On September 30, FINRA issued Regulatory Notice 14-37 requesting comments on a proposed rule to implement the Comprehensive Automated Risk Data System (CARDS). FINRA has described CARDS as a rule-based program that would allow FINRA to collect on a standardized, automated, and regular basis, account information, as well as account activity and security information that a firm maintains as part of its books and records. This would exclude the collection of personally identifiable information for customers, including account name, account address and Social Security number. The rule proposal would be implemented in two phases. The first phase would require carrying or clearing firms (approximately 200 firms) to periodically submit in an automated, standardized format specific information that is part of the firms’ books and records relating to their securities accounts and the securities accounts for which they clear. The second phase of CARDS would require fully-disclosed introducing firms to submit specified account profile-related data elements either directly to FINRA or through a third party. The comment period on the proposed rule expires December 1, 2014.
This month, FINRA issued guidance notice 14-40 to remind firms that “it is a violation of FINRA Rule 2010 (Standards of Commercial Honor and Principles of Trade) to include confidentiality provisions in settlement agreements or any other documents, including confidentiality stipulations made during a FINRA arbitration proceeding, that prohibit or restrict a customer or any other person from communicating with the Securities and Exchange Commission (SEC), FINRA, or any federal or state regulatory authority regarding a possible securities law violation.” Additionally, the notice addresses FINRA’s Code of Arbitration Procedure for Customer Disputes, emphasizing that the parties involved in the arbitration discovery process must “cooperate with each other to the fullest extent practicable in the voluntary exchange of documents and information to expedite the arbitration process.” FINRA further specifies that “stipulations between the parties or confidentiality orders issued by an arbitrator as part of the discovery process regarding the non-disclosure of the documents in question outside the arbitration of the particular case do not restrict or prohibit the disclosure of the documents to the SEC, FINRA, any other self-regulatory organization, or any other state or federal regulatory authority.”
On August 21, the U.S. Court of Appeals for the Second Circuit held that forum selection clauses, requiring “all actions and proceedings” related to the transactions between the parties to be brought in court, supplant FINRA’s arbitration rule that would otherwise apply. Goldman, Sachs & Co. v. Golden Empire Schools Financing Authority, Nos. 13-797-CV, 13-2247-CV, 2014 WL 4099289 (2nd Cir. Aug. 21, 2014). Underwriters and broker-dealers of auction rate securities brought declaratory and injunctive relief actions against issuers, seeking to enjoin FINRA arbitration of their disputes involving the securities. The parties’ broker-dealer agreements contained forum selection clauses requiring “all actions and proceedings arising out” of the transactions to be brought in court. The district courts enjoined the arbitrations based on the forum selection clauses. The Second Circuit affirmed, holding that FINRA Rule 12220, which states that members must arbitrate a dispute if arbitration is requested by the customer, is superseded by the agreements containing a forums selection clause whose language is all-inclusive and mandatory. The Second Circuit’s decision accords with a similar ruling by the Ninth Circuit, but marks a split on the issue from the Fourth Circuit, which found that a nearly identical forum selection clause did not supersede the FINRA rule.
On August 18, FINRA announced a complaint against a financial services and investment firm, alleging that the firm was responsible for systematic supervisory and AML violations in connection with providing direct market access and sponsored access to broker-dealers and non-registered market participants. Specifically, FINRA claims that from January 2008 through August 2013, the firm failed to “ensure appropriate risk management controls and supervisory systems and procedures,” thereby allowing its market access customers to “self-monitor and self-report” possibly manipulative trades. Moreover, FINRA asserts that during the relevant time period, the firm was made aware of these potential regulatory and compliance risks though numerous industrywide notices, disciplinary decisions taken against other industry participants, and multiple self-regulatory organization inquiries and examinations. The firm may request a hearing before the FINRA disciplinary committee. If FINRA’s charges stand, the firm could face suspension, censure, and/or monetary penalties.
