2012 Regulatory and Examination Priorities Letter

January 31, 2012

Dear Executive Representative/Chief Compliance Officer:

FINRA^® is publishing its

to highlight new and continuing areas of significance to our regulatory programs, including topics of heightened importance to FINRA's Member Regulation, Market Regulation and Enforcement Departments, and the Office of Fraud Detection and Market Intelligence (OFDMI). This information represents our current assessment of certain key issues facing the securities industry. Since business and regulatory environments are fluid, FINRA continually tracks new risks and concerns and integrates them into the scope of its regulatory programs. We trust that the information provided will help firms refine their compliance, supervisory and ethics programs.

I. Regulatory Program Developments

FINRA employs an ongoing process to best discharge its regulatory responsibilities against a changing landscape. Among other things, patterns, trends, and other data indicative of fraud or problematic business conduct enhance our risk-based examination programs, investigations and enforcement activities. Similarly, our market regulation programs use a risk-based approach to enhance surveillance, examination and disciplinary initiatives focused on ensuring market integrity.

FINRA has made enhancements to, and continues to enhance, our regulatory programs in terms of our ability to differentiate between firms on the basis of risk. The goal of these enhancements is to facilitate our ability to focus our attention and resources where we believe the risk is greatest. We continue to reshape the examination program in line with this principle, recognizing that one size does not fit all. We are in the process of strengthening our ability to identify and prioritize the risks that warrant attention and integrate our risk intelligence across our programs.

At the heart of this strategy sits a broader data collection effort and more comprehensive risk- assessment process. We intend to capture and leverage more granular operational and risk data that helps us to better understand a firm's business model and the risk embedded within that model. This will potentially include third-party transactional data and other contextual risk data at a granular level. As a first step in that process, we will deploy a Risk Control Assessment (RCA) across the membership in the first quarter of 2012. The RCA will help FINRA better understand firms' business activities, product mix, customer base and underlying controls. The RCA content is risk-based and does not seek to test compliance with specific rules and regulations.

The RCA will be presented in a survey format. The content of the survey will be dynamically generated such that firms will only be asked questions that are relevant to their business model. In addition, we will not ask firms questions that we already know the answers to; we will pre-populate the survey with information we currently have in our databases about firms where possible. We understand that this first effort will not be perfect, but have taken all possible measures to minimize the burden on individual firms. In addition, we believe that firms will receive significant benefit by completing the survey both in terms of more risk-appropriate levels of examination and better-informed examiners. We would like to thank you in advance for your participation in the RCA and will share our findings around practices as appropriate in late 2012.

II. Examination Priorities

In addition to the referenced regulatory program developments, FINRA is informing its examination priorities¹ against the economic environment that investors have faced since 2008, as these circumstances have steadily contributed to conditions that foster an increased risk of aggressive yield chasing, inappropriate sales practices, unsuitable product offerings, and misappropriation and fraud.

The following examination priorities represent risks that FINRA examines both broadly across the membership and in the course of targeted reviews. Our examination program is risk-based, in that the scope, content, frequency, and nature of an individual examination will depend on the operational and risk characteristics associated with that firm. These characteristics include the scope and scale of a firm's operations, the products and services it sells, and the types of clients or counterparties with which it does business. With respect to any issues discussed below that are applicable to your firm, we advise you to assess whether your internal controls, supervisory systems and risk management practices properly address the matters discussed.

When FINRA identifies deficiencies through an examination, we communicate the findings to firms in writing, and firms must respond in writing, outlining corrective actions they have taken to address the findings. FINRA expects firms to have policies and procedures in place to timely and effectively address regulatory findings in examinations or disciplinary proceedings. In instances where firms undertake prescribed remedial steps in connection with a disciplinary proceeding, examiners will validate whether remediation was appropriately completed. A delay in addressing identified regulatory weaknesses can lead to repeat violations and subject the firm or associated persons to additional disciplinary action.

Business Conduct and Sales Practice Concerns for Retail Customers

The challenging economic environment can lead individual retail investors to be susceptible to recommendations to chase yields without necessarily understanding the risk-versus-reward tradeoffs, particularly as more esoteric or complex products find their way into retail portfolios. Further, this environment can exacerbate underlying business-conduct issues that have a detrimental impact on retail investors. Some of our concerns include the full disclosure of material risks, mispricing and overcharging issues, and the suitability of products based on those underlying risks. FINRA recently issued Regulatory Notice 12-03, regarding heightened supervision of complex products, to provide guidance to firms about the characteristics of many complex products and a discussion of other key factors in evaluating complex products, especially when considering offering them to retail investors. FINRA issued this guidance with an aim of assisting firms in developing sufficiently robust heightened supervisory systems. Against this back drop, FINRA is specifically concerned with:

• Yield Chasing – Given the low yields on Treasuries, we are concerned that investors may be inadvertently taking risks that they do not understand or that are inadequately disclosed as they chase yields.
• Liquidity – The lack of a deep secondary trading market for certain investments make them unsuitable for many retail investors who have strong liquidity needs.
• Cash Flow Characteristics – The timing of anticipated cash flows should be in line with investor time horizons.
• Transparency of Cash Flows and Financial Condition – Transparent and accurate financial details should be available at the time an investment is made to ensure that investors are making an informed decision. The classification of cash flow returns is particularly important so investors know when returns are being paid from their own principal or from capital raised in subsequent offerings.

