SEC Approves New Rules and Rule Amendments Concerning Supervision and Supervisory Controls

GUIDANCE

Supervisory Controls

Effective Date: January 31, 2005

Executive Summary

On June 17, 2004, the Securities and Exchange Commission (SEC) approved rule changes (Supervisory Control Amendments) by NASD that both create and amend certain rules and interpretive materials to address a member's supervisory and supervisory control procedures.¹ On September 30, 2004, the SEC granted accelerated approval to proposed rule changes to the Supervisory Control Amendments to conform certain parts of the new rule requirements to the New York Stock Exchange's (NYSE's) recently approved internal control amendments.² In their entirety, the approved rule changes:

This Notice provides interpretive guidance on these rule changes. The Notice also explains the relationship between recently approved (but not yet effective) Rule 3013 and Rules 3012 and 3010. The text of the amendments is set forth in Attachment A and becomes effective on January 31, 2005.³ A table of contents has been provided for readers' convenience.

Questions/Further Information

Questions concerning this Notice may be directed to Patricia Albrecht, Assistant General Counsel, Office of General Counsel, Regulatory Policy and Oversight, (202) 728-8026.

SUPERVISORY CONTROL AMENDMENTS

Table of Contents

Background

Adequate supervisory systems play an important role in assuring investor protection and the integrity of the markets. Operational and sales practice abuses can stem from ineffective supervisory and supervisory control procedures. The 2002 Gruttadauria case, which involved a branch office manager's misappropriation of approximately $40 million of customer funds,⁴ brought tremendous attention to the ongoing problem of operational and sales practice abuses at firms and the importance of ensuring that firms effectively monitor the activities of their employees.

In light of the concerns raised by the Gruttadauria case with respect to inadequate supervisory systems, NASD has amended certain rules and interpretive materials and has created new Rule 3012 (Supervisory Controls System). This Notice explains and describes those amendments and the provisions of Rule 3012. This Notice also explains how recently approved Rule 3013 (Annual Certification of Compliance and Supervisory Processes) and IM-3013 (Annual Compliance and Supervision Certification) interact with Rule 3012 and amended Rule 3010 (Supervision).

Relationship between Rules 3010, 3012, and 3013

New Rule 3013 requires each member firm's chief executive officer (CEO) to certify annually that senior executive management has in place processes to: (1) establish, maintain, and review policies and procedures reasonably designed to achieve compliance with applicable NASD rules, Municipal Securities Rulemaking Board (MSRB) rules, and federal securities laws and regulations; (2) modify such policies and procedures as business, regulatory, and legislative changes and events dictate; and (3) test the effectiveness of such policies and procedures on a periodic basis, the timing of which is reasonably designed to ensure continuing compliance with NASD rules, MSRB rules, and federal securities laws and regulations. IM-3013 sets forth the language of the CEO certification and gives further guidance as to the requirements and limitations of Rule 3013.

Because Rules 3010 and 3012 also address a member firm's supervisory policies and procedures, firms have questioned whether these rules impose duplicative requirements regarding the establishment of a firm's supervisory policies and procedures. Although Rules 3010, 3012, and 3013 are closely related, their obligations are complementary, not duplicative, in nature. The three rules essentially come together to form an overarching regulatory scheme for the supervision of member firms. First, Rule 3013 requires the CEO of each member to certify that they have a process to adopt compliance policies and supervisory procedures reasonably designed to achieve compliance with applicable securities laws and regulations and NASD rules. Rule 3010 requires the establishment of a supervisory system for the firm's business activities, including the adoption of polices and procedures reasonably designed to achieve compliance with applicable securities laws and regulations and NASD rules. The establishment of the supervisory system required to be adopted in Rule 3010 should result from the processes that are the subject of the certification of Rule 3013. Finally, Rule 3012 requires firms to (i) have supervisory control procedures that test and verify that the members' supervisory procedures are reasonably designed to achieve compliance with applicable securities laws and regulations and NASD rules, and (ii) where necessary, amend or create additional supervisory procedures. In sum, NASD's new regulatory supervisory scheme consists of process, supervision, and adoption of policies and procedures,⁵ and testing and amendment of such policies and procedures.

