14 January 2016 Practice Groups: OCIE and FINRA Announce 2016 Examination Priorities Government Enforcement; By: C. Dirk Peterson and Erin Ardale Koeppel Securities Enforcement; I. Investment Management, Hedge Funds and Alternative Investments; On January 6 and January 11, 2016, respectively, the Financial Industry Regulatory Authority (“FINRA”) and the Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) each published their 2016 examination priorities.1 Both OCIE and FINRA expressly stated they are increasing their examination focuses in 2016 on financial services to retail investors, market risks posed by technology and potentially lax cybersecurity controls, anti-money laundering (“AML”) oversight, and liquidity controls, among other issues. However, although OCIE’s announced areas of focus are fairly specific, certain of FINRA’s 2016 priorities are more generally centered upon firm culture and how it affects compliance and risk management practices. Hedge Funds and Venture Funds; Broker-Dealer; Global Government Solutions OVERVIEW The regulators’ annual examination priorities memoranda underscore both current and developing risks for the industry, namely, among other things, the adverse effects of unmanaged conflicts of interest in a diverse and complex marketplace; general market risk, including specific risks posed by technology and insufficient cybersecurity procedures and controls; and inadequate oversight and supervision in the retail marketplace, including suitability of recommendations of complex investment products or sales to seniors. In addition to providing insight into the anticipated focuses of OCIE and FINRA’s 2016 examinations, the priorities also signal the direction of potential future enforcement activities by both the SEC and FINRA. Financial institutions, broker-dealers, investment advisers, and others should assess these risks, and work to ensure their compliance programs adequately address them. To assist in those efforts, we offer a summary of some of the most significant OCIE and FINRA 2016 examination priorities. II. OCIE 2016 EXAMINATION PRIORITIES In 2016, OCIE plans to focus on the same three broad priority areas as it did in 2015: (a) Protecting Retail Investors and Investors Saving for Retirement; (b) Assessing Market-Wide Risks; and (c) Using Data Analytics to Identify Signals of Potential Illegal Activity. OCIE’s exam priorities also highlighted certain other areas the examination staff plans to evaluate in 2016. According to OCIE, the priorities noted “reflect certain practices and products that [it] perceives to present potentially heightened risk to investors and/or the integrity of the U.S. capital markets.” 1 FINRA Regulatory and Examination Priorities Letter (January 5, 2016); OCIE Examination Priorities for 2016 (January 11, 2016). OCIE and FINRA Announce 2016 Examination Priorities A. Protecting Retail Investors and Investors Saving for Retirement OCIE announced that it intends to again focus on retail investors and retirement savers in 2016, including a continuation of the multi-year Retirement-Targeted Industry Reviews and Examinations (“ReTIRE”) initiative it announced in June 2015. The ReTIRE initiative includes examining the reasonable basis for retirement investment recommendations made to investors, conflicts of interest, supervision and compliance controls, and marketing and disclosure practices. Among other transactions and issues that have been examined thus far as a part of this initiative are rollovers of individual retirement accounts (“IRAs”). Recognizing that variable annuities have become a part of the retirement plans of many Americans, OCIE also stated that it plans to assess the suitability of sales of variable annuities in 2016, as well as the adequacy of disclosure and the supervision of such sales. A new area of focus for OCIE in 2016 will be Exchange-Traded Funds (“ETFs”) and their compliance with applicable exemptive relief granted under the Securities Exchange Act of 1934 and the Investment Company Act of 1940 and with other regulatory requirements. OCIE also said it plans to review the ETFs’ unit creation and redemption processes and to focus on sales strategies, trading practices, and disclosures involving ETFs. The SEC also announced that it will examine public pension advisers and focus on “pay-to-play” and other key risk areas, including identification of undisclosed gifts and entertainment. OCIE stated that it will continue to review supervisory oversight of registered representatives and investment adviser representatives in branch offices of SEC-registered investment advisers and broker-dealers. OCIE also said that it will advance its efforts to examine investment advisers and dually registered investment adviser/broker-dealers that offer retail investors a variety of fee arrangements for purposes of evaluating account types and recommendations are in the best interests of retail investors. B. Assessing Market-wide Risks OCIE highlighted its mission of “maintaining fair, orderly, and efficient markets,” and stated that it will continue to examine firms for firm-specific or industry-wide risks and trends. Notably, OCIE announced a continuation of its current initiative to examine broker-dealer and investment adviser cybersecurity compliance and controls, including testing to assess the implementation of such procedures and controls, as announced in a September 2015 OCIE Risk Alert. OCIE also specified that it intends to examine Regulation Systems Compliance and Integrity (“SCI”) entities, which include certain alternative trading systems and clearing agencies, to evaluate whether they have “established, maintained, and enforced written policies and procedures reasonably designed to ensure the capacity, integrity, resiliency, availability, and security of their SCI systems.” OCIE’s 2016 priorities highlighted market-side risks and OCIE stated it will focus on liquidity controls and will examine advisers to mutual funds, ETFs, and private funds that have exposure to potentially illiquid fixed-income