Broker-Dealer Regulation

Subscribe to Broker-Dealer Regulation

Like it has in the past, FINRA is sharply focused on examining brokers with a disciplinary past, including the identification and examination of such brokers being placed at the top of its 2017 exam priorities. Does this mean that firms cannot hire brokers with a past?

The short answer is no, but the longer is a bit more involved. A FINRA examination team is going to be conducting a quantitative analysis to review the broker’s test scores, number of prior employers and disciplinary history.Core Values

When FINRA finds such brokers, it will contact the employing firm’s compliance department to ensure that they know of this history. FINRA will also inquire about the type of supervision being used for the individuals. So what does this mean?

For one, you can hire individuals with a past, but you must do so with caution. That caution would necessarily entail placing such a broker on some form of heightened supervision for at least a period of time. At the end of that time, you can then consider removing or downgrading that supervision, assuming that the broker does not have any additional issues.

The key to remember is that FINRA’s goal is to protect the markets and the consumers who hire brokers who may have a past. Hiring brokers with a history and protecting consumers are not mutually exclusive. However, make sure you take special care in the decision to hire and then supervise such individuals because FINRA is watching.

In its never-ending effort to thwart senior investor fraud, FINRA recently proposed a new rule to the SEC. This proposal would require member firms to obtain the name of a trusted contact person for the customer’s account. The new rule would also allow firms to place temporary holds on the disbursement of funds or securities when there is a reasonable belief of exploitation, and notify the trusted contact of such a hold.

This proposed rule is consistent with the advice I have been giving clients over the years as senior issues became more and more prevalent. So what does the potential formalized rule mean for the business?Conference Room

It should come as a relief to firms to have this type of safeguard. It is a difficult situation to say the least when a firm is uneasy with what a family member may be doing with a senior client of the firm. This rule change will give you somewhat of an out.

The key for having this proposal work is for the right selection of the trusted contact person. Assuming such a person can be identified, I think that it is a good idea for that person to be designated as a fiduciary to the client on the account applications and the account coded so that this trusted person receives regular account statements regarding the senior account.

By doing this, you as a firm have a separate set of eyes on the account activity by someone who may know the family/personal dynamics better that you. Having that person designated as a fiduciary on the account documents also should lend you some protection in the event that the trusted person is not so trustworthy.

Either way, this new rule should be embraced a positive step to protect both firm and clients.

Consistent with the ongoing guidance/requirements from the SEC and FINRA, all firms must have and enforce data security policies and procedures.  Even the best policies and procedures may, however, not protect the firm in every instance.  So what do you do if there is a breach?19196909_s

One of the most important things to determine is what law governs.  In other words, if you have clients in all 50 states, it is possible that there are 50 different data breach laws that may be implicated.  Fox Rothschild LLP has a free app, Data Breach 411, which provides an overview of state data breach laws.

Knowing what you need to know is imperative when assessing a data breach.

 

 

In the hectic world of financial services, registered representatives and investment adviser representatives are always looking to increase their assets under management. At what cost? Are there situations where you would be better off just saying no to accepting that one additional client?

In my many years of defending representatives and advisers from customer complaints, the unqualified answer is yes; there are situations when you are better off just saying no. Any good risk avoidance program will provide for the proper screening/selection of prospective clients. I have addressed this very issue in a risk avoidance handbook.whistle

The key to this screening process is being able to sniff out the types of clients that you do not want to accept. For example, are you the fourth adviser that this client has come to in the last four years? Does the client profile not fit your personal/company investment philosophy? Does the client have unrealistic expectations on what she is expecting you to deliver?

If the answer to any of these questions is in the affirmative, there should be a huge stoplight in front of you flashing red. Any client who fits any of these descriptions is also the client most likely to bring a claim against an adviser.

So before you take on any client with a little money, be cautious. Are there red flags coming into the relationship? If so, just say no.

Every time that I start a FINRA arbitration, I find myself having the same internal debate; did we pick the right person to serve as the arbitration chair. Unfortunately, you will not know the answer to that question until after your arbitration begins, or, more likely, after the award is issued. FINRA has proposed a rule change to open up the filed for chair arbitrators.Conference Room

Under the proposed rule, attorneys can serve as public arbitrator chair with less experience than they were required to have in the past. Pursuant to this proposal, attorneys would only need to have served on at least one arbitration that went to an award and the complete chair training.

FINRA’s stated purpose for the rule is to “protect investors and the public interest” by increasing the pool of eligible chairpersons. This way, chairs would ideally no longer have to travel to serve as a chair.

In theory, this all makes sense. If there are more available chairs, then investors and the industry will be better served. But will this work?

In my view, much still falls on the parties to critically review the CVs of potential chairs and do your due diligence. Call other lawyers who have had arbitrations with that person. Do some research of the professional backgrounds of the potential chair. After all, just because a lawyer passes FINRA’s vetting processing does not mean that you would want that person as your chair.

Over the years that I have defended broker-dealers and investment advisors on customer-initiated claims, I have seen many things that would make any compliance officer cringe. One spine tingling (not in the good way) type of conduct is when an advisor engages his/her client when the client makes an informal complaint, instead of routing the complaint to compliance/supervision.whistle

So why is engagement against the rules of engagement? The most important reason is that engagement (aka arguing) may only make a simple customer service issues into a formal complaint. Rather than engage, my experience suggests that it is better to get the complaint (assuming it is in writing) to the proper person in compliance/supervision.