Rule 3012 – Supervisory Control System

Testing and Verification of a Member's Supervisory Procedures

New Rule 3012 requires that a member designate and specifically identify one or more principals who will establish, maintain, and enforce supervisory control procedures that will test and verify that the member's supervisory procedures are sufficient and amend or create additional supervisory procedures where the need is identified by such testing and verification.6 Of course, NASD expects that the designated principals will test and verify the adequacy of the supervisory control procedures in a manner that is independent of any business considerations that are countervailing to full compliance with applicable securities laws and regulations and NASD rules.

Senior or "Otherwise Independent" Person to Review Producing Manager

Rule 3012's supervisory control policies and procedures must include procedures that are reasonably designed to review and supervise on a day-to-day basis the customer account activity conducted by the member's branch office managers, sales managers, regional or district sales managers, or any person performing a similar supervisory function.7 A person who is senior to or "otherwise independent" of the producing manager must perform these day-to-day supervisory reviews.⁸ An associated person is considered a producing manager regardless of the amount of customer account activity the producing manager conducts. Accordingly, if the president of a member firm manages only a few accounts on behalf of the president's family and friends, that person is considered a producing manager for purposes of Rule 3012.

NASD understands that the determination of seniority for the purpose of deciding who should conduct a producing manager's supervisory reviews is a facts and circumstances test. A person who does not report to the producing manager, whose compensation is not determined in whole or part by the producing manager, and who is not in the same chain of authority may be considered senior to the producing manager if that person has the authority to oversee, direct, and correct the activities of the producing manager and take all necessary remedial actions, including termination, if and when necessary.

Similarly, a member must consider certain factors in determining whether a person is an "otherwise independent" person for purposes of conducting a producing manager's day-to-day supervisory reviews. An "otherwise independent" person who may conduct supervisory reviews may not report either directly or indirectly to the producing manager under review. In addition, the otherwise independent person must be situated in an office other than the office of the producing manager, must not otherwise have supervisory responsibility over the activity being reviewed (including not being directly compensated based in whole or in part on the revenues accruing from those activities), and must alternate such review responsibility with another qualified person every two years or less.⁹

The ability of member firms to use individuals who are either senior to or "otherwise independent" of the producing manager to conduct the producing manager's day-to-day supervisory reviews allows member firms the flexibility to structure their supervisory review policies and procedures in a manner that both accords with their various business models and achieves the best customer protection practices. For example, if a member firm has a person who is senior to the producing manager assigned as the producing manager's supervisor but determines that, for customer protection purposes, the producing manager's supervisor should not conduct the day-to-day supervisory reviews of the producing manager's customer account activity because the supervisor is located in the producing manager's office, the member firm may have a person who meets the definition of an "otherwise independent" person conduct the day-to-day supervisory reviews of the producing manager's customer account activity.

Heightened Supervision Requirements

In addition, Rule 3012's supervisory control policies and procedures require a member to have procedures that are reasonably designed to provide heightened supervision over the activities of the producing manager if the producing manager is responsible for generating 20 percent or more of the revenue of the business units supervised by the producing manager's supervisor over the course of a rolling, twelve-month period.¹⁰ NASD views this 20 percent threshold as a trigger for determining when a member must put in place heightened supervisory procedures. For purposes of determining the 20 percent threshold, a member must look at all revenue generated by or credited to the producing manager or the producing manager's office, and that amount shall be included as part of the overall revenues of the business units supervised by the producing manager's supervisor irrespective of a member's internal allocation of such revenue. Rule 3012 requires the 20 percent threshold to be calculated on a rolling, twelve-month basis. The standard for heightened supervision in Rule 3012 does not create a negative safe harbor, i.e., the inspection of offices falling below the 20 percent threshold does not create a presumption that heightened supervision is not required. A member may need to employ heightened supervision in connection with reviews based on other facts and circumstances.

For purposes of Rule 3012, the term "heightened supervision" means those supervisory procedures that are designed to avoid conflicts of interest that serve to undermine complete and effective supervision because of the economic, commercial, or financial interests that the supervisor holds in the associated persons and businesses being supervised.¹¹ Heightened supervisory procedures may include such elements as unannounced supervisory reviews, an increased number of supervisory reviews by different reviewers within a certain period, a broader scope of activities reviewed, and/or having one or more principals approve the supervisory review of such producing managers. These examples are meant to illustrate the type of procedures a member may want to include in its heightened supervisory procedures and are not meant to be an exclusive or exhaustive list of heightened supervisory procedures a member may need to put in place.