Against this context, suitability reviews continue their importance in 2012 as the new Suitability Rule (FINRA Rule 2111) and Know Your Customer Rule (FINRA Rule 2090) become effective on July 9, 2012. The new suitability rule generally is modeled after former NASD Rule 2310, but it does contain some new and modified provisions. The new rule, for instance, now explicitly applies to recommended investment strategies, including recommendations to hold securities. The new rule, moreover, broadens the explicit list of customer-specific factors that brokers generally must attempt to obtain and analyze when making recommendations. Although not a new requirement, the rule also codifies and makes clear interpretations of the predecessor suitability rule requiring that persons who make securities recommendations perform reasonable diligence to understand a recommended product or strategy and then determine whether it is suitable for at least some investors based on that understanding. In addition, the new rule modified the institutional- customer exemption to the customer-specific suitability obligation by using the more common definition of "institutional account" in FINRA's books and records rule, FINRA Rule 4512(c), and requiring institutional customers to affirmatively acknowledge that they are exercising independent judgment.

As further discussed in Regulatory Notice 11-25, the suitability rule generally allows firms to take a risk-based approach with respect to documenting compliance with suitability requirements. In all cases, the suitability rule applies to recommendations, but the extent to which a firm needs to evidence suitability generally depends on the complexity of the security or strategy in structure and performance, and/or the risks involved. Firms that choose to create new or modified systems, policies and procedures to comply with the new rule should have them in place by the rule's July 9 effective date.

The following list of products is intended to illustrate areas where our concerns relative to business conduct and suitability issues are heightened. This list is not intended to be an all-inclusive inventory of the specific products with which we have concerns. Rather, we are pointing out representative products that raise concerns, often for a host of reasons, when marketed and sold to retail investors.

Residential Mortgage-Backed Securities and Commercial Mortgage-Backed Securities: Due to the embedded pre-payment option associated with mortgage-backed products, these securities carry significant re-investment risk, which can strongly affect the yield investors realize. Also, with collateralized mortgage obligations (CMOs), some tranches, such as interest-only strips or inverse floaters, carry much higher levels of risk than other tranches. Finally, the opaque nature of underlying collateral and the lack of a robust secondary market for some mortgage-backed securities should be considered when evaluating suitability.

Non-Traded REITs: Although non-traded REITs may offer diversification benefits as a part of a balanced portfolio, they do have certain underlying risk characteristics that can make them unsuitable for certain investors. As an unlisted product without an active secondary market, these products offer little price transparency to investors and little liquidity. The related financial information for these products may often be unclear to the investor, which makes the true associated risks and value difficult to ascertain. With many products, there are questions about valuation and concerns that in some cases distributions to investors are paid with borrowed money, over a lengthy period of time, with newly raised capital, or by a return of principal rather than a return on investment. The source of the distribution may not be transparent.

Municipal Securities: On the whole, municipal securities may offer significant benefits to many investors and can be an important component of a diversified portfolio. With some municipal securities, however, the lack of timely disclosures and complete financials often inhibit individual retail investors from making informed investment decisions, and may preclude associated persons from having a reasonable basis to recommend such a security. Member firms are reminded of their obligation to make suitable recommendations to their clients with respect to trading in the secondary markets. This includes obtaining sufficient information about the issuer to provide a reasonable basis that the recommendation is suitable. Separate and independent of the suitability obligation, member firms are also required, under MSRB Rule G-17, to disclose to their customers, at or prior to a sale of securities to a customer, all material facts about the transaction known by the dealer as well as all material facts about the security that are reasonably accessible to the market. ² Firms should ensure that representatives have access to this municipal issuer information (through MSRB's Electronic Municipal Market Access (EMMA) system and/or other sources) to meet these requirements. Firms are also obligated to trade with their customers at prices that are fair and reasonable (including any markup or markdown).

Complex Exchange-Traded Products: Certain exchange-traded products that employ sophisticated strategies or access more exotic markets can expose investors to unexpected results or unforeseen risks. For example, exchange-traded funds (ETFs) that employ optimization strategies using synthetic derivatives can expose individual investors to the risk of significant tracking errors. In other words, the performance of the ETF may differ from that of the underlying benchmark during times of stress or volatility in unanticipated ways. These risks can be exacerbated when the ETFs employ significant leverage.

Variable Annuities: Although variable annuity products can offer valuable benefits to investors seeking predictable annuity streams, tax deferral for investment gains and flexible investment choices, they do have certain risk characteristics that can make them unsuitable for some investors. These products often have long holding periods and significant surrender fees, making them unsuitable for investors who have a need for liquidity. High fees and expenses may result in reduced performance in the underlying holdings, and high commissions make the product a target for switching. FINRA Rule 2330 imposes enhanced responsibilities on member firms with respect to variable annuities. Among other things, the rule requires that the firm or associated person have a reasonable basis to believe that a customer would benefit from certain features of a deferred variable annuity, such as tax-deferred growth, annuitization, or a death or living benefit, and that the particular recommended deferred variable annuity as a whole, the underlying subaccounts to which funds are allocated, and any rider or similar policy enhancements accompanying it are suitable for the customer. The rule, moreover, requires that the firm or associated person have a reasonable basis to believe that the customer has been informed, in general terms, of various features of deferred variable annuities. Firms are also required to implement surveillance procedures to detect any registered persons who are effecting deferred variable annuity exchanges at a rate that could indicate non-compliance with securities laws and rules, and to have procedures for taking corrective action if such activity is detected. The rule has a training component as well.

Structured Products: These products may be marketed to retail customers based on attractive headline yields or the promise of some level of principal protection. However, they can be complex, and have cash flow characteristics and risk-adjusted rates of return that are uncertain or hard to estimate. These products generally lack any active secondary market, which means investors must be willing to assume considerable liquidity risk in addition to market risk and the credit risk associated with the issuer of the product. These features can make the products unsuitable for some retail investors. For example, reverse convertibles are debt obligations that are typically tied to the performance of a security or basket of securities. These securities, which may offer a high rate of return, have complex pay-out structures often tied to a "knock-in" level, and involve elements of options trading. In addition, reverse convertibles not only expose investors to the financial risks associated with the debt obligation, but also to those risks associated with the underlying basket of securities.

