Member Requirement: NASD Members Must Complete Year 2000 Compliance Survey

Executive Summary

As the year 2000 approaches, organizations throughout the world are facing the formidable challenge of ensuring that their own computer systems, and other computer systems they depend upon, will continue to operate successfully when processing data/information with dates after December 31, 1999. This applies both to information technology systems used to conduct a securities business and general business support systems (e.g., telephone, power, elevator). This challenge is particularly acute in the securities industry,due to its heavy reliance on information technology.

In response to this challenge, this Notice reiterates the responsibility of each and every member of the National Association of Securities Dealers, Inc. (NASD^®) to analyze the readiness of its own computer systems, as well as other computer systems that each member relies upon. The NASD has been working in conjunction with other regulators and the securities industry to address these challenges, and has put forward several communications about this very important Year 2000 issue.¹

To ensure that members are on a course to make their systems and applications Year 2000 compliant, NASD Regulation, Inc., requires all members to return a completed "Year 2000 Compliance Survey" to NASD Regulation^SM no later than January 31, 1998. Member firms that have returned a completed "Year 2000 Survey" to the New York Stock Exchange are exempt from this requirement at this time.

Questions or comments regarding the survey should be directed to Adam Levine, Compliance Department, NASD Regulation, at (202) 728-8901; or Paul Voketaitis, Compliance Department, NASD Regulation, at (202) 728-8843. Questions regarding the NASD's Year 2000 Program should be directed to Lyn Kelly, Year 2000 Program Director, at (301) 590-6342.

Background

The Year 2000 problem, simply stated, is that computers typically have been programmed to use a two-digit number to represent the year for any date. Since dates are essential to many automated functions, it is absolutely critical for each and every member firm to act now to assess its information technology environment and make necessary changes toensure that automated processes with date-sensitive components will correctly identify "00" as the year 2000, rather than 1900, when processing dates on and after January 1, 2000.

Member firms have the responsibility to determine the readiness of their internal computer systems, and other computer systems that they rely upon, for the Year 2000 challenge. In particular, members that use automated programs to satisfy their regulatory and compliance responsibilities must ensure that those systems are able to function successfully with dates after December 31, 1999. As stated in Notice to Members 97-16, "…computer failures related to Y2K problems generally will be considered neither a defense to violations of firms' regulatory or compliance responsibilities nor a mitigation of sanctions for such violations." Further background information on theYear 2000 problem and associated activities and publications are available on both the NASD Regulation Web Site, www.nassdr.com (go to "Members Check Here," and select the topic "Year 2000"); and the NASD Web Site, www.nasd.com, under the "News" area. The Securities Industry Association (SIA) also has a Year 2000 Web site (www.sia.com), and for a comprehensive look at Year 2000 information, visit www.year2000.com.

NASD Regulation is working with other regulators and the securities industry to make sure that the Year 2000 challenge is met and that investor protection and market integrity are not jeopardized. This effort includes an initiative by NASD Regulation (in cooperation with other regulators) to ascertain whether members are taking appropriate steps to make certain that the automated systems they rely upon to meet theirregulatory, market participant, andinvestor protection obligations are Year 2000 compliant. This is being accomplished, in part, by including a special Year 2000 section in all cycle examinations. NASD Regulation examiners will use your survey response in the examinations process.

Members are strongly encouraged to develop and implement an action plan to address any system changes required to achieve Year 2000 compliance. Also, members should contact vendors of the software and hardware products they use to ensure they are addressing the Year 2000 challenge. Introducing firms, in particular,are strongly encouraged to not only look at their own systems, but also to obtain written assurances from all service providers, including their clearing firms, that the software and hardware products they use are being reviewed for Year 2000 compliance.It is highly recommended that each firm accomplish all system changes by the end of 1998, so that 1999 can be used for monitoring the operations of all converted systemsand performing quality assurance and interface tests with other organizations.

Survey

As the next step in its Year 2000 initiative, NASD Regulation requires NASD members' written responses to the enclosed survey no later than January 31, 1998. Members must complete the survey and return it to the address indicated on the form. Furthermore, NASD Regulation requires an original (not mechanically generated) signature from the member firm's Chief Executive Officer in the designated space. Member firms that have returned a completed "Year 2000 Survey" to the New York Stock Exchange are not required to complete the NASD Regulation survey at this time.

If members need an additional copy of the NASD Regulation survey, it will be posted on both the NASD Regulation and NASD Web Sites. To download the survey, go to either Web Site's Year 2000 section or tothe Notices to Members Web Pages. (Note: Members will not be able to fill out this survey on-line; members must use the enclosed survey form or print out the Web Site version of the survey and mail it in hard-copy format to the NASD Regulation Year 2000 Program Office identified on the survey.)

Further Steps

There will be additional steps taken with respect to Year 2000 by NASD Regulation. We plan, for example, to require that members certify to NASD Regulation later in 1998 the status of their Year 2000 compliance program and its readiness for testing. Subsequently, NASD Regulation also plans to require that each member certify that its systems have been remediated and other necessary steps have been taken to address systems compliance for Year 2000.

Testing

Both NASD Regulation and The Nasdaq Stock Market, Inc., have established test centers available to member firms to test those systems that interact with NASD systems (point-to-point testing). Testing will be available in July 1998. Details regarding test schedules will be distributed at the January 1998 SIA Year 2000 Conference and will also be available via the NASD Regulation and NASD Web Sites. NASD Regulation will also issue another Notice to Members regarding Year 2000 in the near future.

The securities industry, coordinated by the SIA, is planning for industrywide testing from August 1998 to December 1999. This testing is intended to allow firms and other market participants to perform integrated, industry-wide testing.

Endnote

¹ In order to coordinate and address Year 2000 efforts and issues, the NASD communicates regularly with its members and the securities industry. See the NASD Regulatory & Compliance Alert (September 1997); NASD Notices to Members—"For Your Information" section (July 1996); NASD Notice to Members 97-16 (March 1997); and Nasdaq's Subscriber Bulletin (June 1997). Also, in May 1997, Nasdaq Trading and Market Services began including Year 2000 as a topic at its quarterly vendor focus groups. And, there are Year 2000 Web Pages on both the NASD Web Site (www.nasd.com) and the NASD Regulation Web Site (www.nasdr.com).