Member firms should note that an "otherwise independent" person is not considered to be the producing manager's supervisor for purposes of determining whether a producing manager is responsible for generating 20 percent or more of the revenue of the business units supervised by the producing manager's supervisor, such that the member firm must put in place heightened supervisory procedures. Accordingly, if an "otherwise independent" person conducts a producing manager's supervisory reviews, the firm will not be required to put in place heightened supervisory procedures. The heightened supervision requirement is designed to avoid any conflicts of interest that may undermine an objective and comprehensive review of the producing manager's customer activity. The factors that define an "otherwise independent" person already protect against the possibility that any conflicts of interest may exist that might adversely affect the producing manager's supervisory reviews, especially the restriction that an "otherwise independent" person not be directly compensated based in whole or in part on the revenues accruing from the activities being reviewed.

"Limited Size and Resources" Exception

Rule 3012 provides a limited exception for any member firm that is so limited in size and resources (the "limited size and resources" exception) that the member does not have associated persons who can conduct supervisions and are senior or "otherwise independent" from the producing managers. In such situations, a member may have the reviews conducted by a principal who is sufficiently knowledgeable of the member's supervisory control procedures.¹² Whether a member firm may use the "limited size and resources" exception depends on the facts and circumstances surrounding each member firm. In some instances, the size of a member firm will generally determine that the member firm does not have the ability to conduct the supervisory reviews for any of its producing managers. For example, a sole proprietor or a member with only one small office will be eligible to use the "limited size and resources" exception.

In other instances, a member may be able to use the "limited size and resources exception for part, but not all, of its supervisory obligations. For example, a member firm may have the size and resources to have a person senior or "otherwise independent" conduct the reviews of the branch manager of each office but may need to use the exception in connection with the supervision of the customer account activity of producing supervisors up the chain of command up to and including the CEO. Nevertheless, members should be mindful that they can avail themselves of the "limited size and resources" exception only where a person senior or "otherwise independent" of the producing manager is not available to conduct supervision of the producing manager's customer account activity. Having someone available but who may find it difficult to conduct the supervisory reviews is not sufficient to use the "limited size and resources" exception. Members that do qualify to use the exception may, nevertheless, want to consider whether it would be in the best interests of the firm to prohibit its senior persons from servicing accounts.

Because the "limited size and resources" exception is designed for those firms that genuinely need relief from the general supervisory requirement applicable to producing managers, NASD expects the "limited size and resources" exception to be narrowly construed. Moreover, there is no initial allowance (as discussed below in the context of Rule 3010) for any particular business model to be permitted to be deemed of "limited size and resources" solely because of its business model. As noted further below, each firm using the exception, regardless of business model, will need to evidence its being of such "limited size and resources" that it cannot comply with the general requirement. Firms that either construct their business models specifically to take advantage of the "limited size and resources" exception or that have the size and resources to comply with the general requirement and yet fail to comply with the general requirement will be in violation of Rule 3012.

Any supervisory reviews conducted using the "limited size and resources" exception must still comply, to the extent possible with the general requirement, that someone who is either senior or "otherwise independent" conduct the reviews.13 For example, if a firm does not have someone who is senior to a producing manager but does have persons who would be considered "otherwise independent" except for the fact that there is an insufficient number to meet the requirement that they conduct the supervisory reviews on a two-year rotation, the member firm must use these qualified persons to conduct the producing manager's supervisory reviews rather than using a principal who is sufficiently knowledgeable of the member firm's supervisory control procedures but who does not meet the factors of the "otherwise independent" definition.

A member using the "limited size and resources" exception must also document in its supervisory control procedures the factors used to determine that complete compliance with all of the provisions of the general supervisory requirement is not possible and that the required supervisory system and procedures in place with respect to any producing manager comply, to the extent practicable, with the general supervisory requirement.14 For instance, a member firm using the "limited size and resources" exception to conduct the day-to-day supervisory reviews of its most senior personnel who are also considered producing managers but that has the resources to use the general supervisory requirement to conduct the day-to-day supervisory reviews of the rest of its producing managers, must document factors, such as the lack of sufficiently qualified personnel to conduct supervisory reviews of its senior persons, and how, to the extent practicable, the persons who are conducting the senior persons' supervisory reviews meet some, if not all, of the provisions of the "otherwise independent" definition.