Securities Offered Through Private Placements: Certain issuers seek to raise capital by offering unregistered securities in private placements. Many firms also offer securities in private placements to accredited investors under SEC's Regulation D. Firms conducting private placements under Regulation D or any other applicable exemption from registration must conduct a reasonable investigation of the issuer, based upon the facts and circumstances, with careful attention to any "red flags," to comply with the anti-fraud provisions and other FINRA rules, such as suitability. Proposed FINRA Rule 5123 (Private Placements of Securities)³ would help ensure that member firms and associated persons that sell applicable private placements provide relevant disclosures to each investor, and would also require that the private placement memorandum, term sheet or other disclosure document be filed with FINRA to help inform FINRA's regulatory programs. In addition, firms are reminded that the definition of accredited investor has changed.⁴

Unregistered Securities Acquired in Secondary Markets: As many high-profile companies have elected to remain private, secondary trading markets have emerged for their securities. However, despite their profile, many of these companies are difficult to value, as the issuers may not make financial statements publicly available. Acquiring interests in such securities through a pooled investment or single security "fund" introduces another layer of costs to the investor as well as risk associated with the fund manager.

Church Bonds: The credit quality of the underlying issuer and its true financial condition are often not transparent. Investors may be unaware of the substantial credit and market risk they are assuming with such investments. The source and nature of the underlying revenue streams of the issuer that are required to service the instruments are often less than clear. Further, as sales are frequently made on an affinity basis, these securities can be vehicles for fraud.

Promissory Notes: When investing in promissory notes, investors could assume substantial credit and market risk exposures that may not be transparent to them. Such notes may potentially be written by registered persons or by entities associated with registered persons, with or without their employing broker-dealer's knowledge. Similarly, registered persons may offer and sell promissory notes issued by persons and entities not associated with a broker-dealer, again without their employing broker-dealer's knowledge. At worst, such instruments are principally a vehicle to defraud clients who may believe that a broker-dealer is knowledgeable about the product and is recommending it as a suitable investment.

Life Settlements: Sales of existing life insurance policies to third parties—referred to as life settlements—have raised regulatory concerns, as these products generally have very high commissions. In 2009, FINRA published Regulatory Notice 09-42 about member firms' responsibilities in marketing variable life settlements, as these are securities under FINRA jurisdiction. Recent decisions issued by the Delaware Supreme Court highlight the risk that insurers may challenge the validity of a contract based on a lack of insurable interest.⁵

Microcap Fraud

Microcap or penny stocks are particularly vulnerable to market manipulation given the lack of transparency in their underlying business, lack of verifiable financial history and the opaque nature of their operations. We are particularly concerned with fraud schemes that can harm retail investors. FINRA's focus includes, among other issues:

• bulletin board postings or email spam that distributes false or misleading information by fraudsters attempting to pump up a microcap;
• high pressure sales tactics employed by sales personnel;
• the use of paid promoters to dispense "unbiased" opinions related to these microcaps; and
• individuals who use brokerage firms to liquidate microcap holdings, whereby the firm may be facilitating an unregistered distribution. As part of their anti-money laundering (AML) responsibilities, member firms are obligated to monitor for suspicious activity and to file Suspicious Activity Reports where warranted.

Reverse Mergers

The reverse merger market (where a private company merges into a public shell or so-called "backdoor registration") represents a path for issuers to enter the U.S. public capital markets while foregoing the formal registration process associated with an IPO. Significant allegations of fraud have surfaced relative to this practice, particularly related to issuers based in China. Current and accurate information on these issuers is often scarce, and concerns have been raised regarding the quality of their audited financial statements. In December 2010, the SEC disciplined a U.S. auditor for overstating revenues of Chinese issuers.⁶ The heightened risk associated with these foreign issuers, who never went through an IPO or registration process in the U.S., increases the risk that any due diligence failures on the part of the broker-dealer may result in harm to investors.

Private Securities Transactions and Outside Business Activities

Many firms permit registered representatives to engage in private securities transactions, as defined in NASD Rule 3040, and outside business activities, as defined in FINRA Rule 3270, potentially exposing the firm and investors to increased risks. NASD Rule 3040 and FINRA Rule 3270 provide details for the determination of applicability of these rules and certain related recordkeeping requirements. Firms must supervise private securities transactions notwithstanding the fact that the business may be conducted away from the firm. FINRA examiners will review firm supervision of private securities transactions and determinations made pursuant to Supplementary Material.01 to FINRA Rule 3270 regarding outside business activities.

Integrity of Supervision and Internal Controls

Establishing and enforcing adequate supervisory systems and internal controls are fundamental requirements for member firms, not only to ensure compliance with applicable rules and regulations, but also to mitigate business risks for the firm. Each firm must maintain supervisory systems and underlying internal control procedures that are specifically tailored to its business model, the products and services it sells, and the types of clients or counterparties with which it does business. Firms that offer higher risk products or services should have corresponding supervisory policies and procedures that are reasonably designed, among other things, to ensure adequate due diligence and that these higher-risk products or services are limited and properly marketed to appropriate clients. In addition, firms that employ a decentralized operating model and have associated persons interacting with the investing public from remote locations are expected to maintain adequate supervisory structures to mitigate the enhanced business-conduct risks associated with the limited visibility into day-to-day activities. Firms may also need to consider implementing heightened supervisory procedures to comply with the federal securities laws and FINRA rules.

