The Securities and Exchange Commission (“SEC”) approved FINRA’s rule proposal (SR-FINRA-2013-25) to consolidate and revise the legacy NASD and NYSE supervision rules on December 23, 2013.1 On March 19, 2014, FINRA issued Regulatory Notice 14-10 announcing that the consolidated supervision rules approved by the SEC will become effective on December 1, 2014 (“Consolidated Supervision Rules”).
The Consolidated Supervision Rules approved by the SEC largely track FINRA’s proposed rules as filed with the SEC in late June 2013 and as described in detail in our July 1, 2013, Alert (“FINRA Submits to SEC Consolidated Supervision Rule”). The Consolidated Supervision Rules retain the essential supervisory requirements familiar to member firms, including the core requirements to maintain a supervisory system that is reasonably designed to achieve compliance with applicable securities laws and to maintain appropriate written supervisory procedures.2
A key distinction between the current rules and the Consolidated Supervision Rules, and a telling departure from past practice, is the inclusion of FINRA’s presumptions as to elements of an effective supervisory structure, particularly as it relates to the avoidance of conflicts of interest. In the past, FINRA professed to not dictate to firms how they should structure compliance and supervisory systems, so long as they were reasonably designed, but FINRA takes a new tack in several instances in the new rules, providing specific presumptions as to what a reasonably designed supervisory structure should (or should not) include. FINRA has made clear that it believes the potential for conflict exists in certain supervisory models and expects a firm to conduct focused reviews to prevent possible conflicts from impeding its supervisory system.
In this Alert we summarize the key components to the Consolidated Supervision Rules that are likely to require firms to amend and enhance their existing written supervisory procedures or rethink aspects of their supervisory structure.
The Impact of Conflicts of Interest on Supervision
In the new rule, FINRA expressly deals with two common conflicts of interest that may adversely affect the effectiveness of a firm’s supervisory structure.
First, Rule 3110(b)(6) requires, among other things, that a firm have procedures specifically prohibiting associated persons who perform a supervisory function from supervising their own activities and reporting to, or having their compensation or continued employment determined by, a person or persons they are supervising. A firm that cannot comply with this requirement must document both “the factors the member used to reach such determination,” and “how the supervisory arrangement with respect to such supervisory personnel otherwise complies” with the rule. In Supplementary Material .10, FINRA cites three instances where this might be the case: (1) a sole proprietor, (2) the highest executive at a firm, and (3) other highly placed executives. In Amendment No. 1, FINRA clarified that the rule does not create a strict liability obligation to identify and eliminate all conflicts of interest in supervision of supervisors, but rather requires procedures reasonably designed to prevent the supervisory system from being compromised by a conflict of interest.
Second, Rule 3110(b)(6)(D) requires that firms have procedures to prevent a firm’s supervisory system from being compromised by an associated person’s position at the firm, the revenue such person generates for the firm, or any compensation the associated person conducting the supervision may derive from the associated person being supervised. This might include, for example, a manager who is paid an override on commissions earned by representatives he supervises, with one representative accounting for a substantial portion of the overrides received.
Offices of Supervisory Jurisdiction
The new rule will also require firms to think about how they establish Offices of Supervisory Jurisdiction and how they supervise them.
Although the new consolidated rule leaves the definition of an Office of Supervisory Jurisdiction (“OSJ”) largely unchanged, the new rule may require firms to review the manner in which they assign supervisory principals (“on-site principal,” in the rule’s parlance) to their OSJs. FINRA’s initial proposal applied a presumption that assigning a single principal as on-site principal at more than two OSJs is unreasonable. While FINRA backed off this absolute line, new Supplementary Material .03 retains a presumption that “a principal will not be designated and assigned to be the on-site principal . . . to supervise more than one OSJ” and FINRA cautions that an arrangement in which a principal supervises two or more OSJs “will be subject to scrutiny.” Firms that do assign a principal to supervise more than one OSJ must consider (a) the principal’s qualifications, (b) the principal’s capacity and time, (c) whether the principal is a producing rep, (d) the location of the OSJs, and (e) the business conducted and the personnel employed at each location. Firms are required to document the basis of their determination to assign a principal to supervise more than one OSJ.