Future Notice Requirement for Exception Users

The SEC has specified in the Approval Order that NASD must notify the SEC of those members that elect to use Rule 3012's "limited size and resources" exception to the general supervisory requirement applicable to producing managers. Accordingly, member firms should be aware that NASD plans to file a rule change to require in the future that firms using the "limited size and resources" exception notify NASD of their use of the exception. NASD believes it is essential to collect this information from members using a Web-based reporting system or other automated electronic platform. Accordingly, it is intended that the reporting requirement effective date will coincide with the completion of an electronic reporting process and system designed for that purpose. Initial technology estimates indicate that it should take no more than one year from the date of the Approval Order to construct this Web-based system (or other electronic platform) and bring it on-line; however, members should be aware that NASD will need to bring such system on-line as soon as practicable.

Activities that Require Individualized Policies and Procedures

Rule 3012 also requires that a firm's supervisory control policies and procedures include procedures that are reasonably designed to review and monitor the following activities:

Members should note that the policies and procedures for monitoring these activities must include a means or method of customer confirmation, notification, or follow-up that can be documented.¹⁶ NASD does not expect a member to have in place supervisory policies and procedures for activities in which it does not engage. However, a member must identify those activities in which it does not engage in its written supervisory control policies and procedures and document that additional supervisory policies and procedures for such activities must be in place before a member can engage in them.¹⁷

Dual Members' Compliance with Substantially Similar NYSE Requirements

Rule 3012 also provides that any member in compliance with substantially similar requirements of the NYSE shall be deemed to be in compliance with Rule 3012.¹⁸ NASD believes that this provision helps promote consistency between NASD's and the NYSE's supervisory control requirements.

Elimination of Rule 3010(a)(8)

Finally, NASD has eliminated Rule 3010(a)(8), which required a member to identify one or more principals who will review the member's supervisory system, procedures, and inspections and take or recommend action to achieve the member's compliance with the applicable securities laws and regulations and with NASD rules. In light of Rule 3012's requirements, NASD believes that retaining Rule 3010(a)(8) could result in members having to engage in duplicative efforts to meet both rules' provisions.

Rule 3010 – Supervision

Mandatory Inspection Cycles

Amended Rule 3010(c)(1) details mandatory inspection cycles that each member must have in place for its supervisory branch offices, non-supervisory branch offices, and unregistered locations. NASD believes that codifying these mandatory inspection schedules will enhance oversight and supervision of branch and non-branch locations.

Specifically, Rule 3010(c)(1) requires each member to inspect, at least annually, each supervisory branch office.¹⁹ Any location that is responsible for supervising the activities of persons associated with a member at one or more of a member's non-branch office locations is considered to be a branch office.²⁰ This codifies previous NASD guidance that branch offices that supervise one or more locations must be inspected at least annually.²¹

Also, Rule 3010(c)(1) requires a member to inspect all non-supervisory branch offices, at a minimum, every three years.²² When establishing how often to inspect its nonsupervisory branch offices, the member must consider whether the nature and complexity of a branch office's securities activities, the branch office's volume of business, and the number of associated persons assigned to the branch office require inspections more frequently than every three years. Also, a member must set forth in its written supervisory and inspection procedures the examination cycle and an explanation of the factors the member used in determining the frequency of the cycle.²³ These requirements are consistent with previous NASD guidance advising that, in determining the inspection cycle for a non-supervisory branch office, a member should consider the nature and complexity of the securities activity for which the branch office is responsible, as well as the volume of business conducted at the office and the number of associated persons assigned to the office and that, after determining the inspection cycle, a member should document the cycle in its written supervisory and inspection procedures.²⁴

NASD understands that a general practice exists where a member may inspect nonsupervisory branch offices on a more frequent cycle than once every three years but target only certain areas of the offices' activities during a particular examination. Accordingly, Rule 3010(c)(1) requires that a member following this practice must inspect all of the required areas listed in Rule 3010(c)(2), which are discussed below, within the three-year cycle, regardless of the number of times within that cycle a non-supervisory branch office is inspected. Also, a member must set forth in its written supervisory and inspection procedures the manner in which it will inspect those areas within the threeyear cycle.²⁵