On July 23, FINRA announced that the SEC approved a new rule prohibiting FINRA-supervised firms and registered representatives from conditioning settlement of a customer dispute on—or otherwise compensating a customer for—the customer’s agreement to consent to, or not to oppose, the firm’s or representative’s request to expunge such information from the Central Registration Depository (CRD) system. The CRD system is an online registration and licensing system for the securities industry, which contains information regarding members and registered representatives, such as personal information, registration, and employment history, as well as disclosure information including criminal matters, regulatory and disciplinary actions, civil judicial actions, and information relating to customer complaints and disputes. The information FINRA makes public through BrokerCheck is derived from CRD. Brokers who wish to have a customer dispute removed from the CRD system and, thereby, from BrokerCheck, must obtain a court order confirming an arbitration award recommending expungement relief. FINRA will announce the effective date of the new rule in a regulatory notice to be published shortly.
On July 8, FINRA released a targeted examination letter it sent to 10 firms to assess their compliance with requirements related to order routing and execution quality of customer orders in exchange listed stocks during the period of January 1, 2014 to present. The letters include numerous requests for information, including requests that each firm explain: (i) how it uses reasonable diligence to ascertain the best market for orders that the firm routes for execution to an exchange, or broker-dealer, so that the resultant price is as favorable as possible for its customer under prevailing market conditions; (ii) how the firm’s exchange order-routing decisions are made for customer non-marketable, customer market, and marketable limit orders; and (iii) how the firm reviews the execution quality of such orders. The letters also include requests related to each firm’s use of the “Smart Order Router.”
On February 5, FINRA announced its largest ever fine for alleged AML-related violations. The self-regulatory agency ordered a securities firm to pay $8 million for allegedly failing to (i) implement an adequate AML program to monitor and detect suspicious penny stock transactions; (ii) sufficiently investigate potentially suspicious penny stock activity brought to the firm’s attention; and (iii) fulfill its SAR filing requirements. Further, the firm allegedly did not have an adequate supervisory system in place to prevent the distribution of unregistered securities. In addition to the monetary penalty against the firm, FINRA suspended the firm’s former Global AML Compliance Officer for one month and fined him $25,000. FINRA explained that penny stock transactions pose heightened risks because low-priced securities may be manipulated by fraudsters. In this case, it believes that, over a four-and-a-half year period, the firm executed transactions or delivered securities involving at least six billion shares of penny stocks, “many on behalf of undisclosed customers of foreign banks in known bank secrecy havens.” The firm allegedly executed these transactions despite the fact that it was unable to obtain information essential to verify that the stocks were free trading and in many instances did so without even basic information such as the identity of the stock’s beneficial owner, the circumstances under which the stock was obtained, and the seller’s relationship to the issuer. During this time, penny stock transactions generated at least $850 million in proceeds for the firm’s customers. The firm did not admit to or deny the allegations.
On January 2, FINRA outlined certain specific areas of concern the independent regulator intends to focus on in 2014. The topics are largely consistent with FINRA’s 2013 priorities and are grouped in several categories: (i) business conduct; (ii) fraud; (iii) financial and operational; and (iv) market regulation. Under business conduct, for example, FINRA explains that it remains concerned about the suitability of recommendations to retail investors for complex products whose risk-return profiles may be difficult for investors to understand. FINRA lists numerous specific products it intends to scrutinize with regard to suitability. FINRA also intends to focus on, among other things, conflicts of interest, cybersecurity, anti-money laundering, and senior investors.
On November 12, FINRA released an enhanced version of BrokerCheck, its online system that allows investors to research the professional background of investment professionals. The enhancements allow investors to search both the BrokerCheck and Investment Adviser Public Disclosure record of any securities professional or firm directly on the FINRA homepage. Additional changes were made to present data in a more user-friendly format.
