COUNTDOWN TO DEC. 1

Executive Summary

  • December 1, 2014: Deadline for broker‐ dealers to implement review of internal communications related to investment banking and securities business under new FINRA Supervision rule 3110(b)(4).
  • Review must be appropriate for firm business, size, structure and customers in order to identify subject matter requiring review under FINRA rules and federal securities laws.
  • The Supplementary Material sets out requirements for risk‐based review, evidencing the review, delegation (but supervisors retain ultimate responsibility) and record retention.
  • Accompanying Notice to Members 10‐14 references prior guidance and discussion in Notice to Members 07‐59.

By December 1, 2014, broker-dealers must commence the review of internal communications required under the new Financial Industry Regulatory Authority ("FINRA") Supervision rule. Chief Compliance Officers, compliance officers with correspondence or communications review responsibilities and compliance systems support personnel should urgently evaluate the requirements set forth in the documents listed below.

Besides satisfying the technical requirements of the rule, all legal and compliance personnel should consider how to "connect the dots" when faced with reviewing what may prove to be a mini-tsunami of flagged internal messages. This problem may be particularly acute if, as in the case of correspondence review at many firms, primary responsibility for reviewing email correspondence is divided up among line managers or risk management personnel and it may be practically difficult to achieve a consolidated view.

While the expanded review is likely to provide compliance personnel additional insight into line of business activities and practices, seasoned reviewers (see Footnotes 2 and 3 below) may be needed to separate minor technical issues reflected in the flagged message from significant regulatory issues. However, even minor, technical breaches reflected in flagged items, if not appropriately resolved, may result in findings in an internal audit report or a FINRA examination close-out report. On the other hand, supervisors may find themselves in the regulator's line of fire (more so than ever) if there are "significant regulatory issues" evidenced in the reviewed internal messages which the regulator deems not to have been appropriately resolved.

Relevant Rules and Guidance:

  • New FINRA Rule ("FR") 3110(b)(4) effective December 1, 2014.
  • Supplementary Material ("SM") .06, SM .07, SM .08 and SM .09.
  • Current F.R. 3010(d)(1) effective till November 30, 2014.
  • Notice to Member ("NTM") 14-10 SEC Approves New Supervision Rules, Footnotes 11 and 12.
  • NTM 07-59 The Review and Supervision of Electronic Communications (cited in Footnote 12 of NTM 14- 10).

Expanded Requirements: F.R. 3110(b)(4) explicitly (and significantly) expands broker- dealer communications review to include internal communications by all firm employees related to the member's investment banking or securities business. The review must be appropriate for the member's business, size, structure, and customers in order to properly identify communications with subject matter that require review under FINRA rules or federal securities laws. Currently, F.R. 3010(d)(1) only requires firms to review incoming and outgoing correspondence of its registered representatives with the public related to the member's investment banking or securities business to identify customer complaints and verify the proper handling of customer funds and accounts.

Additional Requirements in SM:

  • SM.06 permits firms to use riskbased principles to determine whether there should be additional policies and procedures for internal communications review which are necessitated by its business and structure if such messages are not of a subject matter requiring review under FINRA rules or federal securities laws.1
  • SM.07 requires electronic or paper review records to identify the reviewer, the material reviewed, review date and actions taken pertaining to identified, significant regulatory issues.2
  • SM.08 permits delegation of the review to unregistered personnel, but assigns ultimate responsibility to the supervisor/principal who must take reasonable and appropriate actions to ensure that delegated functions are properly executed and evidenced sufficiently to demonstrate overall supervisory control.3
  • SM.09 requires the firm to retain employee internal communications relating to the firm's investment banking and securities businesses in accordance with Securities Exchange Act Section 17a-4.

Additional Guidance: NTM 14-10, Footnote 11 provides an example of reviewable internal communications: pre-publication communications between non-research and research personnel concerning a research report.4 FINRA stipulates that the Footnote 11 is "without limitation" (as are the three other examples in Footnote 11 which involve incoming or outgoing communications with the public).

Footnote 12 states that the F.R. 3110(b)(4) reflects prior guidance under NTM 07-59, Section II. The guidance states that member firms may use risk-based principles to flag communications that evidence information about customer complaints, problems, errors, orders or account instructions, or conduct inconsistent with FINRA rules or federal securities laws as well as matters of importance to the member's ability to adequately supervise its business or to manage the member's reputational, financial and litigation risk.

In addition, any risk-based selection of internal communications to be reviewed should give consideration to flagging messages concerning the following issues or matters:

  • A breakdown in information barriers protecting customer or issuer information.
  • Protection of research personnel from undue influence.
  • Segregation of the prop desk from any operating areas of the member firm.
  • Branch or desk examinations, regulatory inquiries, examinations or investigations.
  • Transaction reviews, internal disciplinary reviews, reviews relating to customer complaints or arbitration.
  • Issues triggering review of external electronic communications or internal communications arising out such external communications reviews.

Guidance on Review Methodology: The discussion on review methodology in NTM 07-59 in Section II(D) is intended for correspondence review. The guidance discusses the use of either a lexicon-based review system or random sampling, or both. As internal communications review is likely to be based on one or both of the same two methodologies, it may be useful to review this section in detail

Footnotes

1 See the second bullet point at the end of the paragraph (under Additional Guidance) below concerning Footnote 12 and NTM 07-59.

2 NTM 07-59 permits an electronic log or other systemic record. Communications reviewers must have the requisite knowledge, experience and training to conduct such reviews. Firms can demonstrate reviewers meet such criteria by their prior supervisory experience, years in the industry and at the firm, licenses, firm and regulatory element training, product knowledge, educational degrees, participation in industry seminars, other training, systems knowledge and prior regulatory experience.

3 NTM 07-59 states that if review functions are delegated, firm procedures should set out a protocol to escalate regulatory issues to the designated supervisor or department.

4 Based on identical rules, F.R. 2711(b)(3) and incorporated New York Stock Exchange Rule 472(b)(3). Both rules set out the protocols for non-research personnel to review research reports and communicate orally or in writing with the research department concerning the contents of such research report prior to publication.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.