Additionally, Rule 3010(c)(1) requires a member to inspect every non-branch location on a regular periodic schedule.²⁶ In establishing the inspection schedule, a member must consider the nature and complexity of the location's securities activities and the nature and extent of contact with customers and set forth in its written supervisory and inspection procedures an explanation regarding how the member determined the frequency of the examination schedule.²⁷ These requirements are consistent with previous NASD guidance stating that non-branch locations should be inspected according to a regular schedule and that the frequency and scope of inspections should be determined based on factors such as the nature and volume of business conducted at the office and the nature and extent of contact with customers.²⁸

Members are advised to look carefully at the activities of their non-branch locations to ensure that they are not considered by Rule 3010 to be a branch office. As previously noted, Rule 3010 considers a non-branch location to be a branch office if it is responsible for supervising the activities of persons associated with a member at one or more of the member's non-branch locations.²⁹

Members should be advised that "locations of convenience" are, by definition, excluded from being a branch office and, consequently, fall under the category of a non-branch location.³⁰ A location of convenience is any location where a person conducts business on behalf of the member occasionally and exclusively by appointment for the customer's convenience.³¹ Often, but not always, a location of convenience will be a branch office of a bank affiliated with the member firm. Sometimes, because the meeting is being arranged for the customer's convenience, the meeting place could be a hotel conference center or other public area that is close to the customer. No records of the business conducted are usually kept at this site because it is not considered a place within the member firm's purview. However, Rule 3010 would require that locations of convenience still be examined on a regular periodic schedule. If locations of convenience were excluded from the inspection requirement, it could be possible for an associated person to clandestinely conduct business at that location on a more routine basis, and perhaps to arrange to keep records of any business conducted at the location that the associated person would not want revealed to the member firm. As an aid in determining when to conduct such inspections, a member firm may want to require each associated person to record when a customer requests to meet at a location of convenience, where the location of convenience is situated, how often the associated person uses any location of convenience, and what kind of business is conducted at these locations of convenience.

Required Content and Recordkeeping Requirements for Inspection Reports

Rule 3010(c)(2) mandates that a member must reduce each office inspection to a written report and keep it on file for a minimum of three years, unless the inspection is being conducted pursuant to a regular periodic cycle for non-branch office locations and the regular periodic schedule is longer than a three-year cycle, in which case the member must keep the report on file at least until the next inspection report has been written. The written inspection report must also include, without limitation, the testing and verification of the member's policies and procedures, including supervisory policies and procedures, in the areas of:

NASD does not expect a member to have in place procedures for activities in which it does not engage. However, the member must identify those activities in which it does not engage in the written inspection report and document in the report that supervisory policies and procedures for such activities must be in place before the member can engage in them.³³

"Limited Size and Resources" Exception

Rule 3010(c)(3) prohibits a branch office manager or any person within that office who has supervisory responsibilities or any individual who is supervised by such persons from conducting office inspections. NASD understands, however, that members have different business models and/or are limited in size and resources such that they are not able to comply fully with those restrictions regarding who can conduct an office inspection.

Accordingly, Rule 3010(c)(3) also provides a "limited size and resources" exception for members that cannot comply with the general inspection requirement's restrictions on who may conduct an office inspection. Under the exception, a member firm may continue to use the persons they have previously used to conduct the office inspections provided they are principals and have the requisite knowledge to conduct such inspections.³⁴ Members, however, must be able to document in the office inspection reports that their size and resources are such that they have no other alternative.³⁵

Whether a firm is so limited in its size and resources that it cannot comply with the general requirement is a facts and circumstances test and, similar to the "limited size and resources" exception in Rule 3012, should be narrowly construed. For instance, although Rule 3010 provides as an example of limited size and resources, a member with only one office, this does not mean that any member with one physical location may use the "limited size and resources" exception. The example in the rule text is meant to illustrate a small member, such as a member with a single, three-person office. A member that has one physical location that includes a single production office, yet is so big that there are other departments, such as corporate offices, technology offices, etc., would be of sufficient size and resources such that there would be someone within the firm outside the production office that could conduct the inspection. However, in the case of Rule 3010 only, a member firm may use the exception regardless of its size and resources if the firm has a business model where small or single-person offices report directly to an OSJ manager who is also considered the offices' branch office manager (also referred to as the "independent dealer or independent contractor model").³⁶ Members with such business models should note that the exception does not apply on a business model basis to the inspection of the OSJ; whether an OSJ qualifies for the exception is based solely on a limitation of size and resources exclusive of business model considerations.