Information Technology and Cyber Security

FINRA continues to be concerned about information technology (IT) and cyber security threats. Such concerns include security and authentication practices for high-risk Web-facing systems and the potential variability in security controls and testing protocols as the outsourcing of core IT functions to lower cost on- and off-shore providers continues. In a related area, FINRA has received an increasing number of reports of incidents of customer funds stolen as a result of instructions emailed to firms from compromised customer email accounts. These incidents highlight the risks for firms in accepting instructions to transmit or withdraw funds via email. FINRA recommends that firms reassess their policies and procedures to ensure they are adequate to protect customer assets from such risks (see Regulatory Notice 12-05).

FINRA also recognizes the significant effort firms have dedicated towards addressing discrete, one-off threats, such as individual account intrusions or the actions of rogue employees, but would like to caution that the sophistication of potential electronic attacks against the financial services industry has increased significantly. Larger, more coordinated threats, commonly known as advanced persistent threats, have emerged. Firms should be equally cognizant of and prepared for these more sophisticated threats.

Outsourcing

As firms continue to seek opportunities to cut expenses and focus on core business, they have increasingly used third parties to carry out certain functions. Although firms may use a third-party service provider to perform certain functions and activities, FINRA noted in Notice to Members 05-48 that the use of a third party does not relieve the member firm of its responsibility to achieve compliance with all applicable securities laws, regulations and rules. Proposed FINRA Rule 3190 governing the use of third-party service providers (see Regulatory Notice 11-14) is intended to codify this guidance. Among other requirements, proposed Rule 3190 codifies existing expectations that firms conduct ongoing due diligence in regard to their third-party service providers to ensure that they are capable of performing the outsourced functions.

Fees

We remain concerned about firms charging retail investors hidden, mislabeled or excessive fees. Fair dealing with customers requires that firms charge only reasonable fees and disclose those fees up front and in a manner that retail investors can make informed investment decisions. Furthermore, under NASD Rule 2340, any miscellaneous charges must be reasonable and related to the services performed. In 2011, FINRA brought cases against several broker-dealers that charged such excessive fees in the form of postage and handling charges that were unrelated to actual costs,⁷ and we will continue to investigate firms that appear to be taking advantage of investors through fee schemes.

Foreign Finders

Foreign finders and related foreign affiliates pose compliance risks and may elevate a firm's AML risk level. Recent examinations and enforcement cases have uncovered problematic arrangements with foreign finders.⁸ NASD Rule 1060(b) permits member firms, in limited circumstances, to pay transaction-related compensation to non-registered foreign persons or foreign finders. Specifically, the sole involvement of the foreign finder in the member firm's business must be the initial referral of non-U.S. customers to the firm. FINRA reminds firms that the scope of permissible business activities and the associated regulatory requirements differ between foreign finders and foreign associates. Examiners have found finders whose activities go beyond an initial referral of non-U.S. customers to the firm and who are involved in the servicing of non-U.S. customer accounts, including having trading authority over accounts, entering customer orders directly to the clearing firm's online platform, and processing new account documents and funds transfers. As a result of such activities, the foreign finders provisions in NASD Rule 1060(b) are not applicable, and the finder is required to be registered as a Foreign Associate pursuant to NASD Rule 1100, or in another appropriate registration category and be supervised as an associated person of the firm. Firms that engage foreign finders should ensure their procedures appropriately address the limited scope of activities permissible under such arrangements and potential risks. See Notices to Members 01-81 and 95-37.

A firm's AML risk may be elevated by foreign finders and related foreign affiliates depending on the geographical regions involved, types of customers introduced, and products and services offered. Some of the red flags observed include customer accounts exhibiting significant account activity with very low levels of securities transactions, significant credit or debit card activity/withdrawals with very low levels of securities transactions, wire transfers to/from financial secrecy havens or high-risk geographic locations without an apparent business reason, and payment by third-party check or money transfer without an apparent connection to the customer. Relationships with foreign finders and related foreign entities have also been used to hide securities activities and payment of transaction-based compensation to previously disciplined individuals, and to engage in cross-trading for the inappropriate benefit of the finder. Prior to entering into these relationships, firms must have reasonably designed procedures to, among other things, assess and address the potential AML risks associated with the business, and monitor any subsequent activity conducted with foreign finders and related foreign entities.

Branch Office Inspections

The branch inspection process is a critical component of a comprehensive risk-management program and can help protect investors and the interests of the firm. Robust inspections test whether compliance policies and supervisory procedures are being properly followed at the branch level. A well-designed inspection process can provide firms the opportunity to validate their surveillance results from branch activities and to gather on-site intelligence that supplements the ongoing management and surveillance of the branch from a business and risk-management standpoint (e.g., whether any previously unknown activities are taking place at branch locations).

FINRA and SEC staff issued joint guidance in Regulatory Notice 11-54 on developing effective policies and procedures for broker-dealer branch inspections, and noting commonly found deficiencies and strong compliance practices. FINRA examiners will review a firm's internal branch office inspection program and also conduct their own branch examinations of the firm's branch network.

Social Media and Electronic Communications

Social media remains an important concern to FINRA, and is a topic on which we continue to receive many questions from firms. FINRA issued Regulatory Notice 11-39 to build upon initial social media guidance in Regulatory Notice 10-06. FINRA has consistently maintained that certain core regulatory requirements apply to all communications with the public, irrespective of the medium or device used to communicate. Regulatory Notice 11-39 discusses a number of topics within this context. For example, the recordkeeping requirements of Rule 17a-4(b)(4) under the Securities Exchange Act of 1934 (SEA) remain in effect even when an associated person is using a device for "business as such" communications. Further, firms must be able to appropriately supervise business communications made using personal devices.

As FINRA noted in its 2010 Annual Letter, deficient electronic communication retention and supervisory systems can create conditions for fraudulent conduct by rogue employees. On January 4, 2012, the SEC charged an individual with offering to sell fictitious securities through a social media site^.9 FINRA will maintain its focus on fraudulent and other improper activities, including when such activities are conducted using electronic communications and social media.

