United States: The 2022 Report On FINRA's Examination And Risk Monitoring Program

On February 9, 2022, the Financial Industry Regulatory Authority, Inc. ("FINRA") released its 2022 Report on FINRA's Examination and Risk Monitoring Program (the "Report").¹ The Report is intended to be an up-to-date, evolving resource or library of information for FINRA member firms, and is designed to be helpful to member firms in reviewing their supervisory procedures and controls and fulfilling their compliance obligations.

The Report is wide-ranging, covering the results of the 2021 examinations in the areas of firm operations, communications and sales, market integrity and financial management. The Report includes exam findings and highlights effective practices for member firms to follow. In this article, we focus on the communications and sales and private placement portions of the Report.²

Communications and Sales

This is the first examination report to cover a full calendar year of member firms' compliance with Regulation Best Interest ("Reg BI") and the Form CRS requirements.³ The Report summarizes Reg BI's requirements, then asks a number of questions designed so that firms focus on these requirements. These questions include:

• Whether a firm is testing its policies and procedures to determine if they are adequate and performing as expected.
  • Do firms place any material limitations on the securities or investment strategies involving securities that may be recommended to a retail customer? If so, does the firm identify and disclose such limitations and prevent those limitations from causing the firm or its associated persons to make recommendations that place the firm's or associated person's interests ahead of the retail customer's interest?
• Does a firm's policies and procedures: (1) identify specific individual(s) who are responsible for supervising compliance with Reg BI; (2) specify the supervisory steps and reviews appropriate supervisor(s) should take and their frequency; and (3) note how supervisory reviews should be documented?
• Does the firm provide dually-registered associated persons with adequate guidance on how to determine and disclose the capacity in which they are acting?
• For firms offering services to retail customers, detailed questions on delivering Form CRS to retail customers, and when Form CRS is so delivered.

EXAM FINDINGS

FINRA examiners report a number of deficiencies with respect to compliance with Reg BI and the Form CRS requirements. The summary list below highlights FINRA's areas of concern affecting all member firms:

• Written supervisory procedures ("WSPs") that are not reasonably designed to achieve compliance with Reg BI and Form CRS:
  • Providing insufficiently precise guidance by not identifying the specific individuals responsible for supervising compliance with Reg BI and stating the rule requirements, but failing to detail how the firm will comply with those requirements (i.e., stating "what" but failing to address "how").
  • Failing to modify existing policies and procedures to reflect Reg BI's requirements by not addressing how costs and reasonably available alternatives should be considered when making recommendations, not addressing recommendations of account types, not addressing conflicts that create an incentive for associated persons to place their interests ahead of those of their customers, and not including provisions to address Reg BI-related recordkeeping obligations and the testing of the firms' Reg BI and Form CRS policies, procedures and controls.
  • Failing to develop adequate controls or developing adequate controls but not memorializing these processes in their WSPs.

Other deficiencies include the failure to comply with Reg BI's care and conflict of interest obligations, improper use of the terms "Advisor" or "Adviser" and insufficient Reg BI disclosures. Deficiencies noted with respect to the use of Form CRS include deficient Form CRS filings (such as significantly departing from the Form CRS instructions by, for example, omitting material facts) and Form CRS not being posted properly on a member firm's public website (the current Form CRS should be easily accessible to retail customers, not requiring multiple click-throughs and confusing descriptions).

EFFECTIVE PRACTICES

The Report highlights effective practices to be followed by member firms, including:

• Identifying and mitigating conflicts of interest by:
  • establishing and implementing policies and procedures to identify and address conflicts of interest, such as through the use of conflicts committees or other mechanisms or creating conflicts matrices tailored to the specifics of the firm's business that address, for example, conflicts across business lines and how to eliminate, mitigate or disclose those conflicts;
  • sampling recommended transactions to evaluate how costs and reasonably available alternatives were considered;
  • providing resources to associated persons making recommendations that account for reasonably available alternatives with comparable performance, risk and return that may be available at lower cost, such as worksheets, in paper or electronic form, to compare costs and reasonably available alternatives, or guidance on relevant factors to consider when evaluating reasonably available alternatives to a recommended product (e.g., similar investment types from the issuer; less complex or risky products available at the firm);
  • updating client relationship management tools that automatically compare recommended products to reasonably available alternatives;
  • revising commission schedules within product types to flatten the percentage rate; and
  • broadly prohibiting all sales contests.
• Tracking and delivering Form CRS and Reg BI-related documents to retail investors and retail customers in a timely manner by automating tracking mechanisms to determine who received Form CRS and other relevant disclosures, and memorializing delivery of required disclosures at the earliest triggering event.

COMPLEX PRODUCTS

The Report notes the following effective practices with respect to recommendations of high risk or complex investments that might not be in a retail customer's best interest:

• establishing product review processes to identify and categorize risk and complexity levels for existing and new products, limiting high risk or complex product, transaction or strategy recommendations to specific customer types, and applying heightened supervision to recommendations of high risk or complex products.

Communications with the Public

The Report covers the requirements of Rule 2210 on a high level, asking:

• Do your firm's communications contain false, misleading or promissory statements or claims?
• Do your firm's communications include material information necessary to make them fair, balanced and not misleading? For example, if a communication promotes the benefits of a high risk or illiquid security, does it explain the associated risks?
• Do your firm's communications balance specific claims of investment benefits from a securities product or service (especially complex products) with the key risks specific to that product or service?
• Do your firm's communications contain predictions or projections of investment performance to investors that are generally prohibited by FINRA Rule 2210(d)(1)(F)?

