Momentum Building on Cannabis: New York Passes Marijuana Regulation and Taxation Act, Congress Closer to Passing SAFE Act
Federal and state legislation to legalize cannabis and regulate related businesses moved forward this month with a bipartisan reintroduction of the federal Secure and Fair Enforcement (“SAFE”) Banking Act and the passage of a New York law creating a regulatory licensure and taxation framework for producers, distributors, and retailers of marijuana. The implications of these actions are significant. If enacted, the SAFE Act would accelerate the growth of the cannabis industry by ensuring access to financial services for related businesses.
Meanwhile, the passage of the New York State law legalized marijuana for adult use and created a new framework for regulating the production and sale of cannabis. Further, the new law is ambitious containing provisions to address “social and economic equity” issues in order “to assist individuals disproportionately impacted by cannabis enforcement that want to participate in the industry.” In this article, we look at the New York law and revisit the bipartisan SAFE Act, two efforts that cover the spectrum on cannabis regulation.
New York Marijuana Regulation and Taxation Act
On March 31, 2021, New York Governor Andrew Cuomo signed into law the Marijuana Regulation and Taxation Act (“MRTA”). The law legalizes adult-use recreational marijuana for cultivation, processing, and sale in the state of New York. The law cites multiple goals, among them: (i) to regulate, control, and tax marijuana; (ii) to generate new revenue for the state; (iii) to invest in communities impacted by cannabis criminalization; (iv) to “make substantial investments in communities and people most impacted by cannabis criminalization”; (v) to “address the collateral consequences of such criminalization”; (vi) to prevent access to cannabis by those under the age of twenty-one years; (vii) to reduce the illegal drug market and reduce violent crime; (viii) to create new industries; (ix) to protect the environment; (x) to improve the state's resiliency to climate change; (xi) to protect the public health, safety and welfare of New Yorkers; (xii) to increase employment; and (xiii) to strengthen the state’s agriculture sector. The Governor stated that the development of an adult-use cannabis industry “has the potential to create significant economic opportunities for New Yorkers” (estimates range from 30,000 to 60,000 jobs) and that “[t]ax collections from the adult-use cannabis program are projected to reach $350 million annually.”
Specifically, the MRTA creates an Office of Cannabis Management to set cultivation and processing standards, issue licenses to businesses in the production and distribution process, conduct inspections, and enforce the “comprehensive regulatory framework governing medical, adult-use cannabinoid hemp.” The law establishes a new tax structure including a nine percent state excise tax and a local excise tax of four percent of the retail price. Taxes are to be deposited in a special cannabis revenue fund and apportioned for education, community grants (to address social and equity issues), drug treatment, and public education. There are additional provisions for municipal opt-outs for local dispensaries, traffic safety, criminal penalties and records expungement, workplace safety and public health.
The Federal Landscape
New York’s Marijuana Regulation and Taxation law adds considerable pressure on Congress to pass legislation to allow legitimate cannabis-related businesses and service providers access to the financial system.
Some 36 states have legalized marijuana for either medical or recreational adult-use purposes. The American Bankers Association (“ABA”) argues that current federal law prohibiting cannabis financial activity from entering the banking system “is marginalizing a significant portion of economic activity in legal cannabis states and forcing the creation of an all-cash economy.” The consequence is an industry which is difficult to regulate in terms of taxes and financial activity and is outside the federal anti-money laundering regime. According to an ABA survey, “99 percent of bankers said Congress should act to resolve the conflict.” (See also ABA letter to Senate banking Committee Co-Chairs.)
As evidenced by the goals articulated in the New York law, there are numerous considerations beyond accessing the financial system and reducing the reliance on and amount of cash for these businesses. These considerations can be found in other congressional initiatives and are currently championed by Senate Majority Leader Chuck Schumer, who stated that he is prioritizing a more comprehensive approach—decriminalization and minority small business investment reform—and by Judiciary Committee Chair Jerrold Nadler, who said he would reintroduce the "Marijuana Opportunity Reinvestment and Expungement Act” (“MORE Act”) to remove cannabis from the list of federally controlled substances. (See previous Bates’ article here). It is unclear at this time whether issues addressing access to the banking system will stand alone legislatively or will be folded into something broader.
The bipartisan SAFE Banking Act would create a safe harbor for depository institutions that provide banking services to state-licensed cannabis businesses. Like the earlier version of the SAFE Banking Act, which passed the House of Representatives in 2019 but fell short in the Senate, proceeds from state-licensed cannabis businesses would not be considered proceeds from illegal activity. This means that these loans, and collateral provided by financial institutions, are effectively protected from Anti-Money Laundering/ Bank Secrecy Act (“AML/BSA”) laws and the risk of asset forfeiture.
Among other provisions, the SAFE Banking Act would: (i) prohibit regulators from taking adverse or corrective supervisory action on loans made to cannabis businesses; (ii) protect from criminal, civil and administrative forfeiture any loans or other financial services provided to cannabis businesses or owners of real estate or equipment leased or sold to them; and (iii) impose new obligations on FinCEN to provide guidance for financial institutions that provide services to cannabis businesses. Under the bill, businesses that provide financial services to a depository institution (e.g. money transmitters) are protected, as are insurance providers that write deposit insurance policies for legal cannabis businesses.
Unlike the 2019 version, the new SAFE Act requires federal banking regulators to update guidance on their AML/BSA obligations on hemp. (See also Bates article on AML Suspicious Activity Reporting and hemp.) This revision may be likely to attract additional congressional support. Further, the new SAFE Act made revisions to the definitions of financial services to include services or products that can be provided by federal credit unions. (See 2018 Memorandum by the NY Department of Financial Services on “the provision of financial services to medical marijuana and hemp-related businesses in New York State.” The guidance suggested that state-chartered banks and credit unions "consider establishing banking relationships with medical marijuana-related businesses.”)
The passage of the New York legislation legalizing marijuana for adult recreational use, combined with the Democratic control of Congress is making the passage of the SAFE Act more likely than in the past. The only real question is whether the Senate and House Democratic leadership will press their advantage and attempt to pass a broader, more comprehensive bill that addresses additional issues including decriminalization and related social issues. Majority Leader Schumer tweeted, “Congress should not enact banking reform alone and think the job is done.” Bates will keep you apprised as these and other legislative developments play out.
For additional information, please follow the links below to Bates Group's Practice Area pages:
AML Watch: FinCen Seeks Comments on Beneficial Ownership Reporting, SEC Issues Alert on SARs Compliance Deficiencies and Guidance
In a recent post, Bates noted that the new Anti-Money Laundering Act (“AMLA”), which became law on January 1, 2021, expanded the Bank Secrecy Act regulatory framework, requiring substantial attention to additional regulator guidance and AMLA-related proposed rulemakings. Core areas of the new law focus on (i) establishing a beneficial ownership database and reporting under AMLA Corporate Transparency Act (“CTA”) provisions and (ii) improving the monitoring, reporting and compliance systems necessary to strengthen existing AML efforts. Both areas were the subject of recent regulatory activity.
On April 1, 2021, FinCEN issued an Advance Notice of Proposed Rulemaking (“ANPRM”) on beneficial ownership reporting. On March 29, 2021, the SEC Division of Examinations (now referred to as “EXAMS”) issued a risk alert on AML program compliance, and, in particular, red flag areas where broker dealers can improve their suspicious activity monitoring and reporting. Here’s a closer look.
FinCEN First Steps
In the CTA, Congress mandated the creation of a database of beneficial ownership information to, according to FinCEN, prevent malign actors from exploiting “opaque legal structures to launder money, finance terrorism, proliferate weapons of mass destruction, traffic humans and drugs, and commit serious tax fraud and other crimes that harm the American people.” Under the new law, “reporting companies” must provide identifying information for “beneficial owners,” which include individuals who exercise “substantial control” of, or have at least a 25% ownership interest in, the company.
Reporting of beneficial ownership is primarily directed at smaller businesses or shell entities. (The Act excludes certain financial institutions, publicly traded companies, non-profits, government entities, and other entities that have (i) a physical operating presence in the U.S., (ii) more than 20 employees and (iii) sales or gross receipts in excess of $5 million.) Financial institutions already covered by FinCEN’s CDD Rule are not required to report beneficial ownership under the AMLA. However, in the ANPRM, FinCEN stated that it will propose revisions to existing financial institution customer due diligence regulations on beneficial ownership, as required by the CTA, in a separate rulemaking subject to notice and public comment.
In the ANPRM, FinCEN lists a series of questions on reporting, database maintenance and disclosure. The scope and detail of these questions suggest the enormous effort that will be necessary to fully address the CTA statutory requirements on beneficial ownership. There are many questions with many implications.
As to defining key terms, FinCEN challenges commenters to consider nothing less than (i) the inclusion or exclusion of the term “other similar entities” for reporting purposes; (ii) filing practices and state law; (iii) the term “beneficial owner” (i.e., should it be based on standards under the CDD Rule, new definitions for “ownership” and/or “control”?); (iv) the terms “reporting company” and “applicant”; (v) qualifications and standards for exemptions; and (vi) whether there should be different informational requirements for different types of entities. On reporting concerns, FinCEN asks for comment on broad general concerns (“what information should FinCEN require a reporting company to provide about the reporting company itself to ensure the beneficial ownership database is highly useful to authorized users?”) and detailed implementation questions (“should FinCEN allow or support direct batch filing of required information?”).
FinCEN also asks for comment on questions of privacy, access, form identifiers, and process. On privacy, for example, FinCEN asks how it can best “protect both the privacy interests underlying an individual's or entity's desire to use the FinCEN identifier, and the identifying information that must be provided to FinCEN by an individual or entity wishing to obtain and use the FinCEN identifier[.]” Thornier still, FinCEN asks for comment on how to handle requests from a host of interested parties, including from “Federal functional regulators or other appropriate regulatory agency [an undefined term].” Finally, FinCEN asks whether there are ways to reduce costs and minimize burdens the new law will place on many small entities. There are 48 questions (with many subparts) in all, not including a general request for comment on “any other aspects of implementation of the CTA.” Comments are due by May 5, 2021.
The AMLA requires FinCEN to consider ways to strengthen/streamline SARs and other reports (and to extract more law enforcement value from them). Functional regulators are pursuing a parallel track. In their alert, EXAMS staff focused on the results of observations of brokers and mutual funds’ AML programs and SAR processes. Recent attention to manipulation and trading in low-priced securities were a chief concern underlying the release of this alert. (See also Bates coverage highlighting FINRA’ increased attention to trading in penny stocks.)
In the SEC alert, EXAMS staff found inadequate firm policies and procedures affecting the ability to identify and report suspicious activity. These deficiencies included (i) failures to incorporate red flags—or inadequate red flags—in policies or procedures meant to enable the identification of activity or securities transactions that should trigger required diligence or reporting; (ii) failures to establish automated systems to monitor and report suspicious activity associated with trading in large volumes; (iii) failures to set SAR and other triggering thresholds appropriately; and (iv) overreliance on clearing firms to identify and report suspicious transactions in customer accounts. EXAMS staff also found program implementation deficiencies and inadequate due diligence that led to failures to trigger SAR filings. These include deficiencies in monitoring, procedural consistency, effective follow up, and compliance with firm trading prohibitions (on, for example, low-priced securities).
EXAMS staff learned that these program deficiencies led to SAR filing deficiencies. Their strongest warning to firms concerned broker-dealers that “knew, suspected, or had reason to suspect” improper sales of unregistered securities, pump and dump schemes, or market manipulation of low-priced securities and had failed to act on this knowledge. As to the latter, staff observed failures to follow up on red flag patterns around the high-risk activity. Among those low-priced securities failures were previously flagged patterns that should have raised concern, including: deposit, liquidation and withdrawal of proceeds from the sale of these securities; sales of large amounts of low-priced securities of multiple issuers by customers; trading in the stock of shell companies; and trading in stock after warnings issued by over-the-counter stock quotation systems. Finally, EXAM staff observed inaccurate or boilerplate information contained in SAR filings that lacked sufficient detail on the suspect activity.
It is no surprise that FinCEN and the SEC want firms to tighten their AML policies and procedures and to improve compliance. AML frameworks increasingly depend on more effective and efficient processes and a steady flow of quality SAR filings. The scope and detail of the questions presented by the ANPRM suggests a significant uptick in anticipated regulatory requirements (and cost), but the ANPRM is merely the beginning of a process toward a more complete regulatory regime.
In a broader context, the SEC EXAMS risk alert serves as a reminder that functional regulators are watching and expecting firms to be constantly improving their vigilance and controls. The attention to AML compliance by functional regulators is in alignment with FinCEN’s efforts. Edward Longridge, practice leader for Bates AML and Financial Crimes, notes that “The SEC’s focus on program compliance and the adequacy of SAR filings confirms that regulator’s expectations are increasing—particularly around red flag activity that has been the subject of prior investor alerts. The compliance picture is getting clearer: an expanding framework and increased expectations.” Bates will keep tracking developments.
How Bates Helps
Bates AML and Financial Crimes helps its clients meet their AML obligations through experience, resources, and ongoing guidance. Our services are tailored to the specific needs and requirements of our clients and that regulators are seeking, including in the areas of AML tuning and optimization, implementation of new systems, trade finance, and AI-driven process automation solutions, AML and sanctions system model validations; governance and oversight processes; redesign and updates to AML policies and procedures; AML and sanctions risk and gap assessments; regulatory response support; and staffing support for AML backlogs and lookbacks. For more information, please contact:
Bates Compliance delivers guidance and tailored compliance consulting solutions to our broker-dealer, investment adviser and hybrid firm clients on an as-needed or ongoing basis. Our team—made up of experienced senior compliance, legal and former regulatory professionals—drafts and tests policies, procedures, and supervisory and compliance processes, recommending and implementing changes based on leading practices to enhance compliance and supervisory systems and to remediate regulatory, litigation and internal audit findings. For more information, please contact:
FINRA Roundup: New Broker Misconduct Rules, Regulatory Obligations During Market Volatility, Arbitration Updates, and Beware! Phishing Scams
For member firms tracking financial regulatory developments, recent FINRA updates address matters that have long been on the agenda, with some added topical twists. Most significant is the self-regulator’s adoption of a set of rules addressing brokers with a significant history of misconduct (see prior Bates coverage). This set of adopted rule amendments is the culmination of a number of notices and significant industry deliberation over several years. In combination, the adopted rules strengthen the tools necessary to confront bad actors and the firms that hire them.
Another highlight is in the form of a notice reminding member firms and their representatives of their regulatory obligations during volatile market conditions. While the FINRA notice is significant generally, given market volatility during the pandemic, the warning to investors of the risk of “rapid and severe losses, particularly when such securities may have been purchased using margin or sold short,” clearly refers to concerns raised by recent social media-driven runups in stock prices and trading. The notice focuses on recommendations to firms to (i) ensure proper order handling, (ii) maintain adequate margin and (iii) minimize liquidity risk.
Other updates this month include: the pending end (on July 2, 2021*) of the virus-related postponement of in-person dispute resolution hearings, arbitration code changes on fees and honoraria, and an alert to be wary of the use of a fraudulent domain name—“finra-online.com”—which is currently being used in phishing schemes. Here’s a closer look.
More Rules to Reign In Bad Actors
On March 10, 2021, FINRA adopted new rules to protect investors from brokers with a significant history of misconduct. The new rules are the latest in a longstanding effort by FINRA to address the oversight of member firms’ supervision of high-risk brokers. The notice cites previous aspects of this FINRA initiative, which resulted in published guidance on tailored and heightened supervision, revisions of sanctions guidelines, higher fees for statutory disqualification applications, and more liberal permissions to consider past misconduct on application waivers, among others.
The rule amendments broaden the authority to discipline associated persons and impose stricter supervision on firms, and they mandate greater disclosure in various proceedings. Specifically, the new rules: (i) allow a hearing officer to impose “conditions or restrictions” on the activities of an associated person and to require heightened supervisory procedures during an appeal to the National Adjudicatory Council; (ii) mandate disclosure when a firm is subject to the Taping Rule ("Tape Recording of Registered Persons”) through FINRA’s BrokerCheck system; (iii) require firms to adopt heightened supervisory procedures for statutorily disqualified brokers during an eligibility review; and (iv) require firms to submit a written request for a materiality consultation and approval through FINRA’s Department of Member Regulation before hiring any person who has “final criminal matters” or two “specified risk events” during the previous five years when they are seeking to become an owner, control person, principal, or registered person of the firm.
The disciplinary rule amendments go into effect April 15, 2021. The disclosure (in BrokerCheck) amendments are effective on May 1, 2021. The eligibility rule changes go into effect on June 1, 2021, and the application and registration changes are effective September 1, 2021.
Market Volatility and FINRA Member Obligations
On March 18, 2021, FINRA issued guidance on member obligations during periods of market stress. The review highlighted a broker’s duty of best execution—engaging in “reasonable diligence” to ensure that pricing to “the customer is as favorable as possible under prevailing market conditions.” FINRA emphasized that this obligation requires an ongoing “ability to handle customer orders fairly, consistently, and reasonably at all times.” FINRA also emphasized the necessity for proper disclosures, compliance with margin requirements when prices are volatile, and for firms to have “strong funding and liquidity management practices during adverse periods.”
FINRA suggested a review of these policies and procedures in light of members’ obligations on “fair dealing” during periods of high volume and volatility, including on: (i) order handling processes to ensure best execution and to avoid "excessive or unwarranted activation of modified order handling procedures;" (ii) margining procedures to “prevent a firm from becoming overextended from lending in support of customer trades, (e.g. firms should consider "house maintenance margin requirements" with attention to concentrated positions in a single customer account, daily trading volumes and market capitalizations); and (iii) liquidity management processes to maintain continued customer access to the markets. (FINRA recommended reviewing regulatory notices here and here on certain liquidity management best practices under “stressed environments.”)
FINRA also underscored that the fair dealing principle should guide a firm’s disclosure policy. In times of stress, this would include disclosing the nature of the risk, (i.e. that “extreme price volatility and trading volume of certain stocks has the potential to expose firms and investors to rapid and severe losses, particularly when such securities may have been purchased using margin or sold short”). FINRA cited additional SEC guidance on the use of stop orders which highlighted certain types of disclosures on, for example, delays or access.
Finally, FINRA noted that it will continue to survey and examine compliance with these obligations.
Dispute Resolution Updates
Notable mentions on FINRA dispute resolution matters:
In-Person Hearings: The coronavirus-related administrative policy postponement of in-person arbitration and mediation dispute resolution hearings is scheduled to end on July 2, 2021*. FINRA’s Dispute Resolution Services continues to monitor local public health conditions at in-person hearing locations.
Hearing Fees and Honoraria: FINRA amended the Code of Arbitration Procedure for Customer and Industry Disputes (“Codes”), increasing and in some cases creating honoraria for chairing and participating in hearings and pre-hearings. The increase in cost will be offset by “minimal” increases in member surcharge fees, certain filing fees, certain process fees, and hearing session fees. The effective date is April 19, 2021.
FINRA Phishing Alert
On March 4, 2021, FINRA issued a special alert notifying firms of an ongoing email phishing campaign using the domain @finra-online.com, with a subject line: “ATTN: FINRA COMPLIANCE AUDIT.” FINRA stated that the email asks the recipient to open a link related to “regulatory non-compliance.” FINRA instructs members to notify appropriate members of the firm in the event they receive an email from that fake domain.
Recent FINRA activity demonstrates the continuous set of demands on the organization to maintain progress on ongoing initiatives (addressing broker misconduct); keep up with market events (risks associated with social media-driven trading,) and continue providing services (arbitration and dispute resolution) during unprecedented conditions (the pandemic). Bates will continue to monitor developments.
*This article was updated on April 8, 2021, to reflect FINRA’s new arbitration and mediation postponement date of July 2, 2021.
For FINRA arbitration and litigation matters, please see:
Regulatory Concerns Grow as Market for SPACs Heats Up
On March 10, 2020, the SEC’s Office of Investor Education and Advocacy ("OIEA") cautioned investors not to make investment decisions related to Special Purpose Acquisition Companies (“SPACs”) on the basis of endorsements by celebrities. That alert came out only three months after the OIEA issued a bulletin in which SEC staff reviewed the complexities and key concepts underlying SPACs and the SEC Division of Corporation Finance (“DCF”) issued its own disclosure guidance on the investment mechanism. Recently, FINRA weighed in on emerging anti-money laundering risks associated with SPACs. In its 2021 Examination Report, FINRA expressed concerns about firms having adequate supervisory policies and performing the kind of independent due diligence necessary to address the risks inherent in this type of investment. These efforts indicate that the regulators are paying close attention to the increasing—some say frenzied—popularity of SPAC investments during the current market volatility. Here’s a closer look.
SPACs: The Other IPO
Dubbed “the poor man’s private equity funds,” SPACs have been said to “give ordinary investors a way to participate in the purchase of a hot company before it goes public.” The DCF defines a SPAC as “a company with no operations, that offers securities for cash, and places substantially all the offering proceeds into a trust or escrow account for future use in the acquisition of one or more private operating companies.” The purpose of the creation of the shell company, often referred to as a “blank check company” and funded through an initial public offering (“IPO”), is to find private companies to acquire and then, after acquisition or merger, operate the combination as a public company.
Unlike a traditional IPO, which is a potential stage in the development of a business that seeks to raise capital in the public markets, a SPAC “does not have an underlying operating business and does not have assets other than cash and limited investments, including the proceeds from the IPO.” According to the OIEA, issues arise for potential investors at two key stages: at the early and IPO stage of the SPAC and at the business combination stage.
At the IPO stage, issues arise from the fact that there is no underlying business—only a management team often including some of the sponsors that formed the SPAC—upon which to form an investment decision. The IPO prospectus may or may not even include the type of industry or business that the shell company will target for acquisition. For these and other reasons, the SEC warned that retail investors should never “invest in a SPAC just because someone famous sponsors or invests in it or says it is a good investment.” This is not an idle suggestion: with celebrities like Alex Rodriguez, Shaquille O'Neal, Colin Kaepernick, Jay-Z and Serena Williams each creating SPACs, the concern about retail investors following blindly is real.
At the business combination stage of a SPAC, there are several regulatory concerns that might arise, mostly as to conflict-of-interest considerations around target company evaluations, deal structure, sponsor affiliations, additional financing, and compensation. The SEC has expressed several specific disclosure concerns to ensure that investors fully understand their rights under SPACs, for example, the SEC wants investors to fully understand the consequences of SPACs that fail to complete an acquisition within the time frame established by the sponsors. (If the SPAC fails to complete the business combination as stipulated within the IPO period, the shareholders are entitled to a pro rata share of the amount in the trust instrument.)
Further, the DCF highlights that “although most of the SPAC’s capital has been provided by IPO investors, the sponsors and potentially other initial investors will benefit more than [public] investors from the SPAC’s completion of an initial business combination and may have an incentive to complete a transaction on terms that may be less favorable to [the public investor].” An example of an area where the sponsor’s interests and the retail investor's interest may diverge include those related to additional financings that may have different rights than those of retail investor’s investments. Such financings may further dilute interests in the combined company, negatively impacting public investors.
The obligations for firms under FINRA rules center on whether the SPAC is suitable for certain investors and that marketing materials “provide an accurate and balanced description of SPACs” including risks associated with the investments. In its 2021 Exam Report, FINRA reaffirmed much of the SEC’s (and its own) prior guidance warning about (i) “misrepresentations and omissions in offering documents;” (ii) shareholder communications on SPAC acquisition targets; (iii) transaction fees; (iv) affiliate compensation; (v) control of funds; and (vi) the potential for insider trading. FINRA urged firms who are involved at the early stages of a SPAC to ensure that any written supervisory procedures require “due diligence of SPACs’ sponsors, and procedures that address other potential fraud risks.” At a recent SIFMA program discussing FINRA’s priorities, FINRA representatives identified SPACs as an “emerging risk” and were particularly interested in the SPAC sponsor, ensuring that conflicts for underwriting fees and disclosures are made, including in the proxy.
Current Market for SPACs
The scale and pace of the SPAC trend is considerable. According to a January 2021 Wall Street Journal article, “nearly 300 SPACs are now seeking deals, armed with about $90 billion in cash.” The year over year numbers are impressive. On March 9, 2021, the Journal reported, “the 67 SPACs created this year have already raked in nearly $20 billion from investors… well above the total from all of 2019, which was a record before last year’s historic haul of $82 billion.”
As described in another March 2021 Journalarticle, “hedge funds that buy into SPACs early see them as a way to make lofty returns without much risk [since] individual investors are attracted by the chance to get positions in newly public companies that they could rarely purchase through traditional IPOs.” That describes both the allure in the market and the concern for regulators.
Market watchers see the pace as unsustainable at “an average of five new SPACs launched each business day,” with concerns that “there are now hundreds looking for companies to acquire,” many in the same sector." The pressure to find and close a business combination before being required to return the capital to shareholders is increasing and “inflating deal values.” SPACs that cannot get the deal done may actually cost shareholders part of their initial investment. The speed and size of the frenzy, and these added pressures have sparked a market response. SPAC boom skeptics—sellers betting against shares of SPACs—have “more than tripled to about $2.7 billion from $724 million at the start of the year.”
The things that make SPACs so popular with small companies looking to raise money in the market today are the same things that make them so worrisome for regulators. Current market volatility is encouraging companies who were contemplating traditional IPOs to take the SPAC route. SPAC acquisitions are quicker to close than the registration process for traditional IPOs, and SPACs provide more certainty around a capital infusion (given that target companies can negotiate a fixed valuation with a sponsor). All this means that due diligence for a SPAC is not as demanding as for a conventional IPO. When market participants are making strategic business choices based on which option is less costly and burdensome, regulators become interested. Increased scrutiny over compliance follows. Bates will continue to keep you apprised.
For more information concerning Bates Group's Practices and services, please visit:
SEC 2021 Exam Priorities: Climate Change, Reg BI, Disclosures and Information Security Top the List
In his leadership message accompanying this year’s priority list from the renamed Division of Examinations (“the Division”), SEC Director Peter Driscoll covered a great deal of territory over 14 pages. Together with his Deputy Directors Daniel Kahl (Chief Counsel) and Kristin Snyder (National Investment Adviser/Investment Company Director), they highlighted the extraordinary growth of the Examination workforce (to over 1,000 employees across 11 regional offices) and the increased responsibilities of the Division since the inception of the Office of Compliance Inspections and Examinations (“OCIE”) 25 years ago.
The Directors described the regulatory and operational challenges of delivering financial services during the pandemic, the issuance of alerts on pandemic and emergent risks (including on cybersecurity), and the roll out of Regulation Best Interest (“Reg BI”) and the Customer Relationship Summary Form (“Form CRS”).
The Directors reported a series of data points to convey the success of their efforts during an operationally challenging 2020. The metrics are revealing. The Division completed 2,952 examinations (a slight decrease from the prior pre-pandemic year); the Division’s Investment Adviser/Investment (“RIA”) Company Program examined 15% of registered investment advisers (a market in which the number of RIAs and amount of assets under management increased substantially.) They noted that this growth trend would lead to the increased oversight risk of “diminished coverage, quality, and effectiveness” absent further support. The leaders also noted that the Broker-Dealer and Exchange ("BDX") Program completed over 330 examinations of broker dealers, more than 110 examinations of national securities exchanges, and over 90 examinations of municipal advisors and transfer agents.
Among other metrics, the Directors said that the Division issued more than 2,000 deficiency letters, verified (for the purpose of fighting fraud) over 4.8 million investor accounts totaling over $3.4 trillion (a vast increase over the prior year), and concluded examinations that have returned more than $32 million to investors.
These data points are intended to convey that, despite extraordinary challenges, the Division maintained its ambitious agenda to review firm compliance programs. The broader takeaway message from the Directors is that firms should be striving to build a compliance culture and to empower Chief Compliance Officers with sufficient seniority and authority to ensure the adequacy of firm frameworks and evolving and emerging risks.
This Year’s Priorities
The purpose of the annual report is to communicate Division-identified risks, trends and exam priorities to improve compliance for the ultimate protection of investors. The Division reemphasized vigilance on most of the prior years’ priorities. They covered these matters in broad categories, including protection of retail investors, financial technology and information security, anti-money laundering and market infrastructure, and there was repeated overlap from category to category.
As can be seen in Bates’ 2021 Exam Priorities Comparison Chart below, the Division added new emphasis on informational security and operational resiliency, and on “other initiatives.” That “other” category is not insignificant. It covers everything from the 2021 LIBOR transition to an increased focus on RIA compliance, broker-dealer trading practices, broker-dealer financial responsibility, and mutual and exchange traded funds (“ETFs”). Moreover, scattered throughout the priorities report was the impact of climate change.
Protecting Retail Investors and Investors Saving for Retirement
The two largest programs run by the Division, Investment Adviser/Investment Company ("IA/IC") and BDX, focus on the protection of retail investors and retirement savers. The Division states that this year’s emphasis will be on sales related to mutual funds and exchange-traded products, municipal securities and other fixed income products, and microcap securities, but the exams will be in the context of compliance with Reg BI, last year’s top priority.
For broker dealers, the Division says it will conduct “enhanced testing” on various Reg BI-related policies and procedures on rollover recommendations, complex product recommendations, cost assessments, sales-based fees, and conflicts of interest.
For RIAs, the Division said it will review whether they are adequately assessing whether RIAs are meeting their fiduciary duties of care and loyalty. Examinations for RIAs will revolve around the risks associated with “fees and expenses, complex products, best execution, and undisclosed or inadequately disclosed, compensation arrangements.” The Division noted that extra attention will be paid to the use of “turnkey asset management platforms” that provide technology, investment research, portfolio management and other outsourcing services. As to fees, the Division will look to ensure that revenue sharing arrangements are adequately disclosed. For both RIAs and broker dealers, expect continued examination on the adequacy of both the content and the filing requirements for Form CRS.
Climate Change an Emergent Priority
This year, the Division noted the emergent risks associated with climate change. Leadership states that RIAs in particular are “increasingly offering investment strategies that focus on sustainability.” Financial products referred to as socially responsible, “ESG-conscious” or sustainable are sold to investors as part of open-end funds and ETFs. The Division stated that it will continue to examine these products and strategies to determine the consistency and adequacy of their disclosures, the potential for false or misleading statements in advertising, and to “review proxy voting policies and procedures and votes to assess whether they align with the strategies.”
Financial Technology and Information Security
To say that the SEC is “concerned” with data loss and identity risk would be an understatement. The Division said it is “acutely focused on working with firms to identify and address information security risks, including cyber-attack-related risks,” and it will focus exams on those compliance framework elements that concern “endpoint security, data loss, remote access, use of third-party communication systems, and vendor management.” Firms should prepare for an intense review of policies and procedures intended to protect customer accounts, prevent outside “intrusions,” ensure verification of customer identity, prevent unauthorized account access, supervise vendors, prevent phishing, respond to ransomware incidents, and handle risk associated with remote work conditions.
Examination subjects will include, among others, mobile customer information access, personal information and record data cloud storage, and business continuity and recovery planning. Notably, the Division said it will “shift its focus” on business continuity and recovery plans to deal with the physical and financial risks associated with climate change. The only guidance given on this focus is that it will be “similar to the post-Hurricane Sandy work of the Division and other regulators,” and that the Division will be engaged in the incremental “maturation and improvements to these plans over the intervening years.”
Also noteworthy are two evolving trends. First is the growing use of “alternative data” by firms for business and investment decision-making processes. The Division said it will examine use of this “non-traditional” data to determine whether firms have appropriate controls over the information. The second item relates to adequate review of digital asset, or assets based on distributed ledger technology. The Division said it will conduct examinations to review compliance with Reg BI obligations, management and trading practices, client fund safety, prices, the safety of client assets, the effectiveness of firm controls, and the supervision of outside business activities.
Much remains unsaid in the Division’s report about the increased expectations for compliance with the new 2020 Anti-Money Laundering Act and its anticipated implementing requirements. (See Bates’ White Paper on the expanding AML compliance framework). In the 2021 priorities report, the Division reiterated its previous examination priority for broker-dealers and registered investment companies to review firm compliance practices and procedures to assess: (i) the adequacy of customer identification programs, (ii) SARs filing performance, and (iii) whether firms are conducting appropriate customer due diligence, beneficial ownership review, and adequate testing of their programs. These exams are also meant to ensure that firm policies are appropriately tailored to the characteristics of the firm and the products and services sold to their clients.
The Division said that in 2021 it will continue to perform its statutory responsibilities to examine clearing agencies—and other entities exempt from registration—and will review core risks, processes, and controls and assess financial and operational risk. The Division also stated it will examine the national securities exchanges to monitor, investigate, and enforce member and listed company compliance with exchange rules and the federal securities laws. Further, the Division said it continues to examine self-regulating organizations (such as the Financial Industry Regulatory Authority and the Municipal Securities Rulemaking Board), plan processors, and alternative trading systems of a certain size in order “to establish, maintain, and enforce written policies and procedures designed to ensure that their systems’ capacity, integrity, resiliency, availability, and security is adequate to maintain their operational capability and promote the maintenance of fair and orderly markets.” These examinations will focus on governance, technology asset management, cyber threat management, incident response, business continuity planning, and third-party vendor management. Finally, the Division said it will examine transfer agents’ recordkeeping and record retention, the safeguarding of funds and securities and the timeliness of its operations.
LIBOR: The Division explained that it will “engage with registrants” to make sure they have reviewed their exposures as a result of the discontinuance of LIBOR and have made preparations for any transition to an alternative reference rate on their customers and their own behalf.
RIA Programs: The Division stated that it will prioritize exams of firms that have not previously been examined to ensure that their compliance programs “have been appropriately adapted in light of any substantial growth or change in their business models.”
Funds: In its 2021 exams, the Division said it will prioritize valuations and their impact on fund performance, liquidity and risk-related disclosures. In particular, the Division stated it is interested in markets affected by the pandemic (energy, real estate) and products affected by the pandemic (corporate and municipal loans), focusing on the adequacy of the disclosures. The Division said it will be particularly alert to mutual fund liquidity risk management programs, given recent market stress. As to private funds, examiners will review for preferential treatment given by advisers to certain investors and for funds that have a higher concentration of structured products (such as collateralized loan obligations and mortgage-backed securities) in order to assess the risks and the adequacy of the disclosure to investors of these complex products.
The mention of the new Event and Emerging Risks Examination team in the Directors’ letter reinforces the message of this year’s priority report: the SEC expects firms to be developing a compliance framework flexible enough to handle long-standing but evolving risk, and to be able to adjust to anticipated and potential future risk. Consequently, this year’s review appears less about communicating a specific set of priorities than it is about conveying the broader perspective necessary for supervisors to maintain ongoing compliance responsibilities while expanding compliance frameworks and addressing substantial and anticipated risk (e.g. LIBOR, climate change).
Bates Research, Compliance and Regulatory Alerts | 03-03-21
SEC Division of Examinations Announces 2021 Examination Priorities
The Securities and Exchange Commission’s Division of Examinations announced its 2021 examination priorities today, focusing on climate-related risks, conflicts of interest for brokers (Regulation Best Interest) and investment advisers (fiduciary duty), and attendant risks relating to FinTech in its initiatives and examinations. The Division publishes its examination priorities annually to provide insights into its risk-based approach, including the areas it believes present potential risks to investors and the integrity of the U.S. capital markets. You can read the press release here.
Stay tuned for our annual commentary, coming soon, on the SEC's 2021 priorities and how they may impact your legal, regulatory and compliance matters.
Bates continues to track regulatory developments that have long-term impact. Here, we highlight in brief several ongoing matters that affect regulatory compliance.
FINRA Small Broker Annual Report Filing Extension
On February 18, 2021, the SEC ordered that certain smaller broker-dealers be given an additional thirty days to file their required annual reports. To qualify, these FINRA-selected smaller broker-dealers must, among other things, be in compliance with their net capital requirements as of the fiscal year end, have capital and allowable liabilities under $50 million, send a written extension notice to FINRA, and electronically file the report with the SEC. The relief is effective immediately.
DOL Class Exemption
On February 16, 2021, a Department of Labor class exemption went into effect. As Bates described previously, the exemption allows investment advice fiduciaries to receive compensation, “including as a result of advice to roll over assets from a Plan to an IRA,” and to engage in other principal transactions that would have been prohibited under ERISA and the Code. For a DOL fact sheet on the key provisions for the exemption, see here.
Lessons from COVID-19 Pandemic
On February 16, 2021, the comment period closed for FINRA’s recent request for firms to weigh in on lessons learned from “stakeholders’ experiences during the pandemic.” FINRA had requested member opinions on the impact to firms’ operations, business models and business continuity planning. The initiative is important as FINRA contemplates potential permanent changes to its rules, operations and administrative processes. (See here for a comprehensive look at guidance, updates and other information provided to financial institutions that may be affected.)
FINRA Rule on Registered Member Being Named a Customer Beneficiary
On February 15, 2021, new FINRA obligations limiting a registered person from being named a customer’s beneficiary or holding a position of trust for or on behalf of a customer went into effect. FINRA Rule 3241 is intended to protect investors by requiring all firms to “affirmatively address” circumstances where an associated person is “named a beneficiary, executor or trustee, or to have a power of attorney or similar position of trust for or on behalf of a customer.” The rule requires the member firm to review and approve or disapprove the registered person who seeks to assume such a status or act in such a capacity. The rule does not apply where the customer is a member of the registered person’s “immediate family.” (See also, Bates article here.)
New York Investment Adviser Registration
On February 1, 2021, new New York State regulations governing registration and examination requirements for registered investment advisers went into effect. The rule allows current investment advisers who are covered by the new regulations to continue without an approved registration until December 2, 2021, so long as certain criteria are met. The rules also create an examination waiver category for people who have been serving as investment advisers for at least two years.