Proposed Rule Requiring Supplemental FOCUS^TM Information

FINRA has proposed a new rule that would require each member firm to file additional information to supplement its FOCUS report.¹⁰ In connection with the proposed rule, FINRA has proposed a supplementary schedule to capture more specific information from the Statement of Income (Loss) page of the FOCUS report. Firms should closely monitor SEC approval of the proposed rule to prepare for any operational and systems changes that may be needed.

Leverage and Liquidity

In a low-interest-rate environment, it is not uncommon for firms to grow their balance sheets in order to meet targeted returns on equity. The use of off-balance sheet instruments, and netting of assets and liabilities for financial statement purposes, often increases as well. FINRA is concerned about the additional risks that are being taken as a result of increased leverage, including market, credit and liquidity risk. We will continue to monitor firms that employ a high degree of leverage, both on-balance sheet and off-balance sheet during the upcoming year. Examiners will continue to focus on the appropriateness of netting certain assets and liabilities, pursuant to Accounting Standards Codification 210-20, for balance sheet purposes. Further, we will continue to review funding and liquidity risk management practices, particularly focused on potential adverse circumstances that can result from broker-dealer-specific events or systemic credit events. As previously detailed in Regulatory Notice 10-57, FINRA expects broker-dealers to regularly assess their funding and liquidity risk management practices to maximize the likelihood that they will be able to continue to operate under adverse circumstances.

Rogue Trading

Last year brought yet another sizeable loss to a global investment bank as a result of unauthorized trading. This served as a reminder to member firms to review internal controls and risk management systems with a view toward assessing their ability to detect and prevent rogue trading. FINRA published Regulatory Notice 08-18 to assist firms in the process of reviewing their internal controls relating to preventing or detecting unauthorized trading, and FINRA expects broker-dealers to establish adequate controls and a system to regularly assess the effectiveness of such controls.

Pricing of Illiquid, Hard-to-Value Securities

The pricing of illiquid and hard-to-value securities, such as private-label mortgage-backed securities and various structured products, continues to raise concerns. It is important that firms have processes in place to obtain reliable valuations for these instruments from sources independent of the trading desk. Examiners will continue to review firms' processes and procedures for reviewing and verifying the valuation of their securities, including whether such valuations are consistent, irrespective of whether a security is held in a firm's inventory, as collateral for a financing transaction or in a customer account. Examiners will also evaluate the robustness and independence of firms' valuation groups and the process for escalating price differences to senior management.

Margin-Lending Practices and Custody of Assets Collateralizing Margin Loans

As customers seek to enhance their returns, many are employing increased leverage to do so. Firms are reminded of the importance of determining whether the collateral supporting receivables is readily marketable, appropriately valued, unencumbered and readily available to finance the credit extended to clients. We have seen instances in the past year where firms have extended credit through margin lending or reverse repo transactions, on complex structured products that were difficult to value, as well as on thinly traded securities. In these situations, firms must adequately assess the sufficiency of such collateral, the valuation and liquidity of this collateral as well as the concentration of collateral in a specific security or class of securities, in a single customer account and across all customer accounts.

Firms should have a governance process in place to vet extensions of credit against less-liquid or concentrated asset classes.¹¹ In addition, we have seen instances where firms entered into collateral custody arrangements that compromised their legal control and ability to readily access the collateral pledged to them to secure extensions of credit. If a firm does not have unrestricted control and ready access over the securities collateralizing its margin loans, punitive capital charges and computation penalties would apply that may result in Net Capital and Reserve Formula Computation deficiencies and lead to liquidity stress. Further, management should pay close attention to the impact on the firm's liquidity position of long-term commitments to finance a customer's positions that are funded by short-term financing arrangements.

Net Capital

Guarantees and Contingencies: Generally Accepted Accounting Principles (GAAP) require that firms determine the dollar amount of losses that could result from guarantees or contingencies and accrue such losses in computing net worth when their occurrence is probable and the amount can be reasonably estimated. Contingencies include pending arbitrations and lawsuits. For both pending arbitrations and lawsuits, firms should document the basis for any liability accrual or lack thereof. Further, with regard to lawsuits, an SEC interpretation to SEA Rule 15c3-1 (Net Capital Rule) provides that a broker-dealer that is the subject of a lawsuit that could have a material impact on its net capital must obtain an opinion of outside counsel regarding the potential effect of such a suit on the firm's financial condition. Absent such opinion, the item must be considered, at a minimum, a contingent liability, and be included in the calculation of Aggregate Indebtedness. In addition, SEC case law states that a broker-dealer that is the subject of an adverse award in an arbitration proceeding must record the award as a liability at the time the award is made, even though the appeal process may not have been exhausted and no judgment has been rendered.¹² The awards would be included in Aggregate Indebtedness. Further, firms are cautioned not to rely upon an insurance policy's potential coverage of a loss in determining the amount to be accrued, as we have seen that, in many cases, payment on an insurance claim is conditioned upon factors that cannot be determined as having been satisfied until after the loss becomes actual and a claim is submitted and evaluated by the insurance carrier.

Expense-Sharing Arrangements/Withdrawal of Capital: Firms are reminded that expense-sharing arrangements cannot successfully alleviate a firm's requirement to record expenses and liabilities unless, among other things, the party agreeing to pay the expenses or liability on the firm's behalf has the financial means to do so, without relying on the firm's assets or revenue-generating activities (see Notice to Members 03-63). Further, FINRA has noted instances where the expense charges are not reflective of services provided to the broker-dealer or are well in excess of the cost to provide such services. Firms are cautioned that such excess charges may be deemed to be a withdrawal of equity capital pursuant to SEA Rule 15c3-1(e) and thereby subject to notification to the SEC and FINRA. To the extent the withdrawal involves equity capital that was contributed in the past year, such withdrawals are not permitted unless approved by FINRA pursuant to FINRA Rule 4110(c)(1).