With the exception of those firms using the exception in Rule 3010 as a result of their business model (i.e., those firms with the independent dealer model described above), members should be aware that the "limited size and resources" exception is designed for those firms that genuinely need relief from the general inspection requirement. Firms that either construct their business models specifically to take advantage of the "limited size and resources" exception or that have the size and resources to comply with the general inspection requirement and yet fail to comply with the general requirement will be in violation of Rule 3010.

Heightened Inspection Requirements

Rule 3010(c)(3) also requires a member to have in place procedures that are reasonably designed to provide heightened office inspections if two conditions are met: (1) the person conducting the inspection reports to the branch office manager's supervisor or works in an office supervised by the branch manager's supervisor; and (2) the branch office manager generates 20 percent or more of the revenue of the business units supervised by the branch office manager's supervisor. NASD views this 20 percent threshold as a trigger for determining when a member must put in place heightened inspection procedures. For purposes of determining the 20 percent threshold, a member must look at all revenue generated by or credited to the producing manager or the producing manager's office, and that amount shall be included as part of the overall revenues of the business units supervised by the producing manager's supervisor irrespective of a member's internal allocation of revenues.³⁷ If a producing manager does not have an individual assigned to supervise him but, rather, is supervised directly by the member's compliance department, then the revenue produced would be attributable to a business unit supervised by the compliance department. If such revenue constitutes 20 percent or more of all of the supervised revenue attributable to the compliance department, then the member must have in place heightened inspection procedures. Rule 3010 requires the 20 percent threshold to be calculated on a rolling, twelve-month basis.³⁸ As stated above in the discussion of Rule 3012, a member may need to employ heightened office inspection procedures based on other facts and circumstances.

Rule 3010's term "heightened inspection" means those inspection procedures that are designed to avoid conflicts of interest that serve to undermine complete and effective inspection because of the economic, commercial, or financial interests that the branch manger's supervisor holds in the associated persons and businesses being inspected.³⁹ Heightened inspection procedures may include such elements as unannounced office inspections, increased frequency of inspections, a broader scope of activates inspected, and/or having one or more principals review and approve the office inspections. These examples are meant to illustrate the type of procedures a member may want to include in its heightened inspection procedures and are not meant to be an exclusive or exhaustive list of heightened inspection procedures a member may need to put in place.

Rule 3110 – Books and Records

Approval and Documentation Procedures for Changes in Account Name/Designation

Amended Rule 3110(d) requires that, before a customer order is executed, the account name or designation must be placed upon the memorandum for each transaction. In addition, only a designated person who has passed a qualifying principal examination appropriate to the business of the firm may approve any changes in account names or designations. The designated person also must document the essential facts relied upon in approving the changes and maintain the record in a central location. A member must preserve any account designation change documentation for a period of not less than three years, with the documentation preserved for the first two years in an easily accessible place, as the term "easily accessible place" is used in SEC Rule 17a-4.⁴⁰ This preservation requirement will not only allow members to use existing recordkeeping systems to meet this requirement, but it will enable members to make the account designation change documentation promptly available if requested by NASD examination staff. It also coincides with Rule 3110's existing mandate that members' recordkeeping format, medium, and retention periods comply with SEC Rule 17a-4 requirements.⁴¹

Because changes in account names or designations in connection with order executions can be subject to abuse, NASD believes that a qualified person should approve such changes and a member should adequately document them. NASD understands that some members, especially those that use clerical staff to make these changes, may incur additional costs by requiring that a principal be informed of the surrounding facts of the change and authorize it. However, NASD believes that account names and designations are material, sensitive information that must be protected from possible fraudulent activity. Requiring a principal to authorize the change and be aware of the surrounding facts for the change is a relatively low-cost method of protecting this information.