NASAA Model Rule on Continuing Education for IARs
In late November 2020, NASAA adopted a model rule to ensure adviser representatives keep current on regulatory requirements and best practices. Investment advisor representatives are not subject to a continuing education requirement to maintain their licenses with state regulators. The model rule requires IARs to take 12 hours of continuing education annually. (See here for the latest FAQs and updates on the model rule.)
On January 15, 2021, NASAA stated that it approved a timeline and plan for the development of the program. That process includes working to standardize the criteria under which content providers, instructors and individual CE courses will be approved. NASAA stated that the criteria is expected to be “completed ... and available” by the end of the second quarter of 2021.
Bates Compliance provides tailored solutions for financial institutions and investment advisers. Our compliance team includes senior compliance staff and former regulators, with expertise in the development of policies, procedures, supervisory and compliance processes, including in state and federal registration, supervision and oversight, recordkeeping and disclosure.
For NY Investment Advisor registration support and questions about identifying those affected investment advisers required to file Form U-4 and/or required to register with New York, call Bates today:
Seeking Growth and a Sound Market, NYDFS Unveils New Cyber Insurance Risk Framework; FINRA and NASAA Heighten Cyber Focus
In alerts, guidance and notices over the past year, federal enforcement agencies and financial regulators have been warning of increased cyber risks to public and private databases, financial institution infrastructure and retail investors. The government warnings highlight both general red flags and specific examples of malign actors who have successfully penetrated technology systems to steal or abuse protected information. The most recent high profile attack, the SolarWinds mega-hack, affected over 18,000 public and private sector companies and might have compromised thousands of organizations, including ten departments of the United States government and global corporations including Microsoft, Cisco, Intel and Belkin.
The pandemic has accelerated opportunities for a variety of less sensational, though equally costly and damaging cyber-attacks and cyber fraud. As financial institutions (with the encouragement of financial regulators) embrace new fintech solutions while shifting more permanently to remote online work, the pressure to ramp up cybersecurity efforts continues to grow.
On February 4, 2021, New York’s influential Department of Financial Services (“NYDFS”) addressed the growing market for cyber insurance, a special category of insurance meant to cover businesses and individuals from information technology and other risk. In an Insurance Circular Letter, the NYDFS noted that the market for cyber insurance is estimated to be over $20 billion in 2025 (up from $3.15 billion in 2019), numbers NYDFS believes are actually understated. Here, we take a closer look at the NYDFS’ Cyber Insurance Risk Framework and note recent communications on cybersecurity federal and state regulators.
Measuring the Risk
NYDFS states that its goal is to “facilitate the continued growth of a sustainable and sound cyber insurance market” to improve cybersecurity, generally, and effectively price risk. Given the rising level of cyber risk, particularly from ransomware attacks—DFS cited loss estimates of $20 billion in 2020—cyber insurance premiums are likely to rise. (See Bates’ posts on the increasing threat of ransomware here and here).
According to NYDFS, the current cyber insurance market is in need of a consistent framework to encourage insurers to “develop a rigorous and data driven approach to cyber risk,” and which, as a result, would create incentives for firms to improve their own policies and practices. The framework includes (i) constantly improving methodologies for effective measurement, (ii) properly accounting for “systemic risk” that results from an incident that may cause claims by multiple insureds simultaneously, and (iii) anticipating losses from “non-affirmative” or “silent’ risk, as to exposures in property casualty policies that do not explicitly cover cyber risk.
The NYDFS Framework
The NYDFS framework is a compendium of best practices and applies to property/casualty insurers that write cyber insurance. NYDFS expects the insurer’s risk to be proportionate to its “size, resources, geographic distribution, market share and industries insured.” Primarily, the recommendation is for cyber insurers to develop a “formal risk strategy” that would include six components:
First, cyber insurers should manage or eliminate exposure to “silent cyber risk;” this requires a thorough review of all policies to determine exposure and then choosing to explicitly provide or exclude coverage under them. Until that is done, NYDFS says that insurers should purchase reinsurance to cover potential loss.
Second, cyber insurers should review for systemic risk (for example, as to third party vendors who provide cloud services) prepare (through stress testing) for potential losses in the event of a cyber event that “may cause simultaneous losses to many of insureds.”
Third, cyber insurers should have or develop assessment tools to accurately measure the risk to be covered. This includes collating detailed information that can be used to assess “potential gaps and vulnerabilities in the insured’s cybersecurity.” The information should then be analyzed against past claims data to identify gaps.
Fourth, cyber insurers should price policies based on “the effectiveness of each insured’s cybersecurity program.” NYDFS said the intention with this component is to create an incentive for insureds to improve their programs, and for insurers to educate both their insureds and their insurance producers.
Fifth, cyber insurers should develop or hire experts who can properly evaluate cyber risk and should implement training and development programs to maintain a high level of expertise.
Sixth, cyber insurers should require in their policies that any claimant/victim notify law enforcement of a cyber incident. Among other goals, NYDFS wants to develop a system whereby insureds provide information to law enforcement for prosecution and cybercrime deterrence.
Regulatory CyberSecurity Reminders
As noted in Bates’ recent post on FINRA’s 2021 examination priorities, cybersecurity, particularly as it relates to the protection of customer records and information, remains a high priority. In its report, FINRA reminded members that their cybersecurity program must address new and existing risk of cyber-enabled fraud and crime. In prior exams, FINRA observed firm data breaches, systemwide outages, email takeovers, wire fraud, imposter websites and ransomware. FINRA also found encryption failures concerning confidential non-public data, branch office cybersecurity failures, control failures concerning employee access and vendor access, and, in general, failures to provide adequate training on cybersecurity. FINRA made it clear that it will review cybersecurity programs to ensure they are reasonably designed and tailored to the firm’s risk profile, business model and scale of operations.
Recently, NASAA weighed in on the SolarWinds cybersecurity incident, reminding firms to “report any known issues or concerns” to their primary securities regulator. NASAA said its intent was to raise awareness among state registrants and to provide information and resources to help those affected to recover quickly and protect their clients and colleagues. In addition, NASAA published an advisory for investors highlighting basic methods to protect online accounts.
Major cyber incidents, particularly ones involving state actors or those affecting hundreds of organizations, often push cybersecurity to front and center on the agendas of government and financial firms. The NYDFS framework for cyber insurance reminds us that there are many tools—some still relatively early in development—to use in the broader effort to confront cyber risk. Bates will continue to keep you apprised.
How Will FINRA’s New Report on Examination and Priorities Impact Your Firm in 2021?
In a new publication combining its annual report on observations and exam findings with its report on risk monitoring and program priorities, FINRA is offering a “single authoritative source” for members to turn to for the purposes of adapting their compliance programs and preparing for “emerging issues for the coming year.”
In the new comprehensive 2021 Report on FINRA’s Examination and Risk Monitoring Program, FINRA identifies eighteen regulatory areas for member consideration that cover the gamut of compliance obligations. For each area, FINRA highlights the applicable rule, provides a summary of recent exam findings and key compliance practices, and shares additional resources. The regulatory areas are organized under four categories: firm operations, communications and sales, market integrity and financial management. The report did not cover how firms transitioned and supervised their operations during the pandemic, a subject covered under a FINRA Special Alert from May 2020. (A separate report is forthcoming.)
Headlining the new report is a set of priorities that have been the subject of considerable review and change over the past year. In this article we take a look at the highlights from the report and provide our updated annual Bates chart (below) which keeps track of FINRA’s articulated priorities from year-to-year.
Top FINRA Exam Priorities for 2021
See highlights of FINRA’s continuing and emerging concerns on our 2021 FINRA chart below, which keeps track of articulated priorities from year to year.
In its 2021 report, FINRA selected those priorities “that impact compliance programs across a large population of member firms.” These include Regulation Best Interest (“Reg BI”), cybersecurity, Anti-Money Laundering (“AML”) and communications with the public.
Reg BIcontinues to top the priorities list. Consistent with numerous efforts to embed the new regulation within the compliance culture of its member firms, FINRA emphasized that going forward, it intends to “expand the scope of our Reg BI and Form CRS reviews and testing to effect a more comprehensive review of firm processes, practices and conduct.” The expanded scope is evident in numerous “related considerations” questions cited in the report. The SRO further cautions that it will take enforcement action when it observes conduct that (i) may cause customer harm, (ii) would have violated suitability standards or (iii) disregards the new requirements.
Cybersecurity, particularly as it relates to the protection of customer records and information, remains a high priority. FINRA reminded members that a cybersecurity program must address new and existing risk of cyber-enabled fraud and crime. Recent observations included data breaches, systemwide outages, email takeovers, wire fraud, imposter websites and ransomware. FINRA intends to review cybersecurity programs to ensure they are reasonably designed and tailored to the firm’s risk profile, business model and scale of operations and for compliance with business continuity plan requirements.
Anti-Money Laundering remains a top priority (though it was not included in the Report’s selected listing.) The report covers FINRA rules that require members to develop and implement a program reasonably designed to comply with the requirements of the Bank Secrecy Act (“BSA”) and FinCEN’s Customer Due Diligence rule. The report identified numerous deficiencies of firm AML policy and procedure found during examinations, including inadequate AML transaction monitoring, failures in suspicious activity reporting, insufficient testing, inadequate frameworks for cash management, gaps in data included in monitoring, and concerns about high-risk trading by foreign accounts.Given the significant changes to the BSA enacted into law in December 2020, one can expect significant updates to FINRA’s guidance for member firms.
Communications with the public is an area which appears to have taken on a higher priority. FINRA rules on communications are broad, covering correspondence, retail communications and institutional communications. The rules set “principles-based content standards” that apply to new technologies and practices. FINRA intends to review firm communications as to new and complex products, supervision, recordkeeping, and the use of new marketing technologies (like app-based platforms), as well as firm-disseminated information directed at senior or vulnerable investors. FINRA also notes several areas within the category for additional consideration, including firm policy and procedure around digital communications channels, digital asset communications and communications around cash management accounts.
Additional Highlighted Priorities
FINRA also highlighted several long-standing priorities, reminding firms that it will continue to review compliance with the rules on, for example, variable annuities, best execution and Consolidated Audit Trail requirements.
With respect to variable annuities, FINRA stated that it will evaluate member responsibilities to exchanges under FINRA rules and under Reg BI. FINRA noted that it is particularly concerned with the consequences of insurers’ actions concerning these financial products, including the termination of service agreements, trail commissions and potential buyout offers to variable annuity customers.
As to best execution, FINRA advised that it continues to review for “potential conflicts of interest in order-routing decisions, appropriate policies and procedures for different order and security types, and the sufficiency of member firms’ reviews of execution quality,” while being particularly concerned with “zero commission trading”—a subject highlighted in a separate examination letter in February 2020. FINRA advised firms to use exception and surveillance reports, to conduct reviews of order routing and other processes on a more frequent basis, and to continually update written supervisory procedures to address market changes.
FINRA also reminded firms of their supervisory responsibilities and the steps they should be considering when developing and implementing compliance programs under the consolidated audit trail compliance rule (“CAT”). How vigorous the enforcement will be on CAT compliance is still an open question given this early stage.
Not Separated: Supervision, Seniors
Finally, FINRA acknowledged that it does not address supervisory deficiencies or practices as a separate supervision topic, but rather incorporates them as part of the 18 designated subject matter areas. Similarly, it noted that protecting seniors or vulnerable investors is not separated out, but is incorporated into communications, product recommendation or sales practice conduct by subject matter.
In an Appendix, FINRA reaffirmed how it expects members to use the information contained in the report and similar documents. FINRA encourages firms to undertake a comprehensive review of the findings, observations and recommendations, and to identify those areas that are applicable to their businesses. It expects that firms incorporate the highlighted topics in their overall risk assessments and compliance program review. FINRA recommends firms undertake a gap analysis “to evaluate how their compliance programs and written supervisory procedures address the questions” raised in the report to help avoid a similar finding against the firm in the future.
Based on these measures, FINRA recommends the creation of project teams and workstreams to act on the findings, ensure that compliance groups are appropriately informed, ensure that business leadership are appropriately engaged, and prepare staff guidance and training.
These are serious expectations, and firms are well advised to follow through.
Contact us to discuss how we can assist with your FINRA compliance:
Bates Research, Compliance and Regulatory Alerts | 02-04-21
New Update from Bates Compliance: Broker-Dealer Branch Office Compliance White Paper
In May 2019, Bates Compliance published a review of the supervision, inspection and operational considerations for broker-dealer branch office compliance. In that paper, Bates described the core obligations on supervisors of broker-dealer branches taking into account FINRA's announced examination priorities as well as its guidance on strengthening cybersecurity controls.
Since then, FINRA has broadened those priorities to include compliance inspections on the new conduct standards obligations (Regulation Best Interest) and has continued to emphasize the importance of adopting a risk-based approach in firm compliance frameworks. The COVID-19 pandemic has heightened these risks, drawing significant attention to the future of supervision and practice over remote offices in general.
This updated white paper discusses the responsibilities placed on the supervisors of broker-dealer branches in light of FINRA's broadened priorities and recently updated guidance on remote supervision.
Bates Research, Compliance and Regulatory Alerts | 02-02-21
FINRA Releases 2021 Report on FINRA’s Examination and Risk Monitoring Program
FINRA has announced the publication of the 2021 Report on FINRA's Examination and Risk Monitoring Program. The new Report combines and replaces two previously published annual reports, the Report on Examination Findings and Observations and the Risk Monitoring and Examination Program Priorities Letter. It addresses 18 regulatory areas organized into four categories: Firm Operations, Communications and Sales, Market Integrity and Financial Management, and will adapt the areas of focus for its Examinations and Risk Monitoring programs during 2021.
Stay tuned for our annual commentary, coming soon, on FINRA’s 2021 objectives and how they may impact your legal, regulatory and compliance matters.
Significant Changes to Anti-Money Laundering Framework Enacted into Law
After Congress overrode a presidential veto, the omnibus FY2021 National Defense Authorization Act (“NDAA”)—and with it the Anti-Money Laundering Act (“AMLA”)—became law on January 1, 2021. AMLA is the most significant update to the Bank Secrecy Act (“BSA”) rules since the USA PATRIOT Act in 2001. It incorporates substantial changes to the laws governing the combatting of money laundering and terrorist financing. In previous reports, Bates Group described various reform provisions contained in proposed legislation (including from the Illicit Cash Act and the Corporate Transparency Act). Consistent with those proposals, the AMLA extends the “risk-based principle” approach to regulation and enforcement. In this article, we highlight the key final provisions that will lead to many changes in industry rules and practices going forward.
AMLA – Key Concepts
The AMLA will have a broad impact on enforcement. Many of the concepts it contains are familiar to market participants and have been discussed and debated in many forums over the past two years. Key concepts retained in the final Act include: (i) the establishment of a non-public federal database accessible by federal and local law enforcement that will require shell companies to disclose their beneficial owners; (ii) enhancements to the AML whistleblower program; (iii) promotion of innovation and the development of modern tools to support enforcement, particularly concerning suspicious activity reports (“SARs”); (iv) the expansion of authority to cover virtual currency and art; (v) increases in penalties for AML violations; and (vi) the establishment and dissemination of national AML examinations and supervision priorities.
AMLA Establishes Beneficial Ownership Database
The intent behind the creation of the beneficial ownership database is to prevent malign actors from using shell corporations to hide their illicit activities. AMLA requires “reporting companies” to provide identifying information for “beneficial owners.” The definition of “beneficial owner” includes individuals who exercise “substantial control” of or have at least a 25% ownership interest in the company. (The term “substantial control” will be, presumably, defined in future FinCEN regulation and be in line with the requirements of the Customer Due Diligence (“CDD”) Rule.) For those entities required to report, the Act imposes significant civil and criminal penalties for individuals and companies that provide false information or fail to report in a timely way.
That said, the reporting of beneficial ownership is primarily directed at smaller businesses or shell entities. The Act excludes certain financial institutions, publicly-traded companies, non-profits, government entities, and other entities that have (i) a physical operating presence in the U.S., (ii) more than 20 employees, and (iii) sales or gross receipts in excess of $5 million. Notably, those financial institutions already covered by FinCEN’s CDD Rule are not required to report beneficial ownership under the AMLA.
The database will be maintained by FinCEN and will not be available to the public. It will be accessible through FinCEN for law enforcement purposes and also to financial institutions (with the reporting company’s consent.) This latter accessibility may become a significant benefit for financial institutions who may be able to use information from the database to satisfy their beneficial ownership obligations under the CDD Rule. Under the AMLA, FinCEN must issue implementing regulations on beneficial ownership within one year. Subject to several conditions, qualifying “reporting companies” have two years to provide their information to FinCEN.
AMLA Incentivizes Whistleblowers
The AMLA significantly boosts the current whistleblower program by incentivizing the reporting of violations. The new law removes the prior cap on such awards (up to $150,000) and offers up to 30% of all monetary sanctions recovered in a BSA enforcement action. AMLA also prevents retaliation or discrimination against employees who report violations and permits employees to sue their employers for a host of damages and for reinstatement.
AMLA Aims for Better Reports, More Sharing and Coordination
The AMLA requires FinCEN to consider numerous avenues to streamline the filing of SARs and other reports and to extract more law enforcement value from them. Specifically, Congress wanted FinCEN to consider: (i) expanding the use of technological processes for the filing of certain categories of non-complex SARs (e.g., on structured transactions and fund asset transfers); (ii) pushing out more information on threat patterns, typologies and other trends derived from SARs; (iii) encouraging innovation for financial institutions (in part, through the establishment of a public/private Subcommittee on Innovations and Technology); and (iv) assessing newly-required DOJ statistics, metrics, and other information on the use of SARs data. In addition, the Act requires FinCEN to review whether the reporting threshold amounts should be adjusted or indexed.
Further, Congress provided additional budgetary resources to hire FinCEN domestic liaisons, BSA “Innovation Officers” and “Information Security Officers,” six “Foreign Financial Intelligence Unit Liaisons.” The Act also creates a Treasury Financial Attaché Program for the purpose of increasing the communication and cooperation among enforcement and national security agencies, and it initiates a pilot program for sharing SARs data across international borders. This three-year pilot program is intended to allow financial institutions to share SARs with foreign branches, subsidiaries, and affiliates, for the “purpose of combating illicit finance risks.” The Innovation Officers will work to promote the use of new technologies like Artificial Intelligence to make AML programs more efficient. As a result, financial institutions can reallocate their resources to the higher-risk areas of their AML programs.
AMLA Expands Authorities to Cover Virtual Currency and Antiques
The AMLA expanded the definition of “financial institution” to cover modern forms of value that can be used in money laundering. Specifically, the AMLA redefined the term to include virtual currencies under the BSA. The Act also adds art and antiquities dealers, advisors and consultants to the BSA definition. Notably, Congress authorized a study (to be completed within a year) in anticipation of the difficult issues that will inevitably arise in an AML regulatory context.
AMLA Increases Penalties for BSA Violations
Among other penalty changes, individuals who have committed an “egregious violation” of the BSA are now barred from serving on the board of directors of a U.S. financial institution for 10 years; certain partners, directors, officers, or employees of financial institutions convicted of violating the BSA forfeit any bonuses paid during the calendar year the violation occurred; and repeat violators of BSA prohibitions are subject to additional civil monetary penalties, potentially as high as three times the profit gained (or loss avoided) by such person as a result of the violation.
AML Examination Priorities
The AMLA extends the “risk-based principle” approach to regulation and enforcement. Congress recognized that financial institutions will need to design and implement AML policies consistent with the Act and that the government has an interest in supporting those efforts. To provide critical guidance, the Act requires that the Treasury Department establish and publish National AML Priorities. Financial institutions will be required to include these priorities in their AML programs. It is anticipated that the priorities will be included in a financial institution’s BSA/AML risk assessment.
The passage of the AMLA is a singular achievement representing the largest enhancement to AML legislation since the USA PATRIOT Act and further aligns the U.S. with AML laws in other countries by incorporating Financial Action Task Force (“FATF”) recommendations. The expanding framework will require substantial attention to upcoming and related proposed rulemakings. Financial institutions will need to make significant changes to their AML programs by the future implementation dates. Bates will continue to monitor these developments.
How Bates Helps
Bates AML and Financial Crimes provides subject matter expertise on AML, financial crimes, and sanctions; provides services in design, configuration, testing, tuning and optimization of AML and sanctions systems; performs AML and sanctions system model validations; develops governance and oversight processes; redesign and updates to AML policies and procedures; conducts AML and sanctions risk assessments; AML and sanctions gap assessments and audits; trade finance solutions; regulatory response support; and staffing support for AML backlogs and lookbacks.
In 2020, Bates partnered with Complidata to combine leading financial crime industry expertise and Artificial Intelligence technology together in a joint approach to assist financial institutions with optimizing their anti-money laundering operations and compliance.
Bates Research, Compliance and Regulatory Alerts | 01-08-21
SEC Rewrites Rules on Investment Adviser Marketing
Just prior to the new year, the SEC finalized significant changes to rules and forms governing advertising and cash solicitations under the Investment Advisers Act (“IAA”). In the original proposal, introduced more than a year ago (see previous Bates coverage), the SEC sought comment on the first significant changes to investment adviser marketing rules in decades. On December 22, 2020, the Commission issued the new final rule, which replaces both the prior Advertising Rule and Cash Solicitation Rule with a single, broad, “modernized” marketing rule. The new rule also amends investment adviser registration Form ADV and the books and records rule to reflect the related changes. In an accompanying fact sheet, the SEC stated that the Division of Investment Management staff will withdraw previously issued guidance and no-action letters related to the advertising and cash solicitation rules, as those “no longer apply” under the new final rule. Here are some highlights.
Marketing Rule – Key Provisions
Key provisions of the new final marketing rule include the introduction of a definition of the term “advertisement,” prohibitions on numerous advertising practices, strict limitations on the use of testimonials and endorsements, required disclosures and criteria for the use of third-party ratings, and general prohibitions and conditions on the use of performance results or hypothetical performance information. New compliance requirements under corresponding amendments to Form ADV require advisers to provide additional information on their marketing practices to “help facilitate the Commission’s inspection and enforcement capabilities.”
Under the new rule, the definition of “advertisement” includes any direct or indirect communication by investment advisers offering new or additional services to prospective clients, existing clients or private fund investors. (Among a number of exclusions, one notable change from the original proposal is the exclusion of most one-on-one communications under this part of the definition.) The new advertisement definition also covers any compensated endorsement or testimonial provided either directly or indirectly. These two definitional “prongs” largely “capture” the communications covered by the precursor advertising and cash solicitation rules.
In general, the marketing rule prohibits practices that result in untrue or misleading statements of material fact. Specifically, these practices include communicating information (i) that may be untrue or misleading (including by omission); (ii) where an adviser does not have a reasonable basis for—and would not be able to substantiate—the information communicated; (iii) concerning potential benefits without communicating material risks or other limitations; and (iv) that is not presented in a fair and balanced manner (e.g., performance results).
The marketing rule imposes disclosure, oversight and disqualification limitations on the use of testimonials and endorsements. To use testimonials, an adviser must disclose whether the endorser is a client or investor, is compensated or has some other conflict of interest. Further, to use testimonials, the adviser must oversee compliance with the rule and “enter into a written agreement with promoters, subject to certain allowances and conditions,” for example, where the promoter is an affiliate or receives de minimis compensation. (Notably, a broker-dealer acting as an endorser could be exempt from the disclosure requirements for a recommendation subject to Regulation Best Interest). Finally, the marketing rule generally disqualifies ineligible persons from acting in a testimonial capacity.
Disclosures and satisfaction of set criteria are also required under the marketing rule before third-party ratings can be used in an advertisement. The advisor must disclose the identity of the third party, the date and time period of the rating, and direct or indirect compensation by the adviser to the third party. An adviser must have a reasonable basis for believing that the rating was unbiased and not created in such a way as to produce a predetermined result.
Further to the goal of prohibiting misleading information in advertisements, the SEC provided specific requirements on performance information before it can be used. These include prohibitions against the use of information: (i) on gross performance without inclusion of net performance data; (ii) on performance results, without including specific time periods; (iii) suggesting that the SEC reviewed or approved of the advertised performance results; (iv) related to performance results, without inclusion of all related portfolios, and extracted performance results without the results of the entire portfolio; (v) on any hypothetical performance unless the adviser, among other requirements, discloses the criteria used and assumptions made in calculating the hypothetical performance, as well as its risks and limitations; and (vi) on the use of predecessor performance unless the personnel and accounts at the predecessor adviser and the personnel and accounts at the advertising adviser were substantially similar and that any advertisement include all relevant disclosures.
The marketing rule and related books, records and Form ADV amendments will be effective 60 days after publication in the Federal Register. Because of the scope and complexity of the rule changes, the SEC has set an 18-month transition period for compliance.
The marketing rule was intended to address technological advances including social media and mobile communications under a principles-based approach to supervision and regulation. In this way, the rule is an attempt to strike a balance encouraging the use of electronic media for adviser marketing purposes, while protecting retail investors from the higher risks of fraud associated with it.
The new marketing rule imposes considerable oversight, recordkeeping and disclosure requirements on investment advisers. The SEC stated it expects that “100 percent” of investment advisers will be involved in activity regulated by the marketing rule. That will require substantial modifications to compliance programs across the industry. Notwithstanding the long compliance transition period, advisers will need to review their current advertising and solicitation policies, make adjustments to their performance presentations and disclosures, ensure effective supervision and set in place new policies and procedures for testimonials and endorsements.
Bates Compliance provides tailored compliance consulting solutions to financial services clients. In anticipation of the compliance transition for the new marketing rule, Bates has formed a team to address investment adviser concern and support efforts to conform oversight, recordkeeping and disclosure requirements under the new rule.
Our compliance team includes senior compliance staff and former regulators, with expertise in the development of policies, procedures, supervisory and compliance processes and best practices to enhance compliance and supervisory systems.
Federal Law Enforcement Targets 2300 Money Mules Fueling Fraud in All 50 States
Fighting financial fraud remains a high priority for federal law enforcement. Throughout 2020, Bates Group has followed the many alerts issued by FinCEN, OCIE and other agencies warning of a variety of scams targeting financial firms and their customers, particularly elder clients. Through these advisories, the agencies remind compliance professionals to be vigilant of red flags for deceitful practices that may indicate financial fraud. The advisories also provide specific recommendations on additional detail requested when filing related suspicious activity reports (SARs). Prominent among these warnings are advisories about money mules—individuals playing an important role in a host of fraudulent activities—and schemes related to COVID-19 in particular.
On December 2, 2020, federal law enforcement cracked down on money mules again. (Bates highlighted an earlier federal enforcement crackdown back in March 2020.) The U.S. Department of Justice (DOJ) announced the results of the joint operation—a coordinated effort that included the DOJ, the FBI, the U.S. Postal Inspection Service, the Department of Labor Inspector General, the FDIC Inspector General, Immigration and Customs Enforcement, the Social Security Inspector General, the Secret Service, and the Treasury Inspector General for Tax—to “disrupt the networks through which transnational fraudsters move the proceeds of their crimes.” Here are the highlights.
Recap on Money Mules – Individuals Enabling Many Scams
In its announcement, the Justice Department described money mules as “individuals who assist fraudsters by receiving money from victims of fraud and forwarding it to the fraud organizers, many of whom are located abroad.” FinCEN defines a “money mule” as any “person who transfers illegally acquired money on behalf of or at the direction of another.” Under these definitions, money mules are used to enable a wide range of schemes. In the recent action, federal law enforcement pursued money mules associated with underlying cases of lottery fraud, romance scams, technical support fraud, CEO and business email compromise scams, government imposter fraud and unemployment insurance fraud.
The agencies recognize the distinctions among an “unwitting or unknowing money mule,” a “witting money mule” and a “complicit money mule,” all defined by the person’s awareness, motivation and level of participation in the larger scheme. FinCEN says that all three types of money mules are deployed in COVID-19 schemes. The enforcement action was calibrated to these differing levels of awareness and participation.
Recent Enforcement Action
The scope of the joint enforcement agency initiative is, by any measure, impressive. According to the Justice Department, the actions netted approximately 2,300 money mules in areas “spanning 92 federal districts.”
Some highlights of the crackdown include:
warning letters sent to over 2000 money mules notifying them that they “were facilitating fraud and could face civil or criminal consequences for continuing their actions;”
the seizure of assets (including a 2019 Lamborghini) or return of victim funds in over 30 cases;
the filing of 14 actions by the Postal Inspection Service against identified money mules requiring them to cease facilitating fraud;
criminal charges brought in 35 cases against money mules “for their roles in receiving victim payments and forwarding the fraud proceeds to accomplices or laundering fraud proceeds; and
civil injunctive actions in 17 cases covering federal Districts in Washington, South Carolina, Florida, California, New York, and Colorado.
The agencies’ announcement also noted other criminal financial charges brought against fraudsters in multiple jurisdictions. In Maryland, for example, the U.S. Attorney indicted individuals “for opening bank accounts using falsified documents for the purposes of facilitating a business email compromise scam.” In Ohio, money mules were indicted for facilitating a “grandparents scam.”
FinCEN Red Flag Reminders
Bates previously reviewed FinCEN’s red flags for financial compliance professionals on money mules pertaining to COVID-19. FinCEN recommendations included vigilance as to:
receipt of transactions that don’t fit a customer’s profile (e.g., overseas transactions, purchase of convertible virtual currency);
unsatisfactory answers to “know your customer” inquiries;
opening new bank accounts in the name of a business (possibly at multiple banks), and someone other than the customer transferring funds out of those accounts;
receipt of multiple unemployment insurance payments within the same time period or from numerous employees (with ACH payment names that don’t match the account holder);
deposits that get diverted quickly “via wire transfer to foreign accounts;”
documents related to the “employer” showing the use of a free email server rather than a company-specific email; and
out-of-the-ordinary requests from the customer’s new employer to send and receive funds through the customer’s personal account (especially for individuals claiming to be U.S. citizens or servicemen currently abroad).
The announcement on the money mule enforcement crackdown demonstrates the reach of a coordinated federal effort. Along with references to educational efforts, local FBI campaigns (Don’t Be a Mule), the National Elder Fraud Hotline, and other initiatives (including, notably, the American Bankers Association’s engagement with member banks on money mules and highlighting the role of financial institutions in addressing the problem), the message on disrupting money mule networks is comprehensive and unequivocal.
For that reason, financial firms should take note. As the Postal Inspector stated: “[O]ur law enforcement partners will be relentless in the pursuit of criminal organizations that perpetrate these schemes… [we] use cutting-edge technology to build strong cases and campaigns.” In other words, expect coordinated enforcement efforts to continue and to become more sophisticated, increasingly through reliance on analytics driven by information provided by financial firm compliance filings (SARs).
For AML and Financial Crimes support, please contact Edward Longridge, Managing Director and Head of Bates AML & Financial Crimes Practice:
Multi-Branch Office Supervision and Compliance – OCIE Details Deficiencies
Last month, OCIE released a Risk Alert urging SEC-registered investment advisers to consider the “unique risks and challenges presented by “employing a business model that includes numerous branch offices and business operations that are geographically dispersed.” The OCIE observations stem from a December 2016 initiative (“Multi-Branch Initiative”) examining advisers that conduct business out of ten or more branch offices. The advisers continue to be an area of focus to date because they “often serve retail customers” and “have unique risks and challenges related to design and implementation of their compliance programs and oversight of advisory services provided through remote offices.” Although COVID-19 was not the basis for the alert—the data and observations came from the initiative, which ended in 2018 (see fn. 2 in the alert)—the pandemic undeniably added urgency to issues around remote supervision and compliance. This pushed the topic higher on the list of areas OCIE is continuing to monitor, including “telework conducted from dispersed remote locations.” OCIE “will provide its observations to its colleagues in the Division of Investment Management.”
Last week, Bates focused on OCIE recommendations based on observed deficiencies concerning adviser obligations required under the Compliance Rule. Consistent with that emphasis, OCIE issued this separate alert to highlight main office oversight of (i) branch office compliance programs and practices (applicable to, for example, rules on custody or ethics) and fiduciary obligations related to fees, expenses and advertising; and (ii) supervision of branch office personnel that provide investment advice to clients (including the formulation of recommendations and conflicts disclosures).
Here’s a closer look at OCIE’s findings and and warnings to firms overseeing multi-branch office compliance.
OCIE found multiple deficiencies in branch office compliance programs and practices, and in the fiduciary obligations of advisers. Here are some of the findings:
Custody Issues – Advisers violated the “Custody Rule” by, among other things, failing to have adequate policies and procedures that limited the ability of supervised persons to process transactions in client accounts and to ensure consistent application of rules across the firm.
Fees and expenses – Advisers failed to have branch office policies and procedures to remediate overcharges or to consistently apply fees.
Supervision – Advisers failed to adequately supervise branch office personnel leading to multiple compliance deficiencies related to material disclosures, best interest recommendations on mutual fund share classes, best execution and trading, and documentation of disciplinary events for personnel with higher-risk profiles.
Advertising – Advisers failed to adequately address issues arising from branch offices operating under a different name (i.e. D/B/A) and by supervised persons located in branch offices. These included presentations which omitted material information, disclosures of inaccurate credentials and other unsupported claims.
Code of Ethics – Advisers breached their Code of Ethics, with failures affecting transaction reporting and proper review, identification of access persons, and procedural omissions which allowed supervised persons to invest inappropriately in limited or private offerings.
Supervision of Advisory Activities Across Multi-Branch Offices
OCIE found multiple deficiencies in branch office portfolio management. Generally, these related to ineffective oversight of investment decisions, failures to disclose conflicts, and inadequate supervision of decisions on trading allocations. Specifically, OCIE highlighted deficiencies associated with oversight and disclosures on mutual fund share class selection recommendations (the subject of a successful SEC enforcement initiative - see Bates alert) and wrap fee programs. Observed failures involved inadequate best interest assessments, erroneously charged commissions, inadequate disclosures, insufficient oversight of “trading away practices,” and poor monitoring practices.
In addition, OCIE identified deficiencies related to “automated account rebalancing” which prompted redemption fees from mutual funds and failures to disclose fees associated with automated processes. OCIE also identified conflicts of interest related to “expense allocations that appeared to benefit proprietary fund clients over non-proprietary fund clients.” Finally, OCIE raised issues concerning adviser compliance failures on trading and allocation practices. These deficiencies highlighted insufficient documentation (including failures to provide any analysis that would satisfy best execution requirements), client consent and associated monitoring failures.
OCIE offered several recommendations that could assist advisers in designing and implementing policies and procedures under the Compliance Rule. These include the adoption of written compliance practices and procedures applicable to all office locations and all supervised persons, and tailored compliance practices necessary for effective branch office oversight, among others.
Best practice recommendations included the development of uniform policies and practices on advertising, client fee billing, portfolio management and monitoring, as well as requiring approval for personal trading activities for all supervised persons located in all office locations. OCIE also recommended compliance testing and periodic compliance reviews of key activities at all branch offices. Consistent with earlier recommendations, OCIE suggested further that advisers establish hiring practices that include “disciplinary event” checks and ensuring the accuracy of disclosure of such information. Finally, OCIE emphasized the importance of periodic compliance training for branch office employees.
While OCIE’s previous Compliance Rule alert covered a broad range of adviser compliance concerns, this Multi-Branch alert is, in some ways, a reminder that some of the greatest compliance weaknesses come from the geographic separation of remote offices and the “unique” complexity of supervising personnel in those offices. While the alert is based on pre-COVID data, the fundamental issues it raises are well known. The urgency for firms to tighten their compliance regimes across multi-branch business operations has grown. As a result, expect future examinations to likely focus on these weaknesses.
About Bates Compliance:
Bates Compliance delivers guidance and tailored compliance consulting solutions to our broker-dealer, investment adviser and hybrid firm clients on an as-needed or ongoing basis. Our team—made up of experienced senior compliance, legal and former regulatory professionals—drafts and tests policies, procedures, and supervisory and compliance processes, recommending and implementing changes based on leading practices to enhance compliance and supervisory systems and to remediate regulatory, litigation and internal audit findings. Bates Compliance consultants prepare clients for branch exams and conduct mock SEC reviews.
Noting Deficiencies, OCIE Warns IAs to Comply with the Compliance Rule; Director Driscoll Emphasizes CCO Empowerment
On November 19, 2020, OCIE issued an alert on common deficiencies identified in recent examinations related to the obligations on investment advisers required by the Advisers Act (“Compliance Rule”).
As highlighted in the Alert, the Compliance Rule requires registered investment advisers to: (i) adopt and implement written policies and procedures reasonably designed to prevent rule and Advisers Act violations, (ii) consider fiduciary and regulatory obligations that adequately address these policies and procedures, (iii) review these policies and procedures at least annually to determine their adequacy and effectiveness, and to review them more often “in response to significant compliance events, changes in business arrangements, and regulatory developments,” and (iv) designate a chief compliance officer (“CCO”) to oversee the compliance program. (See additional detail on the requirements under Compliance Rule 206(4)-7 here.) In this article, Bates takes a closer look at OCIE’s recent findings and the additional emphasis placed upon the role of CCOs by OCIE Director Peter Driscoll (pictured above) in a related address.
A Comprehensive (and Lengthy) List of Deficiencies
In its examinations, OCIE found numerous Compliance Rule deficiencies. They include failures by investment advisers to “devote adequate resources” to compliance programs, failures to provide CCOs with the necessary authority to develop and enforce adequate policies, failures in the annual review process, failures in policy implementation, and failures to update information and maintain or establish adequate policies and procedures.