Inaccurate Books and Records: FINRA has observed practices that call into question the accuracy of firms' books and records, and reminds firms of the importance of maintaining accurate books and records, the integrity of financial statements and required computations of net capital. Some examples of inaccuracies FINRA has observed include recording expenses that are not the broker- dealer's obligations ( e.g., personal expenses of principals and employees, or expenses of a parent or an affiliate) and failing to accrue liabilities throughout the year ( e.g., income taxes, bonus payments and contingencies). In 2012, examiners will continue to review the accuracy of firms' books and records and net capital computations, including the impact thereon of guarantees and contingencies and expense-sharing arrangements.

Protection of Customer Funds and Securities

The recent bankruptcy of MF Global reminds us of the importance of protecting customer assets. Compliance with SEA Rule 15c3-3 is instrumental in safeguarding and restricting the use of customer assets by a broker-dealer in its business activities. The rule protects customer assets by requiring broker-dealers to promptly obtain and maintain the physical possession or control of all fully paid and excess margin securities, and to segregate the net amount of funds derived from customer activities, computed in accordance with a prescriptive formula, in a “Special Reserve Bank Account for the Exclusive Benefit of Customers.” A firm must have a supervisory system and internal control procedures reasonably designed to ensure that customer funds and securities are protected. Reviewing for compliance with SEA Rule 15c3-3 has always been an examination priority and will continue to be in 2012.

SEA Rule 15c3-5 Compliance

SEA Rule 15c3-5 (Market Access Rule) became fully effective in November 2011 and applies to broker-dealers that provide customers with access to an exchange or alternative trading system (ATS) and to trading activity on an exchange or ATS for the proprietary account of the broker- dealer or for more traditional agency activities. Under the Market Access Rule, broker-dealers are responsible for having risk management controls and supervisory procedures that are reasonably designed to manage the financial, regulatory and other risks associated with market access. Inadequate controls around market access may jeopardize the financial condition of a broker-dealer, create regulatory and compliance risks, and disrupt the orderly functioning of markets.

Examination staff will review and test firms' written supervisory procedures and risk controls required by the Market Access Rule. This assessment will include, among other things, controls designed to prevent the entry of orders that exceed appropriate pre-trade capital or credit thresholds, risk management controls to prevent the entry of erroneous or duplicative orders, and controls to prevent the entry of orders that fail to comply with SEC, FINRA or exchange rules and regulations. Broker-dealers also will be required to demonstrate that the controls that have been established are under the direct and exclusive control of the broker-dealer providing market access, and that they have performed appropriate due diligence with regard to establishing meaningful capital and credit thresholds for their customers. In addition, examination staff will review firms' post-trade surveillance procedures to assess whether they are reasonably designed to identify various potential trading violations such as wash sales, marking, spoofing, layering, quote stuffing, and other potential violations of SEC and FINRA rules. Pursuant to the Market Access Rule and other supervisory obligations, Market Regulation examiners also will conduct reviews to determine if firms that offer algorithms to customers or otherwise utilize algorithms to trade have reasonable policies, procedures and controls to ensure that algorithms are being designed, tested and monitored (both before and after implementation) for proper functioning in the marketplace. As FINRA examiners get more experience with firm practices in this area, FINRA will look for opportunities to disseminate leading practices.

Information Barriers

The adequacy of firms' information barriers will continue to be a focus of FINRA's examination program given that such barriers are embedded in a number of SEC and FINRA rules, and serve to safeguard customer and material non-public information. Specifically, examiners will review the structure and business mix of aggregation units and assess the adequacy of a firm's controls and supervisory systems for safeguarding information related to pending customer orders and executed orders, assuring the physical and systemic separation between trading desks, wall-crossing and risk management, among other things, as well as the firm's policies and procedures around information disclosure. In addition, in light of recent amendments to FINRA's limit order protection rule, FINRA Rule 5320, that expanded the “no knowledge” exception to include proprietary trading by a firm's market-making desk in National Market System (NMS) issues, FINRA examiners will be assessing the adequacy of a firm's information barriers when it relies on the exception, as well as whether the firm has made adequate disclosures to its customers.¹³ Lastly, with respect to ATS, examiners will review order-handling procedures and firm disclosures with regard to the firm's participation in the routing and execution of subscribers' orders, and will also examine the quality of ATS disclosures regarding the manner in which they interact with and/or route subscribers' orders.

Fixed Income

FINRA continues to review execution pricing in debt securities transactions between firms and their customers (pricing reviews). Our pricing reviews focus on whether a firm charges a fair and reasonable markup (or markdown) in relation to the prevailing market price under FINRA Rule 2010, NASD Rule 2440, NASD IM-2440-1, NASD IM-2440-2, MSRB Rule G-17 and MSRB Rule G-30. Over the past several years, we have observed a general increase in the percentage of surveillance alerts attributable to markups/markdowns under 5 percent as a percentage of all alerts in both corporate and municipal securities, and continue to bring more cases involving sub-5 percent markups/ markdowns. Particular areas in which we have noted concerns with respect to firms' markup/ markdown practices include those in which firms apply markups/markdowns based on par value when the price of the bond has moved away from par and firms applying a set percentage markup/ markdown across all bonds traded by the firm. Firms are reminded that they are required to have policies and procedures to supervise all debt-securities pricing determinations.