securities. OCIE also plans to examine registered broker-dealers that have become new or expanding liquidity providers in the marketplace with respect to their controls over market risk management, valuation, liquidity management, trading activity, and regulatory capital. OCIE also noted that it will continue its annual examinations of clearing agencies designated as systemically important, pursuant to the requirements of the Dodd-Frank Wall Street Reform and Consumer Protection Act. 2 OCIE and FINRA Announce 2016 Examination Priorities C. Data Analytics to Identify Signals of Potential Illegal Activity As in 2015, OCIE highlighted several of initiatives using its data analytics capabilities, including the identification of recidivist representatives and the firms that employ them, AML, microcap fraud, and excessive trading. These data analytics are expected to detect the promotion of new, complex, and high-risk investment products and potential sales practice issues. Additionally, OCIE’s data analytics extend to AML programs, particularly those implemented by clearing and introducing broker-dealers. That is, OCIE will use analytic capabilities to detect firms that have not filed the number of suspicious activity reports (“SARs”) that would be consistent with their business models or have filed incomplete or late SARs. Independent testing of AML programs will focus on the extent to which a firm’s AML program is adequately adapted to current money laundering and terrorist financing risks. D. Other Highlighted Initiatives OCIE also announced that it plans to focus on the following market participants or issues: • Municipal Advisors. OCIE stated that it will examine newly registered municipal advisors to assess their compliance with recently adopted SEC and Municipal Securities Rulemaking Board rules. • Private Placements. OCIE will examine private placements, including offerings pursuant to Regulation D under the Securities Act of 1933 or the Immigrant Investor Program (“EB5 Program”). • Never-Before-Examined Investment Advisers and Investment Companies. OCIE will continue to apply its risk-based examination approach to select registered investment advisers and investment company complexes that have not yet been examined and that, because of size or business, may pose greater risk to investors or markets. • Private Fund Advisers. OCIE plans to examine private fund advisers, focusing on fees and expenses and evaluating controls and disclosure for side-by-side management of performance-based and purely asset-based fee accounts. • Transfer Agents. OCIE identified transfer agents and their timely turnaround of items and transfers, recordkeeping and record retention, and safeguarding of funds and securities, as well as providing paying agent services for their issuers, focusing on the safeguarding of security-holder funds. III. FINRA 2016 EXAMINATION PRIORITIES FINRA also plans to focus on retail investors in its 2016 examinations and identified three broad areas of emphasis: (a) Firm Culture, Conflicts, and Ethics; (b) Supervision, Risk Management and Controls; and (c) Capital Funding. According to Richard G. Ketchum, FINRA’s current (but soon to retire) Chairman and CEO, each of these areas highlight both emerging and existing risks that, if not properly addressed, could adversely affect investors and market integrity in 2016. 2 2 Richard G. Ketchum Cover Letter to FINRA Regulatory and Examination Priorities Letter (January 5, 2016). 3 OCIE and FINRA Announce 2016 Examination Priorities A. Firm Culture, Conflicts, and Ethics FINRA continues to emphasize the importance of a firm’s culture of compliance, with a particular focus on conflicts management. FINRA identified five basic guideposts against which a firm’s culture of compliance is expected to be measured: (1) value given to conflicts and risk controls across the enterprise, (2) tolerance for breaches of firm policy and controls, (3) proactive review of risks and compliance events, (4) the extent that supervisors convey a culture of compliance, and (5) how effectively business units and other departments comply with policy and controls established on an enterprise-wide basis (i.e., existence of rogue divisions within an enterprise). B. Supervision, Risk Management, and Controls FINRA stressed in its priorities letter that supervisory oversight moves “hand-in-glove” with firm culture. A serious culture of compliance is expected to produce robust supervisory oversight, enabling the firm to effectively manage conflicts of interest and to ensure the ethical treatment of clients. Thus, for example, FINRA examiners will review how material breaches of firm policies and procedures are treated, as well as the devotion of resources to compliance. Additionally, FINRA echoed some of OCIE’s highlighted priorities by identifying four areas of repeated concerns in this area: (1) conflicts management, (2) technology, (3) outsourcing, and (4) AML. With respect to conflicts management, FINRA announced it expects to complete the review of its 2015 sweep concerning the extent to which compensation structures may exacerbate conflicts of interest in the retail brokerage space. FINRA stated that it expects to publish findings concerning the distribution of proprietary or affiliated investment products, as well as the effect revenue sharing and similar payments from third parties may have on a firm’s conflicts management. FINRA also noted that it will continue to scrutinize information flow across enterprises, as well as the effective separation of research from investment banking, and the extent to which research and/or research analysts may tacitly operate as an impermissible marketing arm of a firm’s investment banking department. The valuation of illiquid or hard-to-value proprietary positions also will be part of FINRA’s review of a firm’s conflicts management. Because technology failures can have adverse effects on securities markets, clients, and a firm, FINRA expects to focus on technology infrastructure and oversight for 2016. Not