Resourcing – OCIE observed that key compliance program elements—specifically, information technology and training—were under-resourced. CCOs were often overburdened with “numerous other professional responsibilities,” and staff had insufficient resources to implement basic compliance program functions, such as “performing annual reviews, accurately completing and filing Form ADVs or timely responding to OCIE requests for required books and records.” Further, OCIE said that compliance resources often had not grown in tandem with the growth and complexity of the adviser, leading to implementation failures.
CCO Authority – OCIE traced program deficiencies to CCOs who had insufficient authority to develop and enforce appropriate policies and procedures. This manifested itself in instances where the CCO (i) did not have access to certain compliance information (e.g. trading exception reports), (ii) had limited interaction with senior leadership, and (iii) was not consulted on matters that may have had significant compliance implications.
Annual Reviews – OCIE raised concerns about irregular or inadequate annual compliance reviews, including whether they actually occurred, failures to identify risk areas (conflicts of interest or protection of client assets), and deficiencies with respect to reviewing policies and procedures to address oversight of third party managers, cybersecurity, and fee and expense calculations.
Procedure Implementation – OCIE also found failings with respect to the implementation of a firm’s compliance procedures across the board. These included procedural deficiencies on training, compliance processes on “trade errors, advertising, best execution, conflicts, disclosure,” as well as failures in testing on fee calculations and business continuity processes.
Adequacy of Policies and Procedures – Some advisers simply failed to establish, implement, or tailor written policies and procedures pursuant to their obligations under the Compliance Rule. Highlighted OCIE observations included written policy and procedure deficiencies in several areas, including: portfolio management, marketing, trading practices, disclosures, advisory fees and valuation, safeguards for client privacy, safeguards for client assets, required books and records, and business continuity plans.
OCIE Director Wants Advisers to Empower their CCOs
On the same day OCIE released its Alert, Director Peter Driscoll emphasized the underlying issue of CCO responsibility over effective compliance programs. At a virtual National Investment Adviser-Investment Company Compliance Outreach program, the Director discussed the challenges that OCIE (and investment advisers) faced during the pandemic, cited OCIE’s success at remaining fully operational despite these challenges, and then reviewed the deficiencies described in the Compliance Rule alert, honing in on the role of the CCOs to the entire compliance regime.
Director Driscoll reiterated that “an adviser's CCO should be competent and knowledgeable regarding the Advisers Act and should be empowered with full responsibility and authority to develop, implement, and enforce appropriate policies and procedures for the firm.” He decried a “check-the-box” approach, asserting that the “CCO should have a position of sufficient seniority and authority within the organization to compel others to adhere to the compliance policies and procedures.” In this he underscored that empowerment, seniority and authority are “three words [that] matter.” He warned that “we cannot overstate a firm’s continued need to assess whether its compliance program has adequate resources to support its compliance function,” and that “compliance must be integral to an adviser’s business and part of its senior leadership.” He concluded by reinforcing the importance of firm culture to effective compliance and the recognition that, “without the support of management, no CCO, no matter how diligent and capable, can be effective.”
In its Alert, OCIE staff highlighted the regulator’s perspective on effective compliance. This has been a consistent approach for the agency. (See Bates Article on OCIE 2020 Priorities here.) While going into a detailed list of each of the elements that investment advisers should take into account in order to ensure the adequacy of their compliance programs, OCIE staff and the Director made a broader point about the importance of instilling a culture of compliance throughout the firm. Back in January, OCIE underscored that effective compliance requires (i) establishing a culture of compliance for the firm, (ii) a commitment by firm executives that compliance is “integral” to firm success, and (iii) “tangible” support for compliance in all operations, throughout all levels of the firm. The recent alert and comments by Director Driscoll doubles down on that message emphasizing that the chief compliance officer must be fully empowered with the “responsibility, authority, and resources to develop and enforce policies and procedures of the firm.” Bates will continue monitoring OCIE activity and keep you apprised.
For assistance with your Compliance needs and information concerning Bates Group's other practices and services, please visit:
Tracking FinCEN Moves: Regulator Issues a Flurry of Advisories on Ransomware, Unemployment, Human Trafficking, Rule Amendments and More
The Financial Crimes Enforcement Network (FinCEN) continues its fast pace, issuing important new advisories, statements and rulemakings. Bates’ last two posts (see here and here) highlighted FinCEN’s actions on (i) compliance requirements under the customer due diligence rule, (ii) cyber-enabled financial crime, (iii) convertible virtual currency scams, (iv) “politically exposed persons” due diligence requirements, (v) unlawful disclosure of suspicious activity report (SARs) information, and (vi) general information on its approach to BSA/AML enforcement.
Since September, FinCEN has issued advisories on ransomware, unemployment insurance fraud, and the money laundering aspects of human trafficking, an Order targeting certain residential real estate transactions based on geography, and has proposed specific amendments that affect recordkeeping and travel, as well as broad recommendations affecting Bank Secrecy Act (BSA) regulations that make up the current anti-money laundering (AML) framework. Here’s a recap.
On October 1, 2020, FinCEN issued an advisory that provided information on the growing threat of ransomware attacks on government entities, corporate entities and financial institutions. Ransomware—malicious software that blocks access to systems or data in order to extort ransom payments from victims—can lead to the loss of critical personal and commercial information and can compromise business functionality. The advisory covered the role of financial intermediaries in payments, financial red flags and other related trends and typologies. FinCEN offered tips on effective reporting and sharing of ransomware and related information.
The U.S. Treasury Department’s Office of Terrorism and Financial Intelligence coordinated the issuance of the FinCEN advisory with a second advisory issued by the Office of Foreign Assets Control (OFAC) which highlighted sanctions risks to financial firms that facilitate the processing of ransom payments. FinCEN followed up on these advisories on November 12, 2020, with a virtual conference with financial institutions, technology firms, third-party service providers, and federal government agencies on current efforts to curtail ransomware attacks including detection and reporting, emerging trends and victim recovery.
Unemployment Insurance Fraud
On October 23, 2020, FinCEN issued an advisory on unemployment insurance fraud that the agency observed during the pandemic. Based on SARs, open source reporting and reports from other law enforcement agencies, FinCEN described types of unemployment insurance fraud, such as fictitious employer-employee fraud (involving receiving unemployment insurance payments while the employee is receiving unreported wages), misrepresentation of income fraud (where an applicant claims higher wages than earned), insider fraud (state employees accessing and changing claims or amounts), and identity fraud (where applicants use stolen or fake identification to take over an account). FinCEN then offered a list of red flag indicators “to assist financial institutions in detecting, preventing, and reporting suspicious transactions related to such fraud.”
Human Trafficking and Anti-Money Laundering
On October 15, 2020, FinCEN issued an advisory on human trafficking, stating that it “is now one of the most profitable and violent forms of international crime, generating an estimated $150 billion worldwide per year.” FinCEN explained that human trafficking occurs “in a broad range of licit and illicit industries in the United States,” and that transactions involving proceeds from human trafficking “constitute specified unlawful activities (SUAs) for the crime of money laundering.” The issued guidance described four new typologies since FinCEN’s prior guidance (the 2014 Advisory,) including (i) the use of front companies, (ii) “exploitative employment practices” (e.g., labor recruiters who mislead or defraud victims,) (iii) the use of “funnel accounts” (to “transfer funds between geographic areas, move proceeds rapidly, and maintain anonymity”), and (iv) the use of alternative payment methods (e.g., pre-paid cards or the use of virtual currency transacted on dark websites.) In the new advisory, FinCEN provides ten red flag financial indicators to help identify and report transactions that may be associated with human trafficking.
Geographic Targeting Order
On November 5, 2020, FinCEN issued a Geographic Targeting Order (GTO) that requires title insurance companies to identify and report information about “persons involved in certain residential real estate transactions.” The intention behind these additional reporting requirements under the Bank Secrecy Act is to expose the persons behind the shell companies used in all-cash purchases of residential real estate. FinCEN says that these transactions suggest that the company is “possibly involved in various illicit enterprises,” and that the Orders will assist in tracking the funds or other criminal activity. The cash threshold is $300,000 and the Order applies to Boston; Chicago; Dallas-Fort Worth; Honolulu; Las Vegas; Los Angeles; Miami; New York City; San Antonio; San Diego; San Francisco; and Seattle. The Order is effective November 6, 2020 and ends on May 4, 2021. (See additional guidance on GTOs here.
Proposed Amendments to Travel Rules and Recordkeeping
On October 27, 2020, FinCEN and the Federal Reserve Board proposed amendments to recordkeeping and travel rules that would lower the threshold for required recordkeeping on financial institutions from $3,000 to $250 for international transactions. (Under the proposal, thresholds for domestic transactions would remain at $3,000.) In the proposal, the agencies asserted that “ mandating the collection, retention and transmission of information for fund transfers and transmittals of funds of at least $250 that originate or terminate outside the United States would likely lead to the preservation of information that would benefit law enforcement and national security investigations.” FinCEN also proposed definition amendments to ensure that the rule clearly applies to convertible virtual currencies, as well as transactions involving digital assets with legal tender status. Comments on the proposed rule change are due by November 27, 2020.
Proposed Amendments to the BSA Framework and the AML Regime
On September 16, 2020, FinCEN issued an Advance Notice of Proposed Rulemaking (ANPRM) to solicit comments on a broad set of amendments to the BSA rules that make up the anti-money laundering regulatory framework. The scope of the rules under consideration affect all industries that are currently subject to AML program requirements including depository institutions, money servicers, broker dealers in securities, mutual funds, insurance companies, commodities dealers and others. The proposals are intended to rationalize and align priorities across industries and government to enhance effectiveness of AML programs.
In the ANPRM, FinCEN is seeking comment on AML program elements that would provide “for the reporting of information with a high degree of usefulness to government authorities.” While the goal is also “to implement a common understanding between supervisory agencies and financial institutions,” FinCEN stated that it “would seek to impose minimal additional obligations on AML programs that already comply under the existing supervisory framework.” FinCEN also solicited comments on “proposals to impose an explicit requirement for a risk assessment process and for the Director of FinCEN to issue a list of national AML priorities, to be called FinCEN’s Strategic Anti-Money Laundering Priorities, every two years.” Comments were due on November 16, 2020. Bates will follow this initiative in detail as the rulemaking progresses.
As we race to the end of the year, with a probable new alignment of priorities under a new administration, the pace of regulatory action has quickened. FinCEN has been very active in communicating through advisories on specific threats while setting the stage for broader changes to the AML framework. These are important actions that can be overlooked amidst the constant political chatter, but they affect AML compliance, procedure and priorities. Bates will continue to keep you apprised.
To discuss this article and/or learn more how Bates can help you navigate BSA/AML issues, please contact:
SEC and FINRA Offer Observations to Improve Compliance with Reg BI and Form CRS
On October 26, 2020, the SEC and FINRA staff held a remote public roundtable to discuss the implementation of Regulation Best Interest (“Reg BI”) and the Customer Relationship Form (“Form CRS”) since mandatory compliance began on June 30, 2020. During the regulators’ roundtable, staff reviewed the core obligations required by Reg. BI and Form CRS and reported that firms generally were meeting those obligations. Staff also highlighted their observations on the areas that require improvement.
As Chair Jay Clayton remarked on the call, compliance with the Reg BI obligations and Form CRS requirements is necessary to improve the quality of the relationship between retail investors and their professionals. “That is what it is all about,” he said. Bates held its own webinar on Reg BI and Form CRS implementation and compliance (“120 Days On”) on Wednesday, October 28, 2020 to review client observations and the guidance provided at the roundtable. Here’s a recap on the key issues presented during the regulators' roundtable.
A Focus on the Practical
During the roundtable, SEC and FINRA staff methodically reviewed observations on current implementation of the obligations—disclosure, care, conflicts and compliance—under Reg BI. While acknowledging the “good faith efforts” by firms to comply, and the different approaches firms have taken to tailor their compliance to their firm’s products and business models, staff detailed many “necessary improvements.”
On disclosure, staff noted that firms are mostly relying on Form CRS, though some firms maintain targeted topic disclosure (e.g., on roll-overs). Based on their observations, staff recommended (i) that information be conveyed to retail investors in plain English (which is commonly determined to be at an eighth-grade level) to make it more accessible to retail investors; (ii) the use of charts rather than complicated text on fee disclosures; (iii) using technology solutions to accurately update; (iv) the use of electronic delivery with a focus on proper access to ensure, and evidence delivery; (v) detailed recordkeeping, which should be explicit in firms' written policies and procedures. Staff also acknowledged firms’ efforts to amend client onboarding processes to meet delivery requirements and that, in general, firms provided solid training to their representatives on delivery issues.
On the careobligation, staff described how firms are incorporating internal, proprietary and third-party systems in their review and documentation of decision making on roll-overs, mutual fund share classes, annuities, and other products. Staff observed that firms are incorporating various types of data gathering to bolster their compliance with the care obligation, including by providing for comments around each recommendation, distributing questionnaires, creating risk scores, capturing associated costs, and thorough other analysis. Staff said it wants to be able to review firm due diligence on product disclosures and to see, in particular, that firms are not just relying on the FINRA Rule 2111 suitability obligations, but are expanding and distinguishing between suitability and the broader obligations under Reg BI.
On Reg. BI’s conflicts of interest obligation, staff noted the “wide range of actions” firms have taken to “identify, mitigate and eliminate” conflicts, including the development of procedures and supervision around compensation, client relationships and products. Staff emphasized, however, that proper assessments must be done to identify potential for conflicts, saying that they expect firms to review such things as compensation to the firms, representatives and affiliates, and associated persons’ outside activities. They also want to see that firms reviewed their business models “to get the incentives right.” Staff reported that firms did a good job on mitigation (with some concerns about third-party reimbursements that could create a problem.) Though staff said that the SEC does not require a specific mitigation policy (in order to provide firms flexibility), the SEC offers FAQs and a non-exhaustive list on mitigation methods that firms should consider.
On the compliance obligation, staff focused primarily on written policies and procedures, training and testing. Staff affirmed that compliance programs must adequately set out cleear policies on disclosure, care and conflicts. Staff, however, found that, while firms are demonstrating good effort in this regard, there was a gap between the written word and the actual practice of how to meet the requirements of the rule. While firms have made headway on training, staff focused on the need to evolve from what the rule says to how to comply with the rule, presenting higher expectations of what firms should memorialize in their books and records, and the need to develop testing plans to verifycompliance with the rule. As described in the Bates webinar, staff appears to want to see: “How are you vetting your investment products on your platform? How are the representatives choosing the products that are available on the platform? How are you reviewing the recommendations? And how are you memorializing what you are doing?”
Form CRS Observations
The CRS form is highly prescriptive in both formatting and content, in part to keep the disclosure document short (two to four pages). As described in a joint statement by SEC leadership, issued on October 8, 2020, the summary is intended to contain, in plain English, disclosures “on the same topics, under standardized headings and in a prescribed order,” on a form “that allows retail investors to compare different firms’ services, fees, and other important information.”
Of the approximately ten thousand Form CRS submissions filed to date, staff observed a number of failings, including: material disclosure omissions, vague descriptions of fee structures without direct (layered) hyperlinks, submissions that were too general on product offerings, failures to clearly identify affiliates, incorrect formatting (particularly for required “conversation starter” questions), headers in the wrong place, RIAs referring to themselves being fiduciaries where not permitted, and broken links that affect the adequacy of layered disclosure, among others. Further, staff raised concerns about those firms that were supposed to file Form CRS, but did not.
Form CRS and Disciplinary History
The broadest concern on CRS form filings raised at the roundtable was related to the sufficiency of submissions with respect to disclosure of disciplinary histories. Form CRS requires addressing the question “Do you or your financial professionals have legal or disciplinary history?” Staff warned that Form CRS is not the place for a qualifying answer to that question. It is intended to solicit only a yes or no answer, along with a link to where the investor can get more details. The failure of a significant number of firms to satisfactorily answer this question led SEC staff to add explicit new interpretations on reporting disciplinary history in its Frequently Asked Questions on Form CRS. The detailed response relates to criticisms leveled at both the Form CRS and the industry in a Wall Street Journal report.
The required disclosure on disciplinary history was intended to allow retail investors “for the first time” to be able to factor in disciplinary history information before entering into a relationship with the firm or professional. Staff reaffirmed that compliance requires that (i) the firm direct the investor to Investor.gov/CRS for additional research on firm financial professionals, (ii) the form must include the “conversation starters” to lead an investor to engage in discussion about any disciplinary history or events, (iii) a firm must report any disciplinary action that must be reported on other forms, and (iv) a firm is not allowed to add qualifying language “that might, intentionally or unintentionally, obfuscate or otherwise minimize the disciplinary history.”
Several takeaways were discussed during Bates Group’s follow up webinar. In addition to the analysis of the current state of implementation of Reg BI and Form CRS, the panelists agreed on several recommendations. They include the following:
Technology – Consider the use of technology to evidence Reg BI compliance. (Take an inventory—can it be used to demonstrate delivery or reveal conflicts, ensure repeatable and auditable results, and adequately capture useful data?)
Governance – FINRA expects appropriate memorialization in order to undertake an audit, and so that firms can standardize their processes. (What is the governance around conflicts, testing, training, and supervision?)
Guidance – Review current SEC Form CRS checklist, FAQs, and now, the expectations discussed in the roundtable. (Guidance = Expectations)
Training and Testing – Ensure that the practical application of the rule is being taught and tested, not simply what the rule says. (What is the follow up? How do you ensure policies are working and are effective?) Start testing, continue training, make necessary changes, and document the process.
Exam Preparation – Regulators want specific examples of why the recommendations are in the best interests of the client. Document the recommendations. Regulators want to see your regulatory change management program. (When did it start, who was involved, etc.) “Storyboard your process.”
Enforcement – Firms should review their reportable disciplinary history. Form CRS should be “accurate, complete and consistent with those other forms.”
Jennifer Sullivan, Bates Compliance consultant and a featured speaker at the webinar, noted that both the SEC and FINRA have been very vocal about communicating their expectations. She cautioned that there will likely be “very few excuses for non-compliance.” At the same time, she concurred with other panelists who asserted that “it’s not a gotcha exam. Shy of doing nothing, the Commission wants firms to get it right.” Bates will continue to keep you apprised of further Reg BI developments.
Bates Group’s Compliance team helps firms implement Reg BI, Form CRS, and navigate compliance concerning investor and consumer protection standards. To learn more about Reg BI and Form CRS compliance consulting support, including how your firm can improve its compliance please visit our Reg BI and Form CRS resource page or contact us directly:
FINRA Proposes Senior Rule Amendments to Extend Hold Period on Senior Accounts and Permit Holds on Transactions in Securities
Based on feedback from a retrospective rule review initiated in August 2019, FINRA proposed rule amendments intended to strengthen the ability of member firms to address suspected financial exploitation of seniors and other vulnerable individuals. The proposed amendments directly affect FINRA Rule 2165 (“Financial Exploitation of Specified Adults”). That rule permits a firm to place a temporary hold on the disbursement of funds or securities from the accounts of adults over 65 or from those who the firm “reasonably believes” has an impairment that renders the individual “unable to protect his or her own interests.” The proposed amendments would permit a broker-dealer to impose a longer hold period on a senior investor's account and to expand coverage to include holds on transactions in securities. FINRA seeks comments by December 4, 2020. Here’s a closer look.
The Current Rule
As Bates described previously, FINRA Rule 2165 provides a firm with a safe harbor from FINRA enforcement when the firm exercises discretion to place holds on disbursements. Currently, the rule permits members to place temporary holds of 15 business days on the disbursement of funds or securities, with an extension of an additional 10 business days “provided that the member's internal review of the facts and circumstances supports the member's reasonable belief that financial exploitation has occurred or so ordered by a state regulator, agency or court of competent jurisdiction.” The rule does not currently apply to transactions in securities. FINRA FAQ 1.1. explains that Rule 2165 would not apply, for example, to a customer’s order to sell shares of stock; (but would, if the request was disbursement from the proceeds of a stock sale.)
Rule 2165 also prescribes certain supervisory procedures (including escalations and the development of training policies or programs,) the automatic initiation of an internal review of facts and circumstances, and oral and written notifications of any hold (including the basis for the determination) to all parties authorized to effect transactions in the account within two business days.
The FINRA Proposal
Based on feedback from its broad retrospective review, FINRA concluded that the (extended) 25-day hold period was an insufficient amount of time for firms to determine whether a customer was being financially exploited. According to the results of the review, some 53 percent of respondents reported that, for a variety of reasons, they were unable to resolve a suspicious matter within the 25-business-day period. The proposed amendments would extend the period to allow an additional 30-day hold period if the suspicious activity has been reported to a state agency or an appropriate court. (Notably, NASAA wanted to retain the current period, “which aligns with the hold period provided in the NASAA Model Act to Protect Vulnerable Adults from Financial Exploitation.” (See Bates’ article here). FINRA said it considered longer hold times but that 30 days represents a reasonable balance and would provide the additional time to enable greater collaboration between authorities and regulators of different jurisdictions.
FINRA’s proposed amendments would also allow firms to impose a hold on transactions in securities, thereby closing a significant gap from the existing rule. After noting that many firms and states permit a hold on transactions, FINRA stated that its proposal would “create the first uniform, national standard for placing holds on transactions related to suspected financial exploitation.”
Cognitive Decline Red Flags
FINRA noted that they considered extending Rule 2165 to instances where firms may have reason to believe that a “customer has cognitive decline or diminished capacity but [where] there was no evidence of financial exploitation.” FINRA chose not to extend the rule in these circumstances, but it did offer a set of best practices provided by firms to address the issue. These include: training to identify red flags of cognitive decline; the collation of information on a trusted contact person; documenting and escalating suspected cognitive decline for further review; additional supervision of related customer accounts; and protocols for reporting matters to law enforcement, among others.
Request for Comments
FINRA requested that firms not only consider the proposed approach, but also alternative approaches to the longer holds and the extension of Rule 2165 to securities transactions. Specifically, FINRA asked for additional data or anecdotes on “unintended consequences when placing or attempting to place a temporary hold on disbursement of funds or securities from an account,” and whether there are any material economic impacts to investors, issuers and firms that are associated specifically with the proposal.
In a subsequent Notice issued on October 20, 2020, FINRA’s National Adjudicatory Council (“NAC”), the organization’s “appellate tribunal for disciplinary cases,” revised its Sanctions Guidelines to “expressly contemplate a customer’s age or physical or mental impairment that renders the individual unable to protect his or her own interests.” The NAC said that its changes to the guidelines were made to be consistent with FINRA Rule 2165. Further, the NAC stated that it added these aggravating (or mitigating) factors for sanctions to reflect “explicit consideration of elder abuse and [the NAC’s] general experience with imposing more stringent sanctions in cases involving senior investors or mentally impaired customers.” The revised guidelines are effective immediately.
The safe harbor of Rule 2165 permits firms to be ever more proactive on behalf of their clients when identifying a suspicious transaction on accounts held by vulnerable investors. The proposal expands the ability of the firm to act on its own discretion over a customer’s account disbursements and, now, securities transactions. FINRA makes clear that affording firms this expanded discretion over customer accounts is a balancing act. FINRA is seeking input as to whether they are drawing the line in the right place. Bates will continue to keep you apprised.
Exploitation of Senior and Vulnerable Investors in the COVID-19 Era and Regulatory Responses
Join nationally recognized senior issues expert witness and Bates Group director Joe Thomas, Bates senior issues expert Amy Bard, and other distinguished panelists as they discuss the new dangers for seniors and vulnerable investors in the COVID-19 era and the nationwide response of regulators.
Bates Expert Interview: Reflections on the Impact of COVID-19 on the Fixed Income Market
We asked Bates Group experts and consultants with deep experience in fixed income and municipal securities to share some perspective on how the pandemic has impacted investors over the past six months. Here are some of their insights on recent market volatility, Federal Reserve intervention, credit ratings, and the likelihood of potential investor litigation going forward.
Joining the conversation were: (pictured above, L to R)
Stanley Fortgang, a Bates Group Director, expert and consultant with experience in equities, fixed income, hedge funds, regulatory, compliance, mutual funds, and other financial-related matters.
Stephen Behnke, a Bates Group Director, expert and consultant with extensive fixed income securities and retail brokerage experience, including suitability, supervision, IA matters, and complex securities.
Pamela Peterson, a Bates Group expert and consultant with experience in compliance, municipal securities underwriting, and the rules and practices involving primary and secondary sale of municipal bonds.
Stephen Hoopes, a Bates Group expert and consultant and an investment banker with experience in the fixed income capital markets, including municipal and corporate securities.
Jody Scharf, a Bates Group expert and consultant with experience in trading protocol and sales, Broker-Dealer rules and regulations, and all aspects of corporate and municipal bond protocols.
Here’s what Bates leaders are talking about: (Answers have been edited and condensed for length and clarity.)
Question: The pandemic began to disrupt financial markets in mid-March 2020. How have debt markets been affected?
Stephen Hoopes: In mid-March of 2020, the municipal market suffered a significant sell-off due to concerns about the pandemic’s impact on state and local governments’ revenue streams. New issuance dried up, as did market liquidity. This initial sell-off was eventually tempered by cross-over buyers entering the market to take advantage of higher tax-equivalent yields and by other buyers who viewed municipals as a safer haven than the stock market. Credit became a greater focus for investors as they parsed the market to identify those issuers who were most likely to suffer significant negative economic impacts from the pandemic. But as buyers and liquidity have returned to the municipal market in recent months and tax-exempt yields have retreated to more “normal” levels, the intense credit focus has been partially offset by investors reaching for yield.
Households hold approximately 46% of all municipal debt. Households are also more likely to buy and hold securities. Increased demand and the retreat of yields to more “normal” levels helped to soften the impact of the market disruption on retail investors—unless they sold during the early stages of the pandemic. Notably, not all institutional investors have fared as well. Significant outflows from bond funds in March 2020 forced many to realize some losses within their portfolios.
Jody Scharf: The pandemic affected the market in many ways. The initial reaction was measured, but fear crept into the markets due to uncertainty and media hype—this happened quite rapidly. Spreads widened in credits such as airlines, hotels, convention centers, and in states whose economies housed directly-affected industries. The market as a whole got hit hard across the board. For example, the CDS (investment grade) index mid-February 2020 (pre-COVID) was 44, and by mid-March, it had ballooned to 151. It is currently around 54, so it is easy to see the dramatic decline as well as the comeback in the spread.
That comeback was largely the result of Fed moves to push interest rates to near zero, and also moves on quantitative easing as the Fed sought to buy a multitude of fixed income products in the open market.
From a macro standpoint, with rates being at historically low levels, the search for income/yield has become more difficult. Portfolio managers as well as financial advisors tend to reach for more yield and stress the risk threshold of clients beyond what their risk levels allow for. In general, this has been done by reaching for lower quality and longer maturities. This should be disclosed, of course, but very often it is not.
Further, the amount of BBB credits in the market is at an all-time high against the percentage of the fixed income market. For example, twenty years ago BBB credits were 20% (approximately) of the market. Today it is closer to 55%. That is an approximate number, but important to consider.
Q: What should we understand about the steps the federal government and the Federal Reserve took to address the market volatility?
Stanley Fortgang: Beginning almost immediately after the first cluster of cases developed in my hometown of New Rochelle, NY, the federal government—and, more importantly, the Federal Reserve Bank—took a series of actions in an attempt to calm markets and sooth investor fears.
These included: an $8.3 billion emergency aid package, a Federal Reserve-led $1.5 trillion liquidity program, cutting rates to zero and establishing credit facilities to smooth the functioning of commercial paper, corporate bonds and municipals.
When we look at financial markets since the end of March and beginning of April 2020, it is easy to forget how serious a financial problem the country was facing. In the days following the outbreak, equity markets fell approximately 30%. Discussion ensued about emergency measures, including rumors of market closures. Interest rates, already quite low, fell even further in a classic flight-to-quality scenario.
The rebound in asset prices since then is nothing short of remarkable, and while many factors obviously played a role, it is hard to overstate the importance of government action in calming financial markets down so quickly.
Stephen Behnke: On March 23, 2020, the Federal Reserve announced the creation of a Municipal Liquidity Facility from which public bodies could borrow, and a Primary and Secondary Corporate Credit Facility allowing the purchase of up to $750 billion in corporate bonds and ETFs. While only $12 billion of that money had been spent through July 2020, the program had a substantial influence on the market, allowing BBB corporate spreads which spiked to +433 bps in March (eventually narrowing to +260 bps today).
While only the State of Illinois has tapped the MLF to date, the safety net helped keep municipal yields near historic lows and allowed state and local governments to borrow in advance of anticipated declining revenues. The Fed’s action allowed corporations to issue record amounts of bonds. Through September 1, 2020, $1.9 trillion of corporate debt has come to market, providing companies with much needed liquidity.
As a result, yields throughout the curve have fallen since the Fed announcements, and the yield curve (Treasury 2-10) steepened only 47 bps, despite heavy supply and the future inflationary implications of monetary and fiscal stimulus measures.
Stanley Fortgang:Interestingly, debt markets have been remarkably stable through the 6-plus months of the crisis. This is mostly due to the realization that interest rates really have nowhere to go. Fed funds are at zero, ten-year treasuries have been stuck at 0.5%, and indices of public debt remain at low yields.
The backstops initiated by the Fed have given market participants the comfort to remain relatively calm, so while there have been short term hiccups in places like municipals, the overriding theme has been stability. This stability has led to increased debt issuance as issuers take advantage of an appetite for any yield being offered. They are happy to oblige and lock in attractive long-term borrowing rates.
The yield curve has had bouts of steepening as inflation fears occasionally hit the market, only to reverse each time as there remain absolutely no signs of inflation on the horizon. Over the long term this remains a concern, but that period just keeps extending further and further out.
Q: How have credit rating firms reacted to the market volatility and uncertainty?
Stephen Hoopes: During the initial months of the pandemic, the credit rating firms were slow to react as they appeared to be trying to gauge the depth and duration of the pandemic’s impact on the various sectors within the overall economy. Both Moody’s and S&P have since ramped up their reviews of those credits they deem to be most vulnerable to the pandemic. These include convention centers, stadiums, toll roads, public transportation, universities, hospitals, airports and entertainment venues.
They are also focusing on state and local governments that have high unfunded pension obligations and those that are particularly reliant on sales, income and hotel taxes. Through the middle of September 2020, Moody’s downgraded 125 of the approximately 12,000 municipal market issuers that they track. S&P is on roughly the same pace. The amount of work involved is staggering and is ongoing. A backlog in reviews will pose a significant credit risk, particularly for retail investors.
That said, the municipal market has historically had a very low default rate. The intense economic stress resulting from the pandemic could push a significantly larger number of municipal issuers to the brink of default if the federal government does not step in to provide additional significant aid to states and local governments. States cannot go bankrupt, but some, like Illinois, were already under tremendous financial stress prior to the pandemic. Issuers like those at-risk entities mentioned will all come under increasing risk of default if the pandemic persists well into 2021, as many experts predict.
Q: What is the risk of default in the coming months?
Stephen Hoopes: Many municipalities were under financial stress prior to the onset of the pandemic due to high debt burdens and large unfunded pension obligations. The pandemic has exacerbated these challenges with the economic shutdown, high unemployment and the costs of facing this medical crisis. Municipalities that are tourist destinations or who rely heavily on sales, hotel and income taxes will be hit hardest. Most will be hard pressed to tax their way out of the financial crisis due to the enormity of the issue.
Fortunately, most municipalities have a few additional tools available to them to relieve some of the financial stress. Many are pursuing taxable refinancings to extend the repayment of near-term debt to buy some financial flexibility and maximize liquidity. Others are cutting services, restructuring their overall operations and cutting staff. Some may consider the sale of certain assets. As a final resort, some municipalities, in states where it is allowed, may be forced to consider filing for Chapter 9 Bankruptcy.
The pandemic has created a serious financial burden for many local governments. Without significant additional assistance from the federal government, an increasing number of municipalities will be at risk of default or bankruptcy.
Q: What kind of litigation might we anticipate as a result of investor losses during this time?
Stephen Behnke: Despite the Fed’s actions, the risk of investor losses prompting litigation is substantial. The massive growth of corporate debt has been noted by market observers and the Fed for several years. At the end of 2019, corporate bonds outstanding topped $9.6 trillion, up 20% in 5 years. Over half of the corporate universe of bonds is now BBB rated up from 20% from 2001. Disturbingly, much of the proceeds were used to fund stock repurchase, and not re-invested into the business. Corporate debt has risen faster than earnings growth and thus companies’ ability to support their debt has declined.
Wall Street underwrote this massive supply of debt at historically low interest rates and despite deteriorating balance sheets. As a result, investors buying this debt saw the average credit rating of their portfolio holdings decline. Retail investors starved for current income were caught in the dilemma of buying lower-rated and longer-dated bonds to capture yield.
Rating agencies cut or put on watch the ratings of more than 20% of companies in March 2020, the fastest pace ever. Further downgrades would force many bond funds to realize losses per the terms of their prospectus. At the same time, credit defaults are likely to grow if the economic recovery falters.
Stanley Fortgang: I see the greatest litigation trigger point being, as it often is, volatility. In these types of markets where prices move dramatically from period to period, there will always be big losers and sometimes big winners. For better or worse, investors who lose money—usually by selling into a panic—will often turn to arbitration panels to “right” the “wrong” they believe has been done to them.
So far, the best strategy has been to hold on as financial assets have been resilient in the face of unprecedented events. Fed action has maintained stability over the longer term even as bouts of extreme volatility continue to occur. History shows that those negatively impacted by short term decisions that lead to losses will usually seek redress.
Pamela Peterson: Institutional investors are, by their very nature, sophisticated market players. (Per FINRA rules, in order to open an institutional account, they must satisfy certain “big-boy” criteria and actively affirm their sophistication and desire to make their own trading decisions.) These facts deprive them of the ability to assert claims arising out of investor suitability and limits their ability to assert claims related to product suitability, so long as a product’s features were adequately described, or the institutional investor had full access to books and records and senior management of an issuer. For these reasons, litigation from these investors is likely to focus on issues of actual fraud committed by issuers or placement agents. The strongest defenses issuers or sellers would assert may have to do with the inability to foresee the precise effects of the pandemic infection and uncertainty around the U.S. government’s response vis-à-vis the international community.
If an institutional investor operates under an Investment Policy Statement requiring that only investments above a certain rating can be held, a widespread decline in fixed income ratings may require a massive sell-off, a flight to quality. (Note: brokerage firms generally cannot accept the responsibility for keeping an account in compliance with an IPS unless all the investments are held at that firm. That’s extremely rare.) It’s hard to predict how this would play out—massive sell-offs typically mean that a seller is willing to accept lower and lower prices to get out of lower-rated investments. However, it’s unclear how the credit declines here could be blamed upon any action of broker-dealers or RIAs. Again, one needs to consider the specifics of each security, as well as what information was available to the institutional investor at the time of purchase, to see if there’s anything that can be litigated.
Q: Given the litigation risks you describe, what kind of counsel are you giving to your clients on investor risk during this time?
Pamela Peterson: As a veteran of the work-outs that followed the collapse of auction rate securities, one thing I can tell every municipal bond dealer to remember is: communicate, communicate, communicate. Nothing makes retail investors madder than radio silence from their brokers. Now is the time for every brokerage firm to push out general and specific risk disclosure to clients: credit risk for cash-strapped issuers; interest-rate risk if rates begin to trend sharply upwards in an uncertain political environment; and the unpalatable fact that “high yield” equals “high risk.” Given the longer holding periods for municipal bonds, your firm may or may not have communicated these ideas at the time of purchase but can communicate them now or reiterate them as you discuss whether to hold or sell these investments. Doing so can avert real trouble in potential litigation.
In addition, it is important to understand that municipal bonds come from about 33,000 issuers, and there’s simply no easy way to categorize them because of that very diversity. Dealers should be well aware of the backing for each issue and make that clear to buyers and holders. For example, airport bonds backed solely by passenger facility revenues have been heavily impacted by COVID-19 (almost nobody’s flying), but general obligation bonds for high-income communities are less affected (most managerial-level workers adapted well to work-from home). Similarly, an analysis could be completely different if comparing a revenue bond backed by a lockbox scheme. The point is: don’t generalize, know the actual credit structure, and make sure that your retail clients understand the advantages and/or disadvantages of each fixed income investment.
We are still in the middle of the pandemic and significant uncertainty remains. While macro moves will continue to guide discussion about the broader markets, investment risk remains tied to awareness about specific information on specific fixed income investments. We will continue to bring you insight from our experts on the broader market as well as investor risk, compliance and litigation.
For more information concerning Bates Group's Practices and services, please visit our expert search and practice area pages:
SEC Chair and Director of Enforcement Review the Record
In a likely preview of the SEC Division of Enforcement 2020 Annual Report, SEC Chair Jay Clayton and Division of Enforcement Director Stephanie Avakian gave back-to-back speeches regarding the agency’s enforcement record since they took the reins in 2017. In context, these speeches presented a strong accounting of the impact the Division has had on the financial industry during their tenure. The remarks, delivered last month to the Institute for Law and Economics at the University of Pennsylvania Law School, also raised some of the important challenges to the SEC’s enforcement priorities presented by COVID-19. Here are the highlights from their speeches.
Avakian Paints the Big Picture, Shares the Numbers
Director Avakian described the Division’s key goals as investigating and recommending impactful cases that serve to protect investors, and continuing efforts to adapt to market and technological developments in order to operate effectively and efficiently.
During Chair Clayton’s tenure, she reported, the Division brought over 2,500 enforcement actions, received $14 billion ($4.3 billion in 2019, the highest on record) in financial remedies, returned over $3.3 billion to harmed retail investors, and distributed more than $350 million to whistleblowers.