On October 14, FINRA released a report on conflicts of interest in the broker-dealer industry, stating that the report is intended to identify potential problem areas and highlight effective conflicts management practices that may go beyond current regulatory requirements. The report identifies the components of an effective conflicts management framework, which include, for example (i) identifying and managing conflicts on an ongoing basis through an enterprise-level approach that is scaled to the size and complexity of a firm’s business, (ii) establishing new product review processes that provide independent perspectives and identify potential conflicts raised by new products, (iii) minimizing conflicts in compensation structures between customer and broker or firm interests where possible, and (iv) including “best-interest-of-the-customer” standards in codes of conduct that apply to brokers’ personalized recommendations to retail customers.
On July 22, FINRA announced that it will begin to disseminate information for so-called specified pool transactions in agency pass-through mortgage-backed securities and SBA-backed securities, including transaction information such as the time of the trade, price and volume. Transactions must be reported to within two hours of execution (the reporting period is reduced to one hour after a six month implementation period), and are disseminated as soon as received. Combined with FINRA’s action last year to begin disseminating transaction information for agency pass-through mortgage-backed securities traded “to-be-announced” (TBA), FINRA now will be sharing information for securities that represent over 90 percent of the par value traded in all asset- and mortgage-backed securities.
On June 21, the SEC approved a change to FINRA’s rules that will allow the self-regulatory organization to publish greater information about FINRA’s disciplinary actions. Under existing rules, FINRA only releases disciplinary actions upon request, unless the action meets specified criteria established for use in determining whether an action is worthy of publication. Once the new rules take effect – likely several months from now – those publication criteria will be removed, and most FINRA disciplinary actions will be released as a matter of course. FINRA will retain authority to redact information to protect privacy of individuals. The new rules also update and codify FINRA’s practices related to the publication of other FINRA actions, including temporary cease and desist orders, statutory disqualification decisions, expedited proceeding decisions, summary actions, and others.
On May 22, FINRA announced that it was selected by Direct Edge, the third largest U.S. stock exchange operator, to provide market surveillance services on behalf of Direct Edge’s two licensed stock exchanges. The agreement extends FINRA’s surveillance oversight to more than 90% of U.S. equities trading volume. With this agreement, all of Direct Edge’s third-party regulatory services will be consolidated with FINRA.
On May 8, FINRA announced that it fined three firms a combined $900,000 and suspended four executives for allegedly failing to establish and implement adequate anti-money laundering programs. Specifically, FINRA claims that investigations into the three firms revealed that (i) one firm failed to identify suspicious account activity or did not adequately investigate numerous AML “red flags” and that certain of the firm’s customers’ accounts engaged in a pattern of activity consisting of moving millions of dollars through the accounts while conducting minimal-to-no securities transactions, (ii) a second firm that specialized in online trading and catered to the Chinese community failed to implement an AML program adequate to detect and report suspicious transactions, including potential manipulative trading, and (iii) a third firm failed to create and enforce a supervisory system and written procedures to monitor for unlawful transactions in unregistered penny stocks and failed to establish a program reasonably designed to monitor for and report suspicious activity. The suspended executives included two chief compliance officers who failed to fulfill obligations to monitor in accordance with AML requirements, and two owners. The suspensions range from three to nine months. The firms and the executives did not admit to the allegations, but agreed to pay the fines to resolve the investigation.
On January 26, the Financial Industry Regulatory Authority (FINRA) issued Regulatory Notice 12-05, notifying institutions of an increase in reports of customer funds being stolen through improper access to customer email accounts and unauthorized electronic instructions to transfer or withdraw funds. FINRA urged firms to review policies and procedures to ensure protection of customer funds, particularly in cases where the request for funds and transmittal are handled electronically. FINRA recommends that policies and procedures include methods for confirming the identity of the requestor, as well as a system to identify and respond to “red flags.” Concurrent with the regulatory notice, FINRA issued an alert to investors warning about the increased account breach activity and providing tips for protecting account information and funds.