FINRA’s new rule does eliminate one potentially burdensome requirement that appeared in the proposed rule. In Amendment No. 1, FINRA deleted the language which would have required a one-person OSJ to be supervised by another appropriately registered “senior principal.” That said, FINRA reiterated its belief that one-person OSJ locations where the on-site principal engages in sales-related activities should be subject to scrutiny, and firms should conduct focused reviews of such locations because of the possible conflicts of interest that may arise.3 FINRA has announced that in 2014 one of the priorities of the examination staff is to evaluate firms’ conflicts management practices.4
The Consolidated Supervision Rule retains the requirement that a firm inspect its branch offices on the same cycles as is required by the current rule. OSJs and supervisory branch offices are to be inspected at least annually (on a calendar-year basis), non-supervisory branch offices are to be inspected at least every three years, and non-branch locations are to be inspected on a regular periodic schedule. If a firm, however, inspects non-branch locations on a “regular periodic schedule” that results in those locations being inspected less than once every 3 calendar years, Supplementary Material .13 requires the firm to document, in both its written supervisory procedures and inspection procedures, the factors it used in determining the appropriateness of an inspection cycle longer than three years. FINRA also clarified that a firm may conduct non-supervisory branch inspections over the course of three years by conducting several targeted inspections so long as that within the three-year period all specific areas required to be inspected have been inspected and the firm documents, in both its written supervisory procedures and inspection procedures, the manner in which it conducts the exams.
Key additions to the rule will require firms to give additional attention to the review of their controls for safeguarding funds and securities. First, Consolidated Supervision Rule 3110(c)(2)(A) expands the required review with respect to the transmittal of funds. Consolidated Supervision Rule 3110(c)(2)(A)(iv) now requires a firm to test and verify its policies and procedures with respect to the transmittal of funds or securities from a customer’s account to the customer at another entity or an address other than the customer’s primary residence. FINRA also clarified that the obligation to monitor transfers includes transmittals where an accountholder on the sending account is not a named accountholder on the receiving account, even if the transmittal does not result in a change of beneficial ownership.
Second, Consolidated Supervision Rule 3110(c)(2) adds requirements with respect to documenting a firm’s policies for safeguarding of customer funds and securities. Specifically, Consolidated Supervision Rule 3110(c)(2) requires a firm’s procedures for the transmittal of funds to include a means or method of customer confirmation, notification, or follow-up that can be documented, although the firm can use reasonable risk-based criteria for determining the authenticity of the transmittal instructions. Similarly, if a firm processes a change to customer account information (including, but not limited to, address, investment objective, marital status, telephone number, and email address changes), it must have a means or method of customer confirmation, notification, or follow-up that can be documented for each change.
Finally, as with the assignment of supervisors, FINRA’s new rule requires a firm to expressly evaluate the independence of its branch inspection team. Consolidated Supervision Rule 3110(c)(3) requires a firm to have procedures to prevent a conflict of interest from eroding the effectiveness of the inspection process. If there is a perceived conflict of interest between the individual(s) conducting the inspection and the associated persons and business being inspected, the firm will be required to document in the inspection report the factors it considered in determining that the inspection process was not impeded by allowing the individual to conduct the inspection and how the inspection otherwise complies with the rule.
Review of Correspondence and Internal Communications
Consolidated Supervision Rule 3110(b)(5) requires a firm’s supervisory procedures to specifically include procedures to capture, acknowledge, and respond to all written (including electronic) customer complaints. The requirement to acknowledge customer complaints, previously found only in NYSE Rules, will now apply to all firms.
Supplementary Material .07 provides that the review of correspondence and internal communications must be documented to clearly identify the communication that was reviewed, the reviewer, date of the review and any steps taken as a result of issues raised in the review. FINRA stated that it would be permissible to use an electronic surveillance or reviewing tool if that tool has a means of electronically recording evidence that those communications have been reviewed by the system and the system captures the specified information fields to the extent necessary to comply with the applicable FINRA and SEC rules. Thus the system should be able to identify which emails were reviewed electronically, the date of the review, and that certain of those electronically surveilled emails were subsequently escalated to a reviewer (due to, for example, a lexicon flag). FINRA reiterated that the use of an electronic surveillance tool is itself a direct exercise of supervision by the supervisor and the supervisor remains responsible for any deficiency in the system’s criteria that would result in the system not being reasonably designed.
Reviews of Transactions
Consolidated Supervision Rule 3110(a)(2) requires a registered principal to evidence, in writing, a review of all transactions relating to a member’s investment banking and securities business. However, with the adoption of Supplementary Material .06, a firm will be allowed to use a risk-based review system. This means that a firm can identify for review only those transactions that pose a particular risk, allowing supervisors to focus their review on potential issues and address them more effectively. The risk methodology that the firm employs should be documented and regularly reviewed to ensure that the supervision continues to be effective.
Consolidated Supervision Rule 3110(d) , based on NYSE 342.21, also requires a firm to implement reasonably designed procedures to review the securities transactions effected in the accounts of the member, its associated persons and in other “covered accounts”5 to identify trades that may violate federal and SRO prohibitions on insider trading and manipulative and deceptive devices. If a trade is identified for further review, a firm must promptly conduct an internal investigation to determine whether a violation has occurred. In designing its procedures, a firm can use a risk-based approach that takes into account the firm’s business model.