Ms. Avakian described cases brought by the Division in traditional enforcement areas, highlighting the use of innovative data analysis to support investigations and actions. She named a host of financial and issuer fraud cases, key insider trading cases, Foreign Corrupt Practices Act violations, cases involving improper financial reporting disclosure (“involving virtually all aspects of the financial reporting process”), Ponzi schemes, and cases where the Division went after suitability violations by broker-dealers. She also discussed cases brought by the Division that involve complex non-traditional matters and those that implicate market integrity—such as potential fraud in initial coin offerings—and innovative remedies to address misconduct. Further, Director Avakian said the Division sought to “deter wrongdoing by holding individuals accountable.” She stated that in roughly 70% of cases, they had “pursued charges against individuals for misconduct,…including registered individuals, executives at all levels of the corporate hierarchy, including CEOs, CFOs and other high-ranking executives, as well as gatekeepers such as accountants, auditors, and attorneys.”
In continuing to focus on large public companies and financial institutions, Ms. Avakian emphasized the introduction of new approaches to protect retail customers and to further enhance the efficiency and effectiveness of the enforcement program. These include streamlining investigations through targeted requests, better communication with respondents around the benefits of cooperation, and targeted initiatives.
As to the most successful targeted initiatives, Ms. Avakian highlighted the Share Class Selection Disclosure Initiative, a self-reporting program “focused on the recurring problem of advisers failing to disclose conflicts of interest associated with the selection of fee-paying mutual fund share classes.” She reported that “the initiative resulted in the SEC ordering nearly 100 investment advisory firms that voluntarily self-reported to the Division to return nearly $140 million to investors.” (See also Bates reporting on the Share Class Disclosure Initiative.) Ms. Avakian also noted initiatives that addressed conduct affecting vulnerable investor groups (e.g., Teachers’ and Veterans’ Initiatives) and efforts to better reward whistleblowers, and she commended the Enforcement Division and the SEC's Office of Compliance, Inspections and Examinations for their cooperation on additional efforts to improve efficiency and effectiveness.
Ms. Avakian described the unique circumstances of managing the operations of the Division and discussed at length the Division’s response to "substantial, unexpected challenges" to Chair Clayton’s announced priorities. She cited several Supreme Court cases that negatively affected the Division's enforcement powers (see Bates summary coverage regarding Lucia v. SEC and Kokesh v. SEC) in addition to the challenges of operating during the COVID-19 pandemic. (Since mid-March, the Commission “filed more than 325 new [regular] enforcement actions.”) Ms. Avakian also noted that during the relevant period, the Division opened nearly 150 COVID-related inquiries or investigations.
Chair Clayton Reviews Enforcement Record
In his address, Chair Clayton highlighted the success of the Enforcement Division in bringing meaningful cases to the Commission that had “a substantial impact on investors and the integrity of our markets.” He assessed the oversight, management and performance of the Division against several guiding principles. These included whether the actions (i) rectified harm to retail investors by returning money as "promptly as practicable;" (ii) worked to eliminate widespread fraud; and (iii) strengthened the "integrity and fairness" of the capital markets.
Chair Clayton offered examples of the Division’s work that satisfied these objectives. He noted the SEC’s Retail Task Force for its successful initiatives on Share Class Selection Disclosure and on Teacher and Veteran protections. He underscored the work of the Division in the area of Initial Coin Offerings, pointing out that the subject matter lent itself “to fraud, speculation and widespread harm,” and that the Division responded to these challenges by “issuing an investigative report confirming the application of the securities laws to the use of blockchain or distributed ledger technology to facilitate capital raising and to offers and sales of digital assets that are securities.” He contended that through a series of additional “measured yet timely actions” and the “creation of the Cyber Unit,” the Division “restored order, while leaving room for distributed ledger and other technologies to drive cost savings and innovation.”
Chair Clayton also commended the Division for its efforts during COVID-19, including (i) trading suspensions and enforcement actions against companies that were engaging in fraud (e.g., companies offering preferred access to personal protective equipment and COVID-19 tests) and other COVID-19 related claims; (ii) guidance reminding market participants about corporate controls and procedures; and (iii) the promotion of good corporate governance to ensure compliance, market integrity and investor confidence. Mr. Clayton also noted the important role the Enforcement Division played in the crafting of Regulation Best Interest, “with the interests of Main Street investors front of mind.”
Chair Clayton concluded that, based on the guiding principles, the Division was extraordinarily successful during his tenure (giving it a 12 on a scale of 10), and that, despite the challenges—including judicial limitations on SEC authority, a government shutdown and a pandemic, the Division achieved meaningful and impressive results for retail investors through a “powerful combination of deference, cooperation and support.”
The record is undeniably impressive. At the start of their tenure, it would have been impossible for Chair Clayton and Director Avakian and former Enforcement Co-Director Steven Pieken (who left the agency on August 14, 2020) to have anticipated the many unexpected challenges they were about to encounter. That they managed the operations and processes throughout, while keeping their eyes on a determined pre-pandemic agenda is commendable. It will be interesting to revisit these achievements in December, when the Division’s 2020 Annual Report is released. We will continue to keep you apprised.
For more information about Bates Group’s Regulatory and Investigations practice, please reach out to Alex Russell, Managing Director, White Collar, Regulatory and Internal Investigations at email@example.com.
Upcoming Webinar: REG BI – 120 Days On. Where are we now?
Reg BI's implementation occurred on June 30, 2020 and 120 days on, Global Relay and Bates Compliance experts will assess the impact on the industry thus far.
Join our webinar to hear expert opinions from our panel of regulatory specialists:
Donald McElligott, VP Compliance, Global Relay
Hank Sanchez, Managing Director, Bates Compliance
Robert Lavigne, Managing Director, Bates Compliance
Date: Wednesday, October 28, 2020 Time: 11:00 AM Pacific / 2:00 PM Eastern Duration: 45 Minutes
You will learn:
What has happened since REG BI came into effect
How it has impacted the technology side of business
Important Takeaways from SIFMA-Bates Virtual Branch Office Compliance Visits Webinar
On Monday, October 5, 2020, nearly 700 Compliance, Supervision, Risk, Legal and Regulatory experts and professionals tuned in to a panel discussion covering virtual branch office inspections and the challenges facing regulators and industry supervision and compliance teams. The webinar, jointly organized by Bates Compliance and SIFMA, reviewed the current requirements and status of branch office inspections, recent regulatory relief, and compliance expectations for on-site inspection requirements going forward. The featured speakers included:
Led by Sidley Austin partner Paul Tyrrell, the panelists discussed the dramatically altered environment since on-site compliance and regulatory inspections ceased in March 2020 due to the pandemic. Bates Compliance’s Jill Ehret described the significant impact on firm compliance based on differences in firm size, the number of home offices, the sufficiency of technology, and the necessity of new practices and protocols to mitigate risk. SIFMA’s Kevin Zambrowicz mentioned that most branch offices are closed or are providing very limited or no onsite client services, and that so far firms are taking a conservative approach to reopening. He said that many firms are doing what they can to do inspections remotely—for most firms, “the policy…is that corporate travel is restricted,”—and are relying on technology instead of an on-site examination component. Wells Fargo’s Lou Moschetta expects no on-site inspections for an extended period—“possibly 2nd quarter next year.”
The panelists generally agreed that the FINRA relief that extended the 2020 exam cycle through Q1 2021 was necessary, but that the extension is not long enough to complete the 2020 cycle. Zambrowicz expressed concern about the ripple effects of such a time frame for the 2021 inspection cycle, anticipating going in the direction of extended relief and remote inspections for both 2020 and 2021. Cetera Financial Group’s Joseph Neary stated that the current 2020 and 2021 deadlines are “unrealistic.” LPL Financial’s John O’Neill said that his firm has thousands of locations; as a result, they are “focusing on how to triage which branches we can get to by March 2021,” and are employing risk-based approaches to prioritize offices within a three-year cycle.
Reopening (Hypothetically Speaking)
Zambrowicz discussed efforts to address the “practicalities” of a return to onsite inspections amid re-openings, describing such a process as “exceedingly complicated.” He explained a firm’s duty to have a supervisory system in place, but noted the logistics involved for a firm staffer to visit a location in this environment, including state- and even county-level travel restrictions and the testing and quarantining around even a single visit. He stated that, without even “considering the health concerns of the examiner,” the logistics of the process were “not feasible.” He advocated for the use of remote supervision using existing technology, an approach which has already been embraced by certain regulators who have recognized the need and capability to go remote.
Moschetta furthered the point, saying that a big management concern is the volume of advisers operating from remote locations. “How many will continue to work from home? Could be thousands… No answer to that yet.”
FINRA’s Joseph Sheirer highlighted the temporary relief provided to firms from having to register locations as non-branch offices, saying, “we’ve given a pass on registering these locations, recognizing the challenges of on-site inspections.” He stated that FINRA is facing the same challenges as the industry and that unless there was a customer harm, or a threat to market integrity, the inspections that have been conducted have been all remote: “We are as virtual as you can get.” He noted that includes remote examinations, branch office visits and enforcement programs, and said that, to date, even “on-the-record” testimony has been handled remotely.
Learning How to Adapt
Bates Compliance’s Ehret described how firms are adapting to current conditions. She said that although the focus has been on the rules and the inspections, “we should be thinking more about the review element,” which does not need to be on site. The more off-site preparation completed during the review phase, the less burden there is on the on-site element. Ehret said that firms are also thinking about other practical changes to (i) address travel limitations, including, for example, using supervisors who are closest in proximity to do onsite reviews, (ii) strengthen pre-visit questionnaires, and (iii) conduct virtual interviews.
FINRA’s Sheirer highlighted the value of recent regulatory notices on remote supervision. The guidance emphasized using a risk-based approach and sharing industry best practices. He agreed that firms should consider and document changes to protocols and practices, including using new communications platforms and enhancements to virtual monitoring and supervision.
Zambrowicz said there were numerous examples of different regulators (e.g., CFTC, NFA) allowing virtual solutions to satisfy on-site requirements. Moderator Tyrrell added that recent interpretive guidance from the NFA represents an “important marker” to that end. Sheirer cautioned that while FINRA is considering making certain relief permanent, “there are still things that benefit from an on-site,” such as the ability to see space sharing that may present conflicts of interest, outside business activities, body language, and the like. Like Ehret, he focused on solutions that could enable off-site inspections, such as enhanced email review and monitoring.
Issues Pre-COVID (and Beyond)
Cetera’s Neary also emphasized pre-exam work, noting how his firm upped its requirements on electronic record keeping, email review, and centralized trading. LPL Financial’s O’Neill pointed out that the results of virtual reviews have been relatively “consistent” with pre-COVID reviews. O’Neill noted “an uptick of email use, which is good for our email review system,” .. O’Neill reiterated that “we’re not necessarily seeing a drop-off in quality or anything… So, we’re trying to look at our program and say, ‘how we can make some of this permanent?’”
Similarly, Moschetta said his firm was seeing the same sort of findings in substance and volume as those found in pre-pandemic on-site review. He said that existing and new technology processes and enhancements generally discover items such as outside business activities, private securities transactions and unreported complaints. Further, he said, the new efforts are helping their partners cope in the field know what to expect and to deliver.
Ehret noted some additional benefits. She said new technology is enabling “look backs, specialized reviews for outside business activities, identification of red flags on social media, and more documentation on office activities that are now subject to additional firm reporting.”
All Roads Lead to Virtual Supervision and Inspections
SIFMA’s Zambrowicz stated the consensus position that the evolution of technology is mitigating the need “to actually be there” and that firms should use the lessons from the current environment to recognize “the opportunities.” He said that “it is a logical next step to go virtual and that the pandemic brought to a head the natural and technological evolution of virtual supervision and inspections.”
Bates Compliance’s Ehret reiterated that most of the work required for an inspection is done prior to an on-site inspection: “The heavy lifting has already been done in review.” The way clients are currently working with their advisers is the way of the future.
For more information or further questions about this program or Bates Compliance's services, please contact David Birnbaum, Managing Director, at firstname.lastname@example.org or call 917-273-2682.
About Bates Compliance:
Jill Ehret is a Bates Compliance Director based in St. Louis, MO. Ms. Ehret is a seasoned securities industry professional with over 19 years of experience bringing practical, application-based insight and approaches to broker-dealer and registered investment advisor compliance departments and issues.
Bates Compliance’s consulting practice delivers guidance and tailored compliance solutions to our broker-dealer, investment adviser and hybrid firm clients on an as-needed or ongoing basis. Our team—made up of experienced senior compliance, legal and former regulatory professionals—drafts and tests policies, procedures, and supervisory and compliance processes, recommending and implementing changes based on leading practices to enhance compliance and supervisory systems and to remediate regulatory, litigation and internal audit findings. With nearly four decades of working with leading law firms, financial services companies and regulatory bodies, Bates provides support every step of the way.
FinCen Focus: Customer Due Diligence with Banking Agencies, SARs Warnings and BSA Enforcement
Just a few weeks ago, Bates highlighted a series of Financial Crimes Enforcement Network (FinCEN) compliance communications. They included new FAQs on general requirements under the customer due diligence rule (CDD) and alerts regarding cyber-enabled financial crime and scams involving fraudulent payments denominated in convertible virtual currencies.
Since then, FinCEN has issued several important public statements. First, it joined the Federal Reserve Board, the Federal Deposit Insurance Corporation, the National Credit Union Administration, and the Office of the Comptroller of the Currency (hereafter, the “Agencies”) in clarifying specific Bank Secrecy Act/Anti-Money Laundering (BSA/AML) due diligence requirements for customers who may be considered “politically exposed persons” (PEPs). Second, FinCEN issued a stern warning to the media and others about the publication of unlawfully disclosed information contained in suspicious activity reports (SARs). Third, FinCEN published guidelines on how it approaches enforcement of the BSA. These enforcement guidelines provide firms with insight into how FinCEN determines an “appropriate” response to violations of the statute. The FinCEN guidance comes on the heels of an updated joint statement on BSA/AML enforcement issued less than a week earlier by the Agencies. Here’s a recap.
CDD REQUIREMENTS ON PEPS
On August 21, 2020, FinCEN and the Agencies issued a statement on the BSA CDD requirements for “politically exposed persons”—a term of art used to describe foreign public officials, their family members or close associates. According to the agencies, these PEPs present a higher risk to financial institutions that their assets may contain the “proceeds of corruption or other illicit activity.”
The Agencies’ statement highlights a financial institution’s obligation to identify and report the suspicious activity of PEPs, particularly transactions that may involve the proceeds from corruption, bribery and money laundering. Consistent with the FAQs issued a few weeks ago, the Agencies clarify that the CDD rule does not create any new requirement or supervisory expectation for customers who are considered PEPs. They reiterate that under the CDD rule, banks must adopt appropriate due diligence procedures and assess the specific PEP relationship under specific facts and circumstances in order to determine the level of risk that may be present. For PEPs, financial institutions should consider assessing the types of services provided, the nature of the transactions, “geographies associated with the customer’s activity and domicile,” the PEP’s authority over government officials and access to government funds.
FINCEN WARNINGS ON PUBLICATION OF SARS
On September 1, 2020, FinCEN issued a short but stern warning about the unlawful disclosure of the contents of SARs. Stating that it was aware of media outlets that intended to publish articles based on such information, FinCEN reiterated that any unauthorized disclosure is a crime prohibited by the BSA which can “compromise law enforcement investigations, and threaten the safety and security of the institutions and individuals who file such reports.” Civil and criminal penalties can be substantial ($100,000 per incident for the former, and up to $250,000 and five years imprisonment for the latter). FinCEN stated that it has referred the information it has obtained to the U.S. Department of Justice and the Treasury Department’s Inspector General.
FINCEN ISSUES ENFORCEMENT GUIDELINES
In a statement issued on August 18, 2020, FinCEN detailed its approach to enforcement of actual or possible violations of the BSA.
The statement affirmed FinCEN’s authority as “administrator of the BSA” with “overall authority for enforcement and compliance.” FinCEN described the scope of its authority stating that it “may take enforcement actions, to include imposing civil money penalties on financial institutions, nonfinancial trades or businesses, and other persons that violate the BSA,” and to impose “civil money penalties on partners, directors, officers, or employees who participate in these violations. In this capacity, FinCEN said it has the authority to conduct examinations and to rely on examinations from other “federal functional regulators” under the BSA framework, but would “not treat noncompliance with a standard of conduct announced solely in a guidance document as itself a violation of law.”
In its statement, FinCEN identified the actions it might take to respond to various violations, including (i) closing a matter with no additional action; (ii) issuing a warning letter (e.g., on supervision); (iii) seeking an injunction or equitable relief to enforce compliance if it suspects a violation; (iv) requiring remedial obligations in a settlement; (v) assessing a civil money penalty; and (vi) referring a case for criminal investigation or prosecution.
FinCEN also described numerous factors it uses when evaluating the disposition of a case involving compliance with specific BSA requirements (e.g., registration, recordkeeping and reporting) or the “adequacy” of a financial institution’s AML program requirements (e.g., internal controls, trainings, testing). These factors include (i) the nature and seriousness of the violation; (ii) the impact of the violation on FinCEN’s efforts to carry out its mission, including to combat money laundering; (iii) the pervasiveness of the violation within the organization; (iv) prior history; (v) the extent of any financial gain; (vi) action taken by the institution upon discovery of the violation; (vii) timely disclosure of the violations to FinCEN; (viii) any cooperation with FinCEN and other authorities; (ix) the systemic nature of the violations; and (x) enforcement efforts by other agencies on related activity.
AGENCIES ISSUE GUIDANCE ON BSA/AML ENFORCEMENT
FinCEN’s statement came less than a week after the other Agencies issued joint guidance on when they may exercise their discretion “to issue formal or informal enforcement actions or use other supervisory actions to address BSA-related violations or unsafe or unsound banking practices or other deficiencies.”
On August 13, 2020, the Agencies set forth their enforcement policy, which is anchored in legal requirements that mandate that each Agency prescribe regulations that require insured depository institutions to “establish and maintain procedures reasonably designed to assure and monitor the institution's compliance” with the BSA and to enforce those requirements. The statement reviewed the Agencies’ approach to these obligations, ensuring that financial institution programs include the four original required components (pillars) for compliance programs: internal controls, independent testing, a designated BSA compliance officer, and staff training. The updated guidance now includes a fifth component for compliance programs (risk-based procedures for conducting customer due diligence) which was added by the CDD rule. (See prior Bates coverage here.)
The joint statement details the obligations under this fifth pillar including the requirement that an institution maintain a “Customer Identification Program” with risk-based procedures that enable the institution to form a reasonable belief that it knows the true identity of its customers.” This includes, among other elements, understanding the customer relationship in order to develop a customer risk profile, conducting monitoring, reporting suspicious transactions, and updating customer information regarding beneficial ownership. The statement also clarifies that, for the purposes of issuing mandatory cease and desist orders, the Agencies would evaluate BSA reporting and recordkeeping requirements, as well as CDD requirements, as a part of the internal controls component of the compliance program.
Generally, the Agencies stated that an enforcement action would be initiated for (i) failing to have a written BSA/AML compliance program that adequately covers the program pillars; (ii) failing to implement an adequate BSA/AML program and (iii) having defects in one or more program components. The Agencies highlighted specific types of institutional actions that might trigger an enforcement order. These include (i) rapidly expanding relationships with foreign affiliates or third parties without proper controls; (ii) failing to identify risks relating to money laundering or other illicit financial transactions; (iii) an inadequate system of internal controls to confirm customers' identities; (iv) failure to resolve independent testing deficiencies; (v) inadequate training; and (vi) failure to address a previously reported deficiency, among others.
These are important official statements on enforcement practice, procedure and priority. They are also an important indication of how the CDD Rule has affected the regulatory framework. For financial institutions facing possible enforcement action, FinCEN and the banking agencies have provided insight into their deliberations and perspective. Bates will continue to keep you apprised.
To discuss this article and/or learn more how Bates can help you navigate BSA/AML issues, please contact:
NASAA Rounds Out Busy Summer with Active Policy and Enforcement Agenda
The North American Securities Administrators Association (“NASAA”) continues to assert its member states’ interests in fighting for and protecting investors and consumers in the financial markets. Here we have assembled a roundup of recent NASAA actions on enforcement, model legislation and regulatory policy, as well as what to expect going forward.
ENFORCEMENT: PANDEMIC TASK FORCE RESULTS
NASAA announced that, as a result of a coordinated COVID-19 initiative, its enforcement task force disrupted 220 pandemic-related schemes to defraud investors and consumers as of August 19, 2020. The task force uses online investigative techniques to identify websites and social media posts that may be promoting investment fraud, fraudulent offerings or improper, unregistered regulated activities.
NASAA member regulators brought administrative actions, filed cease-and-desist orders, and made referrals to other regulators (and hosting companies) on 154 investment-related and 90 non-investment-related schemes. According to the NASAA task force web page, the pandemic-related schemes are characterized as inducements that (i) prey on fear and anxiety; (ii) promote safety amid uncertainty; (iii) involve cryptocurrencies or cryptocurrency-related investment products, foreign exchange (“forex”) products, or “products generally unfamiliar to inexperienced retail investors”; and (iv) promise monthly payments that would appeal to cash-strapped investors, often referring to returns as “passive income” or “cash flow.”
STATE LEGISLATIVE EFFORTS: NEW MODEL ACT ON WHISTLEBLOWERS
On August 31, 2020, NASAA adopted a new model act “to protect whistleblower confidentiality, prohibit retaliation by an employer against a whistleblower, and create a cause of action and provide relief for whistleblowers retaliated against by their employer.” The model act is intended to “help states provide a safe environment for individuals to come forward to report suspected wrongful securities practices to state securities regulators.” NASAA also highlighted that the Act provides a state’s securities regulator with the authority to make monetary awards to whistleblowers based on the amount of monetary sanctions collected in an administrative or judicial action, up to 30 percent of the amount recovered. Like other NASAA model legislation, the whistleblower act serves as a template for consideration and adoption through legislation or regulation by member jurisdictions.
STATE LEGISLATIVE EFFORTS: PROPOSED STATE RESTITUTION FUNDS FOR VICTIMS OF SECURITIES FRAUD
On July 1, 2020, NASAA proposed a model act for member jurisdictions to create a restitution fund for victims of securities law violations who were awarded restitution but who have not received full payment. Among other elements, the proposed Act would (i) establish a securities restitution assistance fund within the jurisdiction; (ii) provide examples of funding sources for jurisdictions to consider; (iii) establish eligibility and application processes for restitution assistance; (iv) set limitations on restitution assistance awards; (v) provide that the jurisdiction is entitled to a lien in the amount of the restitution award on recovery; and (vi) grant the jurisdiction rulemaking authority to carry out the purposes of the program. Public comments are now being reviewed for amendments prior to consideration and adoption by the members (likely in September).
REGULATORY POLICY: CHALLENGE TO SEC “ACCREDITED INVESTOR” DEFINITION
In a strongly worded statement, NASAA Past President Christopher W. Gerold expressed disappointment with the SEC for adopting an amendment expanding the definition of “accredited investor” under federal private fund regulations. The SEC recently revised the definition in order to increase the number of sophisticated investors that will have access to private investments. (See Bates Complinance Alert here.)
Mr. Gerold responded to the SEC’s deregulatory move, saying it showed “little regard for the potential adverse effects on investors and the public markets,” and that it “squandered an opportunity to … address long overdue changes to the wealth and income standards defining accredited investors.” He said that “the failure to index these standards to account for inflation has eroded the investor protections they were designed to provide,” and that the Commission “failed to protect seniors or other vulnerable investors from the inherent risks associated with the lack of transparency and liquidity that exists in the private securities marketplace.”
REGULATORY POLICY: OPPOSITION TO DOL INVESTMENT ADVICE PROPOSAL
In a comment letter dated August 6, 2020, NASAA opposed the Department of Labor (“DOL”)’s rule proposal on investment advice for retirement accounts under the Employee Retirement Income Security Act (“ERISA”) and the Internal Revenue Code (“the Code”). (See Bates coverage of the proposal here.) The proposal would (i) create a new “prohibited transaction class exemption” for investment advice that would allow financial institutions and investment adviser fiduciaries to receive compensation that would otherwise be prohibited under ERISA law; (ii) reinstate a five-part test for defining investment advice; and (iii) make changes to a pre-existing prohibited transaction class exemptions consistent with a 2018 Court Order vacating the DOL’s fiduciary duty rule.
In its comment, NASAA encouraged the DOL to rescind the proposal for jeopardizing the security of retirement investors, stating that “taken together, the various aspects of the Proposal will create outcomes that are the opposite of the fiduciary protections that retirement investors deserve, and that Congress intended under ERISA.” Specifically, NASAA argued that under the proposal (i) retirement savers will be misled into believing that the advice they receive adheres to fiduciary standards; (ii) investment professionals will “remain free to offer conflicted, self-interested advice”; (iii) investment professionals could decide to limit their advice to “limited scope transactions” (like rollovers), which could be characterized as discrete and not subject to appropriate scrutiny under the five part test; (iv) the investor will not have any new means to seek relief; and, generally, (v) standards of care will be distorted “through complicated tests, permissive disclosure arrangements, and self-determined controls.”
Should the proposal not be rescinded, NASAA recommends that it should be amended to simplify the five-part test and eliminate harmful loopholes. Specifically, NASAA contends that the DOL “should make clear that providing investment advice regarding rollovers is always a fiduciary act”; tighten the standards on advice concerning “sales contests, proprietary products, and limited product menus”; and strengthen and clarify requirements for minimum disclosure to investors.
REGULATORY POLICY: NASAA SUBMITS ANOTHER ROUND OF COMMENTS ON FINRA PROPOSAL ON BENEFICIARY ARRANGEMENTS
As described in a previous Bates post, NASAA urged FINRA to strengthen a rule proposal that would create a national standard to protect seniors by requiring member firms to review and approve—in writing—an associated registered person being named a beneficiary, executor or trustee, or to hold a power of attorney on behalf of a customer. On July 30, 2020, NASAA filed a letter asking for reconsideration of its prior comment recommendations on FINRA proposed Rule 3241, which it said is “of particular interest to NASAA and its members for its implications for investor protection, particularly for seniors and persons with diminished capacities.”
In its latest submission, NASAA asserted that (i) “registered persons should be prohibited from being named as beneficiaries or appointed to positions of trust by any customers other than immediate family members”; (ii) registered persons serving in a customer beneficiary and trust position arrangement—even if they are family members—should be required to get written approval from their firms and be subject to clear disclosure requirements; (iii) FINRA should be required to “create clear standards by establishing a baseline of information that registered persons are required to provide, and more specific guidance on considerations for firm approval”; and (iv) any accounts under these proposed arrangements should be subject to heightened supervision.
NOTABLE: REPORT ON FINANCIAL PROFESSIONALS WITH DIMINISHED CAPACITY
On July 21, 2020, NASAA published a special report on diminished capacity and cognitive impairment that may affect financial professionals. Though the NASAA working group that authored the report could not determine how many professionals were affected, they noted the aging population of the industry and other concerns including alcohol and substance abuse that could impair judgment. The working group described many compliance areas that are implicated. These include issues related to standards of conduct, supervision, books and records, continuing education and fraud. The working group also assessed a variety of “methods and resources” used by firms to address these sensitive situations, highlighting their efforts at training in succession planning and recognizing red flags.
CONCLUSION - LOOKING FORWARD
NASAA’s significant summer activities under the leadership of Past President Christopher W. Gerold continue to demonstrate the association’s critical and assertive role in state legislation, federal and state regulatory policy and enforcement related to the financial markets. As the association transitions its leadership to President Lisa A. Hopkins (West Virginia’s Senior Deputy Securities Commissioner), we can expect continued emphasis on addressing the coronavirus pandemic and its impact on regulators, industry and investors through a new NASAA Crisis Planning and Recovery Committee announced by Hopkins, and a focus on exempt offerings and diversity, equity, inclusion and advocacy. Bates will continue to keep you apprised.
Bates Group has been a trusted partner to financial services firms and counsel for over 30 years, providing end-to-end solutions on legal, regulatory and compliance matters. Through our professional staff and roster of over 165 industry experts and consultants, Bates offers services in litigation consultation and testimony, regulatory and internal investigations, compliance, financial crimes, forensic accounting and damages consulting.
New FinCen Guidance on the CDD Rule, Cyber Fraud and Virtual Currency Scams Exploiting Twitter
Over the past several weeks, the Financial Crimes Enforcement Network (FinCEN) has issued new guidance on customer due diligence requirements, an advisory on cyber-enabled financial crime and an alert concerning scams involving fraudulent payments denominated in convertible virtual currency. These are significant compliance communications for financial institutions and come on the heels of FinCEN’s recent alerts on imposter fraud and money mule schemes (see previous Bates coverage). Here’s what you need to know.
New FAQs on Customer Due Diligence
The CDD Rule, which went into effect in 2018, requires covered financial institutions to develop procedures to identify and verify a customer’s beneficial owners when an account is opened, and to establish risk-based procedures for conducting ongoing due diligence. (FinCEN provides an active topic page on the subject which includes links to exemptive relief rulings and the latest regulatory FAQs.) On August 3, 2020, FinCEN issued new responses to FAQs concerning obligations “related to obtaining customer information, establishing a customer risk profile, and performing ongoing monitoring of the customer relationship.” The core message in this guidance is a reaffirmation that financial institutions must tailor their CDD program around customer risk.
On questions about the collection of customer information, FinCEN responded that the CDD Rule “does not categorically require” the collection of any particular information other than developing a customer risk profile, monitoring, and collecting beneficial ownership information. FinCEN emphasized that the collection of information is directly related to the level of risk, (i.e., where the customer’s risk profile is low, the collection of any specific information may not be necessary in order to understand the customer relationship.)
FinCEN reiterated that the CDD rule requires covered financial institutions to “establish policies, procedures, and processes for determining whether and when, on the basis of risk, to update customer information to ensure that customer information is current and accurate.” Consequently, while the rule does not require specific due diligence, media searches, or the collection of information concerning certain underlying transactions (e.g., identifying information on a “customer’s customer”), the level of risk determines the appropriate level of information that needs to be collected, which, ultimately, would help to alert a financial institution as to suspicious transactions.
Similarly, FinCEN noted that the CDD rule “does not prescribe risk profile categories, and [that] the number and detail of these categories can vary.” FinCEN’s broader guidance is that financial institutions should understand the types of financial crime risks that are consistent with the customer risk profile and that “any program for determining customer risk profiles should be sufficiently detailed to distinguish between significant variations in the risks of its customers.”
Concerning specific schedules for ongoing customer relationship monitoring, FinCEN relayed that there is “no categorical requirement that financial institutions update customer information on a continuous or periodic schedule.” While the specifics of a monitoring program are also based on risk, FinCEN said that a covered financial institution must update customer information as is relevant to assessing that risk and in order to “reassess the customer risk profile/rating.”
New Advisory on Cyber-Enabled Crime
Only a few weeks after FinCEN cautioned institutions about a rise in money mule schemes and imposter frauds that attempt to con investors and other consumers into deceptive transactions, FinCEN issued a new warning alerting financial institutions to indicators of COVID-19-related cyber scams. The advisory reviews “the means by which cybercriminals and malicious state actors” exploit the pandemic through malware, phishing schemes, extortion, business email compromise fraud, and exploitation of remote applications, especially against financial and healthcare systems. The advisory is based on data analysis of suspicious activity reports and law enforcement and other public reports. It describes risks and red flags for financial institutions to protect customers and legitimate COVID-19 relief efforts.
In the advisory, FinCEN identifies numerous red flag indicators and warns financial institutions to guard against:
potential vulnerabilities of remote applications and in virtual environments (including potential manipulation of online verification processes and compromised login credentials across customer accounts) that can jeopardize private information, compromise financial activity and disrupt business operations;
schemes targeting health care and pharmaceutical providers that seek the collection of personal and financial data (through malware, ransomware, phishing schemes and extortion);
schemes targeting municipalities and the health care industry supply chain that attempt to modify or redirect payments to new accounts (“business email compromise” (BEC) fraud schemes).
FinCEN relayed that financial institutions should consider these indicators in context given “the surrounding facts and circumstances, such as a customer’s historical financial activity, whether the transactions are in line with prevailing business practices, and whether the customer exhibits multiple indicators, before determining if a transaction is suspicious or otherwise indicative of potential fraudulent COVID-19-related activities.”
FinCEN advised financial institutions to use specific language on SARs reports and to reference (in specific fields) these COVID-19 related schemes where the circumstances or subject matter matches.
New Alert on Convertible Virtual Currency Scams
In an alert issued in late July, FinCEN addressed concerns raised by a highly public incident exploiting Twitter accounts. The scheme involved the compromise of the Twitter accounts of public figures and organizations in order to solicit fraudulent payments denominated in convertible virtual currency (CVC). The fraudsters claimed that any CVC “sent to a wallet address would be doubled and returned to the sender.”
The Twitter advisory references a prior FinCEN alert on illicit activity involving CVCs and adds to the broader concern about identifying bad actors seeking to exploit CVCs “for money laundering, sanctions evasion, and other illicit financing purposes” (e.g., those involving darknet marketplaces, peer-to peer exchangers, foreign-located Money Service Businesses, and CVC kiosks.) Together, these warnings paint a daunting picture of the finance vulnerabilities posed by virtual currencies.
In the Twitter alert, FinCEN identifies several indicators to help detect, prevent, and report potential suspicious activity related to social media posts. Among others, these include solicitations from individuals or organizations where there is no prior existing business relationship (like from celebrities or public figures) and solicitations requesting donations where the solicitor is not affiliated with a reputable organization.
FinCEN has had a busy summer. The agency has now warned financial institutions to be on alert for a host of threats, from simple to highly sophisticated fraud and malicious activity. The advisory on increased vulnerabilities resulting from operating during the pandemic reminds us how quickly circumstances can turn into opportunities for bad actors and how alert compliance teams must be to keep up. The advisory on virtual currency risk is an indication that there is much more work needed to protect clients in the virtual markets. Finally, FinCEN’s additional CDD Rule guidance highlights how risk-based frameworks require constant tuning in order for compliance professionals to be able to execute the practical details of their programs.
In the meantime, expect FinCEN to keep issuing these advisories. Bates Group will keep you apprised.
FINRA Roundup: Guidance on Private Placements, Digital Assets, Virtual Hearings, and Proposals
Since our last regulatory update on the adoption of FINRA’s proposal to align its suitability and non-cash compensation rules with Regulation Best Interest (“Reg BI”), the self-regulatory organization issued guidance on private placement communications, recommended that firms provide information to them on digital assets, and proposed a series of new rule changes. Bates examines the details of FINRA’s updated guidance.
Guidance on Private Placement Communications
FINRA issued guidance for members who market private placements to retail investors. Private placements are non-public securities offerings that fall within specific exemptions (Reg D) from SEC registration.
FINRA reported on SEC data showing that issuers make nearly 20,000 Reg D exemption filings each year, of which nearly “4,000 new offerings identify an ‘intermediary,’ such as a broker or finder, as participating.” FINRA requires that members participating in private placements file offering documents (Rules 5122 and 5223), with an estimated 2,000 such filings received each year. FINRA acknowledged the 50% difference between the two regulators and narrowed its guidance to “the subset of private placements marketed by member firms.” Within that subset, FINRA observed that more than 40% of the placements are subject to its rules on retail communications (Rule 2210 - Communications with the Public). FINRA noted that member firms are “increasingly involved in the distribution of private placements” through online platforms and digital advertisements, suggesting that more members will be subject to FINRA communications requirements.
FINRA’s rule requires that communications from member firms must be (i) fair and not contain false, misleading or promissory statements or claims; (ii) disclose the potential risks as well as rewards associated with the investments; (iii) be accurate and (iv) offer a “sound basis to evaluate the facts” about the product. The rule also requires that a registered principal approve each communication.
FINRA observed firm deficiencies in compliance with the communications rule. Specifically, FINRA said that firm communications often fail to balance claims of the benefits of these securities with the potential risks such as their “lack of liquidity” or their “speculative nature.” Other observed communications contained “false, misleading, or promissory statements or claims such as assertions about the likelihood of a future public offering, claims about the future success of the issuer’s business model, inaccurate or misleading assertions concerning the relative risk of the offering, or projections on investment performance.”
FINRA reminded member firms that:
They are liable for the distribution of third-party prepared materials if the material is non-compliant with the rule (i.e., not balanced or misleading).
Retail communications should not project or predict returns to investors (e.g., yields, future investment performance) however, reasonable forecasts of issuer operating metrics (e.g., sales, revenues or customer acquisitions) are permissible as long as they provides a sound basis for evaluating the facts. FINRA was very specific in its guidance on appropriate issuer operating metrics, including requiring limited time periods, reasonable growth rate assumptions, operating margins within industry averages, and reasonable sales and customer acquisition forecasts in relation to the market.
Real estate investment programs fall within the communications rule if they are “designed to provide distributions to investors." FINRA had specific guidance about communications on the metrics around distribution rates.
Marketing private placements of real estate, private equity and venture capital often use a performance measure known as the internal rate of return (IRR). FINRA determined that for “completed investment programs” (where the holdings in the pool have matured or been sold), this metric would not violate the communications rule. Further, FINRA would permit the inclusion of IRR in communications materials if it is calculated in a manner consistent with the Global Investment Performance Standards (GIPS) adopted by the CFA Institute.