Dealing with an oral complaint is a little trickier because you are put on the spot. Nevertheless, the best course, as hard as it may be, is to try to defuse the situation by expressing that you understand the issue that is being raised, you will look into the issue and, finally, will respond further as soon as possible.

By defusing instead of engaging, you give all sides the opportunity to let cooler heads prevail. Many times a customer service issue can be easily addressed by taking a little time to consider the issues and formulate a response/course of action instead of blurting out the first thing that comes to mind; that is invariably the worst thing to say.

If you get a complaint; don’t jump to respond. Use your resources and formulate a well-reasoned response. Sometimes the client is wrong, but arguing with the client gets you nowhere except guaranteeing litigation.

When faced with a customer complaining through a letter or email, it is human nature to try to appease the customer with a conciliatory response or no response at all. I have seen this “human nature” all too often when defending brokers and advisor from customer complaints.

In almost all instances, the complaining customer now claims that the conciliatory comment or non-response is the functional equivalent of an admission by the broker/advisor that he/she did something wrong. In turn, the broker denies that he/she made any admissions by being conciliatory or silent. While I generally agree with the advisors, it is always an issue that must be overcome.whistleblower

So what should an advisor do when confronted with a nasty/accusatory email/letter? Most important, forward the communication to the person/persons who are designated in your company to handle customer complaints regardless if you “think” this person is just blowing smoke.

Someone should always respond to such a communications. The responding communication does not have to be the functional equivalent of beating up baby seals with a bat. Instead, it should be nice, but be firm at the same time.

If a client claims that you misrepresented an investment that you recommended, the response should remind the client in detail what was discussed, and why the investment falls within the client’s overall investment objectives, goals and tolerance for risk. Ideally, prior written communications on the subject will be sent back to the customer as part of this “reminder.”

Although nothing will ultimately keep a client from suing you if he/she is really inclined to do so, avoid potentially making it worse by not responding or being too conciliatory to a complaining email/letter. The last thing you want to have do is explain away the poor response (or absence of any response) to an arbitrator or jury who may not really understand you were just trying to be nice.

The SEC recently created a new position associated with cybersecurity; senior adviser to the chair for cybersecurity (Christopher R. Hetner). Mr. Hetner has an extensive background in information technology and, in particular, cybersecurity.

19196909_sAccording to the SEC, Mr. Hetner will be responsible for (i) coordinating cybersecurity efforts across the SEC; (ii) engaging with external stakeholders; and (iii) enhancing SEC mechanisms for assessing broad-based market risk. This appointment could have a wide-ranging on the industry.

As we know, the SEC has made cybersecurity an exam priority over the last few years. The SEC is also actively conducting cybersecurity investigations and undertaking enforcement actions where appropriate. According to Chairperson White, the SEC is looking to bolster its risk-based approach. So what does this mean on a day-to-day basis?

Understand that the SEC has just upped the stakes. By retaining an industry expert who is solely focused on data-security related issues, the industry must be prepared for the SEC and FINRA to come after firms regardless if the firm sustains a breach or clients suffer harm as a result. Firms with weak or no data-security programs will surely be targeted.

Are you prepared to handle this even more focused mission of the SEC? If not, you need to more fully review you systems and procedures, both internally and externally facing. Are you testing your systems and procedures on a regular basis? If not, you better start.

The SEC is prepared; are you?

If you thought the SEC and FINRA were serious about elder issues, welcome to the Alabama, Indiana and Vermont. Each has focused on elder abuse issues.

These states will have mandatory reporting to state officials in instances involving the disabled or those over 65 years of age. They will also allow advisors to cease disbursing funds from clients and providing advisors with immunity associated with doing so. So what does this all mean?

For one, states are starting to run on the coattails of federal regulators who have made elder issues an examination priority in recent years. In addition, such state laws should be a wake-up call for brokerage and advisory firms who service elder clients.money and calculator

The actions of these states should force you to ask yourself; what is my firm doing to prevent, detect and report elder abuse. Although a FINRA proposed rule does not require reporting, its goal is the same because it would allow advisors to designate a third-party to who they can inform of suspected problems.

In the absence of reporting requirements, firms should consider having clients aged 65 or above designate a trusted family member or friend when the advisor suspects that the client may be the subject of some abusive conduct. At that point, you may have a group approach to address suspected abuse.

Firms may also want to consider requiring these elder clients to designate a trusted family member or friend to receive copies of account statements. This way, someone who is “independent” can check an account for irregular activity as well.

Whether you are required to address elder abuse or not, firms should make sure that they are taking special care with their elder clients. Federal regulators and now states are focused on the issue. Are you doing anything to make sure your firm does not get into an elder abuse nightmare?

If you cannot answer this question, you may have an issue when you have your next FINRA exam. After all, firm culture is a FINRA exam priority. Does your firm have a culture of compliance?

This question only leads to another; what is a culture of compliance. For one, this is something that has to resonate from the top down. If senior management ascribes to uphold firm compliance, that should promote the “culture of compliance.”CEO tree

For example, does senior leadership enforce the firm’s written supervisory processes and procedures? In doing so, does senior management hold everyone accountable the same way, or are exceptions made for the “big producers”. If exceptions are made, you are not promoting a culture of compliance.

Does senior management ensure that there is adequate training of all personnel? There should be a robust and mandatory training program to account for changes to the rules and to make your personnel aware of risks and how to avoid them; one of the biggest being data security.

These are only two of many considerations for assessing whether there is a culture of compliance. The key in it all is leadership from the top. After all, people cannot follow a leader who does not lead. Be a leader.