FINRA Releases Annual Report Addressing Areas of Examination Focus for 2021
The Financial Industry National Regulatory Authority (FINRA) announced its 2021 report on FINRA's examination and risk monitoring program on February 1, 2021. According to FINRA, the report combines and replaces two of their previously published annual reports: the report on examination findings and observations and the risk monitoring and examination program priorities letter. Below, we highlight what you need to know from this year's report.
Outside Business Activities and Private Securities Transactions
This topic is not new to the list. The applicable FINRA rules are FINRA Rule 3270 and 3280. Essentially, FINRA wants broker-dealers to monitor both rules. FINRA also reminds firms to check the following sources of information:
- PPP loan databases;
- social media; and
- networking websites for evidence of non-compliance.
Again, this is a topic has been listed in prior iterations of FINRA's report. One thing FINRA is looking for is encryption of confidential client data. Next, FINRA wishes to see due diligence on the part of vendors, as it relates to their cybersecurity capabilities. Lastly, FINRA wants to see "access management," which reflects granting access to information only when required, only to the level required, and removing access when it is no longer needed.
Activities Related to Digital Assets
The most recent notice for digital assets is last year's FINRA Notice to Members 20-23. FINRA is concerned about digital platforms with interactive game-like features that are more likely to influence customers' behavior. As such, FINRA wants risks disclosed and a distinction as to what activities are offered by a broker-dealer and those that are not.
Regulatory Events Reporting
The applicable FINRA Rule governing disclosable events is Rule 4530, which includes specific event-related disclosures and quarterly statistical and summary information. FINRA is concerned about registered representatives not reporting something like a tax lien to a broker-dealer's compliance department. FINRA is also concerned that broker-dealers are not doing enough to discover unreported events. Appropriate surveillance should include monitoring emails.
Large Trader Reporting
Large trader reporting is required under Exchange Act Rule 13h-1. FINRA wants to know if market participants are timely in filing Form 13H, and are also monitoring unidentified large traders. They also want to know if firms are monitoring their daily and monthly large trader monitoring calculations.