This Report addresses several regulatory key topics for each of the four categories: (1) Firm Operations; (2) Communications and Sales; (3) Market Integrity; and (4) Financial Management. As described further in the “How to Use This Report” section below, the importance and relevance of the considerations, findings and effective practices in each of these areas will vary for each member firm.
In general, however, there are several key areas to highlight that impact compliance programs across a large population of member firms:
- Regulation Best Interest (Reg BI) and Form CRS – We will continue to focus on assessing whether member firms have established and implemented policies, procedures, and a system of supervision reasonably designed to comply with Reg BI and Form CRS. However, in 2021, we intend to expand the scope of our Reg BI and Form CRS reviews and testing to effect a more comprehensive review of firm processes, practices and conduct. As always, FINRA will take appropriate action in the event we observe conduct that may cause customer harm, would have violated previous standards (e.g., suitability), or indicates a clear disregard of the requirements of Reg BI and Form CRS. In the Reg BI and Form CRS section below, member firms should review considerations our staff will use when examining a firm for compliance with Reg BI and Form CRS. The Report also includes a list of previously published considerations and materials—such as our Reg BI Topic Page.
- Consolidated Audit Trail (CAT) – As we noted in Regulatory Notice 20-31 (FINRA Reminds Firms of Their Supervisory Responsibilities Relating to CAT), all member firms that receive or originate orders in National Market System (NMS) stocks, over-the-counter (OTC) equity securities or listed options must report to CAT. All proprietary trading activity, including market making activity, is subject to CAT reporting. There are no exclusions or exemptions for size or type of firm or type of trading activity. FINRA is in the early stages of reviewing for compliance with certain CAT obligations; accordingly, exam findings or effective practices are not included in this Report but will be provided later when more information is available. In the interim, member firms should review the list of recommended steps provided in the Notice and the list of considerations and relevant resources provided in this Report in assessing the adequacy of their CAT compliance programs.
- Cybersecurity – Member firms’ ongoing and increasing reliance on technology for many customer-facing activities, communications, trading, operations, back-office and compliance programs—especially in our current remote work environment—requires them to address new and existing cybersecurity risks, including risks relating to cybersecurity-enabled fraud and crime. A firm’s cybersecurity program should be reasonably designed and tailored to the firm’s risk profile, business model and scale of operations. FINRA reminds firms that we review cybersecurity programs for compliance with business continuity plan requirements, as well as the SEC’s Regulation S-P Rule 30, which requires member firms to have policies and procedures addressing the protection of customer records and information. Given the increase in remote work and virtual client interactions, combined with an increase in cyber-related crimes, we encourage member firms to review the considerations, observations and effective practices noted in the Report, as well as Regulatory Notice 20-13 (FINRA Reminds Firms to Beware of Fraud During the Coronavirus (COVID-19) Pandemic), Report on Selected Cybersecurity Practices – 2018 and Report on Cybersecurity Practices – 2015.
- Communications with the Public – FINRA continues to evaluate member firms for compliance with FINRA Rule 2210 (Communications with the Public), which includes principles-based content standards that are designed to apply to ongoing developments in communications technology and practices. In addition, we are increasingly focused on communications relating to certain new products, and how member firms supervise, comply with recordkeeping obligations, and address risks relating to new digital communication channels. This focus includes risks associated with app-based platforms with interactive or “game-like” features that are intended to influence customers, their related forms of marketing, and the appropriateness of the activity that they are approving clients to undertake through those platforms (e.g., under FINRA Rule 2360 (Options)). The Report also addresses the communications relating to cash management services that sweep customer cash into affiliate or partner banks or money market funds (Cash Management Accounts). As always, we remain focused on reviewing member firms’ communications relating to complex products, as well as the information firms convey to senior and vulnerable investors.
- Best Execution – FINRA has routinely reviewed member firms for their compliance with best execution obligations under FINRA Rule 5310 (Best Execution and Interpositioning) in our examinations. Among other things, FINRA has continued to focus on potential conflicts of interest in order-routing decisions, appropriate policies and procedures for different order and security types, and the sufficiency of member firms’ reviews of execution quality. We also conducted a targeted review of member firms that do not charge commissions for customer transactions (“zero commission” trading) to evaluate the impact that not charging commissions has or will have on member firms’ order-routing practices and decisions, and other aspects of member firms’ business. In addition to general compliance considerations, findings and effective practices from our examination program, the Report also includes themes we noted in the “zero commission” targeted review.
- Variable Annuities – FINRA continues to evaluate variable annuity exchanges under FINRA Rule 2330 (Members’ Responsibilities Regarding Deferred Variable Annuities) and, when applicable, under Reg BI. Additionally, in early 2020, we engaged in an informal review of buyout written supervisory procedures (WSPs), training, and disclosures for member firms whose customers were impacted by a recent announcement from an insurer with sizable variable annuity assets stating it will terminate servicing agreements, cancel certain trail commissions for registered representatives, and provide buyout offers to its variable annuity customers. In addition to reviewing considerations and findings provided in the Report, we encourage member firms to consider the effective practices we identified as part of this particular review.