With the expansion of TRACE TM to include transaction reports in asset-backed securities, FINRA's fixed income surveillance programs have been adapted to generate alerts for potentially excessive markups/markdowns in these instruments, as well as other potential rule violations. Firms may receive inquiry letters for activity in these securities.

In addition, over the course of the year, more firms also may start to see inquiry letters from FINRA with respect to potential wash sales, marking the close and trading ahead in fixed income securities as we expand our surveillance program into these areas.

High Frequency Trading

While most high frequency trading (HFT) strategies are legitimate and can serve to provide liquidity and pricing efficiency, others can be used for manipulative purposes. In addition, even when there may not be a manipulative intent behind the trading, the velocity of HFT can result in unintended consequences in terms of quote generation and other activities. As a result, the surveillance of HFT remains a high priority for FINRA and requires firms using HFT strategies and other trading algorithms to be vigilant when testing these strategies pre- and post-launch to ensure that the strategies do not result in abusive trading and/or unintended consequences. Following are more specific areas of concern that FINRA will continue to pursue.

• FINRA continues to be concerned about the use of so-called “momentum ignition strategies,” where a market participant attempts to induce others to trade at artificially high or low prices. Examples of this activity include layering strategies where a market participant places a bona fide order on one side of the market and simultaneously “layers” non-bona fide orders on the other side of the market (typically above the offer or below the bid) in an attempt to bait other market participants to react to the non-bona fide orders and trade with the bona fide order on the other side of the market.¹⁴ FINRA has observed several variations of this strategy in terms of the number, price and size of the non-bona fide orders, but the essential purpose behind these orders remains the same, to bait others to trade at higher or lower prices. FINRA also has seen wash sales used in conjunction with layering to give the appearance of bona fide transactions at artificial prices. Other examples of problematic HFT or algorithmic activity include momentum ignition and spoofing strategies related to the open or close of regular market hours that involve distorting disseminated market imbalance indicators through the entry of non-bona fide orders and/or aggressive trading activity near the open or close. FINRA also is concerned with abusive cross-product HFT strategies and other algorithms where stock transactions are effected to impact options prices and vice versa. FINRA will continue to aggressively pursue these types of problematic HFT strategies and algorithms.
• Consistent with the Market Access Rule and other supervisory obligations, FINRA will assess whether firms have adequate testing and controls related to HFT and other algorithmic trading strategies. FINRA's evaluation of firms' controls may take the form of examinations and targeted investigations. Potential areas of review will include, among other things, the development, testing, deployment and maintenance of algorithmic codes; the adequacy of controls and follow- up regarding message rates; and procedures and controls to detect potential trading abuses such as, without limitation, wash sales and momentum ignition strategies.
• FINRA also will continue to focus on the entry of problematic HFT and algorithmic activity through sponsored participants who initiate their activity from outside of the United States. In this regard, member firms are reminded of their surveillance and control obligations under the Market Access Rule and Notice to Members 04-66, as well as potential issues related to treating such accounts as customer accounts, anti-money laundering and margin levels, as highlighted in Regulatory Notice 10-18 and the SEC's Office of Compliance Inspections and Examination's National Exam Risk Alert dated September 29, 2011. FINRA will continue to devote substantial resources to the examination, detection, surveillance and prosecution of such conduct.

Market Maker Quoting Obligations

In the wake of the Flash Crash, the equity exchanges and FINRA adopted rules requiring their registered market makers to comply with minimum quotation obligations in exchange-listed equity securities during regular trading hours. While there currently are no registered market makers quoting on FINRA's Alternative Display Facility, FINRA does conduct reviews for compliance with these quotation obligations on behalf of various exchanges with which FINRA has entered into regulatory services agreements (RSA client exchanges). Consequently, member firms can expect that FINRA will continue to conduct such reviews on behalf of RSA client exchanges, which may include evaluations of firms' display of quotations pursuant to the terms of the applicable rule and an assessment of firms' policies and procedures for complying with the terms of the applicable rule in the event of the unavailability of any exchange-provided automated quotation update functionality the firm uses.

For several years, FINRA's option surveillance program also has focused on quoting obligations across our client options exchanges. We have identified a number of issues surrounding quoting infractions—ranging from market makers quoting below the required percentages to, in the most extreme cases, the inappropriate use of the short sale locate exemption where firms are quoting, but are always excessively wide and attempting to take advantage of the benefits afforded to a market maker. Accordingly, for both equities and options, quoting obligations will continue to be a focus of our surveillance and investigative program in 2012.

OATS^TM

As of November 28, 2011, firms were required to report to FINRA not only order information in NASDAQ-listed and OTC TM equity securities, but also order information in all other NMS stocks ( i.e., those listed on the NYSE, NYSE Amex, NYSE Arca and all other national securities exchanges). The expansion of OATS to all NMS stocks has significantly enhanced FINRA's ability to perform market surveillance on a cross-market basis and allowed for the elimination of the NYSE's Order Tracking System (OTS) requirements, reducing duplicative reporting. Overall, member firms did a tremendous job of preparing for the new requirements as evidenced by high industry compliance rates in key areas such as exchange route matching almost immediately following implementation. OATS is a key component of FINRA's regulatory audit trail, and as such, compliance with OATS reporting requirements will remain a high priority for FINRA in the coming year.

Coding Cases

FINRA continues to be concerned about the appropriate coding of orders. The accurate entry of an account type indicator or a capacity code is essential to audit trails and surveillance patterns FINRA uses. FINRA has recently identified situations where options firms have miscoded broker-dealer or firm orders as "customer," resulting in the misrepresentation of orders in the market place, priority violations and other audit trail and fee-related rule violations. FINRA has detected similar issues with equity account type/capacity codes. In both our options and equities programs, FINRA has reviewed instances where these codes are inaccurately entered into order entry and trade reporting systems due to coding changes by member firms or their vendors that were not properly planned or tested. FINRA has also investigated instances where system defaults resulted in inaccurate order coding. Proper order coding will continue to be a focus of our surveillance and examination program in 2012.