NASD also believes that Rule 3110's new requirement that a name or account designation be placed on "each transaction" promotes consistency with members' NASD and SEC books and records requirements. Specifically, SEC Rule 17a-3(a)(6) requires that a memorandum of each brokerage order identify, among other things, the account for which the order was entered. NASD expects that members, regardless of the type of securities business they engage in, will comply with this requirement in the same manner that they comply with the SEC's books and records requirements.

IM-3110 – Customer Account Information

Time Limits for Holding Customer Mail

Under revised IM-3110(i), a member, upon a customer's written instructions, may hold mail for a customer who will not be at his or her usual address for no longer than two months if the customer is on vacation or traveling, or three months if the customer is going abroad.

NASD understands that if a member provides a mail holding service to its customers, the member may have to put in place additional procedures to comply with the limitations set forth in IM-3110. However, the interpretive material helps to ensure that members that do hold mail for customers who are away from their usual addresses, do so only pursuant to the customers' written instructions and for a specified, relatively short period of time. Thus, there is a reduced likelihood of risk that customers would not receive account statements or other account documentation at their usual addresses. In addition, the interpretive material will help to ensure that customers provide members with which they do business current address information, insofar as a member will not be permitted to hold mail indefinitely.

Rule 2510 – Discretionary Accounts

One-Day Limit on Time/Price Discretionary Authority

Rule 2510(d)(1) allows members to exercise time and price discretion on orders for the purchase or sale of a definite amount of a specified security without prior written authorization from the customer or prior written approval by the member. However, the duration of this discretionary authority is limited to the day it is granted, absent written authorization to the contrary. In addition, any exercise of time and price discretion must be reflected on the customer order ticket.⁴²

NASD believes that investors will receive greater protection by clarifying the time such an order remains pending. Customers who wish to grant more extensive discretionary authority to their registered representatives may do so pursuant to a fully executed trading authorization.

NASD does not believe that a general institutional exemption from the one-day time and price limit would be appropriate. However, Rule 2510's one-day limitation does not apply to time and price discretion exercised for orders effected with or for an institutional account, as that term is defined in Rule 3110(c)(4),⁴³ pursuant to valid Good-Till-Cancelled instructions issued on a "not held" basis.⁴⁴

¹   Exchange Act Rel. No. 49883 (June 17, 2004), 69 F.R. 35092 (June 23, 2004) (SR-NASD-2002-162).

²   Exchange Act Rel. No. 50477 (September 30, 2004), 69 F.R. ____ (October __, 2004) (SR-NASD- 2004-116).

³   The approved rule text in Attachment A also shows some minor changes to Rule 9610 (Application) – specifically, the replacement of "Association" and "NASD Regulation" with "NASD."

⁴   See Frank Gruttadauria, NYSE Disc. Action 2002- 59 (March 19, 2002); SEC Litigation Rel. No. 17590 (June 27, 2002).

⁵   IM-3013 provides that the responsibility for discharging compliance policies and written supervisory procedures rests with the firm's business line supervisors. These supervisors are the persons responsible for executing the supervisory policies and procedures Rule 3010 requires firms to establish and adopt.

⁶   Rule 3012(a)(1)(A) & (B).

⁷   Rule 3012(a)(2)(A).

⁸   Rule 3012(a)(2)(A)(i). NASD expects that supervision of the customer account activity of any supervisor will be performed in the same manner and on the same periodic basis as the member executes the supervision of the customer account activity of non-supervising registered representatives, assuming such manner and frequency of supervision is reasonably designed to comply with applicable securities laws and regulations and NASD rules.

⁹   Rule 3012(a)(2)(A)(i).

¹⁰   Rule 3012(a)(2)(C).

¹¹   Id.

¹²   Rule 3012(a)(2)(A)(ii). Under the general supervisory review requirement, a senior or "otherwise independent" person is not required to be a principal. The requirement that a principal conduct the supervisory reviews performed under the "limited size and resources" exception is designed, in absence of the other controls provided in the general supervisory review requirement, to ensure that a suitably qualified person conducts the supervisory reviews and assumes responsibility for the reviews and the reviews' findings.

¹³   Rule 3012(a)(2)(A)(ii).