In addition to investigating potential violations, firms that engage in investment banking services — which is defined broadly in Consolidated Supervision Rule 3110(d)(3)(B) — will also be required to file quarterly reports with FINRA on internal investigations relating to potentially violative trades that were initiated during the preceding quarter. Although FINRA did not state in the rule that firms are not under an obligation to investigate every alert, FINRA noted that it agrees with existing NYSE guidance to that effect. Instead, applying a risk-based approach, a firm should establish procedures and develop criteria for identifying which trades merit further review.6 If a firm determines, as a result of its investigation, that a trade did violate rules prohibiting insider trading or manipulative or deceptive devices, the firm is required to make a written report to FINRA within five business days of the date that the firm reached its final conclusion. In response to comments that Rule 3310(d)(2)(B) is duplicative of the requirement to report a determination of a rule violation under FINRA Rule 4530(b), FINRA noted that Rule 3101(d)(2)(B) requires “a more targeted and detailed reporting than FINRA Rule 4530, which requires reporting only where a member concludes or reasonably should have concluded a securities-related law or rule was violated” and, moreover, “Rule 4530 does not require firms to report every instance of noncompliant conduct.”7
Supervisory Control System
Consolidated Supervision Rule 3120 replaces NASD Rule 3012 and requires, like its predecessor, a firm to test and verify, at least annually, that its supervisory procedures are reasonably designed to achieve compliance and to annually report a summary of the test results, including any significant exceptions and amended procedures that resulted, to senior management.8
Certain additions to the rules are targeted at larger member firms and incorporate requirements from NYSE Rule 342.30. Specifically, Consolidated Supervision Rule 3120(b) requires members with $200 million or more in annual gross revenue to provide senior management an annual tabulation of reports made to FINRA regarding customer complaints and internal investigations, and provide commentary on compliance efforts in trading and markets, investment banking, antifraud and sales practices, finance and operations, supervision, and anti-money laundering, to the extent applicable to the firm’s business.
The Consolidated Supervision Rules will impact both small and large firms, with no firm being immune from having to amend current supervisory procedures. FINRA has stated that it will expect to see more documentation supporting the firm’s rationale for the design of its procedures to achieve compliance with certain rules, particularly when the procedure strays from FINRA’s rebuttable presumption as to the elements of an effective supervisory system. Accordingly, even with respect to rules that FINRA consolidated unchanged, a firm will be well served to revisit existing procedures to assess whether those procedures should be augmented to better evidence the firm’s determination that the procedure is reasonably designed.
For more information about the subject matter of this alert, please contact the authors or a Bingham partner with whom you regularly work.
If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following Morgan Lewis lawyers:Kroll-Amy
1 Order Granting Approval of a Proposed Rule Change to Adopt Rules Regarding Supervision in the Consolidated FINRA Rulebook, as Modified by Amendment No. 1, Securities and Exchange Commission Release No. 34-71179 (Dec. 23, 2013) (“Adopting Release”).
2 Approved Supervision Rule 3110(a)-(b).
3 Oct. 2, 2013 Letter at 4.
4 See http://www.finra.org/web/groups/industry/@ip/@reg/@guide/documents/industry/p419710.pdf; and Bingham alerts "FINRA Publishes Report on Conflicts of Interest and Provides Guidance to Broker-Dealers About Managing and Mitigating Conflicts" and "Regulators Issue Annual Priorities Letters for Broker-Dealers"
5 As initially proposed, “covered accounts” was defined broadly, but in Amendment No. 1 FINRA modified the definition to align it with existing NYSE guidance. FINRA also clarified that, in addition to “covered accounts,” the rule applies to “accounts of the member, accounts introduced or carried by the member in which a person associated with the member has a beneficial interest or the authority to make investment decisions, and accounts of a person associated with the member that are disclosed to the member pursuant to NASD Rule 3050 or Incorporated NYSE Rule 407, as applicable.” See Adopting Release at n. 190.
6 See NYSE IM 06-06 (Feb. 17, 2006).
7 See Adopting Release at n. 199. FINRA did not address whether, as a result of this duplication, it will provide relief from the requirement to report a violation under Rule 4530(b) for firms that have reported the violation under Rule 3310(d)(2)(B).
8 In discussing branch inspections, FINRA noted that Rule 3120 “would necessarily include any supervisory procedures regarding a member’s inspections to insure that inspections have not been compromised by any potential risks inherent to a member’s size, location or resources.” It is not clear if FINRA intended this to mean that a firm would be expected to test and verify the inspection process annually.
This article was originally published by Bingham McCutchen LLP.