Does Your Broker-Dealer Have an Adequate Supervisory System in Place?

In addition, FINRA’s 2019 Examination Findings Report, published in October 2019, opened with supervision related findings. At least a third of all findings discussed in the report were supervision related, across different areas of examined firms. Further, FINRA’s 2020 Risk Monitoring and Examination Priorities Letter, published in January 2020, highlighted issues of importance to FINRA's regulatory programs. Specifically, it described areas of focus for FINRA’s 2020 risk monitoring, surveillance and examination programs. Supervision was again highlighted as one of the top focus areas of FINRA’s exam program.

To add some additional context, below are a few recent high profile cases in which firms were fined for supervisory deficiencies:

• In May 2020, FINRA sanctioned an investment bank more than $3.6 million for violations involving Unit Investment Trust (UITs). According to FINRA, the firm did not have adequate supervisory systems reasonably designed to supervise the suitability of early UIT rollovers recommended to their customers by their representatives. The firm, therefore, did not identify that its representatives recommended unsuitable rollovers that, collectively, may have caused customers to incur approximately $1.9 million in sales charges that they would have otherwise not incurred had they held the UITs until maturity.
• In July 2020, FINRA censured and fined a leading global market-maker $700,000 for failing to establish a reasonable supervisory system surrounding OTC securities trading. According to FINRA’s Monthly Disciplinary Actions reported for September 2020, the firm traded ahead of certain OTC inactive orders and failed to establish a supervisory system to govern OTC trading ahead activity. FINRA observed that “while OTC customer orders were inactive, the firm traded for its own account on the same side of the market at prices that would have satisfied the orders, without immediately thereafter executing them up to the size and at the same or better price as it traded for its own account”. The firm failed to establish written supervisory procedures (WSPs) that required supervisory reviews of such orders. Additionally, the firm did not establish any supervisory reports or tools to assist managers in identifying whether trades were handled in compliance with applicable rules and regulations.

This insight serves as a guide to helping you determine if your firm has an adequate supervisory system in place, just in time for FINRA’s 2021 examination program. We will discuss the FINRA rules related to supervision and then break down the specific requirements related to supervision of individuals and business practices. We will conclude by detailing a list of best practices to consider when developing, monitoring, or reviewing your firm’s supervisory system.

Supervision (FINRA Rule 3110)

     FINRA Rule 3110 is intended to ensure that a firm establishes and maintains a system to adequately supervise the activities of its associated persons. The Rule requires that firms establish and enforce WSPs that are reasonably designed to supervise the activities of their associated persons and the types of businesses in which they engage. Per the rule, the WSPs should describe the specific individual(s) responsible for each review, the supervisory activities that such persons will perform, the frequency of the review, and the manner of documentation.

Many firms face challenges in meeting the requirements of this rule. Common issues that FINRA has observed include, but are not limited to, the following:

• Failure to establish adequate WSPs. A main underlying issue that causes many firms to fail in creating an adequate supervisory system is that firms often do not establish adequate WSPs that detail how firms will supervise activities of their associated persons and business practices. The WSPs are the backbone of a firm’s supervisory system.
• Failure to adequately review or investigate outside business activities and private securities transactions. Oftentimes, smaller institutions struggle with the review and investigation of such activities. This commonly stems from a firm’s failure to allocate sufficient resources to perform such reviews and investigations adequately.
• Failure to establish and implement adequate branch inspection programs. FINRA has observed that many firms fail to ensure that all of their locations are operating in compliance with applicable laws. Especially tricky is the independent contractor (IC) model where registered representatives (RRs) run their own businesses under the umbrella of a FINRA registered firm. In those instances, supervision can be even more challenging.

Supervisory Control System (FINRA Rule 3120)

FINRA Rule 3120 is intended to ensure that firms implement Supervisory Control Policies (SPCs) that test and verify their supervisory procedures. This rule requires that firms not only have WSPs, but create SPCs to test and verify that their WSPs are adequate and reasonably designed to achieve compliance with applicable rules and regulations.

FINRA has observed that many firms face challenges in establishing SPCs that test and verify WSPs. One challenge is differentiating between WSPs and SPCs and understanding the requirements for establishing both policies. SPCs should be specifically designed to test and verify that a firm’s WSPs are adequate.

Annual Certification of Compliance and Supervisory Process (FINRA Rule 3130)

FINRA Rule 3130 requires firms to designate and identify to FINRA on schedule A or Form BD one or more principals to serve as a Chief Compliance Officer (CCO). The rules also require a firm’s Chief Executive Officer (CEO) to complete an annual certification, to certify that the firm has processes in place to establish, maintain, review, test and modify policies and procedures to achieve compliance with applicable rules and regulations.

FINRA has observed that a common occurrence among firms is their failure to have the CEO certify annually that the institution has processes in place to establish, maintain, review, test and modify written compliance policies and WSPs. Additionally, many firms fail to certify that the CEO has conducted one or more meetings with the CCO in the preceding 12 months to discuss such processes.