¹⁴   Rule 3012(a)(2)(A)(iii).

¹⁵  Rule 3012(a)(2)(B)(i) through (iii).

¹⁶   Rule 3012(a)(2)(B).

¹⁷  Id.

¹⁸   Rule 3012(b). This provision references the NYSE's recent similar amendments to enhance its members' supervisory and supervisory control systems. Exchange Act Release No. 49882 (June 17, 2004), 69 F.R. 35108 (June 23, 2004).

¹⁹   Rule 3010(c)(1)(A). The approved rule changes have not altered Rule 3010's existing requirement that members inspect at least annually their offices of supervisory jurisdiction (OSJ). See id.

²⁰   Rule 3010(g)(2)(B). NASD has filed with the SEC a separate proposed rule change to Rule 3010(g)(2) that addresses other situations where a location of a member may be considered a "branch office" and affects only the content of what is now being renumbered as paragraph (2)(A) of Rule 3010(g). See Exchange Act Rel. No. 48897 (December 9, 2003), 68 F.R. 70059 (December 16, 2003) (SR-NASD-2003-104).

²¹   Notice to Members (NtM) 99-45 (June 1999); see also NtM 98-38 (May 1998).

²²   Rule 3010(c)(1)(B).

²³   Rule 3010(c)(1)(B); see NtM 99-45 (June 1999).

²⁴  NtM 99-45 (June 1999).

²⁵  Rule 3010(c)(1)(B).

²⁶   Rule 3010(c)(1)(C).

²⁷  Rule 3010(c)(1)(C); see NtM 99-45 (June 1999); see also NtM 98-38 (May 1998).

²⁸ NtM 99-45 (June 1999); see also NtM 98-38 (May 1998).

²⁹   Rule 3010(g)(2)(B).

³⁰   Rule 3010(g)(2)(A)(iv).

³¹  Id.

³²   Rule 3010(c)(2)(A) through (F).

³³   Finally, NASD expects a member to furnish its office inspection reports produced pursuant to Rule 3010 during any examination by a government entity or self-regulatory organization (SRO) if the information contained in the reports is relevant to the subject matter of the examination or if it is requested for production by the government entity or SRO. See SR-NASD-2002-162 – Amendment No. 3, at 11 (December 16, 2003).

³⁴   The requirement that a principal conduct the office inspections under the "limited size and resources" exception is designed to ensure that, absent a firm's ability to meet the general restrictions on who may conduct office inspections, a suitably qualified person will conduct the office inspections and assume responsibility for the inspections and the reports generated by those inspections. If a member firm is not using the "limited size and resources" exception, the firm is not required to use principals to conduct its office inspections.

³⁵   Rule 3010(c)(3). One method of complying with this requirement would be to include in the inspection report a precise listing of the firm's size and resources and how the firm's size and resources cannot be configured to comply with the general inspection requirement.

³⁶   During the rulemaking process, NASD received comments from its member firms that if firms with an independent dealer model could not use their usual practice of having the branch office manager/OSJ manager conduct inspections of satellite offices, it would impose a considerable strain on the firms' existing compliance resources. In response to these comments, NASD specifically recognized that the independent dealer model would fit within the "limited size and resources" exception to the prohibitions on who may conduct office inspections. SR-NASD- 2002-162 – Amendment No. 3, at 15-16 (December 16, 2003).

³⁷   Rule 3010(c)(3).

³⁸   Id.

³⁹   Id.

⁴⁰   Rule 3110(d).

⁴¹   See Rule 3110(a).

⁴²   Rule 2510(d)(1).

⁴³   Rule 3110(c)(4) provides that the term "institutional account" means the account of:

(A) a bank, savings and loan association, insurance company, or registered investment company;

(B) an investment adviser registered either with the Securities and Exchange Commission under Section 203 of the Investment Advisers Act of 1940 or with a state securities commission (or any agency or office performing like functions); or

(C) any other entity (whether a natural person, corporation, partnership, trust, or otherwise) with total assets of at least $50 million.

⁴⁴   Rule 2510(d)(1).

Attachment A

2510.   Discretionary Accounts

This Rule shall not apply to:

3010. Supervision

3012.   Supervisory Control System

3110.   Books and Records

IM-3110.   Customer Account Information

9610.   Application