Broker-Dealer Regulation

Sadly, the hackers of the world have not let the pandemic get in the way of their nefarious activities.  In particular, BDs and RIAs have been primary targets.   In our prior blog postings, we discussed business continuity plans and the requirement these plans include cybersecurity provisions.   We believe that the SEC, FINRA, and the various

Ernie Badway, the Chair of Fox Rothschild’s Securities Industry Group, will be speaking at the National Conference of the  National Society of Compliance Professionals.  Registration information may be found at: https://www.foxrothschild.com/ernest-e-badway/events/the-secs-challenging-new-guidance-on-the-solely-incidental-broker-exemption/

Nearly a year ago, FINRA adopted Rule 2165 (Financial Exploitation of Specified Adults) and amended Rule 4512 (Customer Account Information). This new rule and amended rule were ways to address the myriad of issues dealing with senior clients.

With nearly a year gone by, FINRA has now published responses to frequently asked questions involving Rules

FINRA recently issued a report regarding its examination findings. FINRA issued this report so that firms can gain insight from the work of FINRA’s examination of other firms.

Among the FINRA’s findings are the following areas that need additional attention:

  1. Cybersecurity, including access management, risk assessments, vendor management, branch office security, segregation on internal duties

In Notice to Members 17-38, FINRA has put out for comment a change to Rule 3110 that would allow the remote inspection of certain “qualifying offices” as that term is defined by FINRA. In its Notice to Members, FINRA highlighted the point that technology and a changing industry mandate reconsideration of requiring mandatory, in-person inspections.

The SEC recently upheld a statutory disqualification that FINRA imposed where the representative filed a false U-4 and falsely answered compliance questionnaires. It appears as though the registered representative failed to disclose tax liens and a bankruptcy on his U-4. So is statutory disqualification the proper punishment for this misdeed.

According to FINRA and

Over the last several months, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) has been conducting a “sweep examination” of over 70 broker-dealers and investment advisers to assess their cybersecurity policies and procedures.  https://www.sec.gov/files/observations-from-cybersecurity-examinations.pdf.  In particular, OCIE looked at their preparedness regarding governance and risk assessment; access rights and controls; data loss prevention;