Oversight of the Creation and Redemption Process for Exchange-Traded Products

Given the expanding role of exchange-traded products in the securities market, ensuring the integrity and efficiency of the creation and redemption process for ETFs and similar products has become increasingly important. These unique transactions are a central element of the ETF market that can have a significant impact on how ETFs function. Creations and redemptions involve novel practices that are evolving as the ETF market matures that may raise concerns for potential conflicts of interest or the possibility of collusion or unfair trading practices. These concerns may be more acute in certain cases, such as with authorized participants (APs) or other key players in the creation and redemption process, due to potential access to material information and the ability to interact directly with the ETF issuer.

Municipal Securities

It is critical that municipal securities firms adopt and enforce adequate supervisory systems and internal controls to ensure compliance with the specific rules that apply to municipal securities and to meet their obligations to deal fairly when effecting municipal transactions with customers. It is also important that firms recognize instruments that are municipal securities ( e.g., 529 College Savings Plans and Build America Bonds) and therefore subject to Municipal Securities Rulemaking Board (MSRB) rules. In 2011, the MSRB advised firms that, in certain scenarios where firms facilitate "direct purchases" of municipal securities by banks and "bank loans" to municipalities as an alternative to public offerings, these financings may be municipal securities and thus subject to all MSRB rules.¹⁵

With respect to underwriting of municipal securities, FINRA reminds firms of their obligations to maintain adequate supervision over their associated persons to ensure they do not engage in unethical and illegal activities such as pay-to-play, bid rigging, or providing excessive gifts or business entertainment to issuer officials designed to secure municipal business for the broker- dealer, but which ultimately harms the municipal issuer.

Conflicts of Interest in the Sale and Marketing of Complex Investments

Several high profile civil suits against systemically important financial institutions have highlighted the far-reaching and potentially endemic conflicts of interest embedded within the system that warrant further examination. These conflicts related to sales and marketing of complex financial instruments directly challenge the notion of fair and transparent markets and have the potential to harm both institutional and retail market participants. Broker-dealers have been accused of or have settled lawsuits as a result of the proprietary undisclosed investments that they made in deals that they structured that directly conflict with the positions marketed and sold to their own clients. Many of these issues have only come to the surface as a result of the financial crisis where portfolio markdowns, margin calls and resulting investor losses have shed light on the potentially damaging practice.

III. Conclusion

We hope that the topics addressed in this letter provide insightful information that will help firms understand FINRA's view of key risk areas. We encourage broker-dealers to use the information to enhance their supervisory and compliance programs to mitigate risk and better protect investors. As always, you may contact your firm's Regulatory Coordinator with specific questions or comments. In addition, if you have general comments regarding this letter or suggestions on how we can improve it, please send them to Daniel M. Sibears, Executive Vice President, Member Regulation Programs, at [email protected].

Sincerely,

 

Grace B. Vogel
Executive Vice President
Member Regulation, Risk Oversight and Operational Regulation

---

End Notes

1. For purposes of this letter, examination priorities include FINRA's surveillance, risk and enforcement initiatives.
2. Regulatory Notice 10-41, (September 2010), (FINRA Reminds Firms of Their Sales Practice and Due Diligence Obligations When Selling Municipal Securities in the Secondary Market.)
3. See Securities Exchange Act Release No. 65585 (October 24, 2011) and Securities Exchange Act Release No. 66203 (January 26, 2012).
4. See Securities Act Release No. 9287 (December 21, 2011).
5. See PHL Variable Life Ins. Co. v. Price Dawe 2006 Insurance Trust, 28 A.3d 1059, 2011 Del. LEXIS 510 (Del. 2011) (Dawe); Lincoln Natl. Life Ins. Co. v. Joseph Schlanger 2006 Ins. Trust, 28 A.3d 436, 2011 Del. LEXIS 512 (Del. 2011) (Schlanger).
6. See Securities Exchange Act Release No. 63519635719 (December 20, 2010); Accounting and Auditing Enforcement Release No. 3221 (December 20, 2010); SEC Administrative Proceeding File No. 31-14167.
7. http://www.finra.org/Newsroom/NewsReleases/2011/P124283
8. See, e.g., Monex Securities, Inc.., AWC No. 2008014078801 (April 26, 2011) and Bulltick Securities, LLC AWC No. 2009015969501. (Dec. 13, 2011).
9. http://www.sec.gov/news/press/2012/2012-3.htm
10. See Securities Exchange Act Release No. 65700 (November 7, 2011), 76 FR 70523 (November 14, 2011) (Notice of Filing of File No. SR-FINRA-2011-064).
11. We encourage firms to review Regulatory Notice 11-15, providing guidance regarding low-priced equity securities in margin accounts.
12. See Fox & Co. Investments, 58 S.E.C. 873, 889; Securities Exchange Act Release No. 52697, at p. 11 (Oct. 28, 2005).
13. If a firm structures its order-handling practices in NMS stocks to permit its market-making desk to trade at prices that would satisfy customer orders held by a separate trading unit, the firm must disclose in writing to its customers, at account opening and annually thereafter, a description of the manner in which customer orders are handled by the firm and the circumstances under which it may trade proprietarily at its market-making desk at prices that would satisfy the customer order. For more information on the amendments to the limit order protection rule, see Regulatory Notice 11-24.
14. See Trillium Brokerage Services, LLC, AWC No. 20070076782-01 (Aug. 5, 2010).
15. MSRB Notice 2011-52 (September 12, 2011) (Potential Applicability of MSRB Rules to Certain "Direct Purchases" and "Bank Loans")