The Report addresses the use of digital and mobile communication channels, and raises some areas of concern with the use of these methods. There is a particular focus on the use of mobile apps:

• Has your firm established and implemented a comprehensive supervisory system for communications through mobile apps?
• Have you tested the accuracy of account information, including labels and data, displayed in your mobile apps?
• Do your mobile apps accurately describe how their features work?
• Do your mobile apps identify information in ways that are readily understandable, based on the experience level of your customers?
• Do your mobile apps provide investors with readily available information to explain complex strategies and investments and associated risks?
• If your firm offers an app to retail customers, does the information provided to customers constitute a "recommendation" that would be covered by Reg BI, and in the case of recommendations of options or variable annuities, FINRA Rules 2360 (Options) or 2330 (Members' Responsibilities Regarding Deferred Variable Annuities)? If so, how does your firm comply with these obligations?

With respect to other digital communication channels, FINRA asks whether firms' communication policies address all prohibited digital communication channels and feature, reviewing for red flags (such as unapproved registered representative email addresses or references in such emails to communications occurring outside of approved firm channels), supervision and maintenance of books and records for all approved digital communications and whether there are processes in place to confirm that business-related communications comply with Rule 2210.

EXAM FINDINGS

The use of mobile apps and digital communications by member firms and their registered representatives led to a number of findings by examiners, including:

• False, misleading or inaccurate information in mobile apps, such as:
  • incorrect or misleading account balances or inaccurate information regarding accounts' historical performance;
  • sending margin call warnings to customers whose account balances were not approaching, or were below, minimum maintenance requirements;
  • falsely informing customers that their accounts were not enabled to trade on margin, when the accounts were, in fact, margin enabled;
  • misstating the risk of loss associated with certain options transactions; and
  • distributing false and misleading promotions through social media and "push" notifications on mobile apps that made promissory claims or omitted material information.

Examiners also reported insufficient supervision and recordkeeping for digital communications, such as not maintaining policies and procedures to reasonably identify and respond to red flags (customer complaints, representatives' email, outside business activities reviews or advertising reviews), and that registered representatives used business-related digital communications methods not controlled by the firm, including texting, messaging, social media, collaboration apps or "electronic sales seminars" in chatrooms.

EFFECTIVE PRACTICES

FINRA approves of maintaining and implementing comprehensive procedures for the supervision of mobile apps that confirm, for example, that data displayed to customers is accurate and that information about mobile apps' tools and features complies with FINRA's communication and other relevant FINRA rules before it is posted to investors.

For other digital communications, member firms should maintain and implement procedures for supervising digital communication channels, including monitoring new tools and features, clearly defining and enforcing what is permissible and what is prohibited, implementing supervisory review procedures tailored to each digital channel, tool and feature, developing WSPs and controls for live-streamed public appearances, scripted presentations or video blogs, appropriate training and also disciplinary action.

Private Placements

EXAM FINDINGS

Given the increased reliance by issuers on private placements, the Report once again includes a discussion of private placements. The Report reminds member firms of their due diligence obligations in connection with private placements, which are set forth in FINRA Regulatory Notice 10-22. The Report notes that FINRA's suitability rule continues to apply to non-retail customers, and Reg BI applies to recommendations to retail customers of any securities transaction, including recommendations relating to a private placement. Among its findings, FINRA notes that some member firms failed to perform reasonable diligence concerning private placements, especially in connection with offerings that relate to issuers in businesses as to which the member firm lacks specialized experience. In addition, in exams, FINRA has noted that member firms have failed to inquire into and analyze red flags identified during the diligence process. The Report also reminds member firms of their obligation to make timely filings under Rule 5122 or 5123, and reminds firms of the recent amendments to these rules (see FINRA Regulatory Notice 21-26). In the Report, FINRA notes that firms have failed to make timely filings.

EFFECTIVE PRACTICES

The Report highlights a number of effective practices in the area, including creating checklists relating to private placements; conducting and documenting independent research on offerings and addressing any identified red flags; independently verifying aspects of the business plan that are key to the future prospects; identifying and addressing any conflicts of interest; and post-offering, conducting a review to ascertain whether offering proceeds were used in a manner consistent with the plan disclosed in the offering materials.

Footnotes

1 The Report is available at: 2022-report-finras-examination-risk-monitoring-program.pdf.

2 For a discussion of other areas of the Report, see Mayer Brown LLP's Legal Update at: https://www.mayerbrown.com/-/media/finra-alert-feb-15.pdf.

3 For a detailed discussion of Reg BI, see Mayer Brown LLP's Legal Update at: regulation-best-interestnew.pdf.

Originally published in REVERSEinquiries: Volume 05, Issue 01.
Click here to read the articles in this latest edition.

Visit us at mayerbrown.com

Mayer Brown is a global legal services provider comprising legal practices that are separate entities (the "Mayer Brown Practices"). The Mayer Brown Practices are: Mayer Brown LLP and Mayer Brown Europe – Brussels LLP, both limited liability partnerships established in Illinois USA; Mayer Brown International LLP, a limited liability partnership incorporated in England and Wales (authorized and regulated by the Solicitors Regulation Authority and registered in England and Wales number OC 303359); Mayer Brown, a SELAS established in France; Mayer Brown JSM, a Hong Kong partnership and its associated entities in Asia; and Tauil & Chequer Advogados, a Brazilian law partnership with which Mayer Brown is associated. "Mayer Brown" and the Mayer Brown logo are the trademarks of the Mayer Brown Practices in their respective jurisdictions.

© Copyright 2020. The Mayer Brown Practices. All rights reserved.

This Mayer Brown article provides information and comments on legal issues and developments of interest. The foregoing is not a comprehensive treatment of the subject matter covered and is not intended to provide legal advice. Readers should seek specific legal advice before taking any action with respect to the matters discussed herein.