Recommendations on Reporting Digital Assets
FINRA encouraged member firms to continue to report firm activities related to digital assets. The request is an extension of prior notices to firms (see here and here) to communicate to a firm’s Risk Monitoring Analyst new or planned digital asset activities such as cryptocurrencies, other virtual coins and tokens. FINRA wants to be notified of the following kinds of activities (this list is not exclusive):
Management, advisory services and transactions in digital assets directly or in a pooled fund investing in digital assets
Transactions in derivatives tied to digital assets
Participation in any offerings of digital assets
Secondary trading of digital assets
Custody arrangements of digital assets
Acceptance of cryptocurrencies from customers or mining of cryptocurrencies
Clearance and settlement services for virtual coins and tokens
The use of distributed ledger technology or any other use of blockchain technology
FINRA Recent Actions
Virtual Hearings: In response to the COVID-19 pandemic, FINRA has administratively postponed all in-person arbitration and mediation proceedings scheduled through October 2, 2020 unless the parties stipulate to proceed telephonically or by Zoom, or the panel orders that the hearings will take place telephonically or by Zoom. FINRA has created a Virtual Hearing Guide for Arbitrators. Further, the Office of Hearing Officers (OHO) has administratively postponed all in-person hearings of Disciplinary Proceedings scheduled through October 2, 2020. The OHO staff makes available a Virtual Hearing Guide for Parties.
Expungement: FINRA amended the Codes of Arbitration Procedure for Customer and Industry Disputes to apply a minimum filing fee for all expungement requests. The effective date of the amendment is September 14, 2020. The fee applies “irrespective of whether the request is made as part of the customer arbitration or the associated person files a straight-in request, or the requesting party adds a small damages claim.” Under the amendments, FINRA will “apply a minimum process fee and member surcharge to straight-in requests, as well as a minimum hearing session fee to expungement-only hearings held after a customer arbitration or in connection with a straight-in request.”
Cutomer Beneficiaries: FINRA proposed adopting a rule on registered persons being named a customer’s beneficiary or holding a position of trust for a customer. (See prior Bates coverage here). The proposal is an attempt to “address potential conflicts of interest that can result in registered persons exploiting or taking advantage of being named beneficiaries or holding positions of trust for personal monetary gain.” The new rule would create a uniform, national standard to govern registered persons holding positions of trust.
Operational Challenges: FINRA introduced certain proposals to address the operational challenges affecting members due to COVID-19. First, FINRA proposed temporarily extending the deadline for completed office inspections for the 2020 calendar year to March 31, 2021, effective immediately. Secondly, FINRA proposed changes to temporarily amend certain procedural requirements, including timing and method of service. These amendments (i) allow FINRA to serve certain documents by electronic mail; (ii) require parties to file or serve documents by electronic mail in connection with specified proceedings and processes; (iii) provide extensions of time to FINRA staff and other parties “in connection with certain adjudicatory and review processes”; and (iv) allow for National Adjudicatory Council oral arguments to be conducted by Zoom.
First Look: Upcoming Proposals
In a recent FINRA Board Meeting, the Governors approved three upcoming proposals for future notice and comment: (i) amendments to FINRA corporate financing rules to require members to file retail communications concerning specified private placements (see discussion on related guidance, above), (ii) proposed procedures to address cheating on and eligibility for qualification examinations and (iii) amendments to trade reporting rules to require the identification of certain corporate bond trades (i.e., those “priced off of a spread to a U.S. Treasury Security or that are part of a portfolio trade.”) The latter is intended to provide context on reported trades with “prices away from the current market.”
FINRA remains diligent in a host of areas. Its recent actions on private placements, arbitration, conflicts of interest and COVID-19-related administrative matters present examples of the scope of its mandate and its determination to keep pace. FINRA’s request to be kept apprised of broker dealer activity in digital assets suggests a broader agenda in the area. Bates will continue to monitor developments.
For FINRA arbitration and litigation matters, please see:
DOL Proposes New Class Exemption for Investment Advisers
More than two years after the Fifth Circuit Court of Appeals vacated the Department of Labor’s (“DOL”) fiduciary duty rule, the agency has proposed new regulations on investment advice for retirement accounts under the Employee Retirement Income Security Act (“ERISA”) and the Internal Revenue Code (“the Code”). Under the heading “Improving Investment Advice for Workers & Retirees,” the DOL (i) proposed a new “prohibited transaction class exemption” for investment advice that would allow financial institutions and investment adviser fiduciaries to receive compensation that would otherwise be prohibited under ERISA law, (ii) reinstated the 1975 regulation and its five-part test for defining investment advice, and (iii) made certain changes to its pre-existing prohibited transaction class exemptions consistent with the Court Order vacating the DOL’s fiduciary duty rule. Here are some of the details of the new DOL proposal.
A New Prohibited Transaction Class Exemption
The heart of the DOL proposal is a new class exemption that would be available to registered investment advisers, broker dealers, financial institutions and insurance companies that “provide fiduciary investment advice to Retirement Investors” (e.g., Plan participants and beneficiaries, IRA owners and Plan and IRA fiduciaries). If granted the exemption, these institutions and professionals could receive various types of transaction payments and fees that are currently prohibited under ERISA law, including: “commissions, 12b-1 fees, trailing commissions, sales loads, mark-ups and mark downs, and revenue sharing payments from investment providers or third parties.” The exemption would also apply to advice provided on Plan roll-overs in addition to allowing financial institutions to transact to or from their own accounts.
By this proposal, the DOL is shifting its approach from one focused on narrow exemptions based on specific prohibited transactions to one which is more “principles-based.” The DOL is doing this by conditioning the exemptions on compliance with their “Impartial Conduct Standards.” These standards incorporate three elements: a best interest standard, a reasonable compensation standard and “a requirement to make no misleading statements about investment transactions and other relevant matters.”
According to DOL, each of these elements—which have long histories and pertinent interpretations—will now be aligned and consistent with Reg BI and prevailing securities law. As to the best interest standard, DOL affirms that investor fiduciary advice should be (i) prudent, reflecting the care, skill and diligence under prevailing circumstances and “based on the investment objectives, risk tolerance, financial circumstances, and needs of the retirement investor,” and be (ii) loyal, meaning that the advice does not place the interests of the financial adviser ahead of the interests of the retirement investor. These are familiar considerations for advisers under Reg BI.
Other specific requirements to maintain eligibility under the new broad exemption include written acknowledgements of an adviser’s fiduciary status under ERISA and the Code (see below), written communications regarding the services to be provided and any material conflicts of interest, and the adoption of policies and procedures to ensure compliance with the Impartial Conduct Standards (subject to retrospective review).
The DOL cautioned that financial institutions and professionals would be ineligible or would lose their eligibility for the exemption if, within ten years prior or following, they were “convicted of certain crimes arising out of their provision of investment advice to retirement investors.” The DOL stated, however, that should they be excluded from the broad exemption, these institutions or individuals could always apply for other, more targeted exemptions. The DOL justified this approach by saying that its more focused approach would “provide significant protections for Retirement Investors while preserving wide availability of investment advice arrangements and products.”
Further, the new proposed exemption would require disclosure of the status of the adviser under ERISA and the Code and would require providing an accurate written description of their services and material conflicts of interest. The DOL made clear that the proposed exemption would not “create any new legal claims above and beyond those expressly authorized in ERISA.”
Recognition as an Investment Advice Fiduciary: The Five-Part Test
To become eligible for the new class exemption, the DOL has effectively reinstated its’ 1975 regulation which imposed a five-part test to determine the status of an advisor. (That test had been supplanted by the DOL’s previous—and subsequently vacated—fiduciary rule; by the new proposal, DOL is adding a technical amendment which would formally reinstate the rule and test.)
For an adviser to be considered an investment advice fiduciary under ERISA and the Code, he/she must be authorized or responsible for providing investment advice and receive direct or indirect compensation “with respect to any moneys or other property” of a Plan. Specifically, the test requires the professional to:
provide advice on the Plan or make recommendations on “investing in, purchasing, or selling securities or other property;”
act under an arrangement “with the Plan, Plan fiduciary or IRA owner;”
provide advice which serves as the primary basis for an investment decision; and
Tailor the advice for the individual “based on the particular needs of the Plan or IRA.”
Facts and circumstances will determine if the test is satisfied. Consequently, for a professional to be eligible for the exemption, he/she must establish status as an investment adviser fiduciary under this test.
The DOL’s proposal includes some guidance on the application of the test, particularly pertaining to advice concerning rollovers. For example, the DOL describes instances where an isolated recommendation to take an employee plan distribution and roll it into an IRA may fail the “regular” prong of the test, however advice to do so as part of an ongoing relationship with the client may be enough for that “regular” prong to be satisfied.
As noted above, the DOL addressed pre-existing prohibited transaction class exemptions under the new proposal in order to harmonize the results with the court’s decision to vacate the fiduciary rule. Specifically, the DOL removed two exemptions: the "Best Interest Contract Exemption" and the “Principal Transactions in Certain Assets Between Investment Advice Fiduciaries and Employee Benefit Plans and IRA” exemption. Certain other prohibited transaction exemptions that were amended in 2016, including most notably a pre-existing exemption for insurance companies and insurance agents, remain in force. However, under the proposal they would revert back to their pre-amendment forms.
The DOL highlighted that the new proposed exemption does not cover robo-advice arrangements without the interaction of an investment professional.
It is clear that the timing of the DOL proposal was not accidental. It came within days of the implementation date of the SEC’s Regulation Best Interest (“Reg BI”) and shortly after a federal appellate court denied claims by several state attorneys challenging the adoption of that Reg BI regulation. As a result, the DOL made its intention to sync with the new SEC Reg BI standards framework explicit, highlighting that “the best interest standard in the new proposed class exemption is aligned with the conduct standards in the Securities and Exchange Commission's Regulation Best Interest.” Expect many comments on how the DOL’s new rules relate to Reg BI.
The proposed prohibited transaction class exemption is broader and “more flexible” than DOL’s prior exemption regime. It is based, in large part, on the temporary enforcement policy created after the court decision to vacate the DOL fiduciary rule. (FAB 2018-02.) Compliance officers that have modified their frameworks to conform with the Impartial Conduct Standards should be ahead of the curve. But, before drawing what may appear to be straightforward conclusions, it is important to remember that we have been here many times before (and that state actions on investment adviser standards are still alive and kicking.) Bates will keep you apprised.
The term “Plan” is defined for purposes of the exemption as any employee benefit plan described in ERISA section 3(3) and any plan described in Code section 4975(e)(1)(A). The term “Individual Retirement Account” or “IRA” is defined as any account or annuity described in Code section 4975(e)(1)(B) through (F), including an Archer medical savings account, a health savings account, and a Coverdell education savings account.
Bates Practice Leadership Insights: Julie Johnstone on the Changing Litigation Landscape
As Managing Director for Bates Group's Retail Litigation practice, Julie Johnstone manages and oversees financial litigation and arbitration matters. Her team assists broker-dealer and investment advisers, banks and insurance companies, as well as State and Federal Regulators, throughout the life cycle of their retail litigation matters, from early case assessments, profit and loss reports, damage analyses, and “what if” scenarios, to expert consultation and testimony at hearing, as well as mediation and settlement support. We asked Julie to consider the state of retail litigation in light of the pandemic and to anticipate some of the long-term implications on case management and dispute resolution going forward. Here is a recap of our conversation.
Question: The pandemic has had a significant disruptive effect on retail investors and the financial markets. Do you expect to see a surge of litigation as a consequence?
Given that the recent market decline was one of the steepest and fastest in history, we are expecting an increase in litigation, especially where investors have incurred realized losses. However, the extent of litigation could be dependent on the shape of the market recovery, and, given that the market has recovered fairly quickly, we would possibly expect to see fewer claims filed involving paper or unrealized losses. Our past experience with market volatility, as well as recent news and our discussions with clients, support this expectation.
When do you anticipate an uptick in litigation activity?
There is always a lag after a market decline before claims are filed, and services are requested at many points throughout the lifecycle of a case—that is, from pre-litigation to resolution. Our clients tell us that their pre-litigation teams are busy. We are also currently working our way through pre-pandemic claims involving strategies to enhance yield, private placements, allocation drift, alternative investments, and others.
What types of retail investor claims do you expect to be filed as result of the pandemic?
We monitor economic trends, market events in sectors (such as oil and gas) and liquidity issues, generally. These are the kinds of indicators that provide insight for our clients and help us better understand the emerging landscape. Right now, we expect future claims related to margin and securities lending accounts, energy- and airline-related investments, and other sectors impacted by various stay-at-home orders and business closures. In addition, we expect to see claims filed with respect to volatility-linked investments, order execution, vulnerable investor issues, business interruption, employment, general suitability, and allocation issues relating to the overall market decline and volatility, just to name a few.
How will litigation practice change as a result of the pandemic?
Time will tell, but many practice details will be altered. For example, expect greater use of video conferencing in conjunction with the traditional in-person arbitrations. Our experiences under current, temporary conditions, such as managing through the delays and postponements of hearings, may offer some indications about future changes. Permanent norms have not yet been established, but in-person FINRA hearings are still being postponed through September. Where both parties agree, counsel will need to navigate whether to move forward with video hearings or continue to postpone.
Further, we’ve noticed that some of our clients are expecting that claimants might be more motivated to settle the cases that were originally scheduled for hearing during the 2020 summer, rather than having to wait for the matter to be heard at a future date. So, the new environment not only impacts procedures, but it also may have tactical and even strategic consequences as well.
In the Retail Litigation practice at Bates, we have been adapting during this period as we support our clients toward a new normal. For example, our team of experts and case managers is training to effectively use various video conferencing platforms; we have been communicating more with our clients to better understand their needs as they consider pandemic-related challenges and an increasing number of claims; and, as mentioned, we have been proactively exploring issues that are likely to result in litigation our clients will face.
Tell us more about how you are working with clients to prepare for potential litigation.
One way we are helping our clients prepare for the potential increase in litigation is through various CLE webinars, a number of which have been completed, and others which are in development. We are also publishing relevant alerts and communications. These communication efforts concern the latest thinking around financial market issues like the trading of complex products. Recent program headlines include: “Senior and Vulnerable Investor Protection;" "Potential Litigation Claims in the COVID-19 World;” “Regulatory and Litigation Issues in a Post COVID-19 World;” “Introduction to Arbitrator Evaluator & ABCs of Financial Schedules;” “Reg BI for Litigators;" and "Best Practices in Defending Margin-Related Cases." Upcoming webinars and recorded programs are listed online.
The pandemic has increased uncertainty and some stress, but it has also accelerated change throughout the financial sector. What are the positive consequences coming out of this?
Yes, it has. This has been a very challenging time for many businesses and individuals, and Bates is no exception. As our clients have had to do, we have adapted, and I would say we have done so successfully. Bates shifted to a 100% remote workforce mid-March without missing a single client deliverable. Through the transition, and over the last few months, Bates staff have engaged technology to develop new norms for staying connected and managing work effectively.
What will you be grateful for when this pandemic is over?
The pandemic has offered a time to reflect both professionally and personally. I have reflected on the many things to be grateful for over the last few months. I am grateful to the first responders, for the ability to continue working while so many have lost their jobs, and for the ability to spend quality time with my immediate family. I look forward to seeing my friends and clients in person and to visiting my favorite establishments as they reopen. And, I am hopeful for an economic recovery that allows us all to thrive.
The current crisis presents many challenges. Bates practice leaders, consultants, and experts can help. Please contact:
New OCIE, FinCEN Alerts Emphasize Vigilance Against Ransomware, Imposter Scams, Money Mule Schemes
In the past week, the SEC Office of Compliance Inspections and Examinations (OCIE) and the Financial Crimes Enforcement Network (FinCEN) warned financial institutions to guard against specific and increasingly prevalent types of fraud against consumers. These activities have been uncovered through examinations, suspicious activity reports (SARs), law enforcement information and public reporting. OCIE and FinCEN’s alerts follow other federal and state reports (see Bates coverage here and here) urging firms to increase vigilance against similar crisis-related misconduct.
Specifically, OCIE staff cautioned SEC registrants, including broker-dealers, investment advisers and investment companies, as well as registrant service providers, of an increase in the number and nature of ransomware attacks. FinCEN cautioned institutions about a rise in money mule schemes and imposter frauds that attempt to con investors and other consumers into deceptive transactions. Here are the highlights:
OCIE Warns Firms to Monitor for Ransomware
OCIE staff describes “ransomware” as “a type of malware designed to provide an unauthorized actor access to institutions’ systems and to deny the institutions use of those systems until a ransom is paid.” The systems in question usually affect the “integrity and/or the confidentiality” of customer data.
OCIE is concerned about recent reports that the latest attacks directed at both SEC-registered institutions and their service providers are becoming increasingly sophisticated. The purpose of the alert was not to offer a one-size-fits-all approach to protect against ransomware (such a solution does not exist), but rather to highlight recent observations on the subject so that firms can strengthen their “cybersecurity preparedness and operational resiliency.”
OCIE staff recommends that firms review and update incident response and resiliency policies, procedures and plans. Such a review should include (i) contingency and recovery plans for various denial of service scenarios, (ii) procedures for notification of an event, incident escalation, and stakeholder communications; (iii) processes for material event and suspicious activity reports (SARs); (iv) notification procedures for law enforcement and customers; (v) restoration of service processes; and (vi) backup applications to ensure the operation of critical services.
OCIE also wants firms to heighten their awareness of cyber-risk and boost their cybersecurity training and test responses through, for example, phishing email exercises. Further, OCIE wants firms to review and tighten their access management systems with the “least privileged access” in mind. This requires firms to configure controls “so users operate with only those privileges necessary to accomplish their tasks.” Finally, the staff recommends that firms review and strengthen their “perimeter security capabilities” including firewalls, detection systems, email security and web proxy systems in order to manage their network and “prevent unauthorized harmful traffic.”
The OCIE staff referenced other SEC cybersecurity guidance and offered additional links from the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (seehere for an alert describing a particular ransomware threat) and the FBI (see here for a 2019 ransomware alert). Staff reminded firms that cybersecurity compliance was an examination priority.
FinCEN Warns Firms to Look for Imposter Fraud and Money Mule Schemes
FinCEN’s advisory focusing on money mule schemes and imposter scams is a kind of primer on reporting suspicious consumer fraud activity. In the advisory, FinCEN discussed the nature of these particular frauds, relevant indicators that should raise institutional red flags and additional information to be included for SARs reports.
FinCEN defines imposter scams as involving an actor “contacting a target under the false pretense of representing an official organization, and coercing or convincing the target to provide funds or valuable information, engage in behavior that causes the target’s computer to be infected with malware, or spread disinformation.”
COVID-19-related imposter scams include bad actors posing as IRS officials, the CDC, the World Health Organization, and non-profit health and academic institutions. FinCEN noted the many tools used by these actors to defraud the vulnerable, the elderly and the unemployed including the use of social media, telephone and robocalls, text messages, websites, and emails, as well as off-line activities such as “door-to-door collections” and flyers.
FinCEN emphasized that the objective of these scammers is primarily to target customers directly. As a result, FinCEN wants financial institutions to be aware of indicators on customer accounts that should trigger firms to be alert. COVID-19 red flags include bad actors offering to “verify, process or expedite” stimulus payments or other benefits under the Economic Impact Payments program, or prepaid debit cards under the Coronavirus Aid, Relief, and Economic Security (CARES) Act. Other attacks seek to obtain confidential financial information for some health-related purpose like contact tracing. FinCEN warns that institutions should be on guard against phishing emails ostensibly coming from government or non-profits, but that use commercial domains (e.g., “dot-com”). Other red flags include solicitations which are publicly unverifiable and often contain errors like misspellings. FinCEN said that these indicators, in context, may be considered suspicious for reporting purposes.
Money Mule Schemes
FinCEN defines a “money mule” as any “person who transfers illegally acquired money on behalf of or at the direction of another.” FinCEN highlighted COVID-19 money mule schemes in three categories: good-Samaritan, romance, and work-from-home, the latter presenting as an offering for a work-from-home job which involves the target agreeing to “move funds through accounts or to set up a new account” on behalf of the “business.”
The agency describes distinctions among an “unwitting or unknowing money mule,” a “witting money mule” and a “complicit money mule,” all defined by the person’s awareness, motivation and level of participation in the larger scheme. FinCEN says that all three types of money mules are deployed in COVID-19 schemes.
Red flags pertaining to COVID-19 that should trigger firms to be alert for money mule schemes include, among others: (i) receipt of transactions that do not fit a customer’s profile (e.g., overseas transactions, purchase of convertible virtual currency); (ii) unsatisfactory answers to “know your customer” inquiries; (iii) the opening of new bank accounts in the name of a business (possibly at multiple banks) and someone other than the customer transferring funds out of the accounts; (iv) receipt of multiple unemployment insurance payments within the same time period or from numerous employees (with ACH payment names that don’t match the account holder); (v) deposits that get diverted quickly “via wire transfer to foreign accounts;” (vi) documents related to the “employer” showing the use of a free email server rather than a company-specific email; and (vii) out-of-the-ordinary requests from the customer’s new employer to send and receive funds through the customer’s personal account (especially for individuals claiming to be U.S. citizens or servicemen currently abroad.)
FinCEN also provided very specific instructions for filling out SARs reports on COVID-19-related scams. FinCEN advised financial institutions to use specific language and to reference (in specific fields) this imposter scam/money mule scheme advisory on SARs reports where the circumstances or subject matter matches. Proper reporting on this activity, FinCEN states, will improve “law enforcement’s abilities to identify actionable SARs…and pull information to support COVID-19-related investigations.”
These issues are not new, but they have been taking on additional urgency since the advent of the pandemic. “The two alerts reinforce the risk-based approach to firm compliance obligations and highlight the necessity to consider context and a customer’s historical financial activity, among other facts and circumstances, when making determinations on reporting potential suspicious activity,” said Edward Longridge, Managing Director and Head of Practice, Bates AML & Financial Crimes.
Learn more about how Bates Group's Practices support firms:
Bates Practice Leadership Insights: Regulatory Investigations Now and on the Horizon
Bates continues our practice leadership conversations this week with Alex Russell, Managing Director of Bates’ White Collar, Regulatory and Internal Investigations Practice. Alex’s team supports corporations, financial services firms, law firms and regulators by bringing technical, big data analytics and managerial expertise to a variety of disputes and investigations. He also co-leads Bates’ big data analytics service and manages matters involving the assessment of economic damages. We asked Alex about regulatory investigations, big data and the issues firms and their legal counsel are currently concerned about. Here is a recap of our conversation.
Question: How has the pandemic affected your clients right now?
Generally, I would say that firms are under considerable and increasing pressures created by market uncertainty. The added pressures come not only as a direct consequence of market declines and volatility, but also from the way that regulators, customers, employees and even litigants react to it—often exacerbating problems by layering on top their own concerns and urgencies. Add to that the very real challenges of working remotely (including issues as disparate as cybersecurity and childcare), and it is fair to say that our clients are operating in a very difficult environment. The top concern that I hear, from nearly everyone, is that there are just not enough hours in the day to get done what needs to get done.
Let’s talk first about regulatory investigations. Do you expect an uptick in investigative activity as a consequence of this market volatility?
Absolutely. But this should not be a surprise. The regulators have been very vocal, in public and private, that they are minding the store and fulfilling their oversight and investigative responsibilities. And they are intent on proving it. At Bates, we are already seeing an uptick in such regulator activity, but as with prior market dislocations, we should adjust our expectations and prepare for these current regulatory investigative priorities to play out over the next several years.
Can you be more specific? What sort of regulatory enforcement matters, for example, should we expect?
Some are very easy to see coming; anything involving leverage for example, whether in the form of margin, the use of options, or leveraged ETFs / structured products themselves. We’ve had ascending markets for so long that leverage has become a normal part of the market again, and may have even been extended into areas that the regulators will deem inappropriate. Fraud claims will also rise, from penny stock’s touting COVID-19 vaccines, to individuals running Ponzi like schemes that are exposed when new investments dry up. Uncertainty creates an opportunity for many different types of fraudsters to take advantage of that confusion to the detriment of investors. The increased pressure on reps to try and sustain the income level they need will tempt some to bend the rules in ways that are sure to prompt action. It seems unlikely that the regulators will stop pursuing the fee-based actions (12b-1, 529, revenue sharing) that they have been pursuing over the last few years, so I expect those to continue as well. We’ve handled well over 30 of those types of investigations and claims for our clients, and we have not seen any indication of those slowing down at all. The list goes on.
What is the outlook in the white collar space?
Market manipulation schemes, in particular penny stock pump-and-dump schemes will show up quite regularly, and have already started to do so. Similarly, insider trading allegations around the use of material non-public information will be a source of steady activity, in addition to many of the same actions (fraud, for instance) that will also be the target of regulatory scrutiny. We’ve been steadily working on insider trading, and market manipulation matters even more so, pre-COVID-19 and expect to handle quite a few more after this. Interestingly, many of our recent pump-and-dump matters have been in a criminal rather than civil context, I am curious to see if that trend reverses itself or if the pandemic will accelerate the trend of criminal indictments.
How will big data shape this conversation?
The analysis of big data will play a critical role in helping to resolve many of the issues being raised. Since these issues will cut across firms as a whole, the analysis would be infeasible without the use of big data. Many of the regulators are already reporting sharp increases in the alerts being generated by big data analysis for market surveillance. For instance, FINRA noted a 200% increase in alerts around best execution, wash sales, spoofing, and layering. Regulators are using the tools of big data analysis to “spot risk bubbling up,” and those same tools can help firms identify risk internally, conduct their own investigation and analysis, and resolve the underlying issues. Big data will be a critical part of identifying what will show up when Regulators examine firm behavior, and in responding to claims made by the regulators on the basis of big data analysis. Enforcement actions will likely intensify as a result of these developments.
In many cases, we have taken on large-scale investigations by serving as a critical external resource for big data and analytics assignments. This lets our clients’ internal personnel focus their resources on their essential, day-to-day tasks. Since the onset of COVID-19, we have also been asked to provide insight into peer practices and to collate trend information gathered through interaction with the regulators. This has been positively received by our clients, who feel forearmed with useful information prior to interacting with regulatory staff. Clients appreciate being able to speak with our staff knowing that they have dealt with the same or similar issues on behalf of other clients, and that we have the technical skills to perform efficient, accurate, and insightful quantitative analysis. That combination of skills and awareness of how the regulators are treating certain issues has allowed us to assist counsel in delivering positive outcomes for their clients.
What final thoughts are you offering to clients at this time?
First, work diligently to maintain your pre-pandemic compliance processes and procedures, and document your efforts. Second, keep up with regulators’ current expectations of firm practices. To the extent possible, talk to peers and counterparts in other firms to find out what they are seeing, what is working and what isn’t. Third, review the available data out there and do what you can to form an accurate picture of how the industry is responding to the challenges this crisis has created. Finally, use all available information to forecast developing trends so you can spot the opportunities and avoid the pitfalls.
The current crisis presents many challenges. Bates practice leaders, consultants, and experts can help. Please contact:
FINRA Special Alert Offers Observations on COVID-19 Remote Work and Supervisory Practices
FINRA issued Special Alert Notice 20-16 to share COVID-19-related off-site transition and supervisory practice information. The information was derived from recent FINRA discussions with small, mid-sized and large firms. FINRA cautioned that they “have not yet evaluated these practices in our examination programs,” but, nonetheless suggested that firms consider whether they are “applicable” and whether they would enhance supervisory systems and compliance programs during this period.
Bates has been reporting on COVID-19-related guidance since the pandemic began and maintains a topic page on the subject with links to both federal regulatory sites (including FINRA’s resources page) and Bates news and information. Here we take a closer look at FINRA’s observations on firm efforts to transition to remote work environments and to supervise remote work activities.
Remote Work Environment Transition Practices
FINRA reports that firms took a wide range of steps to enhance their compliance efforts and their ability to serve customers from remote locations. FINRA categorizes these steps in four areas: customer assistance, off-site work protocols, staff communications and cybersecurity.
For customers, firms took immediate steps to provide contact and branch office closure information on their web sites and to route customer calls and requests for appointments through a centralized hub. For employees, firms added procedures to better monitor and to record the location of staff, and to continuously update contact information for “compliance, legal, operations and other departments.”
Some firms adjusted communications practices to minimize the risk that staff “would use personal or unapproved systems and technology to conduct firm business.” FINRA stated, for example, that firms were providing (i) “all-hands” videoconferences on operations; (ii) “clear guidance” on working remotely; (iii) technology hardware “to better equip staff to work from home” and (iv) virtual trainings on new and approved technology platforms and applications.
Further, firms reported that they increased their use of virtual trainings and other efforts with respect to cybersecurity and the confidentiality of firm and customer information. Firms disclosed that they were issuing frequent internal reminders on compliance with material non-public information requirements. In addition, firms communicated precautions around “maintaining a private workspace from home,” including extra care when working near family or friends. Firms also said they were enhancing the oversight of their “critical information” technology vendors.
Remote Work Supervisory Practices
FINRA relayed that while firms expressed confidence that they were “relatively prepared” to supervise associated persons working from home (i.e. through the use of “checklists, surveillance tools, incident trackers, email review and trade exception reports”), some firms described additional steps they took to ensure that their supervisory practices and procedures were followed. These additional steps cover (i) overall supervision, (ii) trading supervision, (iii) supervision over customer communications and (iv) branch inspections.
Firms reported many steps to strengthen general supervision of associated persons working in remote locations. In anticipation of the lock-down, for example, some firms described special efforts to test and perform a “gap analysis” to ensure adequate remote compliance with documentation requirements. Firms also set up processes to identify emerging issues or trends gleaned from “increased alerts, exception reports and customer complaints.” These processes supported additional firm guidance to supervisors acting on these concerns, including coaching and “over-escalating” identified issues.
Some firms strengthened their existing “electronic supervisory checklists with attestations and electronic affirmation via voting buttons.” As to other general supervision issues, firms said they improved their overall communications efforts by requiring frequent and regular senior leadership meetings, opening communications channels between supervisors and compliance staff and by establishing feedback mechanisms from staff to promote best remote office practices.
On trading supervision, firms added to their oversight by tightening controls and adding new special elements to supervisory checklists. Specifically, firms enhanced their oversight capabilities by requiring additional prescreens, additional supervisory approvals (with attestations), additional testing of traders’ remote technical capabilities, and by increasing the frequency and thresholds for certain trade reporting and alerts. Further, some firms reported additional monitoring of supervisory activities and increasing the frequency of “check-ins” with traders.
In addition to supervision of customer communications through existing methods, some firms added several more layers of oversight. These include increasing the frequency of email review, enhancing communication surveillance, expansion of using recorded lines for orders, and disabling certain features of communications platforms in order to ensure full and accurate recordkeeping.
Finally, FINRA asked firms about their branch office inspections. Some firms reported that they created a temporary remote branch office inspection plan which relies on technology and video and electronic document review. Firms made clear, however, that such inspection plans merely defer the required onsite inspections to a later time and that when pandemic restrictions are lifted they will prioritize high-risk, on-site branch inspections.
In this Notice, FINRA documented a broad range of methods firms have devised to transition to remote offices and to supervise associated persons. These steps are, of course, a proactive way for firms to fulfill their obligation to implement a reasonably designed supervisory system appropriate for the firm’s size and business model. FINRA recommends that firms contact their designated Risk Monitoring Analyst with questions about these or other methods undertaken during this time. FINRA is once again setting the expectation that firms need to fully consider their compliance practices carefully during this time. Bates will continue to monitor and summarize these regulatory compliance developments.
Bates Compliance practice leaders and consultants are available to answer your questions on compliance, risk, supervision and audit matters to help you through this period. Please reach out.
NASAA Annual Report Flags Cyber Risk, Investment Adviser Exam Deficiencies and Best Practices
The highlight of the North American Securities Administrators Association’s (“NASAA”) 2020 Investment Advisor Section Annual Report on state-registered investment advisers is the growing concern by state regulators over cybersecurity preparation and practice. Based on firm examinations in 41 U.S. jurisdictions during the first half of 2019, NASAA found that cybersecurity deficiencies are on the rise. The issue has taken on new urgency in the wake of the pandemic.
In the annual report, published during the height of the panedemic, NASAA publicized its members’ adoption of an information security and privacy model rule to address some of these concerns and provided a list of best practices to assist investment advisers in developing and implementing effective compliance procedures. In addition, NASAA offered some general statistics on the condition of the industry and noted committee and project successes over the past year. Here’s a closer look.
Cybersecurity Remains Top Issue
The main concern in the report—the rise of cybersecurity-related deficiencies across state adviser firms—was based on information that is now nearly a year old. This is significant because the pandemic has only exacerbated many of the issues raised in guidance presented since then. (See, e.g. Bates coverage of SEC Office of Compliance Inspections and Examinations Report.) According to the NASAA report, the top five cybersecurity-related deficiencies among state registered investment advisers were: (i) a lack of cybersecurity vulnerability testing; (ii) a lack of procedures regarding securing or limiting access to devices; (iii) a lack of procedures related to internet connectivity; (iv) weak or infrequently changed passwords; and (v) inadequate cybersecurity insurance.
The data showed that these deficiencies were present in 26% of examinations, up from 23% in the last 2017 analysis. NASAA noted that the problem is acute for the state-registered investment adviser community, given that “three fourths of the nearly 18,000 state-registered investment advisers are 1- to 2-person shops.” Because these advisers have limited resources, they are considered to be particularly vulnerable to attacks.
Alex Glass, Indiana Securities Commissioner and Chair of NASAA’s Investment Adviser Section, suggested that NASAA’s new information security and privacy model rule should help. He stated that the new rule “represents a significant step toward enhancing the cybersecurity and privacy practices of state-registered investment advisers.” As Bates described previously, the new rule requires investment advisers to adopt policies and procedures related to the security of both physical and digital information, including that a firm (i) establish an “organizational understanding to manage information security risk to systems, assets, data and capabilities;” (ii) provide “safeguards to ensure delivery of critical infrastructure services;” (iii) be able to detect, (iv) be able to take action in case of, and (v) be able to restore any capabilities or services after, an “information security event.”
In the annual report, NASAA encouraged firms to review their Cybersecurity Checklist and related Guidance. These documents detail assessment areas that can help to detect cyber vulnerabilities, and to recover from cybersecurity breaches. The material was prepared by NASAA’s Cybersecurity and Technology Project Group, which noted in their status update that it was turning its attention to developing materials “on how firms can prepare and plan to meet demands in a shifting landscape of cybersecurity threats.”
The security and privacy model rule was also part of last year’s agenda of NASAA’s Regulatory Policy and Review Project Group. In their status update for NASAA’s annual report, the Group listed an ambitious agenda including a host of ongoing initiatives on new model rules. These include proposals on investment adviser policies and procedures, a code of ethics, proxy voting procedures, and investment adviser representative continuing education, Further, the Project Group said it was working with investor, advocacy and industry groups on investment adviser fee models, unpaid arbitration awards and drafting guidance on standing letters of authorization, among other topics.
Additional Compliance Guidance
In the annual report, NASAA offered a checklist of best practices to assist firms generally in the development of compliance practices and procedures. The items on the checklist respond to some of the deficiencies found in NASAA’s comprehensive state examinations. The checklist suggests that firms should review their: (i) Form ADVs, (ii) contracts, (iii) policies and procedures for the preparation and maintenance of financial records with electronic data backup; (iv) client profiles and client suitability documentation, (v) written compliance and supervisory procedures manual, including business continuity plans and information security policies/procedures; (vi) privacy policies and (vii) custody safeguards, especially for direct fee deductions.
Comparison of Deficiencies Found in State Examinations
NASAA’s Investment Adviser Operations Project Group compiled a comparison of the state-registered investment adviser firm examination deficiencies over the past biannual periods. The group found that books and records deficiencies (59%) presented the most compliance challenges. Registration deficiencies (49%), contract deficiencies (44%), cybersecurity concerns (26%), and fee-related matters (21%) followed. Overall, NASAA reported that the number of deficiencies in every category except cybersecurity decreased.
In their status update, NASAA’s Operations Group announced the completion of examiner tools to “help examiners review Form ADV Part 1 and 2 for consistency and agreement with the advisory contract,” as well as a stand-alone Licensing Module “to help licensing personnel review and document issues with investment adviser registrations.”
Additional State Registered Investment Adviser Data
NASAA reminded readers that state regulators oversee all investment advisers with assets under management of $100 million or less. The report provides a host of additional and comparative data on state investment advisers. For example, eighty percent (80%) of state investment advisers are small businesses located in “most every town in every state across the country.” The vast majority of clients—eighty-two percent (82%) of nearly 750,000 clients—are retail investors. Sixteen percent (16%) are high-net-worth individuals. The top services provided by these state advisers to clients are portfolio management for individuals (83%) followed by financial planning services (64%). For a significant majority of clients, adviser fees are charged as a percentage of assets under management (84%). Fifty-three percent (53%) of clients are charged an hourly fee, and fifty percent (50%) are charged on a fixed-fee basis.
The current COVID-19 crisis has exacerbated many of the cybersecurity concerns raised in NASAA’s annual report. Between the SEC OCIE report and this NASAA report, firms should be focusing on how best to tailor their cybersecurity efforts to protect their customers and preparing for the next examination.
Bates practice leaders, consultants and experts can help clients’ compliance, risk, supervision, audit and business teams. Contact Bates today:
Question: How has the financial anti-money laundering agenda and/or regulatory enforcement framework been affected by the pandemic?
Edward Longridge: For AML and fraud departments, two trends have presented themselves since the advent of COVID-19. First, there has been an increase in the number of Coronavirus-related scams, and, in particular, scams targeting the elderly. Fraudsters and money launderers are taking advantage of what they perceive to be opportunities for criminal activity in the current environment. These heightened activities are putting extra pressure on compliance teams to adapt and perform.
Second, the regulators have not taken their foot off the pedal. Expectations, during this time when systems are being stressed, have only increased. While it is true that FinCEN requested financial institutions to contact them if they are having difficulties in the timeliness of Suspicious Activity Report (“SAR”) filings, and though, in certain cases, regulatory exams may be delayed, AML departments must still meet—and indeed exceed—their obligations to fully comply with regulatory rules and expectations. In short, AML and Fraud departments need to be on an increased watch during the pandemic now, and for the foreseeable future.