Outside Business Activities

FINRA Rule 3270 requires that all registered individuals disclose their outside business activities (OBAs) to their employing broker-dealer. A business activity is any activity conducted outside of the firm where an individual is compensated or has a reasonable expectation of receiving compensation. Additionally, activities including acting as an employee, independent contractor, sole proprietor, officer, director, or partner of another entity, would be considered OBAs under the rules regardless of compensation factors. Some examples of OBAs can include, employment at an investment adviser, owner of a holding company, independent contractor, or even a part-time lacrosse coach.

The purpose of this rule is to be aware of all registered individuals’ activities in order to prevent conflicts from arising.

Outside Business Activities

FINRA Rule 3270 requires that all registered individuals disclose their outside business activities (OBAs) to their employing broker-dealer. A business activity is any activity conducted outside of the firm where an individual is compensated or has a reasonable expectation of receiving compensation. Additionally, activities including acting as an employee, independent contractor, sole proprietor, officer, director, or partner of another entity, would be considered OBAs under the rules regardless of compensation factors. Some examples of OBAs can include, employment at an investment adviser, owner of a holding company, independent contractor, or even a part-time lacrosse coach.

The purpose of this rule is to be aware of all registered individuals’ activities in order to prevent conflicts from arising.

Private Securities Transactions

A Private Securities Transaction (PST) is a securities transaction made away from the firm. Per FINRA Rule 3280, if a registered individual participates in a PST and receives selling compensation, the individual must disclose the activity to the employing broker-dealer. The broker-dealer must supervise these transactions as if they are made on behalf of the firm. According to FINRA, selling compensation is defined as any compensation paid directly or indirectly from a source in connection with or as a result of the purchase or sale of a security.

Many firms have faced challenges in meeting the requirements of FINRA Rule 3270 and 3280. FINRA has published guidance on these rules, which discusses the following observed common issues identified during examinations:

• Individuals failed to notify their firms of proposed OBAs or PSTs. In certain cases, individuals did not have a clear understanding of what constitutes an OBA or PST. In other cases, individuals did not provide sufficient detail regarding the OBA or PST, which prevented the firm from making an adequate determination regarding supervision.
• Firms failed to conduct adequate reviews of the OBA or PST. FINRA observed that in some instances, firms had weak WSPs surrounding the review of OBAs and PSTs, and in some cases, they did not have such WSPs at all. In other instances, firms had adequately designed WSPs, however, were unable to execute them properly. Specifically, FINRA highlighted that some firms erroneously determined that an activity was not a PST or approved participation in the proposed activity without fully considering whether they could supervise the transaction properly.
• Firms failed to properly supervise PSTs after approval. FINRA observed that some firms did not fully understand the activity they approved and this resulted in the firm’s failure to supervise the activity properly. In other cases, firms did not retain the documentation necessary to demonstrate their compliance with the supervisory requirements. Furthermore, FINRA found that some firms had difficulty recording the transactions on their books and records because PSTs can take many forms and not all structures may fit easily into firms’ electronic systems.

Outside Brokerage Accounts

FINRA Rule 3210 requires that all associated persons disclose their outside brokerage accounts to their employing broker-dealer. The employing broker-dealer must request transmission of duplicate copies of confirmations and statements, or transactional data from the firm executing the transactions.

Failing to establish an adequate system to review statements or activity can lead to employees committing fraudulent trading activities, such as insider trading, without the firm’s awareness.

Email Correspondence

Under FINRA Rule 3110, member firms are required to establish WSPs that detail the firm’s process for review of incoming and outgoing written and/or electronic correspondence. The supervisory procedures must be appropriate for the firm’s business size, structure, and customers.

The WSPs must also designate an individual to review the correspondence and such reviews must be evidenced in writing.

Failing to review incoming and outgoing correspondence can result in missing critical information such as customer complaints, unsuitable recommendations, unauthorized trading, churning, insider trading or other fraudulent and / or high-risk activity.

Suitability

FINRA Rule 2111 describes the suitability obligations for member firms. According to FINRA, firms are required to have a reasonable basis to believe a recommended transaction or investment strategy involving a security or securities is suitable for a customer. There are three main suitability obligations for firms described below:

• Reasonable-basis suitability: a broker must have a reasonable basis to believe that the recommendation is suitable for at least some investors, based on reasonable diligence.
• Customer-specific suitability: a broker must have a reasonable basis to believe that a recommendation is suitable for that customer based on the customer’s investment profile
• Quantitative suitability: a broker must have a reasonable basis for believing that a series of recommended transactions, even if suitable when viewed in isolation, is not excessive and unsuitable for the customer when taken together in light of the investment profile.