surprisingly, FINRA expects to review a firm’s oversight and risk management policies to evaluate cybersecurity preparedness, as well as the effectiveness or failures of system upgrades and modifications, reporting, and day-to-day operations. FINRA also announced that it will review the oversight of outsourcing arrangements, including a firm’s diligence and risk evaluations of outsourcing vendors. FINRA again stated that it will review AML controls, with an emphasis on money movements and oversight of high-risk client accounts, such as trading in microcap securities, an area that FINRA identified as experiencing repeated compliance deficiencies overall. C. Capital Funding FINRA expects to review firms’ funding needs and liquidity risks in the context of their financial responsibility and financial health. Noting that a firm’s financial health and oversight 4 OCIE and FINRA Announce 2016 Examination Priorities has long been a focus of review, FINRA announced it expects to focus this review on highfrequency-trading firms in particular. D. Other Areas of Focus The letter highlighted several other areas of focus, including: • Suitability and Concentration. FINRA announced it will examine a firm’s suitability practices, concentration in investment sales and product training particularly for complex, interest-rate sensitive and alternative products, such as high-yield debt, unlisted equities, alternative mutual funds, emerging market funds, structured products, exchange-traded products, and securities-backed lines of credit. • Seniors. In keeping with its focus on the retail space, FINRA expects to examine the oversight of sales practices and product distribution to seniors and other vulnerable investors. • Sales Charges and Discounts. FINRA expressed its continued concerns for lax controls over awards of breakpoint discounts and sales-charge waivers for mutual funds, non-traded real Estate Investment Trusts (“REITs”), unit investment trusts (“UITs”) and Business Development Companies (“BDCs”). • 529 Plans. FINRA intends to focus on the expense structures of 529 College Savings Plans having different share classes and whether there is a basis for a firm to offer share classes that may have higher expenses than another available share class. • Private and Public Offerings. FINRA expects to scrutinize a firm’s private offering activities in the context of suitability, disclosure, and issuer diligence, as well as distributions in compliance with permissible general solicitation conditions and recently adopted crowdfunding rules. FINRA also addressed offerings of direct participation programs and municipal bonds, and the fees and expenses associated with the distribution of those types of securities investments. • Outside Business Activities. FINRA announced that it will review a firm’s assessment of outside business activities, with an emphasis on a review of any potential conflicts of interest that an associated person’s outside business may have on the firm and its clients. • Financial and Operational Controls. FINRA announced that it will assess firm financial responsibilities and risk management in the case of activities as market maker, ETF authorized participant, and prime broker, as well as a firm’s operational controls in the case of internal audits, client-account intake, and movement of customer funds. • Market Integrity. As additional areas of focus in 2016, FINRA highlighted compliance with Regulation NMS’ vendor display rule, the effectiveness of a firm’s market access program, surveillance of order handling of debt securities, compliance with Regulation SHO, surveillance of any cross-market or cross-product manipulation, and trade reporting compliance. Notably, in its 2016 examination priorities, FINRA announced that it will issue monthly report cards to broker-dealers focused on layering and spoofing, and it will examine how firms use this information to identify and address potential misconduct. 5 OCIE and FINRA Announce 2016 Examination Priorities IV. CONCLUSION OCIE’s and FINRA’s 2016 examination priorities highlight many current and emergent regulatory risks to the securities industry. The concerns outlined in the priorities memoranda provide notice of the anticipated focus of examinations in 2016, and should serve as a warning that material deficiencies discovered in the examination process may more likely lead to investigations by the enforcement staffs of both SEC and FINRA. It follows that any sanctions resulting from enforcement actions in these areas may be increased, given the regulators’ publicized intentions. Firms should work to assess these risks and ensure they can demonstrate the “culture of compliance” regulators expect to see during examinations. Authors: Erin Ardale Koeppel C. Dirk Peterson erin.koeppel@klgates.com +1.202.778.9420 dirk.peterson@klgates.com +1.202.778.9324 Anchorage Austin Fort Worth Frankfurt Orange County Beijing Berlin Harrisburg Palo Alto Paris Boston Hong Kong Perth Brisbane Houston Pittsburgh Brussels London Portland Charleston Los Angeles Raleigh Charlotte Melbourne Research Triangle Park Chicago Miami Dallas Milan San Francisco Doha Newark São Paulo Dubai New York Seattle Seoul Shanghai Singapore Sydney Taipei Tokyo Warsaw Washington, D.C. Wilmington K&L Gates comprises approximately 2,000 lawyers globally who practice in fully integrated offices located on five continents. The firm represents leading multinational corporations, growth and middle-market companies, capital markets participants and entrepreneurs in every major industry group as well as public sector entities, educational institutions, philanthropic organizations and individuals. For more information about K&L Gates or its locations, practices and registrations, visit www.klgates.com. This publication is for informational purposes and does not contain or convey legal advice. The information herein should not be used or relied upon in regard to any particular facts or circumstances without first consulting a lawyer. © 2016 K&L Gates LLP. All Rights Reserved. 6