Question: What should AML officers be focusing on in the next several months?
There remains uncertainty over how long COVID-19 will last. Even after cities and states reopen, it is anticipated that there will be a large percentage of the population who will opt to work remotely. AML compliance systems will need to adapt to this change as a more permanent reality.
Further, the virus has changed people’s spending habits. This will, no doubt, continue. As a consequence, AML officers should review their transaction monitoring scenarios and rules to tune and adapt them to the changes in transactional behavioral patterns caused by the coronavirus.
Question: Is there a particular area that banks should be paying attention to that may not seem so obvious?
Yes. Banks should be vigilant over increased fraud attempts and changes in the patterns of their customers’ transaction activity. One area for banks and broker-dealers to pay close attention to is AML volumes. With teams working remotely, firms may find it hard to keep up with the non-stop volume of transaction monitoring alerts which can lead to an increase in backlogs. Banks and broker-dealers should adjust their resources accordingly.
Question: What does post- recovery look like?
Nobody can realistically foresee all the consequences of what is to follow in the next six months. That said, states will open in phases and will likely take a cautious, staggered approach to avoid a second wave of infections. How successful they will be is unknown.
Financial institutions will need to pay close attention to ensure their offices are compliant with all city, state and federal health guidelines. For example, they may have to reconfigure for social distancing in the office, possibly including redesigned desk space. Firms may also need to rotate their staff between remote and onsite so that not everyone is in the office on the same day. While it is anticipated that regulators will take an understanding approach with financial institutions, AML and financial crimes departments cannot afford to let up.
Question: What type of support are clients looking for now?
In addition to our ongoing efforts helping clients establish and execute effective AML and financial crimes compliance programs, we are working with a number of parties on third-party risk management. This covers a wide range of topics, including vendor risk management, VPN matters, and cyber security/data security. Several firms have also turned to us recently to help them keep up with their transactional volumes.
Given the prevalence of new scams posed by bad actors, the added stresses placed on compliance programs and systems by remote working arrangements, and the unrelenting demands by regulators to fulfill their anti-money laundering and anti-fraud obligations, firms are under significant pressures. We continue to assist them in these efforts.
The current crisis presents many challenges. Bates practice leaders, consultants, and experts can help. Please contact:
New Capital Market Insights White Paper: Bear Markets, Black Swan Events and Volatility
The first part of this year has been challenging for the equity markets. With a global pandemic suddenly arising—the likes of which have not been seen in more than 100 years—U.S. economic activity largely halted, and unemployment skyrocketed, reaching in excess of 40 million initial unemployment claims in just 10 weeks. By some estimates, the gig economy, or “1099 workforce,” comprises an additional 20 million people.
Will the economy experience a V-shaped recovery and quickly bounce back or is the recovery likely to be a long, protracted U-shape? That remains a key question. One thing is clear though, life in the time of corona is currently very challenging for people, the economy, and the markets—and much is uncertain.
The sudden appearance of a severe global pandemic is just the most recent example of a “black swan event” roiling the markets. By definition, black swans are rare and seldom seen, and as such are difficult, if not impossible, to predict. They can be triggered by either unexpected market, economic, or external factors such as geopolitical, war, or terrorist events.
In our new Capital Insights report we examine in detail bear markets, black swan events, and volatility to gain some perspective on how the recent—or current?—bear market compares with historical periods.
Oil-Related ETP Recommendations: FINRA Reminds Firms of Suitability and New Reg BI Obligations
Concern about recommendations of complex financial products for retail investors has been at the center of the debate over changing standards for broker-dealers and investment advisers. With full implementation of the heightened Regulation Best Interest (Reg BI) requirements less than a month away, FINRA issued a Notice reminding firms of their sales obligations when offering recommendations on complex oil-related exchange-traded products (ETPs).
The FINRA Notice is straightforward. It describes dramatic volatility in the oil market, related ETP product complexity and risk, suitability obligations and soon-to-be-in-force Reg BI obligations on those firms and registered representatives that trade in these products. FINRA’s Notice, therefore, provides an important case study not only as to the specific expectations of firms that trade oil-related ETPs, but also on how the self-regulator appears to be handling concerns about recommendations to retail clients of complex products in a volatile market. Here’s a closer look.
Oil-related ETPs are complex financial products. They are listed securities that “provide exposure” based on “the performance of an index, benchmark, or actively-managed strategy.” As such, they meet the description set forth in a previously issued FINRA Notice as having features that “make it difficult for a retail investor to understand the essential characteristics of the product and its risks.”
FINRA describes these risks in the context of a representative’s ability to explain them to retail investors. Specifically, FINRA cautioned that firms must understand how tracking futures contracts and indices actually works, how certain conditions currently existing in the market, for example, contango and backwardation, can affect performance, and how ETP securities perform relative to the price of the commodity in the cash market. Further, FINRA warned that firms must comprehend (i) differences among varying ETPs in order to advise clients on how they can be used within an investment strategy, (ii) differences and risks based on product structures—such as the difference between commodity pools which hold futures assets and exchange-traded notes which hold debt—and (iii) risks from different ETPs concerning “structural features,” such as those with provisions for accelerated terminations or suspensions of new issuance.
According to FINRA, current market conditions are highlighting these risks. A decline in oil demand (due in part to COVID-19), has led to a plunge in cash market values which has had a significant impact on the market for futures and ETP indices. (FINRA repeatedly warned that firms must understand and explain to retail investors the differences between the spot market and ETPs). Extreme volatility in several oil-linked ETPs has led to ETP terminations and suspensions and has exacerbated investor losses.
Compliance with Suitability and Reg BI
FINRA warned firms that oil-related ETP recommendations require representatives to fully comprehend the terms, features and risks of these complex products. FINRA also advised firms that sales obligations on these complex products require compliance with rules on suitability (Rule 2111), communications with the public (Rule 2210), and supervision (Rule 3110). After June 30, 2020, oil-related ETP recommendations will require compliance with Reg BI.
FINRA noted that both customer-specific suitability and reasonable-basis suitability were “particularly relevant” to oil-related ETPs. The former requires a reasonable basis to believe that a recommendation or strategy is suitable for a specific customer based on a “customer's investment experience, risk tolerance, liquidity needs, investment objectives, and financial situation and needs.” Reasonable-basis suitability requires that the firm “perform reasonable diligence to understand the nature and risks of the transaction or strategy, and then to determine whether there is a reasonable basis to believe that the recommendation is suitable for the investor.”
FINRA pointed out that in less than a month, recommendations of ETPs to retail clients “will be governed” by Reg BI, and firms must act in the client’s best interest at the time the recommendation is made, “without placing the financial or other interests of the firm ahead of the interests of the retail customer.” (See recent Bates article describing FINRA’s recent proposal to modify the suitability rule.)
Public Communications and Supervision
FINRA advised firms that public communications of oil-related ETPs should “balance” the benefits of these securities with “a clear description of the risks,” (including those related to contango an backwardation), and that firms “may not omit any material fact or qualification that would cause such a communication to be misleading.” Specifically, FINRA said that public communications must describe the “speculative nature of futures investments and must explain clearly that the ETP’s price will not track directly the spot price of oil.” Further, FINRA warned firms that risk disclosure in a prospectus “does not cure otherwise deficient disclosure in sales material, even if the sales material is accompanied or preceded by the prospectus.”
On compliance with supervisory obligations, FINRA reminded firms to establish and maintain a reasonably designed and tailored supervisory system that takes into account the complexity of any offering of oil-related ETPs in the context of the firm’s customer base. FINRA relayed that firms must conduct training for registered representatives about the terms, features and risks of these products as well as on the suitability of recommendations, given the “investor’s time horizon, impact of time and volatility on the ETP’s performance.”
FINRA issued this Notice because of volatility in the market for oil-related ETPs, the resulting ETP terminations and suspensions, and consequent investor losses. The self-regulator’s emphasis on sales practice reinforces the message that sales of these complex products meet the requirements of FINRA’s suitability, communications and supervision rules, and fall under the new Reg BI standard commencing at the end of the month. Bates will continue to keep your posted on developments.
For more information, please do not hesitate to reach out to Bates:
NASAA Seeks to Disrupt Fraud, Moves to Online Exams; FINRA Warns of Pandemic Scams
State and federal regulators are pressing firms to increase vigilance against crisis-related misconduct and other vulnerabilities in order to protect investors. The North American Securities Administrators Association (NASAA) recently took several public steps in response to COVID‑19 challenges, including forming a COVID-19 Enforcement Task Force that will identify and stop the latest potential threats to investors, publishing an on-line jurisdictional resource to track state securities administrator responses to the pandemic (including links to regulatory relief or operational information by jurisdiction).
Meanwhile, FINRA shared some “insights” for investors against the latest fraudulent schemes by issuing a notice advising that firms take “appropriate measures” concerning heightened investor risk during the pandemic. In those alerts, FINRA details the most prevalent scams and recommended practices for both investors and firms to combat them. Here’s a closer look.
NASAA Coronavirus Task Force to Root Out Fraud
According to President and Chief of the New Jersey Bureau of Securities Christopher W. Gerold, the primary objective of NASAA’s new Task Force is to “proactively identify” and “disrupt, discourage and deter” investment fraud and unregistered regulated activities within member jurisdictions. NASAA structured the new Task Force on its successful “Operation Cryptosweep” model. (As Bates previously reported, those efforts led to the opening of more than 330 inquiries and investigations and brought more than 85 enforcement actions relating to ICOs and cryptocurrencies.) Preliminary steps include reviewing some 200,000 coronavirus-related internet domain names linked to the pandemic and identifying those that pose a threat to investors. NASAA states that the Task Force will use “online investigative techniques to identify websites and social media posts.” According to Joseph P. Borg, NASAA Enforcement Section Chair and Director of the Alabama Securities Commission, “fraudsters are ramping up as a result of this crisis … Our goal is to get and stay ahead of the curve.”
NASAA COVID-19 Scam Alert, State Resources and Examinations
Creation of the Task Force comes on the heels of NASAA publishing an investor scam alert, an online resource guide and a corresponding site update that provides useful state-by-state information detailing regulatory relief and current regulatory operations for state government offices. In a statement issued by NASAA, President Gerold said that across jurisdictions, examinations of firms are continuing but have “shifted from on-site to remote, or are being deferred when necessary,” and he also noted that “nearly all states are providing regulatory relief to licensees/registrants adversely impacted by COVID-19.”
FINRA Alerts Investors and Firms to Pandemic-Related Fraud
In twin publications—one for investors and one for firms—FINRA highlights the risks fraudsters present when seeking to prey on investor vulnerabilities exacerbated by COVID-19. In the publications, FINRA urges that stakeholders remain vigilant against attacks. FINRA’s communications warn against four specific scams: fraudulent account openings and money transfers, imposter scams, IT help desk scams, and email compromise schemes.
FINRA also warns that fraudsters can use stolen or synthetic customer identity information to gain access to an account, and once in control can transfer or divert funds from a customer’s account to the fraudster’s account or rapidly remove stolen funds from the brokerage account. For investors, FINRA recommends monitoring accounts for suspicious activity, which may occur in smaller, less detectable money transfers. For firms, FINRA advises managing the risk by strengthening (i) Customer Identification Programs, (ii) opening and ongoing account monitoring, (iii) account verification (and placing restrictions on fund transfers); (iv) clearing firm collaboration, and (v) suspicious activity report processes.
FINRA also cautions that fraudsters can claim to be brokers and can create a fake online presence. For investors, FINRA recommends independent verification of a firm’s contact information, keeping account information private, refusing callers who seek remote access to personal computer or devices, and use of BrokerCheck. For firms, FINRA advises specific staff training and practices as a 2019 FINRA Notice describes on imposter websites.
FINRA additionally warns that fraudsters may claim to represent a financial firm’s IT Help Desk in order to steal personal customer information. For investors, FINRA recommends verification before providing personal or password information, opening links, or downloading attachments (if by email). For firms, FINRA advises additional training, reporting of suspicious calls or activity, and to contact the official IT Help Desk to “confirm the veracity of the original communication.”
In the publications, FINRA further highlights scams involving those authorized to execute legitimate funds transfers. Schemes involve fraudsters posing as firm leaders requesting one or more fund transfers, for example, related to accounts payable invoices. For investors, FINRA recommends confirmation of any requested fund transfers via telephone and viewing any deviations from standard payment practices as red flags. For firms, FINRA advises alerting staff authorized to disburse funds to monitor for red flags and confirm requests via telephone before acting on them. FINRA also advises that firms consider including email “banners” for any communication coming from outside the firm.
NASAA and FINRA’s pandemic-related efforts make clear that the regulators are continually working to address significant issues and impacts of the pandemic to warn and protect both investors and the industry. Bates will continue to keep you apprised of future developments.
The current crisis presents many challenges. Bates practice leaders, consultants, and experts can help.
Bates News, Bates Research, Compliance and Regulatory Alerts | 05-20-20
Bates Practice Leadership Insights: What Compliance Officers are Thinking About Now
During this transition period between what was and what will be the “new normal,” we thought it timely to provide some current thinking from top Bates’ leaders on clients’ immediate and near-term compliance challenges. While no one knows with certainty what the future holds, these “leadership conversations” are intended to share some insight from experts on the front line. For our first conversation, we caught up with Robert Lavigne, Managing Director and Bates Compliance Practice Leader, and Hank Sanchez Esq., Bates Compliance Managing Director and former SEC and FINRA regulator, to get an understanding of what they are hearing from compliance officers right now, as well as advice for compliance teams in the "new normal." Here is a recap.
Question: What are the top concerns you are hearing right now?
Bob Lavigne: “Our compliance practice is fielding a large number of implementation questions concerning Regulation Best Interest (Reg BI). We anticipate that most firms are making good-faith efforts to be in compliance by the rule deadline, so we are preparing for—and have been heavily involved in—what we refer to as ‘Day 2’ work. This includes, just to name a few items, tuning product score cards and product rationalizations, supervisory processes, branch office inspections, compliance testing and book and records reviews.”
Hank Sanchez: “Reg BI remains the top concern. I would only add that we are addressing many questions related to Form CRS (that is, Reg BI Customer Relationship Form disclosures), including process questions concerning how and when to deliver these forms to clients, and ensuring that language in the separate disclosure documents concerning conflicts and fees is clear and adequate.”
Lavigne: “There are of course some firms, usually small- to medium-sized, that have not yet fully prepared for the implementation of the rule. We are currently working with some to help them catch up and be compliant on June 30th.”
Sanchez: “That’s right. Those that are just now trying to catch up can still evidence the necessary ‘reasonable’ attempts to comply, but they will certainly be scrambling to catch up after July. Those firms should understand that the delay may affect their ability to complete the rest of their compliance requirements in the second half of the year.”
Question: How has the Coronavirus affected client efforts to meet the compliance deadline for Reg BI or other compliance goals?
Lavigne: “Many firms that have diligently prepared policies, procedures and operations to meet Reg BI and Form CRS deadlines are now confronting pandemic-related challenges around training. They are also concerned with their ability to supervise and execute new policies and procedures, in part because more of their employees are working remotely.”
We are also responding to pandemic-related questions on conducting branch inspections, which would typically be done on site. FINRA requires on-site inspections, but ‘on-site’ is more complicated now. During the pandemic, on-site will likely be remote. Some firms have delayed their branch inspections during the pandemic. Compliance teams have been limited in their ability to review, and will also have to play catch up.”
Sanchez: “Firms are facing additional technology challenges as a consequence of COVID-19. Some firms did not have the initial ability for compliance staff to access supervision systems immediately when the lockdowns occurred and had to use work-arounds when those problems popped up. Technological issues continue to crop up in many places, including, for example, in trade reporting and surveillance for firms with trade desks.”
Question: What does post-COVID-19 compliance look like?
Lavigne: “As firms make the slow transition out of lockdown mode, they will be forced to address the fact that some ways of doing business simply will not go back to the way they were. From a compliance standpoint, firms must think seriously about the adequacy of their remote working policies and if they are scalable in a new environment.”
Sanchez: “The pandemic is accelerating and intensifying previous trends, but the bottom line is that greater reliance on remote working arrangements can cause serious and even unexpected compliance and supervisory issues, depending on how much business is being done out of someone’s home or other remote location. So, as risk assessments and business continuity plans get updated and firms prepare for contingencies that may keep brokers and advisers out of the office for extended periods of time, firm leadership will have to face the realities of more comprehensive remote compliance. This will cost firms money and maybe require additional staff as well. In the longer term, new roles may need to be defined, new techniques developed, and compliance staff will have to become more proficient in them to fulfill regulatory requirements.”
Lavigne: “I should note that our practice group is also responding to a host of non-Reg BI pandemic-related challenges which we anticipate will last for quite a while. These concerns are quite diverse. We are working on everything from work-life business culture issues to proper use (to ensure forgiveness) and disclosure around PPP loans.”
Question: What are regulators looking for at this time?
Lavigne: “Regulators are looking to see that firms are making a good faith effort at implementing changes right now, as well as looking at how firms are adapting to the changing environment. It is important for firms to make sure that policies and procedures are still being followed and, perhaps as importantly, that compliance efforts are visible throughout the organization. This means reaching out to representatives and branches proactively and in real time. Being able to evidence your change management and implementation will be key when speaking to a regulator about your Reg BI program.”
Sanchez: “As a practical matter, if I were a compliance director right now, I’d be most concerned about what didn’t work in the business continuity plan and getting it fixed. Next, I’d be wondering how to do post-mortem testing to ensure things were done properly during the lockdown and to identify what needs to be corrected. For instance, were supervision and surveillance programs up to the task? Did they work? What needs to be corrected? Following that, there should be thorough updates to the firm’s risk assessment (as well as the business continuity plan) to cover any new or foreseeable events—meaning, at a minimum, any shutdown of a home office for any length of time longer than a day or two.”
Lavigne: “Regulators are going to ask you whether the business continuity plan worked or not. Firms should take the time to review what did and did not work and make sure they address the areas of concern. The answers will matter. Now is the time to address it.
Sanchez: “Beyond these heightened and immediate regulatory concerns, it is abundantly clear that directors must remain on top of firm compliance with respect to anti-money laundering and cyber programs. But it also requires compliance officers to pay attention to those areas where regulators have specifically highlighted their priorities, including continuously addressing privacy-related policies and procedures and ensuring electronic delivery of required forms to customers.”
Question: What is your outlook on the market going forward?
Lavigne: “Keeping up with compliance responsibilities during ‘normal times’ is challenging. These are not normal times. During COVID-19, even the ordinary compliance tasks present unexpected challenges. But COVID-19 also presents an opportunity to take a hard look at the entirety of your compliance and supervisory operations. We suggest that firms take this advantage to reassess old programmatic approaches to compliance and consider supervision and risk mitigation through greater use of data and technology. That may yield cost savings and regulatory benefits long-term.
Sanchez: “During this time, taking a moment to survey the overall compliance operation would be valuable. Firm leadership should acknowledge what worked well and who made it happen. That they got it right should absolutely be recognized. For those firms that struggled, this is also an important moment. Those firms should engage in an assessment of the role of compliance management within their business. Perhaps, firm leaders may consider providing a compliance greater say when budget conversations turn to systems and staffing upgrades.
AML Compliance Report: FinCEN Says Hold the Line, FFIEC Updates Exam Manual
At a time when regulators are emphasizing their understanding of, and flexibility concerning, the difficulties facing financial firms as a result of COVID-19, the Financial Crimes Enforcement Network (FinCEN) and the umbrella Federal Financial Institutions Examination Council (FFIEC) are demanding robust compliance with Bank Secrecy Act/ Anti-Money laundering (BSA/AML) requirements. Since Bates’ last report in which FinCEN highlighted warnings about bad actors finding opportunities created by the volatility and fear in the markets, the Network issued additional compliance information to its previous alert, and FFIEC published a long-anticipated update to its BSA/AML Examination Manual. Here are some of the details.
FinCEN Says Hold the Line
Last month, FinCEN issued its second Notice within a month concerning compliance with BSA/AML obligations during the pandemic. While it “appreciate[s]” the challenges financial firms are confronting as a result of the coronavirus, FinCEN reminded the firms that such compliance is “crucial to protecting our national security” and that the agency “expects financial institutions to … diligently adhere to their BSA obligations.”
Beyond that overarching message, FinCEN urged that financial firms stay the course in developing their risk-based compliance programs. In addition, FinCEN provided specific direction for making it easier to support pandemic-related programs and offered other tweaks for easing some compliance challenges.
First, FinCEN advised that loans disbursed to existing customers under the Paycheck Protection Program (PPP) of the Coronavirus Aid, Relief, and Economic Security Act (CARES Act) do not require re-verification under existing BSA requirements unless flagged by the institution under its risk-based approach. (Existing customers already undergo verification with BSA requirements.) In addition, FinCEN made note of previously limited relief from beneficial ownership requirements for non–PPP-related loans under certain circumstances. (See the Small Business Administration FAQs on beneficial ownership obligations under the CARES Act that FinCEN published on April 13, 2020.)
Second, FinCEN advised that it suspended implementation of a recent rule change scheduled to take effect on April 6, 2020, concerning the use of Currency Transaction Reports forms involving sole proprietorships and entities operating under a “doing business as” (DBA) name. FinCEN stated that financial firms reported difficulty in meeting the implementation timetable.
Third, FinCEN announced a new online contact mechanism for firms to convey COVID-19–related BSA compliance issues. FinCEN also reminded firms to contact “their functional regulator(s) or other BSA examining authority as soon as practicable” concerning BSA compliance concerns.
The Office of the Comptroller of the Currency (OCC) followed up the FinCEN Notice with a Bulletin of its own. OCC offered full support for FinCEN’s risk-based approach to BSA compliance, and actions described earlier, as a reasonable response to pandemic-related concerns. OCC stated that it will take into consideration “the actions taken by banks to protect and assist employees, customers, and others in response to the COVID-19 pandemic, including any reasonable delays in BSA report filings, beneficial ownership verification or re-verification requirements, and other risk management processes” when evaluating a firm’s compliance program. Presumably, that would apply to penalties for violations as well.
FFIEC Updates Examinations Manual
On April 15, 2020, FFIEC, the council of federal and state regulators that includes the Federal Reserve Board of Governors, the Federal Deposit Insurance Corporation, OCC, the National Credit Union Administration, the Consumer Financial Protection Bureau, and the State Liaison Committee, announced updates to its manual on BSA/AML compliance examinations. The publication is the instruction manual examiners use for overseeing compliance by financial institutions with regulatory requirements and supervision.
In its joint interagency statement, FFIEC explained that the latest revisions enhance the risk-focused approach to BSA/AML supervision. The regulators were keen on ensuring that evaluations of BSA/AML compliance programs are based on an institution’s risk profile for money laundering, terrorist financing, and other illicit financial activities. The revisions were also meant to clarify language that “distinguishes between mandatory regulatory requirements and supervisory expectations set forth in guidance.” That said, FFIEC stated that the revisions do not add new requirements.
Specifically, the revisions concern (i) risk profile supervision, testing, and analysis; (ii) adequacy of a compliance program (with sections on internal controls, independent testing, and training, among others); and (iii) adequacy of the risk assessment process, including, bank-related risk categories and risk analysis. The new revisions emphasize the built-in flexibility over the design of BSA/AML compliance programs, risk assessments methods, and formats. In addition, the instructions relay to examiners that risk assessment updates do not have to be regular but rather should be aligned and reflect any changes to a bank’s risk profile.
Despite its second notice providing BSA/AML compliance guidance to financial firms during COVID-19, FinCEN is not offering much relief. If anything, the agency is doubling down on its direction to financial firms that they protect against the increased risks presented by bad actors during this time (i.e., the first Notice imploring that firms continue aggressively monitoring and filing SARs reports), and has offered various tweaks for speeding up the PPP application process or postponing implementation of beneficial owner rules (the second Notice). When placed in context, FinCEN appears to be demanding that financial institutions up their game at a time when those very institutions are dealing with staff and resource constraints including staff operating under quarantine conditions.
FFIEC’s Examination Manual remains the most definitive source for regulators to measure the adequacy of BMA/AML compliance. The revisions recommend a detailed review to ensure that a firm is implementing its risk-based approach in full. Put another way, significant penalties may hang in the balance.
In addressing these issues, Edward Longridge, Managing Director of Bates AML & Financial Crimes, points out that “[d]uring these challenging times with Coronavirus, the regulatory establishment is requiring increased efforts of BSA/AML managers over their programs, particularly related to COVID-19 scams and other types of fraudulent and money laundering activity. The expectation is for BSA/AML programs to step up to meet the challenge posed by bad actors.”
Bates will continue to monitor developments and keep you apprised.
For additional information, please follow the links below to Bates Group’s Practice Area pages:
FINRA Carries On: Focuses on High-Risk Brokers, Broker Beneficiaries, Arb Postponement & Reg BI
While the COVID-19 pandemic continues to create unusual and difficult challenges for the financial service industry, FINRA continues to move forward with regulatory matters that warrant attention. In this article, Bates reviews recent FINRA developments on high-risk brokers, proposed limitations on brokers acting as beneficiaries, executors or trustees for senior investors, additional COVID-19-related hearing postponements, a recent arbitration proposal related to claims against inactive members and further remarks on Regulation Best Interest (Reg BI).
FINRA Proposes to Hold Firms More Accountable for Bad Actors
On April 14, 2020, FINRA proposed a host of new rules that would strengthen oversight over member firms’ supervision of high-risk brokers. The proposed rules include (i) disciplinary changes that would allow a hearing officer to impose “conditions or restrictions” on firms and require heightened supervisory procedures during an appeal to the National Adjudicatory Council, (ii) changes that would require firms to adopt heightened supervisory procedures for statutorily disqualified brokers during an eligibility review; (iii) changes that would allow disclosure that a firm is subject to the "Taping Rule" through FINRA’s BrokerCheck system; and (iv) changes under membership application and registration rules that would require firms to engage in additional obligations before hiring any person who has final criminal matters or specified risk events during the previous five years to become an owner, control person, principal or registered person of the firm.
FINRA Highlights Senior Investor Protection Proposal on Brokers Acting as Beneficiaries, Executors and Trustees
In one of her first statements since formally becoming Executive Vice President and Head of FINRA Enforcement on January 17, 2020, Jessica Hopper highlighted an increasingly frequent pattern of brokers who are appointed beneficiaries, executors or trustees on behalf of vulnerable senior clients. She pointed out the risks and potential conflicts of interest associated with these arrangements and noted that investigations into the details often present challenges, particularly in cases where the client has a mental impairment or has died.
Ms. Hopper’s statement is significant, in large measure because she calls attention to a recent FINRA rule proposal that would create a national standard to protect seniors by requiring member firms to review and approve—in writing—an associated registered person being named a beneficiary, executor, or trustee or to hold a power of attorney on behalf of a customer. As part of a firm’s review under the proposed rule, the member firm would be expected to reasonably assess the risks of the arrangement and would have to supervise compliance with any conditions placed upon the approval. (Note: the proposed rule would not apply where the customer is a member of the registered person’s “immediate family,” which is defined to include “parents, grandparents, mother-in-law or father-in-law, spouse or domestic partner, brother or sister, brother-in-law or sister-in-law, son-in law or daughter-in-law, children, grandchildren, cousin, aunt or uncle, or niece or nephew, and any other person whom the registered person financially supports, directly or indirectly, to a material extent. The term includes step and adoptive relationships.”)
Not all respondents agree with FINRA’s proposed approach. The North American Securities Administrators Association (NASAA) commented with a recommendation for a stricter standard that would (i) prohibit outright any registered persons from “being named as a beneficiary or appointed to a position of trust by a customer, unless the customer is an immediate family member” (and even then, only under certain conditions), and (ii) implement heightened supervision of all such accounts.
Ms. Hopper emphasized that FINRA will act aggressively to sanction brokers that procure such an appointment through unethical means. While the comment period ended on January 10, 2020, the rule has yet to be adopted, and there is no indication when this will occur. However, a few days after her statement appeared on the agency blog, a FINRA podcast celebrating the five-year anniversary of its Securities Helpline for Seniors covered notable “trends and themes,” including the proposed new rule. It is clearly top of mind.
FINRA Extends Postponement of Arbitration and Mediation Proceedings
On March 17, 2020, Bates reported that FINRA administratively postponed all in-person arbitration and mediation proceedings scheduled through May 1, 2020. On April 20, 2020, FINRA extended that postponement through July 3, 2020. FINRA reminded all parties that “case deadlines will continue to apply and must be timely met unless the parties jointly agree otherwise.” In addition, FINRA announced that it is waiving postponement fees if the parties stipulate to “adjourn in-person hearing dates” between July 6 and September 4, 2020. Written notices are required. Those interested in virtual hearing services were encouraged to contact FINRA case administrators.
FINRA Expands Procedural Options for Claims against Inactive Members
On April 9, 2020, FINRA amended its arbitration rules to “expand the options available to customers” when a firm or associated person becomes inactive during a pending arbitration, or before a claim is filed. Under the new procedures, which go into effect on June 29, 2020, if a member firm or an associated person becomes inactive during a pending arbitration, FINRA will notify the customer claimant of the status change. Within 60 days of receiving notice that a member firm’s or an associated person’s status has been changed to inactive, a customer may withdraw the claim, add a claim or new party or postpone a scheduled hearing. The customer still retains the option to request a default proceeding against an inactive member or associated person.
FINRA Endorses OCIE’s Reg BI and Form CRS Approach
On April 8, 2020, FINRA issued a statement backing up the approach the SEC Office of Compliance Inspections and Examinations (OCIE) will take following the compliance date of June 30, 2020. (See Bates coverage on the OCIE alert here.) FINRA said that, like the SEC, it too will focus on whether firms have made a good-faith and reasonable effort at compliance with Reg BI and Form CRS. As a reminder, FINRA is also seeking to modify its suitability rule to better conform to the new Reg. BI standards. The proposed amendments clarify that pre-existing FINRA rules would not apply to broker-dealer recommendations for retail customers under Reg BI. (See additional Bates coverage.)
Like the assurances given by the OCIE, FINRA emphasized that it would work “with firms and the SEC on issues that may arise in the course of examinations for compliance.”
During this transition period between what was and what will be the “new normal,” FINRA continues on course. The proposal to protect senior investors in cases involving appointed beneficiaries, executors and trustees should be carefully watched, as it is unlikely that so much concentrated attention is coincidental. Similarly, the proposal to impose and strengthen accountability for firm supervision of bad actors communicates that this subject remains a top compliance priority. FINRA’s messaging on Reg BI is part of a continuing effort to harmonize its position with the SEC. FINRA’s long-anticipated amendments to the arbitration rules are necessary to shut down loopholes in this increasingly important aspect of the FINRA agenda. Bates will continue to monitor further developments.
For FINRA arbitration and litigation matters, please note the following services:
Coronavirus and the Approaching Business Interruption Insurance Storm
These are uncertain times for insurers. In a report issued on March 31, 2020, Congressional Research Service (“CRS”) staff noted the likelihood that “loss of income from mandatory or voluntary closures, supply chain disruptions, and reduced demand due to social distancing measures may induce businesses of all sizes to seek compensation from insurers.” That was clearly an understatement. Early estimates from the American Property Casualty Insurance Association (“APCIA”) are that some 30 million small businesses claims may be filed. This would be more than ten times greater than the highest number of claims “ever handled by the industry in one year.” In statement released by the APCIA, David A. Sampson, President and CEO of APCIA, offered preliminary estimates of closure losses for small businesses, which have increased to $255 billion to $431 billion per month. “Continuity losses for small businesses are approximately 43 to 72 times the monthly commercial property insurance premiums,” Mr. Sampson said.
Insurance market participants are sounding alarms about a wave of state and federal legislation that would shift onto insurers a significant portion of the burden to compensate businesses from the massive losses resulting from pandemic-related shutdowns. Bates takes a look at these legislative moves, early legal action taken by policyholders seeking coverage for business interruption losses as a consequence of the coronavirus (COVID-19), and the reaction by the insurance industry.
Types of Business Interruption Insurance Coverage
The CRS report describes various kinds of insurance that cover specific losses due to certain business interruptions. The issues facing insurers are (1) whether the terms of these policies can be potentially stretched to include losses of the kind that may result from government-mandated (“Civil Authority”) pandemic closures, and (2) what might happen if federal or state authorities retroactively require coverage under these policies for COVID-19 claims.
Commercial property insurance has been a target for legislators mainly because most businesses carry it in some form. Generally, these policies require that the insured suffer a loss of income due to direct physical loss or damage to covered property. Assessments of these losses are fact-specific and subject to significant challenge in court. Christine Davis, Bates Managing Director of Forensic Accounting and a commercial damages testifying expert, explains that “to measure business interruption loss requires taking a number of meticulous steps, including understanding the experience of business before the incident, analyzing the business’s financial records and historical performance, estimating the profits lost during the indemnity period, and gathering the proper documentation that supports the loss calculation.”
That said, many of these policies explicitly exclude losses due to viruses and bacteria - modifications to policies made as a result of unexpected losses suffered during the SARs epidemic. According to the CRS, insurance policies of special relevance include: (1) business interruption insurance (which covers business losses directly or indirectly caused by a covered peril or, in some cases, caused by all risks); (2) business income insurance (which covers sustained loss of income due to a suspension of business operations arising out of a covered risk); (3) contingent business interruption insurance (which covers business losses based on destruction of property owned by others); and (4) civil authority coverage (which covers business interruption losses when a civil authority restricts access to a business premises.)
State governments are aware of the limitations included in many of these policies and are responding to constituent concerns with basic FAQs and other general guidance (see, e.g. this dedicated web page by the New York Department of Financial Services (“NYDFS”); and, more broadly, this database resource provided by NAIC offering State Bulletins and Alerts Regarding Coronavirus). The scope of the problem, however, is so great that these early steps may be seen, in hindsight, as mere placeholders before the real battle over coverage began.
Federal and State Legislators Seek Coverage for COVID-19
The real battle includes legislative efforts to compel the industry to cover COVID-19 claims. The first attempt was outlined in a March 18, 2020 letter by a bipartisan group of U.S. House members to four leading insurance trade associations and their response to it. In the letter, the representatives urged the associations “to work with your member companies and brokers to recognize financial loss due to COVID-19 as part of policyholders’ business interruption coverage.” Similar letters have since been sent to insurers from state representatives.
The implicit threat behind these inquiries is that either the federal government or the states will force insurers to cover COVID-19 related claims. The intention is clear and the concerns are real, warned Sheila Murphy, an insurance consultant and expert with Bates Group: “the government is seeking to expand or shift this risk, but insurers have not priced it into their premiums.” In various forms, state legislative bills have now been introduced in New Jersey, Ohio, Massachusetts, New York, Louisiana, Pennsylvania, and South Carolina. Though there are differences among the bills, in general they require insurers to retroactively include the coronavirus as a “covered peril” under business interruption policies. In the interim, various state agencies have adopted emergency regulations requiring that property and casualty insurers provide relief to consumers and small businesses with extensions for the payment of premiums and fees under these policies, (see, e.g. NYDFS Emergency Action).
The U.S. House Financial Services Committee, meanwhile, is considering a draft Pandemic Risk Insurance Act (“PRIA”) patterned after the Terrorism Risk Insurance Act (TRIA). According to Maxine Waters, U.S. House Financial Services Committee Chair, PRIA would “create a reinsurance program similar to [TRIA] for pandemics, by capping the total insurance losses that insurance companies would face.” Recent reports suggest that PRIA “would be triggered when industry losses exceed the $250 million threshold and aggregate losses would be capped at $500 billion in a calendar year for both insurers and the government.” Further, the bill reportedly states that participating insurers will be charged an annual premium for reinsurance coverage, “based on the actuarial cost of providing such reinsurance coverage, including costs of administering the program.” Insurers, in turn, would agree to provide coverage for insured losses that does not “differ materially from the terms, amounts and other coverage limitations applicable to losses arising from events other than public health emergencies.”
Other legislative proposals include establishing a compensation fund – currently referred to as the “Federal Business Interruption and Workers' Protection Recovery Fund." Lilian A. Morvay, Bates Insurance expert and consultant , describes such a solution as similar to the 9-11 Victims Compensation Fund or the National Flood Insurance Program. Shestates: “clearly, the pandemic and the losses it is leaving in its wake are unprecedented. In the interest of supporting businesses without bankrupting the insurance industry, this solution would backstop insurers that provide monetary relief to businesses that suffered economic losses.” Under the proposal, insiders say, businesses would “submit claims to their insurers as if business interruption resulting from coronavirus were covered. Insurers would then adjust those claims as normal and determine the appropriate claims payment, which would be funded by the government.”
The industry response to the bipartisan letter and state and federal actions has been forceful. Collectively, the insurers are leaving no doubt that they will fight attempts by state and federal legislators (and in court) to force payment for income losses from COVID-19 that their policies were never designed to cover.
In their letter in responding to House members, the associations asserted that “the proposed retroactive application legislation would fundamentally change the agreed-upon transfer of prospective risk-of-loss exposure to coverage for a known and presently occurring loss, something the parties did not agree to, the insurer did not rate for, and the policyholder did not pay for.” Following up, the association leadership said that while insurers stand ready to help, “if policymakers force insurers to pay for losses that are not covered under existing insurance policies, the stability of the sector could be impacted.” Siding with the trade associations, the National Association of Insurance Commissioners (“NAIC”) issued their own statement asserting: “while the U.S. insurance sector remains strong, if insurance companies are required to cover such claims, such an action would create substantial solvency risks for the sector, significantly undermine the ability of insurers to pay other types of claims, and potentially exacerbate the negative financial and economic impacts the country is currently experiencing.”