Per FINRA’s Regulatory Notice 20-18, FINRA has amended its Suitability Rule to address potential contradictions or overlaps with SEC’s Regulation Best Interest (Reg BI). These changes have become effective as of June 30th, 2020, which is the effective date of Reg BI. Specifically, FINRA has amended FINRA Rule 2111 to note that the rule will not apply to customer recommendations subject to Reg BI, in order to avoid duplication of efforts. Additionally, FINRA has removed the “element of control” from the quantitative suitability obligation in order to be consistent with Reg BI.

Trading

Under FINRA Rule 3110, member firms must detail in their WSPs, a process for review of securities transactions that is reasonably deigned to identify trades that may violate the provisions of the Exchange Act or FINRA rules prohibiting insider trading and manipulative and deceptive schemes.

Failure to identify such trades can directly impact customers, which could result in large fines. For example, as mentioned in the introduction of this paper, this past July, a firm was fined $700,000 for failing to establish a reasonable supervisory system to govern OTC trading activity. This led to instances where the firm traded ahead for its own account and executed prices that were not in its customers’ favor.

Underwriting

A firm that engages in Regulation D offerings must have supervisory procedures that are reasonably designed to ensure that each offering is properly supervised before it is marketed to other firms or sold directly to customers.

Additionally, FINRA requires that firms demonstrate reasonable due diligence investigation through documentation. FINRA’s Notice to Members 10-22 states that member firms should retain records documenting both the process and results of its investigation. Such records can include descriptions of the meetings that were conducted during the investigation. These descriptions can include meetings with the issuer or other parties, tasks performed, the documents and other information reviewed, the results of such reviews, the date of such events occurred, and the individuals who attended the meetings or conducted the reviews.

Many firms have faced challenges in meeting their due diligence requirements. FINRA has observed the following common issues during examinations:

• Firms failed to conduct reasonable due diligence. FINRA found that some firms failed to perform reasonable diligence on private placement offerings prior to recommending the offerings to investors. For example, in some instances firms did not perform any additional research about new offerings because they relied solely on their experience with the same issuer in previous offerings. In other cases, firms reviewed the offering memorandum and other relevant documentation, but did not verify or discuss the information in greater detail with the issuer.
• Firms over-relied on Third Parties. FINRA found that some firms hired third parties to conduct due diligence and failed to independently evaluate the third parties’ conclusions, respond to red flags, or address obvious concerns regarding the issuer outside of the report.
• Firms did not consider conflicts of interest in issuer provided due diligence reports. FINRA found that some firms used third-party due diligence reports that issuers paid for or provided in their due diligence analysis, without considering conflicts of interest.

Branch Inspections

Under FINRA Rule 3110, member firms are required to inspect annually every Office of Supervisory Jurisdiction (OSJ) and any branch office that supervises one or more non-branch locations.

Within FINRA’s Rule 3110 guidance, FINRA published the following common issues identified during examinations:

• Firms did not conduct timely inspections of non-branch locations. FINRA Rule 3110(c) requires that member firms inspect every non-branch location on a regular periodic schedule. The rule states that firms should consider the nature and complexity of the securities activities when establishing this schedule.
• Firms did not determine relevant areas of review at branch offices. FINRA found that in some cases, this oversight stemmed from firms’ failure to consider the nature and complexity of products and services offered by the branch. In other instances, firms did not consider any indicators of irregularities or misconduct when determining their scope of review.

Sia Partners’ talent pool consists of former FINRA examination staff, with nearly 15 years of combined experience examining all types of U.S. broker-dealers. Leveraging our experience in this field, we have developed the following list of best practices to help your firm mitigate the risk of supervisory failures.

Supervisory System

• Conduct a gap analysis to determine the areas in the firm’s supervisory system that need revision and improvements.
• In addition to Internal Audit, implement local and regional Quality Assurance and/or Quality Control mechanisms to periodically review and test the adequacy of the written procedures and also implementation of the procedures.
• Consider employing a third party vendor software that can serve multiple needs, i.e. required storage of electronic communications, flagging and review tools, and documenting the review of communications.
• Implement checklists to assist investigators/reviewers in documenting the reviews that were conducted and dispositions reached.
• Tie performance evaluations to the investigators’/reviewers’ compliance with the written procedures.
• Implement a calendar based system to ensure that the designated responsible person tests the institution’s WSPs timely and adequately.

Supervisory Control System

• Train relevant staff to understand the differences between WSPs and SCPs and the required actions under the rule.

Annual Compliance Certification

• Implement a written system of checks and balances for the CEO and CCO to hold each other accountable for the FINRA Rule 3130 requirement.

Branch Inspections

• Implement branch office inspection related checklists to assist with timely and adequate inspections, and also the documentation of such reviews.

Zoya Ashirov

Senior Manager
917-330-5536
Zoya.Ashirov@sia-partners.com

Liana Marzano

Senior Consultant
732-403-4167
Liana.Marzano@sia-partners.com