priorities, FINRA announced that it will
issue monthly report cards to broker-dealers focused on layering and spoofing, and it will
examine how firms use this information to identify and address potential misconduct.
5
OCIE and FINRA Announce 2016 Examination Priorities
IV.
CONCLUSION
OCIE’s and FINRA’s 2016 examination priorities highlight many current and emergent
regulatory risks to the securities industry. The concerns outlined in the priorities memoranda
provide notice of the anticipated focus of examinations in 2016, and should serve as a
warning that material deficiencies discovered in the examination process may more likely
lead to investigations by the enforcement staffs of both SEC and FINRA. It follows that any
sanctions resulting from enforcement actions in these areas may be increased, given the
regulators’ publicized intentions. Firms should work to assess these risks and ensure they
can demonstrate the “culture of compliance” regulators expect to see during examinations.
Authors:
Erin Ardale Koeppel
C. Dirk Peterson
erin.koeppel@klgates.com
+1.202.778.9420
dirk.peterson@klgates.com
+1.202.778.9324
Anchorage
Austin
Fort Worth
Frankfurt
Orange County
Beijing
Berlin
Harrisburg
Palo Alto
Paris
Boston
Hong Kong
Perth
Brisbane
Houston
Pittsburgh
Brussels
London
Portland
Charleston
Los Angeles
Raleigh
Charlotte
Melbourne
Research Triangle Park
Chicago
Miami
Dallas
Milan
San Francisco
Doha
Newark
São Paulo
Dubai
New York
Seattle
Seoul Shanghai Singapore Sydney Taipei Tokyo Warsaw Washington, D.C. Wilmington
K&L Gates comprises approximately 2,000 lawyers globally who practice in fully integrated offices located on five
continents. The firm represents leading multinational corporations, growth and middle-market companies, capital
markets participants and entrepreneurs in every major industry group as well as public sector entities, educational
institutions, philanthropic organizations and individuals. For more information about K&L Gates or its locations,
practices and registrations, visit www.klgates.com.
This publication is for informational purposes and does not contain or convey legal advice. The information herein should not be used or relied upon in
regard to any particular facts or circumstances without first consulting a lawyer.
© 2016 K&L Gates LLP. All Rights Reserved.
6