In the days to come, there will be a fair amount of reporting on state lawsuits filed by policyholders attempting to challenge existing terms of business interruption policies (see, e.g.here, here and here). For now, these coverage claims may be raised against insurers, agents, and brokers, and are handled on a normal case-by-case basis.
Insurers must brace themselves for these cases. That said, the real concern for insurance industry leadership is the momentum building for state and federal intervention in the sector to address this extraordinary challenge. Only some agreement on a collaborative framework between the industry and the government to respond to the national need could possibly result in a way forward. Absent that, the legal battle will be epic. Bates will keep you apprised.
To learn more about Bates Group’s Insurance & Actuarial Services, including expert consultation and testimony, regulatory and analytics support, annuities, business interruption, D&O insurance, property & casualty, and life insurance, please contact:
Reg BI: SEC Keeps June 30th Deadline, FINRA Seeks to Amend Suitability Rule
Over the past few weeks the coronavirus pandemic has overtaken the nation’s financial agenda and diverted the attention of financial regulators who are struggling to keep up and address urgent market needs. With recent actions to provide temporary delays from certain compliance deadlines and other relief, regulators have worked hard to accommodate the practical difficulties of operating under business contingency plans. These actions have left some firms curious as to whether the rollout of Regulation Best Interest (“Reg BI”) may be affected. Well, the wait is over, and SEC Chair Clayton has finally weighed in. Meanwhile, FINRA has pushed forward amendments to its rules on suitability and non-cash compensation “to provide clarity on which standard applies and to address inconsistencies with Reg BI.” And the SEC has filed a brief in the Second Circuit Court of Appeals arguing for rejection of state petitions for review of the Reg BI final rule. Here’s what you need to know.
The Reg BI Compliance Deadline Will Not Be Delayed
After reported consideration of requests by broker-dealer advocacy groups like the Financial Services Institute (FSI), SEC Chair Jay Clayton issued a statement saying that the June 30, 2020 compliance date will not be moved. He explained that the agency has been engaged extensively with market participants as well as with FINRA on the implementation of Reg BI and Form CRS, and that “firms with account relationships comprising a substantial majority of retail investor assets have made considerable progress in (1) adjusting their business practices, (2) supplementing and modifying their policies and procedures, and (3) otherwise aligning their operations and preparing for the requirements of Reg BI and the obligation to file and begin delivering Form CRS.”
That said, Chair Clayton did note that if a firm “is unable to make certain filings or meet other requirements because of disruptions caused by COVID-19” the firm should “engage with us.” He stated that “the Commission and the staff will take the firm-specific effects of such unforeseen circumstances (and related operational constraints and resource needs) into account in our examination and enforcement efforts.”
Chair Clayton relayed that, following the compliance date, “SEC examiners will be focusing on whether firms have made a good faith effort to implement policies and procedures necessary to comply with Reg BI, while also providing an opportunity to work with firms on compliance and other questions.”
He also mentioned that the SEC Office of Compliance Inspections and Examinations “will be issuing two Risk Alerts providing broker-dealers with specific information about the scope and content for (i) initial examinations of Reg BI and (ii) Form CRS.” In a nutshell, Chair Clayton was clear: game on.
FINRA Proposes Modifications to Suitability Rules
In its March 12, 2020 rule proposal, FINRA seeks to clarify its existing suitability and non-cash compensation rules in the context of Reg BI. The amendments apply to FINRA Rule 2111 (Suitability), Rule 2310 (Direct Participation Programs), Rule 2320 (Variable Contracts of an Insurance Company), Rule 2341 (Investment Company Securities), Rule 5110 (Corporate Financing Rule - Underwriting Terms and Arrangements), and Capital Acquisition Broker Rule 211 (Suitability).
First, the proposed amendments clarify that these pre-existing FINRA rules would not apply to broker-dealer recommendations for retail customers under Reg BI. Though it may be clear, as FINRA explained, that any broker-dealer in compliance with Reg BI would meet the suitability standard under Rule 2111, FINRA opted to propose to formally limit the application of Rule 2111 to “reduce the potential for confusion.” In so doing, the amendments make explicit that the higher Reg BI standards apply to broker-dealer recommendations for retail customers.
FINRA explained that it is not eliminating the suitability rule altogether. Rather, it is drawing a distinction between Reg BI’s applicability to “retail customers” and the suitability rule’s continuing applicability to “entities and institutions (e.g. pension funds), and natural persons who will not use recommendations primarily for personal, family, or household purposes (e.g. small business owners and charitable trusts.”)
Second, the self-regulatory organization is removing the "element of control from the quantitative suitability obligation," thus removing the requirement that a broker-dealer must exercise control over an account. This is one of the three prongs of the suitability rule (along with “reasonable basis suitability” and “customer-specific suitability”). This change is consistent with considerations contained in Reg BI, which replaces the suitability rule with four “enhanced” obligations: disclosure, care, conflict of interest and compliance.
Third, FINRA is proposing to apply Reg BI’s conflict of interest limitations on sales contests, sales quotas, bonuses and non-cash compensation to its existing rules governing non-cash compensation. The proposed amendments state that going forward, FINRA rule provisions will not permit non-cash compensations arrangements that conflict with Reg BI.
Comments on the FINRA proposal must be submitted by April 15, 2020. Notably, the effective date will be the compliance date of Reg BI.
SEC Defends Reg BI in Court
Back on September 9, 2019, attorneys general of seven states and the District of Columbia sued the SEC, challenging the issuance of Reg BI on numerous grounds. As Bates described previously, the petitioners asserted, in part, that Reg BI is invalid because the SEC exceeded its statutory authority and acted in an arbitrary and capricious manner by issuing the rule. (These are similar arguments as those that were raised in 2018 successfully challenging the Department of Labor’s Fiduciary Duty Rule.) The petitioners asked the Court to vacate and set aside the rule, and to permanently prevent the SEC from “implementing, applying, or taking any action” under it.
On March 3, 2020, the SEC filed a brief responding to these arguments and defending the agency’s issuance of Reg BI. The SEC asserted that the AG’s argument that the agency exceeded its authority in issuing Reg BI “disregards the text of Dodd Frank, which gave the Commission express, but discretionary, power to adopt a rule imposing a standard of care for broker-dealers.” The SEC also defended the process against arbitrary and capricious claims arguing that the “Commission assessed multiple viewpoints and promulgated a standard of conduct tailored to broker-dealers that will enhance protections for investors against potential harms caused by conflicts of interest while preserving investors’ ability to choose the type of relationship and fee arrangement that best suits them.” (Brief at pp.16-17).
The SEC also defended against a claim that retail consumers will be more “confused” by the different standards for broker dealers and investment advisers created by Reg BI. The SEC said that such a claim is unsupported by any evidence.
Finally, the SEC argued that the state AGs are making “only policy arguments” about what they want to see (a uniform fiduciary duty rule for both investment advisers and brokers) rather than what Congress directed the SEC to do (“evaluate multiple alternatives”). The SEC argued that it did exactly what Congress intended when it gave “the Commission broad authority to balance investor protection with access to services.”
Following SEC Chair Clayton’s statement, firms must now set aside any hope for a Reg BI reprieve through a temporary order of relief. FINRA’s proposed amendments leave little doubt that Reg BI will likely be the controlling standard on recommendations to retail customers. That said, as Bates noted previously, getting past the compliance deadline—and a possible Second Circuit decision—does not end the conversation. There is still the conflicting fiduciary regulation promulgated by states like Massachusetts to contend with. But, the momentum toward an end game continues and firms must continue to stay the Reg BI course.
Enforcement Warnings in the Age of the Coronavirus
As regulators struggle to adjust to the stress that the coronavirus pandemic is placing on the markets, fraudsters are viewing it as an opportunity. That is one clear and consistent warning emanating from federal enforcement agencies over the past month. Last week, Bates described early compliance guidance, regulatory assistance and relief offered by various financial agencies to address some of the difficulties that firms are having, like, for example, fulfilling their reporting and recordkeeping obligations under newly activated business contingency plans. This week we take a look at the latest enforcement warnings and guidance from financial regulators, who are sounding alarms over the added threats that exist in the current volatile environment.
FinCEN Says File your SARs!
On March 16, 2020, the Financial Crimes Enforcement Network (FinCEN) warned financial firms to be alert to malicious or fraudulent transactions. FinCEN requested that institutions affected by the pandemic notify them “as soon as practicable” about any potential delay in filing suspicious activity reports (SARs) as required under the Bank Secrecy Act (BSA). Increasingly, regulatory enforcement strategies rely on these filings (see e.g., Bates’ recent article on senior financial exploitation), and FinCEN is emphasizing the importance of continued compliance and the filing of these reports.
Look Out for Scams
Since the outbreak of the pandemic, FinCEN has noted emerging trends related to imposter scams (impersonations of government officials to steal personal financial information), investment scams (promotions of companies claiming the ability to detect, prevent or cure the virus), and product scams (fraudulent marketing that make false health claims concerning unapproved products). These have yet to result in enforcement actions, but that may only be a matter of time. In any case, tracking these trends requires regulatory reliance on SARs reports which makes continued filings imperative.
Likening the coronavirus to a natural disaster, FinCEN recommends financial institutions review its 2017 Advisory, which describes other types of potential fraud that FinCEN has reason to believe will possibly occur in the days ahead (i.e. benefits and charities fraud and cyber-related fraud). FinCEN also notes that it received reports of potential insider trading – a subject highlighted by the widely reported news that two U.S. Senators sold millions of dollars of stock holdings shortly after private government briefings and just prior to the recent market downturn.
SEC on Heightened Alert for Insider Trading
The subject of trading on inside information has been top of mind for the Co-Directors of the SEC’s Division of Enforcement. In a statement issued on March 23, 2020, Stephanie Avakian and Steven Peikin reminded market participants of the importance of following corporate controls to ensure market integrity. Specifically, they noted the significant COVID-19 relief the Commission provided to firms, which allowed for certain delayed submission of earnings reports and certain required SEC disclosure filings. (For more on this SEC March 4, 2020 compliance relief, see here). The Co-Directors warned that this scenario can lead to more people having access to “material nonpublic information” and emphasized the importance of complying with “obligations to keep this information confidential.” This includes maintaining “disclosure controls and procedures, insider trading prohibitions, codes of ethics, and Regulation FD [Fair Disclosure] and selective disclosure prohibitions,” which protect against the “improper dissemination and use of material nonpublic information.” The Co-Directors made clear that these warnings applied to all registrants including broker-dealers and investment advisers. The expressed concern about more insiders holding material non-public information for longer periods of time should be a warning to firms that the SEC will be looking even closer at the effectiveness of existing controls.
Other Federal Agency Messages
Consistent with the Co-Directors’ statement and FinCEN’s release, other SEC Offices have communicated additional messages that impact enforcement and institutional concerns. For example, the Office of Compliance Inspections and Examinations (OCIE) announced that a firm’s “reliance on [the SEC’s COVID-19] regulatory relief will not be a risk factor utilized in determining whether OCIE commences an examination.” This assurance shows that OCIE will not use these temporary measures to add to a firm’s compliance stress.
As early as February 4, 2020, the SEC Office of Investor Education and Advocacy (OIEA) warned investors about fraud involving claims that a company’s products or services will be used to help stop the coronavirus outbreak. The OIEA also raised issues around “so-called research reports” that make predictions that contain a specific stock target price and “pump and dump” schemes that involve microcap stocks. While these are familiar scams that firms were already alerted to in the OIEA’s Examination Priorities Report (see previous coverage), firms should take note of the enhanced attention the SEC is paying to them given the extreme circumstances afforded fraudsters in the current environment.
Similarly, in an advisory issued on March 18, 2020, the CFTC Office of Customer Education and Outreach (OCEO) warned against fraudsters seeking to profit from coronavirus-related market volatility. The Office urged investors to protect themselves “by learning to recognize common mental biases” and common fraud tactics including (i) promises of oversized returns, (ii) pressure to act “before market conditions change,” (iii) phony credentials, (iv) bogus testimonials, and (v) scams that involve some free gift in exchange for private information.
Financial regulators do not yet know what the new normal will look like. They warn that bad actors are probing new opportunities created by the volatility and the fear in the markets brought on by the COVID-19. Enforcement officials are also trying to adapt to the temporary loosening of certain compliance reporting and disclosure obligations provided to help market participants cope with their contingent capabilities. As the SEC Co-Directors make clear, relaxing compliance for some of these requirements may create new opportunities for mischief and fraud – particularly as they relate to potential for dissemination of material non-public information. On both counts, regulator guidance emphasizes vigilance and communication. But the landscape is changing quickly. Bates will keep you apprised.
For additional information, please follow the links below to Bates Group's Practice Area pages:
Financial Regulatory Guidance, Assistance and Relief Roundup
The volume and urgency of general coronavirus news can seem overwhelming. For financial professionals, separating the facts from the hype is important. Since our last post, financial regulators have pushed out reminders about ongoing compliance obligations, deadline extensions, various general investor “tips” and notifications as to how, for example, the agencies are coping with their own organizational issues. (Note: they remain “fully operational and committed” to their respective missions.)
The challenge for financial firms and investors is to keep on top of the latest communications, understand what is actionable and what is not, and ensure that compliance and supervision processes are in place to manage the crisis. Bates continues to monitor it all. Here’s a recap of the latest compliance guidance, regulatory assistance and relief offered by the SEC, FINRA, NFA and MSRB. (Next, we will look at the latest enforcement warnings and guidance from other financial regulators.)
SEC Gets Practical
SEC Offers Compliance and Disclosure Reminders
In late January, SEC Chair Jay Clayton reminded issuers that the coronavirus and its impacts may be material to investment decisions and to make sure that they pay attention to proper disclosures. A few weeks later, SEC leadership, together with the Public Company Accounting Oversight Board, advised market participants to ensure that their financial reports and auditing processes were in order so that they could reflect unforeseen circumstances consistent with their obligations. That joint statement also offered assurance that the agency would grant relief from filing deadlines (i) beyond the control of the issuer, and (ii) in cases where filings cannot be completed on time or with the appropriate level of review and attention. These statements were general reminders, but were issued in the context of agency concerns about companies that had operations and subsidiaries doing business in China.
SEC Offers Compliance Filing Flexibility
In the past few weeks, the SEC’s posture became significantly more concrete. With the growing realization that the coronavirus had the potential to make it more difficult to gather required information, on March 4, 2020, the SEC issued an Order granting 45 days’ conditional relief from compliance filing obligations to companies that may be challenged in assembling and providing required reports to trading markets, shareholders and the SEC (particularly to companies operating in affected areas like China). The SEC again reminded companies to provide investors with any insight that may be considered a material development and to take the necessary steps to avoid selective disclosures. (See related Alert concerning SEC communications extending the filing and delivery of the Form ADV due to COVID-19)
SEC Offers Board and Shareholder Compliance Relief
On March 13, 2020, the SEC issued two Orders (see here and here) effectively providing relief for funds and investment advisers whose operations may be affected by the coronavirus “due to restrictions on large gatherings, travel and access to facilities, the potential limited availability of personnel and similar disruptions.” Under the Orders, the SEC is expressly granting permission for boards of directors of registered management investment companies and business development companies to fulfill their obligations “by any means of communication that allows all directors participating to hear each other simultaneously during the meeting;” (i.e. virtual board meetings.) The formal relief comes on the heels of the SEC Division of Investment Management's March 4th, 2020 statement that the agency “would not recommend enforcement action if fund boards do not adhere to certain in-person voting requirements in the event of unforeseen or emergency circumstances affecting some or all of the directors” as a result of “the current and potential effects of COVID‑19.”
SEC Offers Warnings on Coronavirus Fraud
The SEC Office of Investor Education and Advocacy issued an alert to warn investors about fraud involving claims that a company’s products or services will be used to help stop the coronavirus outbreak. (Bates will cover enforcement issues in more detail in our next post.) In particular, the Office noted that investors should be wary of “so-called research reports” that make predictions that contain a specific target price and of any “pump and dump” schemes that involve microcap stocks.
SEC, FINRA, MSRB and NFA Cover Business Continuity
In a March 3rd, 2020 statement, the SEC Division of Investment Management advised investment advisers and funds “to evaluate their business continuity plans (“BCPs”) and valuation procedures, among other relevant policies, procedures and systems.” This recommendation was underscored the next day by the derivatives self-regulatory organization National Futures Association (“NFA”), and a week later by FINRA, which detailed the essential elements of such a plan under prescribed rules.
On March 4, 2020, the NFA reminded its members to review their BCPs to ensure that they can adequately address risks associated with the coronavirus to “clearing firms, telecommunications networks, third party providers, internal departments, mail or email services, utilities, etc.,” and to “assess the risks a pandemic poses to those relationships, and understand how a pandemic may materially impact their businesses.” The NFA also urged firms to make sure they had up-to-date contact information for key employees.
With far more specificity, on March 9, 2020, FINRA issued a broad Regulatory Notice covering member obligations under FINRA Rule 4370 which requires: (i) members to create, maintain and review procedures to address an emergency or significant business disruption, (ii) that the BCPs be reasonably designed to enable the member to meet its existing obligations to customers, and (iii) that the BCPs take into consideration existing relationships with other broker-dealers and counter-parties. In the Notice, FINRA reminded firms to consider whether their BCPs “are sufficiently flexible to address a wide range of possible effects in the event of a pandemic in the United States.” Considerations include staff absenteeism, travel or transportation limitations, risks associated with remote offices and telework arrangements, cybersecurity and technology interruptions or slowdowns.
The landscape is shifting dramatically. FINRA will continue to make interpretive and no-action decisions quickly in the coming days. For detailed updates, FINRA has set up a dedicated Coronavirus related web page to provide information on rule compliance extensions, notices and other guidance for member firms, investors and other stakeholders. The site is an important reference as FINRA continues to respond to a range of concerns (e.g. from broad investor alerts to member applications and mediation and arbitration postponements).
Supervision and Control Issues under BCPs
FINRA urged member firms to review supervisory control policies and procedures under their BCPs to ensure effective communications with customers and to support customer access to funds and securities during the crisis. These supervisory concerns are highlighted because of branch office rule limitations and as a result of the rush to alternative and telework arrangements. Notably, FINRA informed member firms that it is temporarily suspending requirements to update Form U4 information for registered persons who are temporarily relocated; and to submit branch office applications on Form BR for temporary office locations or space-sharing arrangements.
Similarly, on March 16, 2020, NFA told its members that they would allow associated persons to temporarily work from home under their business contingency plans, provided that the firm (i) institutes adequate supervisory methods, (ii) meets its recordkeeping requirements and (iii) "ensure[s] that these procedures are documented."
MSRB addressed the same issues concerning remote supervision in a March 10th, 2020 Notice on the “Application of Supervisory Requirements in Light of Coronavirus.” The Notice covered MSRB rules that require broker-dealers and municipal advisors to implement a system to supervise municipal advisory activities, and asserts that under the rules, firms may incorporate remote supervision using technological resources.
As the coronavirus takes its course, regulators will be getting more and more specific with their compliance guidance, regulatory assistance and relief. Bates will continue to monitor and summarize these regulatory developments.
We know that the current crisis is a challenging time for you, your families and your businesses. Our practice leaders, consultants and experts are available to answer your questions and be a source of knowledge to in-house and outside counsel, and our clients’ compliance, risk, supervision, audit and business teams to help them through this period. Please do not hesitate to reach out to us for any reason.
Regulators Are Gaining Traction in the Fight Against Elder Financial Exploitation
Bates Group has been tracking regulatory and enforcement developments on senior financial exploitation. Two recent publications and recent sweeping enforcement actions suggest that the phenomenon is becoming better understood and addressed. The Financial Crimes Enforcement Network (FinCEN) published a strategic analysis after reviewing Suspicious Activity Reports (SARs) filings over a six-year period. The North American Securities Administrators Association (NASAA) issued a statement and a legislative update based, in part, on an enforcement analysis showing that the Model Act to Protect Vulnerable Adults is gaining traction. And the Department of Justice, FBI and Postal Inspector jointly announced the results of “the largest coordinated sweep of elder fraud cases in history.” Here’s a closer look.
FinCEN Analyzes SARs Filings on Senior Financial Exploitation
In December 2019, FinCEN analyzed SARs filed from October 2013 through August 2019 concerning senior financial exploitation. The analysis also reviewed a statistically random sample of SAR narratives contained in these filings between 2013 and 2017. Suspicious activity reported in elder financial exploitation SARs amounted to $21.8 billion during the six-year period, with the number of SAR filings peaking at 7,500 per month by August 2019. FinCEN also found that the total dollar amounts at issue increased annually. In 2014, the total amount reported was $2.2 billion—by August 2019, the amount surpassed $5 billion.
According to the report, “MSBs and depository institutions accounted for the majority of the filings and of the increase, while casino, insurance company, securities and futures, and ‘other’ filers’ reporting trended upward, but accounted for substantially fewer filings per month. Depository institution and securities and futures SARs saw a steady upward filing trend, while MSB SAR filings trended down in 2018 and early 2019.“
The amount reported on a per-SAR basis fluctuated over time. By year, the highest average amount was $70,809 in 2015, and the lowest average amount per SAR was $40,790 in 2017. Breaking these numbers out, however, FinCEN noted that when accounting for type of activity, the average amounts reported for theft (primarily from depository institutions and brokerage firms) were more than double that for scams (mostly from money services businesses.) For theft, the average per SAR filing was $50,084 with the median amount $15,964. For scams, the average was $25,432, and the median was $6,105. Citing Census Bureau data, FinCEN asserts that these losses reflect as much as 28 percent of the median net worth of households aged 65 or over.
Distinctions between theft and scams are important as well from the point of view of proposed legislative remedies. Scams (in particular, romance, emergency/persons in need, and prize/lottery scams,) are often characterized by instances where the victim does not know the perpetrator. Fraud and theft, on the other hand, implicates family members (46% of the cases) and non-family member caregivers (20% of the cases). Further, victims of theft often suffer from some cognitive decline or other incapacitation, making the crime even more egregious. FinCEN’s findings clarify the broad spectrum of abuse captured under the term “financial exploitation” and suggest effective responses using a variety of tools.
NASAA Highlights Success of Model Act
In a press release accompanying a 2020 legislative text and commentary on NASAA’s Model Act to Protect Vulnerable Adults From Financial Exploitation, NASAA President Christopher W. Gerold touted the success of the organization’s ongoing effort. He asserted that the Model Act is “on course to become operative in a majority of states” in 2020 and that the success of these measures will result in “additional reporting leading to more enforcement actions and greater protections for seniors and other vulnerable adults.” (Note: New Jersey enacted the “Safeguarding Against Financial Exploitation Act," a statute based on NASAA’s Model Act, on January 13, 2020.)
As described previously, the Model Act (i) “offers broker-dealer and investment adviser firms qualified immunity for delaying disbursements when the firm reasonably believed financial exploitation would result,” and (ii) requires mandatory reporting by an agent or representative upon reasonable belief of senior financial exploitation. NASAA reports that 25 jurisdictions have now enacted some form of the legislation.
Referring to its enforcement report issued last year and covering data from 2018, NASAA asserted that 14 jurisdictions received 426 reports from broker-dealers and investment advisers regarding the potential financial exploitation of a vulnerable adult. Further, these notifications led to 81 investigations which resulted in 57 delayed disbursements and 32 enforcement actions. Finally, NASAA reports that the states that have enacted the Model Act have seen a “drastic increase” in the number of reports of potential financial exploitation.
For detailed consideration of sections of the Model Act, the accompanying legislative commentary for 2020 is an important read. In it, NASAA describes the intention behind many of the definitional terms used in the Act and offers important legislative history and synopses of public comment. Further, NASAA stated that a designated committee “will undertake a review of the implementation and efficacy of the Model Act in the 25 states where the law has been adopted,” in order to “gather information about how effective the laws have been in protecting vulnerable adults from financial exploitation.” These feedback mechanisms are very important to measure the success against the intentions behind the Model Act.
Federal Enforcement Action
On March 3, 2020, the Attorney General, FBI Director and Chief Postal Inspector announced the results of a coordinated enforcement effort that targeted elder fraud schemes. This year, the agencies racked up impressive prosecutions of more than 400 defendants who allegedly caused more than a billion dollars in damages. Unlike last year’s sweep, which focused on technical support scams and mass mail fraud, this year’s enforcement efforts targeted the “threat posed by foreign-based fraud schemes that victimize seniors in large numbers.” Attorney General Barr explained that reduction of transnational fraud schemes on older Americans has become a Justice Department priority. The agencies highlighted going after the “money mule network that facilitates foreign-based elder fraud” and said that actions were taken against over 600 money mules nationwide in an effort to stop the flow of money from seniors to perpetrators.
In addition, FBI Director Christopher Wray commended the work of the Transnational Elder Fraud Strike Force. Established in June 2019, the Strike Force has been meeting with “industry, victim groups, and law enforcement at the federal, state, and local levels to identify the most harmful schemes victimizing American seniors and to bolster preventive measures against further losses,” said Director Wray.
In the joint announcement, the Justice Department noted additional resources are being made available on senior fraud, including (i) an interactive map showing state-by-state prosecution and educational efforts and (ii) information on a new National Elder Fraud Hotline, for reporting suspected fraud. The latter is to be staffed by case managers who can refer callers to appropriate agencies and services (including the FBI for internet-related scams and the Federal Trade Commission for consumer complaints).
FinCEN and NASAA’s latest efforts to document and analyze their initiatives on elder financial exploitation are important in the ongoing efforts to understand the scope of the problem. FinCEN’s review of available data from SARs filings reinforces prevailing notions that seniors may face an “increased threat to their financial security by both domestic and foreign actors.” NASAA’s updated legislative commentary of key definitions and clauses within the Model Act allows states that have already enacted similar laws—and those that are contemplating enacting such laws—to have the benefit of the latest reasoning based on the latest data. The most recent law enforcement sweep (as evidenced by the interactive map) shows how data sharing, interagency coordination and federal-state collaboration is having an impact.
Bates News, Bates Research, Compliance and Regulatory Alerts | 03-05-20
Facing the Coronavirus: Financial Industry Preparations, Reassurances and Contingencies
If you’ve been in meetings about investor communications, business travel, or other contingency planning over the past few days and weeks, you are not alone. Since the outbreak of the coronavirus (also referred to as COVID-19) and more recently, the precipitous volatility of the financial markets, financial firms have been deluged with questions from just about every stakeholder group about how to respond. Regulators are weighing in as well. Bates looks at some of the efforts to prepare and reassure everyone out there.
Despite early attempts by Federal Reserve Board Chair Jerome Powell to reassure investors that the central bank is “closely monitoring developments and their implications for the economic outlook” and that the Board “will use our tools and act as appropriate to support the economy,” the Fed took more definitive action earlier this week by lowering the target range for the federal funds rate by 1/2 percentage point in an attempt to protect the economy from potential disruptions.
Political actors have been vocal about pressuring the Fed to do more. The President reportedly urged the central bank to be more aggressive cutting rates and suggested that Congress cut taxes. As we went to print, Congress, however, appears to be closing in on a bipartisan $8.3 billion appropriation to combat the virus. Presidential candidates, most notably former candidate Senator Warren, are advocating for substantial fiscal stimulus to address the current situation and potential spread. The Senator wrote letters to CEOs of the globally systemic important banks demanding they provide information regarding “how you evaluate the risks to your institution and its customers associated with coronavirus, the extent to which your institution is exposed to those risks and prepared to absorb their impact, and how you are monitoring the developments going forward.”
For all market participants, the priority is to make preparations to keep transactions and other financial functions operating. A spokesperson from the NYSE stated they are carefully monitoring the spread of COVID-19, and that the exchange has “robust contingency plans, tested regularly, to enable continuous operation of the NYSE exchanges should any facilities be impacted.”
Many financial firms have restricted business travel in Asia and Italy, required employees in those areas work from home, and placed other restrictions on travel and attending conferences. Some U.S. firms are restricting travel, as well. Reuters quotes financial sources discussing the preparation of back-up facilities, “splitting up critical teams into rotating shifts and physically distancing staff from one another.” Ultimately, the plans ensure that employees know what they need to do to keep the company operating.
Backing up how prepared market participants are, Kenneth Bentsen Jr., CEO of the Securities Industry and Financial Markets Association (“SIFMA”), in an interview with Reuters relayed that “most firms have playbooks for handling a range of business disruptions, including pandemics.” He stated that the “industry is reviewing and updating contingency plans in order to minimize any potential disruption to the financial markets that could be caused by personnel being unable to work onsite.” Plans include potentially “moving staff to backup locations away from major cities.” Bentsen conveyed that “our job is to do as much preparedness as we can . . . and to be as resilient as possible. That's been up and running for several weeks now, and we're prepared."
On March 4, 2020, the SEC issued an Order that “provides publicly traded companies with an additional 45 days to file certain disclosure reports that would otherwise have been due between March 1 and April 30, 2020.” In the release accompanying the Order, the SEC makes clear that companies should “continue to evaluate their obligations to make materially accurate and complete disclosures in accordance with the federal securities laws.”
To receive the relief under the newly issued Order, companies must submit a summary report explaining “why the relief is needed in their particular circumstances.” The Commission stated that it “may extend the time period for the relief, with any additional conditions it deems appropriate, or provide additional relief as circumstances warrant.”
The SEC Division of Investment Management also issued a statement saying that it is actively monitoring the current and potential effects of the virus on investment advisers and funds. The staff noted, however, that it “would not recommend enforcement action if fund boards do not adhere to certain in-person voting requirements in the event of unforeseen or emergency circumstances affecting some or all of the directors,” as a result of “the current and potential effects of COVID‑19.” Division staff stated that its no-action position applies to board meetings held between March 4 and June 15, 2020 (with extensions as circumstances warrant.)
For retail investors, regulators have been offering up advice when considering investment concerns. On February 28, 2020, FINRA issued “Investor Tips for Turbulent Markets,” a 5-step primer for when “the stock market gets rocky” to “elevate your financial security.” While not explicitly referencing the advent of the health crisis, the primer contains key steps to “‘steady your pulse during market downturns.” These key points include (i) revisiting financial goals to guide a sound investment approach; (ii) diversify across, and within, the major asset classes relative to your overall portfolio; (iii) automating payments to strengthen financial security; (iv) understanding the impact of changing interest rates; and (v) protecting against fraud by working with registered representatives and using FINRA’s BrokerCheck.
The global nature of the coronavirus challenges the broader economy in ways that are as yet unknown. Messages of preparations, reassurance, and contingency plans by market leaders are helpful to “steady the pulse” as stakeholders move forward. Bates will continue to monitor developments.
Massachusetts Adopts New Fiduciary Rule; SEC Releases Reg BI FAQs; NAIC Approves Annuity Regulation
As the June 30, 2020, date for compliance with the Regulation Best Interest (“Reg BI”) draws near, federal and state regulators are increasingly vocal in warning market participants about how they should treat client investors. Fortunately, the regulators have provided a constant flow of guidance and resources designed to help firms prepare. Unfortunately, however, a chance still exists that geography will affect compliance. In this article, we look at the latest developments by state regulators to push a more stringent fiduciary standard, new SEC staff considerations on Reg BI questions, and important developments in the National Association of Insurance Commissioners (“NAIC”) model regulation on conflict of interest rules for insurance agents and representatives selling annuity products.
Massachusetts Adopts Fiduciary Rule
On February 21, 2020, the Massachusetts Securities Division (“the Division”) of the Office of the Secretary of the Commonwealth officially adopted its proposed “Amendments to Standard of Conduct Applicable to Broker-Dealers and Agents.” The final regulation, effective March 6, 2020, and enforceable starting September 1, 2020, applies a fiduciary conduct standard to broker-dealers when dealing with customers. (Note: the Division adopted amendments concerning disclosure obligations for investment advisers effective back in June of 2019. Enforceable as of January 1, 2020, the amendments require that investment advisers registered in Massachusetts provide clients and prospective clients with a one-page, stand-alone Table of Fees for Services.)
The final regulations were revised to “make clear that the existing suitability standard still applies to any relationships or transactions expressly excluded from the fiduciary standard.” As a previous Bates post describes, the revised version adds “language expanding a potential breach of fiduciary duties to commodity and insurance products;” establishes a presumption that a fiduciary duty exists simply by the title used by an advisor; and requires that an advisor go beyond disclosure or mitigation of a conflict of interest by requiring efforts to actually avoid such conflicts.
Based on comments received, the standards were adopted despite significant pushback, even from Massachusetts Governor Charles Baker (seehere). Broker-dealers and agents registered in Massachusetts that fail to comply with the newly adopted fiduciary standard will be deemed in violation of their obligation of “utmost care and loyalty” and considered to be operating a “dishonest or unethical practice” under Massachusetts law.
Among several scenarios, the latest answers clarify (i) the applicability of Reg BI obligations and CRS Form requirements for accredited investors, (ii) whether CRS forms must be sent or resent to customers if the type of account changes, and (iii) issues concerning state and federal registrations.
NAIC Approves Model Regulations
On February 13, 2020, NAIC announced approval of final revisions to the Suitability in Annuity Transactions Model Regulations. Bates has been following the NAIC deliberations to revise standards and procedures for providing recommendations to consumers on transactions involving annuity products. In general, the model regulation requires that an agent demonstrate in writing a recommendation is in the consumer’s best interest and must identify, manage, and disclose material conflicts of interest. In our previous post, we note that NAIC’s Life Insurance and Annuities Committee approved final revisions (i) that spell out that any producer of such products must satisfy obligations of care, disclosure, conflict of interest, and documentation, (ii) that the model regulation does not require a fiduciary relationship between the producer and the customer, and (iii) that the model regulation provides a safe harbor for producers that comply with the Reg BI. For compliance purposes, the revised model also enhances supervision regime. NAIC President Ray Farmer stated that “nearly every state has adopted the model, which has been protecting consumers for 15 years. I encourage my colleagues to work with their state legislatures to pass these updates to provide even stronger protection” for consumers purchasing annuities.
There are no surprises among the developments. Processes undertaken by various authorities are leading to different, but anticipated results; some that can coexist (i.e., SEC and NAIC) and some that may ultimately be a bit more challenging for firms (Massachusetts fiduciary duty standards and Reg BI).
Despite the request Kenneth Bentsen Jr., president and chief executive of SIFMA for Massachusetts, issued, to “delay action for at least 18 months and then assess whether any further steps are necessary,” the Division appears to have done the opposite, setting an effective date almost 2 months earlier than the Reg BI compliance date. The stage is set for a possible legal battle about whether state or national standards will prevail.
The NAIC’s Reg BI-friendly model regulation for annuity products appears to accommodate some of the differences between the states and the federal agencies.
Firms have little choice but to prepare for Reg BI and should consider their own business practices in light of the detail offered by the SEC FAQs. For broker-dealers whose customers are in Massachusetts, the March 6th effective date for the regulation is fast approaching. For all, the Reg BI June 30 compliance date is just around the corner.
FINRA Talks Dispute Resolution - Offers Tips and Advice to Counsel and Arbitrators
On February 3, 2020, the New York County Lawyers Association hosted its “21st Annual FINRA Listens and Speaks” panel. The panel members discussed recent statistics, proposed regulations, and tips for counsel and arbitrators on the agency’s dispute resolution efforts. Katherine Bayer, Northeast Regional Director of FINRA’s Dispute Resolution Office, and Arthur Baumgartner, Senior Case Administrator, FINRA Dispute Resolution, delved into details of the inner workings of the Office and responded to comments from moderator and arbitrator Martin Feinberg. Bates takes a closer look at what you need to know.
FINRA’s case load has been on the decline for a number of years. In 2019, 3,757 new claims were filed – a decrease of 13 percent from 2018. Customer cases made up 63 percent of the filings and intra-industry cases made up the remaining 37 percent. On average, cases took 14.2 months to conclude – no change from the prior year. However, cases that went through to hearing averaged 16.9 months (slightly longer than the year before), and cases decided on the pleadings alone – with no hearing – averaged 5.8 months, which was a decline from the previous year.
A new category of “special proceeding” cases focusing on small claims were resolved in an average of 7 months. The 1-day telephonic hearings using a single arbitrator went into effect a year and half ago. In 2019, 46 customer cases were decided under the special proceedings. Director Bayer stated that she believes that it is likely the number of these cases will increase as they become better known.
In 2019, 16 percent of the cases closed by award, a low figure and one trending downward. Each year since 2016, the number of cases closed by award went down. Cases closed by settlements and through mediations of customer cases, however, represented 74 percent of the cases adjudicated, which has increased year over year. Mediation case filings also went up last year, with 592 new mediation cases filed (up from 16 percent from the prior year). Director Bayer noted that cases from San Juan, Puerto Rico comprised of more than a third of the mediation case filings. Mr. Feinberg noted that this statistic was the result of the filings from disputes on Puerto Rico bonds.
Rule and Proposed Rule Changes
Director Bayer highlighted a number of recent rule and proposed rule changes affecting FINRA dispute resolution. Those include:
New rules extending the time for non-parties to object to an Order of Subpoena or Order of Production of Documents (to 15 days upon receipt from 10 days upon service).
Proposed changes to member application program (MAP rules) related to pending arbitration claims and awards. The proposed rule change would create a rebuttable presumption that an application for new membership should be denied if the applicant is subject to a pending arbitration claim. The presumption can be overcome by a demonstration of the ability to satisfy an unpaid claim, unpaid award, or unpaid settlement.
The above proposed rule also applies to an existing member seeking a specified change in ownership or control of business operations. Resolution would require a “materiality consultation” – to ensure that the member seeking the change can satisfy an unpaid claim or award. Director Bayer noted that the issue addresses when a firm sells its assets to another firm, and the new firm declines any liability for previously unpaid claims or awards. The rule also requires that an applicant notify any pending arbitration claim before a decision on an application. Comments were completed on January 21, 2020. FINRA is expected to act on it soon.
Proposed changes placing restrictions on non-attorney representatives (NARs) practicing in a FINRA dispute resolution. Law school clinics, family members, and non-compensated friends are not subject to the restrictions in the proposed rules. FINRA will file a formal amendment with the SEC sometime soon. Director Bayer also clarified that under FINRA rules, an out-of-state lawyer can practice in a FINRA dispute resolution proceeding subject to state law restrictions. Mr. Feinberg noted that the original reasoning behind NARs concerned fully qualified, non-lawyer union representatives representing individuals in a labor dispute.
Proposed changes to amend the Code of Arbitration Procedures to expand a customer’s option to withdraw an arbitration claim and file in court in situations where the member firm becomes inactive before a claim is filed, or during a pending arbitration claim. The current rule states that a customer is not required to arbitrate a dispute involving a terminated member. The proposed rule allows a customer to amend pleadings, postpone hearings, and receive refunds of filing fees. Staff is in the process of reviewing comments.
Proposed rule change to the Code of Arbitration Procedures to increase various arbitrator fees and honoraria. To cover the fees, the proposed rule would increase member surcharges in case processing under certain circumstances. The proposed amendments are to be filed soon with the SEC.
Director Bayer also announced the inclusion of case-specific contact information to be delivered at the time the Notice of Panel is announced. The contact sheet includes names of the case administrator, case coordinator (who handles scheduling), and a case specialist (who handles the case when its first is filed, when the answer is filed, and, in general, the motions docket).
Tips for Counsel:
Director Bayer emphasized the importance of, the improvements to, and the expectations for arbitrators to utilize the FINRA arbitration portal. Director Bayer encouraged arbitrators to trust the portal for documents sent and received that will automatically provide a confirmation in the submissions folder. She stated that it speeds up the process, prompts required disclosures (and disclosure updates), and creates automated processes that generate required notices to parties and updates relevant arbitrator disclosures in other cases.
Send Submission Agreement with your Answer. Arbitrator Feinberg stated, “distributing an Answer without a Submission Agreement can do great harm to the parties later on after the case closes and if claimant wants to vacate an award.”
Provide copies of Settlement Agreements to FINRA – they are relevant in expungement proceedings.
“No action” letters (e.g., from an investigation) should not be submitted as evidence in customer arbitration cases.
Tips for Arbitrators:
Complete and execute the Arbitrator Oath on the portal – it starts the disclosure process.
Make disclosures early and throughout the life of the case. Director Bayer stated that “everything is out there these days.” If you are not sure, it is best to disclose.
Avoid withdrawals. Withdrawals are very disruptive to the parties. Director Bayer explained that FINRA staff track withdrawals and patterns emerge, particularly close to hearing dates, FINRA may remove the arbitrator from the roster.
In ruling on motions that include fees (e.g., adjournments), arbitrators should be deciding at the time of the decision who should be responsible for the fee or on any waivers of fees. Director Bayer stated that deferments on assessment of fees may cause problems at the end of the case.
Rulings on motions (e.g., a Motion to Compel) should not be made before an initial pre-hearing conference (even though the arbitrator may have the authority to do so after the filing of the Oath).
Avoid ex parte communications, or any interaction – no matter how innocent – that may be interpreted as bias.
Diversifying Arbitrator Panels
Director Bayer reported that her Office is beginning to see results of outreach efforts to find diverse candidates to serve as arbitrators. She said an outside firm conducts a voluntary confidential demographic survey of the arbitration population. The results are then published on the FINRA website. In the 2019 survey results published in January, significant increases occurred in the diversity of the new arbitrator roster: 39 percent were women, 19 percent African American, 6 percent Latino, 3 percent Asian, and 4 percent LGBT.
The “FINRA Listens and Speaks” panel is an important outreach effort to communicate current thinking on arbitration processes and procedures. The decline in case filings is noteworthy given the longevity of the strong markets. FINRA’s efforts to diversify its arbitrator roster is laudable. FINRA distinguishes itself as one of the few forums in the country that has made progress in addressing and tracking the issue. Director Bayer and Administrator Baumgartner’s tips for practitioners and arbitrators demonstrate a continuing commitment to improve and clarify FINRA’s adjudicatory process. Their repeated admonitions to “trust the portal” should not be ignored.
New OCIE Report Offers Best Practices for Firms to Enhance Cyber Preparedness and Resiliency
A few weeks ago, Bates reviewed the SEC Office of Compliance Inspections and Examinations ("OCIE") recently issued 2020 examinations priorities. That report reminded registered entities to address potential vulnerabilities in compliance programs and practices in order to minimize retail investor and market risks. On the heels of that report, OCIE has issued a new report on “Cybersecurity and Resiliency Observations” to reemphasize that cybersecurity is a top examination priority and that registered entities should be assessing their practices and procedures to ensure adequate compliance. Bates Research takes a closer look at what OCIE wants you to know.
Increasing Threats, Serious Consequences
The OCIE issued its new cybersecurity observations report based on concerns about (i) increasingly aggressive and sophisticated “cyber threat actors,” (ii) increasing firm reliance on technology, and (iii) the rising potential for negative consequences to investors, market participants and the financial markets. Based on 2019 examinations, the report offers best practices on a wide range of cybersecurity controls and operations.
Support from the Top: Governance and Risk Management
OCIE asserts that effective governance and risk management programs (i) demonstrate strong and engaged leadership, (ii) effectively assess and prioritize cybersecurity risk, (iii) have written policies and procedures to address that risk, and (iv) have practices that implement and enforce those policies.
Specifically, OCIE recognized programs that demonstrate appropriate board- and senior-level engagement, including those in which senior leaders demonstrate their commitment “to improving their organization’s cyber posture through working with others to understand, prioritize, communicate, and mitigate cybersecurity risks.”
OCIE highlighted risk assessment methodologies tailored to an organization’s business model and wants firms to consider a wide spectrum of vulnerabilities from “remote or traveling employees” to “geopolitical risks.” Firms should expect that the OCIE will examine for policies and procedures that (i) establish adequate testing and monitoring, informed by cyber threat intelligence; (ii) respond to such testing and monitoring with continuous updates and (iii) provide updated information to stakeholders and to regulators.
Access Rights and Controls
Firms should also expect that the OCIE will examine to ensure that a firm has appropriate controls in place to limit access to sensitive client information. This means an organization’s systems should demonstrate that managers (i) understand the location of client information, (ii) restrict access to that data only to authorized users; and (iii) take steps to prevent and monitor for unauthorized access.
OCIE said it observed firm strategies in which managers limited access during “onboarding, transfers, and terminations;” implemented “separation of duties for user access approvals” and created periodic recertification procedures, among others. Similarly, OCIE identified best practices for access monitoring, including procedures for logins, user name and password changes, hardware and software changes and for the investigation of system anomalies.
Data Loss Prevention
OCIE said that firms should ensure the protection of sensitive data from unauthorized users. OCIE highlighted “capabilities” used by firms to (i) scan for vulnerabilities in internal and external systems (including applicable third party providers,) (ii) “control, monitor, and inspect network traffic,” (iii) “detect threats on endpoints” (e.g. maintaining system logs and applications for aggregation and analysis), (iv) “patch” software and hardware from virus and malware threats, (v) maintain inventories of all hardware and software, (vi) secure data and systems through encryption and network segmentation, (vii) identify and block the transmission of suspicious behaviors and (viii) secure legacy systems and equipment.
OCIE highlighted firm strategies to secure mobile devices and mobile applications. These include establishing clear policies and procedures and requiring the use of mobile device management (MDM) technology applications for authorized users. OCIE also noted firm best practices that “prevent printing, copying, pasting, or saving information to personally owned computers, smartphones or tablets as well as sufficient employee training on mobile device policies.
Resiliency and Incident Response
OCIE expects firms to have incident response plans that include “timely detection and disclosure of material information” in the event of a cyber incident. Specifically, OCIE noted effective programs that incorporate: (i) scenario planning (e.g. denial of service or ransomware); (ii) systems for regulatory and suspicious activity reporting (SARs) and compliance; (iii) adequate notifications concerning data breaches to customers, clients and employees; (iv) staff preparedness plans and (v) incident response testing.
The OCIE also stated that resiliency plans should be based on assessed risks and business priorities, so the firm is in the best position to maintain its core business operations and systems in the event of an incident. This includes determining system and process substitutions during disruptions, maintaining back up data, and assessments of the “effects of business disruptions on both the institution’s stakeholders and other organizations.”
OCIE highlighted firm best practices for vendor management. These include, among others, required due diligence during vendor selection, ongoing relationship monitoring, assessments of vendor services within the firm’s ongoing risk processes, and vendor protection of client information.
OCIE expects that firm employees undergo training about cyber risks to help “build a culture of cybersecurity readiness and operational resiliency.” OCIE observed firms that have robust policies, procedures, training guides and training programs that incorporate specific examples of threats (e.g. phishing emails) to help employees prevent breaches, and to identify and respond to suspicious behavior. OCIE recognized firms that continuously evaluate and update their training programs based on cyber threat intelligence.
The new OCIE report emphasizes that cybersecurity remains a key SEC priority, particularly when it comes to customer data protection, disclosure and compliance (see previous Bates alert). Though OCIE offers these very specific observations on “cybersecurity preparedness and operational resiliency,” it says that there is no such thing as a “one-size-fits-all” cybersecurity program. However, in light of the fact that this very detailed template represents the second OCIE warning in a matter of weeks, it would be prudent for firms to review whether they are appropriately assessing, monitoring and managing their cybersecurity risk.
For additional information and assistance, please follow the links below to Bates Group's Practice Area pages:
Private Placement Alert: GPB Private Funds Under Scrutiny
Bates Group is alerting counsel that we are seeing cases filed where firms sold private funds issued by GPB Capital Holdings LLC. It is alleged that firms selling these funds were negligent and failed to perform adequate due diligence when approving these funds for sale, misrepresented and omitted material information when recommending and/or selling these funds to their clients, had conflicting interests in selling the GPB Capital Funds, negligently supervised the sale of these funds and breached the fiduciary duty owed to their clients.
GPB Capital Funds include:
GPB HOLDINGS, LP;
GPB HOLDINGS II, LP;
GPB AUTOMOTIVE PORTFOLIO, LP;
GPB COLD STORAGE, LP;
GPB WASTE MANAGEMENT FUND, LP;
GPB HOLDINGS III, LP;
GPB HOLDINGS QUALIFIED, LP;
GPB NYC DEVELOPMENT, LP;
Bates Group Support:
Bates staff and experts have provided both consulting and testimony services in matters involving private placement funds. Bates experts have opined on the rules and regulations associated with public and private securities offerings, the adequacy of disclosures in offering documents, the adequacy of due diligence undertaken by firms selling private funds, a determination of the product’s suitability for sale by the firm, a determination of the suitability of individual recommendations made, the adequacy of sales supervision, and an assessment of whether the firm and its representatives met their fiduciary obligations to accredited and retail investors.
Bates has also performed quantitative analyses examining the feasibility of investments at issue producing the expected or advertised returns, including calculating a probability-weighted expected value of return amongst other hypothetical scenarios.
Our experts have provided in-depth knowledge and analysis concerning trading strategies involving alternative investments and the role of these strategies within an overall investment objective, as well as the relative risks for the client in engaging in these types of strategies. We have also provided analysis and testimony in support of matters involving strategies employed to generate additional yield in a client’s portfolio, across a variety of investment products, as well as damages calculation and alternative damages calculation.
Specifically, Bates can assist in the following ways:
Examining the relationship between the general partner and the lead broker-dealers to assess if there was a conflict of interest in brokering, selling, and underwriting the funds.
Assessing whether the offerings were appropriately registered under the Securities Act of 1933 and Section 12(g) of the Securities Exchange Act of 1934.
Assessing the adequacy of disclosures in the private placement memorandum and other offering documents, including the adequacy of risk disclosure and whether there were any material misstatements and omissions.
Assessing the suitability of the products and the suitability of the recommendation.
Analyzing the trading in brokerage accounts to determine the P/(L) associated with investments in the funds at issue.
Contextualizing the fees and commissions that were charged in light of alternative products of a comparable nature and examining the likelihood of the investments at issue generating the expected or advertised returns.
Examining the changes in the investor’s portfolio risk and expected return when investments in the funds at issue are considered as part of an overall investment strategy; forecasting the probability of a loss and the probable size of a loss at the time of purchase.
Please contact us today if you have any questions or need assistance:
The Treasury Department’s Office of Comptroller of the Currency (OCC) issued an Annual Report to Congress highlighting, among other things, the past year’s Bank Secrecy Act (BSA) and anti-money laundering (AML) efforts and setting out strategic priorities and policy initiatives for the new year. The Comptroller says he wants to reduce the burden of BSA and AML compliance, while protecting the financial system. Meanwhile, (i) financial institutions continue to watch the Senate Banking Committee to see if there will be movement on the ILLICIT CASH Act, a bill containing provisions on beneficial ownership that would have significant implications for AML/BSA compliance, (ii) the Association of Certified Financial Crime Specialists (ACFCS) shared some interesting AML 2019 enforcement data compiled by a number of private companies, and (iii) there were some unusual AML-related enforcement actions worth noting. Here’s a closer look.
The OCC Report states plainly that BSA/AML compliance risk remains high. In response to these risks, the OCC highlights three main points. First, it references two previously published joint bulletins (see here and here) that (i) encourage financial institutions to consider innovative approaches in meeting their BSA/AML compliance obligations, and (ii) “address instances in which banks may decide to enter into collaborative arrangements to share resources” to manage these obligations. (The latter provides examples of how “shared personnel, technology and other resources may be beneficial for certain financial institutions – e.g. Community Banks.) The new Report re-emphasizes these themes by acknowledging the global nature and the dynamic of the current technological environment. The Comptroller stated that as innovative solutions continue to evolve, particularly related to identifying suspicious activity and terrorist financing, his Office will focus on encouraging financial institutions to adopt them to manage compliance risks.
Second, the Comptroller reinforces the goal of working with other regulators to ensure that financial institution BSA/AML compliance risk management systems “be commensurate with the risk associated with a bank’s products, services, customers, and geographic footprint.” The Report references OCC’s participation in a Financial Crimes Enforcement Network (FinCEN) working group to improve the transparency of the regulator’s “risk-focused approach to BSA/AML supervision.” Regulators agreed to “tailor examination plans and procedures based on the unique risks of each bank, thereby allowing banks to allocate compliance resources commensurate with their risks.” In 2020, the Comptroller states, OCC will work with other agencies to update the Federal Financial Institutions Examination Council’s (FFIEC) BSA/AML Examination Manual . Notably, the OCC report comes on the heels of publication of the SEC’s Office of Compliance Inspections and Examinations (OCIE) annual report which stated that the OCIE will examine BSA/AML compliance in particular for customer identification programs and customer due diligence, beneficial ownership, and Suspicious Activity Report (SARs) compliance. (See Bates’ OCIE Priorities review here.)
Third, the Comptroller stated that the Office is committed to advocating for updating the “nearly 50-year-old BSA/AML regime.” Referencing 2019 testimony by the Deputy Comptroller, the Report asserts that regulations should be updated “to address rapidly evolving risks, including the inappropriate use of shell companies, and to make better use of technology to protect the financial system from illicit activity.”
ILLICIT CASH Act
OCC’s advocacy for updating the BSA/AML regime finds expression in the Improving Laundering Laws and Increasing Comprehensive Information Tracking of Criminal Activities in Shell Holdings Act (“ILLICIT CASH Act”), a bill which would strengthen the authority of FinCEN. (See previous Bates article here.)
As described in its legislative summary, the bill “comprehensively updates the BSA for the first time in decades and provides a coherent set of risk-based priorities in statute.” Specifically, the bill requires the reporting of beneficial ownership information for domestic shell companies and creates federal reporting requirements that mandate all beneficial ownership information be maintained in a comprehensive federal database, accessible by federal and local law enforcement. A similar bill, sponsored by Congresswoman Carolyn Maloney, titled the Corporate Transparency Act (“CTA”), passed the House of Representatives. To date, the ILLICIT CASH Act resides in the Senate Committee on Banking, Housing, and Urban Affairs, which last held a hearing on it on December fifth.
AML 2019 Enforcement
The Association of Certified Financial Crime Specialists (ACFCS) shared AML enforcement data for 2019. UK software company Encompass concluded that AML enforcement penalties totaled US $8.14 billion globally, nearly doubling the amount that was handed out in 2018. In the United States, they said, regulators assessed 25 penalties totaling $2.29 billion.
FinCEN and SARs
ACFCS also noted a widely reported plea deal by a former senior adviser at FinCEN. (See alsohere.) The United States Attorney for the Southern District of New York brought charges against the employee for “conspiring to unlawfully disclose Suspicious Activity Reports” to reporters concerning “among other things, Paul Manafort, Richard Gates, the Russian Embassy, Maria Butina, and Prevezon Alexander.” Under the BSA, disclosure of a SAR by a government employee is a felony.
The OCC remains committed to its collaborative approach to regulating for BSA/AML risk. It has embraced and encouraged adoption of innovation and technology as the solution, while working with its regulatory counterparts to require that financial institutions tailor their resources to their business models, products, services and customers. The OCC also seeks regulatory changes in the BSA/AML regime that will extend government reach, capture more data and boost their regtech approach. If passed, the ILLICIT CASH Act may serve that purpose. The consistent rise in AML enforcement cases and penalties may evidence the success of that approach. However, the FinCEN case suggests that even the best approach comes with unexpected consequences. Bates will keep you apprised.
Mr. Cook first described the recent reorganization of member firms into one of five business model categories: Retail, Capital Markets, Carrying and Clearing, Trading and Execution and Diversified This consolidation permits FINRA to assign each firm “a single point of accountability” that will have the “ultimate responsibility” for risk monitoring, assessment and “planning and scoping of exams tailored to the risks of the firm's business activities.”
Second, Mr. Cook highlighted the organization’s extensive efforts in preparing firms to comply with new regulations—particularly Regulation Best Interest (“Reg BI”)—that will be examination priorities for FINRA in 2020. To that end, he underscored the letter’s inclusion of practical questions that firms should consider in order to “assess and, if necessary, strengthen their compliance, supervisory and risk management programs.”
Top FINRA Exam Priorities for 2020
See highlights of FINRA’s continuing and emerging concerns on our 2020 FINRA chart below, which keeps track of articulated priorities from year to year.
Reg BI was front and center in this year’s letter. FINRA emphasized that it will continue to offer transition resources as it “reviews firms’ preparedness” prior to Reg. BI’s June 30 implementation date. After that date, however, FINRA will examine broker dealers for compliance with the new regulation, the corresponding interpretations and the new Customer Relationship Summary (“Form CRS”) requirement.
Specifically, FINRA stated it will consider in its examinations whether: (i) adequate processes and procedures are in place to assess broker dealer best interest recommendations; (ii) the firm and associated persons are applying those standards; (iii) account monitoring adequately applies to both explicit and implicit hold recommendations; (iv) recommendations to retail customers are following “express new elements of care, skill and costs;” (v) customer recommendations take into consideration reasonably available alternatives; (vi) controls are in place to prevent excessive trading; (vii) adequate disclosures are provided for; (viii) conflicts of interest are adequately covered in policies and procedures; and (ix) filing and delivery of Form CRS is adequately addressed.
Sales Supervision and Communications
FINRA reiterated past priorities, saying that it will examine supervisory obligations over the sales of complex products (private placements, variable annuities and certain fixed income products). In 2020, FINRA highlighted that it will look closely at private placement retail communications to see how firms are fulfilling their supervisory obligations when using digital platforms (texting, messaging, social media or other applications). The letter states that FINRA will consider whether private placement communications are fair, reasonable and not misleading and whether they omit material facts, adequately explain risks, or contain false statements or promises. In addition, FINRA said it will examine these communications to ascertain whether they fully explain issuer metrics or projections on performance.
On the use of digital communications tools, FINRA asks firms to review their practices and programs to ensure that a representative’s digital communications comply with review and retention requirements and to consider whether their supervisors can recognize—and follow up on—the “red flags” of unapproved communications channels.
FINRA states that “cybersecurity has become an increasingly large operational risk.” As a result, FINRA advises firms that it will examine policies and procedures to ensure that customer records and information are adequately protected. FINRA also reminded firms that cybersecurity controls should be appropriate to the firm’s scale of operations and business model. Specifically, the FINRA letter prods firms to consider their “technology governance programs” to determine whether they are “expose[d] to operational failures” that may compromise their ability to comply with a range of rules and regulations. In this respect, FINRA will evaluate the adequacy of firms’ business continuity plan to ensure that the firm has the procedures and capacity to “maintain customers’ access to their funds and securities, as well as manage back-office operations, to prevent delays or inaccuracies relating to settlement, reconciliation and reporting requirements.” FINRA stated that it will examine testing and for tracking information technology problems.
Additional FINRA examination priorities for 2020 include:
Trading Authorizations – FINRA will examine whether firms have the systems and supervision in place to address trading authorizations, discretionary accounts and key transaction descriptors. This includes whether firms can detect and address registered representatives exercising discretion without written client authorizations.
Bank Sweep Programs – FINRA will examine a broker dealer’s use of bank sweep programs (sweeping investor cash into partner banks or mutual funds) to ensure that such services are not misrepresented, and that any program arrangements as well as cash management alternatives are adequately communicated to the customer.
Digital Asset Investments – For firms that are considering engaging in digital asset investment activities, FINRA will examine whether they are filing the appropriate documentation for engaging in such activity, and whether their marketing and retail communications present a fair and balanced look at the risks presented. FINRA is also concerned with technology-related risk and cautioned that it will review automated systems associated with market access (such as monitoring for trading behavior, adjustments to credit limit thresholds, third party vendors and training).
IPO Practices – FINRA will examine a firm’s compliance with rules restricting the purchase and sale of initial equity public offerings, and on new issue allocations and distributions. FINRA wants firms to review their practices and procedures to ensure that (i) they can adequately detect and address issues of “flipping” or “spinning;”(ii) IPO allocation methodologies and “calculations of aggregate demand” are fully explained; (iii) there are adequate controls to prevent allocations to restricted persons; and (iv) the firm records and verifies information for customers receiving these allocations.
Best Execution – FINRA will continue to focus on compliance with best execution rules as they pertain to routing decisions and procedures for the handling of odd lots, treasuries and options (all subjects of enforcement actions in 2019). Further, FINRA said it will review processes related to handling of customer orders, including how the firm addresses conflicts of interest concerning now prohibited types of remuneration.
FINRA will also continue to examine priorities highlighted in the past, including adequate supervision and compliance over anti-money laundering and fraud, insider trading and manipulation across markets and products.
The priorities contained in this year’s FINRA letter are consistent with those contained in the annual report issued by the SEC’s Office of Compliance Inspections and Examinations (see recent Bates coverage). Similar to the OCIE report—which should be considered in tandem with this letter—the FINRA priorities emphasize the importance of firms preparing for Reg. BI and, more generally, for addressing vulnerabilities in compliance programs and practices. FINRA’s recent consolidation and reorganization and the identification of a “single point of accountability” should prompt firms to engage with them sooner, particularly over preparations for Reg BI, to ensure they are moving toward full compliance with these priorities.
For more information concerning Bates Group's Practices and services, please visit:
This new two-part article, from Bates Compliance Reg BI leaders and our Bates Research team, is an overview of the current state of play on the impending SEC Reg BI rule: how we got here, what the rule requires and what firms need to have in place before the final compliance implementation date on June 30, 2020.
Regulators have announced that they will be reviewing firm’s preparedness and will examine firm’s compliance with Reg BI, Form CRS and related guidance following the deadline. It is therefore imperative that firms have a Reg BI plan in place and develop core compliance and supervisory processes and components now to achieve regulatory expectations and overcome scrutiny.
Bates Research, Compliance and Regulatory Alerts | 01-16-20
OCIE to Prioritize Reg BI Compliance in 2020 Examinations
The SEC Office of Compliance Inspections and Examinations ("OCIE") set out their 2020 examinations priorities in an annual report issued last week. The report reminds registered entities that all its priorities are within the SEC’s mandate to protect investors, facilitate capital formation, and maintain fair, orderly and efficient markets. The report is, in effect, a notice to the industry and chief compliance officers to address potential vulnerabilities in compliance programs and practices in order to minimize retail investor and market risks.
This year, OCIE leaders highlighted a wide variety of continuing and emerging concerns. Bates Group tracks these risks and articulated priorities from year to year (see chart below).
OCIE explained that these priorities should be viewed in light of the rapidly changing registered investment adviser market, the recently adopted rules on broker-dealer and investment adviser conduct standards (Regulation Best Interest) and other significant financial technology and market developments. A good portion of the report is dedicated to explaining this context. Here’s what OCIE had to say.
Registered Investment Advisers: Beware
OCIE leadership explained that examination coverage for RIAs was increasingly imperative, given (i) that the OCIE is “the primary, and often only, regulator responsible for supervising this segment of financial firms;” (ii) that the number of RIAs it supervises is now 13,475, up from 11,500 five years ago; and (iii) that RIAs now have $84 trillion in assets under management, up from $62 trillion five years ago. Examinations of RIAs constituted 2,180 of the 3,089 examinations OCIE completed in FY 2019. By contrast, OCIE examined 350 broker-dealers, 110 securities exchanges, 90 municipal advisors and transfer agents and 15 clearing agencies. These numbers do not include OCIE examinations of the Financial Industry Regulatory Authority (FINRA).
Notably, the OCIE pointed out that its examination coverage rates over registered investment advisers (RIAs) may suffer in 2020 due to perennial staff shortages. However, the Office made clear that it prioritizes keeping pace with year-over-year increases in examination rates for RIAs. In FY 2018, OCIE’s examination coverage of RIAs was 17 percent, and in FY 2019 it was 15 percent. OCIE made a point of noting that the decline in the past year was the result of a 35-day lapse in appropriations, and that examinations of RIAs actually increased by 10 percent over a five-year period.
Regulation Best Interest: Be Ready
Compliance with Regulation Best Interest (Reg BI) interpretations related to the standard of conduct for investment advisers and the new Client Relationship Summary (Form CRS) are major 2020 examination priorities. The OCIE reminded firms that the compliance date for Reg BI and Form CRS is June 30, 2020, and to expect that OCIE will “engage” during its examinations on firms’ progress toward implementation of the new rules. This is significant, in part, because the SEC continues to clarify Reg BI obligations (see e.g. the revised FAQs just issued by the Division of Trading and Markets).
OCIE stated that it has already “integrated” the Reg BI interpretations into its examination program for RIAs. Beyond the compliance implementation date, its examinations will include an assessment as to a firm’s actual Reg BI implementation, “including policies and procedures regarding conflicts disclosures, and for both broker-dealers and RIAs, the content and delivery of Form CRS.”
OCIE restated past examination priorities as they relate to retail investors. (See Comparison Chart above.) These include a focus on certain complex products and vulnerable investors. Consistent with its Reg BI focus, OCIE stated that its 2020 examinations will look at disclosures relating to fees, expenses and conflicts of interest and the “controls and systems [intended] to ensure those disclosures are made as required and that a firm’s actions match those disclosures.” This includes supervision of outside business activities and “any conflicts that may arise from those activities.”
For RIAs, OCIE plans to examine whether they have fulfilled their fiduciary duties of care and loyalty. The OCIE relayed that it “has a particular interest” in the accuracy and adequacy of disclosures provided by RIAs concerning offers to clients on new and emerging investment strategies, such as strategies focused on sustainable and responsible investing, which incorporate environmental, social, and governance (ESG) criteria.
For broker-dealers, OCIE highlighted that examinations will focus on transfer agent handling of microcap distributions and share transfers, sales practices, and supervision of high-risk registered representatives. More generally, OCIE emphasized that it will assess recommendations and advice given to (i) seniors and “those targeting retirement communities” and (ii) teachers and military personnel. In conjunction with Reg BI compliance issues, OCIE said it will focus on higher-risk products like private placements, as well as on non-transparent products such as mutual funds and ETFs, municipal securities and other fixed income and microcap securities.
Industry and Technology Risk: Be Careful
The theme of information technology risk cited in the report is broad. OCIE will be “monitoring industry developments and market events” to assess broad risks and consequences for both firms and retail investors.
For registered entities, OCIE said it will examine the use of technology by third-party vendors and information security in general, including proper configuration of network storage devices and retail trading information security. The OCIE also emphasized that it will examine for (i) SEC registration eligibility, (ii) cybersecurity policies and procedures, (iii) marketing practices, (iv) adequacy of disclosures, and (v) the effectiveness of compliance programs. For RIAs in particular, OCIE said it will focus on the protection of clients’ personal financial information including on governance and risk management, access controls, data loss prevention, vendor management, training, and incident response and resiliency.
As to retail investors, on digital assets and electronic investment advice, OCIE will be examining for (i) investment suitability, (ii) portfolio management and trading practices, (iii) safety of client funds and assets, (iv) pricing and valuation, and (v) supervision of employee outside business activities.
Resources and Examinations
OCIE leaders acknowledged the resource challenges to fulfilling its mandate and said that it will continue to invest in expertise, technology tools and data analytics to “identify potential stresses on compliance programs and operations, conflicts of interest, and … issues that may ultimately harm investors.” OCIE implied that it will use these tools to determine how to select firms for examinations and remarked that “broker-dealers may be selected for examination based on factors such as employing registered representatives with disciplinary history, engaging in significant trading activity in unlisted securities, and making markets in unlisted securities.”
For RIAs, OCIE said it would look at selecting firms that have never been examined or have not been examined for years in order to determine whether compliance programs “have been appropriately adapted in light of any substantial growth or change in their business models.” In addition, OCIE stated that it will “prioritize examinations of RIAs that are dually registered as, or are affiliated with, broker-dealers, or have supervised persons who are registered representatives of unaffiliated broker-dealers.” It will examine compliance programs to address best execution risk, prohibited transactions, fiduciary advice, and conflict disclosures related to these arrangements. OCIE will also examine firms that use third-party asset managers to advise clients in order to consider the extent of these RIAs’ due diligence practices, policies, and procedures. OCIE promises to be diligent about narrowly targeting and protecting the investor information it collects and noted some of the cross-border compliance issues it faces in covering almost a thousand off-shore RIAs that manage over $10 trillion in assets.
The OCIE also emphasized that it will be examining for the following:
Anti-Money Laundering (AML) Programs – OCIE seeks to prioritize examining broker-dealers and investment companies for compliance with their AML obligations. In particular, the Office will review for customer identification programs and customer due diligence, beneficial ownership compliance, and Suspicious Activity Report (SARs) compliance. OCIE will also review to ensure timely and independent tests of AML programs.
Algorithmic Trading – OCIE will examine for controls and supervision around the use of automated trading algorithms, explaining that broker-dealers have expanded their use into multiple asset classes, which has the “potential to adversely impact market and broker-dealer stability.” This includes “the development, testing, implementation, maintenance, and modification of the computer programs that support their automated trading activities and controls around access to computer code.”
Broker-Dealers that Hold Cash and Securities – OCIE will be examining to determine if broker-dealers are safeguarding these assets “in accordance with the Customer Protection Rule and the Net Capital Rule,” and to check for compliance with internal processes, procedures, and controls.
MSRB – OCIE will prioritize review of municipal advisor fiduciary duty obligations to clients, fair dealing with market participants, and the disclosure and conduct of municipal advisers regarding conflicts of interest.” OCIE also said it will review for compliance with recently adopted MSRB rules on advertising.
FINRA – OCIE plans to continue to conduct risk-based oversight examinations of FINRA, including oversight of the examinations FINRA conducts of certain broker-dealers and municipal advisors.
In its report, OCIE leadership deliver several messages to the firms it examines, including identifying the hallmarks of effective compliance. Most importantly, they underscore that the people and compliance programs play a critical role and really do matter. Effective compliance requires (i) establishing a culture of compliance for the firm; (ii) a commitment by firm executives that compliance is “integral” to firm success: and (iii) “tangible” support for compliance in all operations and throughout all levels of the firm. They stress that the chief compliance officer must be fully empowered with the “responsibility, authority, and resources to develop and enforce policies and procedures of the firm.” And, finally, they remind firms that compliance should be “incorporated” into firm operations and business developments, including product innovation and new services.
For more information concerning Bates Group's Practices and services, please visit:
Bates Research, Compliance and Regulatory Alerts | 01-10-20
FINRA Releases 2020 Risk Monitoring and Examination Priorities Letter
FINRA has announced their regulatory and examination priorities for the upcoming year. You can read the letter, with an introduction by FINRA President and CEO Robert Cook, here. New for this year is a focus on Regulation Best Interest (Reg BI) and Form CRS (Client Relationship Summary).
Stay tuned to the Bates News page for our commentary on FINRA’s 2020 objectives and how they may impact your legal, regulatory and compliance matters.
Bates Group continues to track a host of issues affected by the adoption of Regulation Best Interest (“Reg BI”), the 2019 package of rules and interpretations from the SEC setting standards of conduct for broker-dealers and independent advisers. These include a variety of state responses to the federal regulation, as well as Reg BI impacts on issuers of other complex financial products sold through brokers and advisers, specifically, recommendations to consumers on transactions involving annuity products. Here are some of the latest developments.
In prior posts, Bates Group reviewed legal challenges to the new federal regulation from state attorneys general, state legislative and regulatory initiatives (seehere and here) designed to provide an alternative regulatory framework to protect in-state investors, and the North American Securities Administrator Association (“NASAA”) cautious position toward both these state approaches.
Just before the new year, the Massachusetts Securities Division of the Office of the Secretary of the Commonwealth formally proposed a revised uniform fiduciary conduct standard for broker-dealers, agents, investment advisers and investment adviser representatives that provide financial advice to clients and client prospects in the state. In general, the regulation establishes a fiduciary duty and makes a violation of that duty a sanctionable "unethical or dishonest conduct or practice."
The revised proposal differs in several respects from the preliminary proposal issued last June. One legal analysis notes that, among other things, this new version adds “language expanding a potential breach of fiduciary duties to commodity and insurance products;” establishes the presumption that a fiduciary duty exists simply by the title used by an advisor; and requires an advisor to go beyond disclosure or mitigation of a conflict of interest by requiring efforts to actually avoid such conflicts. The proposed regulation also requires ongoing monitoring of accounts by registrants; bans sales contests, sales quotas, and other incentive programs; further clarifies duty of loyalty and care obligations, as well as existing suitability standards.
The breadth of the proposal has elicited strong reaction. Massachusetts Secretary William Galvin argues directly that Reg BI fails to provide investors the protection they need from harmful conflicts of interest and that his state proposal is the only way to truly strengthen investor protections. In response to the proposal, Kenneth Bentsen Jr., president and chief executive of the Securities Industry and Financial Markets Association (“SIFMA”) in a public statement said, “We are very concerned that the proposal exceeds the state’s authority, will diminish investor access to advice, products and services and will increase investor costs. We respectfully suggest that you delay any decision making until after Reg BI is fully implemented and the SEC, FINRA, and the Division and other state regulators have the chance to examine firms for compliance.” SIFMA recommended that the Division delay action for at least 18 months and then assess whether any further steps are necessary.
Secretary Galvin’s move to introduce the revised state regulation sets in motion the formal process by which Massachusetts’s fiduciary rule may be finalized and adopted. In so doing, Massachusetts becomes the next state to reach this juncture, (New Jersey’s rule proposal was first,) setting the stage for an inevitable legal battle over whether state or a national standards will prevail.
NAIC Committee Approves Revisions to Annuity Standards
Bates has also been following the efforts of the National Association of Insurance Commissioners (“NAIC”) to revise standards and procedures for providing recommendations to consumers on transactions involving annuity products. As we previously covered, an NAIC Working Group has been attempting to develop a framework that would revise its “Suitability in Annuity Transactions Model Regulation” with the federal Reg BI standards and accommodate 2019 New York regulations (Regulation 187) which require insurers to establish policies and procedures so that broker-dealers put the “best interest” of consumers ahead of their own.
On December 30, 2019, NAIC’s Life Insurance and Annuities Committee took an important step by approving revisions to the model regulation. In general, the revisions specify that the producer must satisfy obligations of care, disclosure, conflict of interest and documentation.
The regulators specifically pointed out that the model regulation does not require a fiduciary relationship between the producer and the customer and that it provides a safe harbor for producers that comply with the SEC’s Regulation Best Interest. (Notably, New York voted against it at Committee.) That said, the model regulation requires an agent to be able to demonstrate that a recommendation is in the consumer's best interest (the basis of which must be included in a written record), and must identify, manage and disclose material conflicts of interest. The model regulation now heads to the NAIC Executive Committee and Plenary for a final vote before the states may consider its adoption.
The Massachusetts and NAIC processes demonstrate the difficulty in reaching consensus around investor and consumer protection standards. The Massachusetts proposal will serve to build momentum for states to adopt fiduciary standards on broker-dealer recommendations to their clients. These state fiduciary rules, however, will face their test in court. No doubt the NAIC’s Reg BI-friendly model regulation for annuity products may possibly face similar state-by-state reactions and similar legal tests. Meanwhile, firms are left with heavy compliance burdens and lingering uncertainty.
Bates Research, Compliance and Regulatory Alerts | 01-07-20
SEC Office of Compliance Inspections and Examinations Announces their 2020 Examination Priorities
The SEC’s Office of Compliance Inspections and Examinations (OCIE) has announced their exam priorities for the upcoming year. You can read the press release here.
Stay tuned to the Bates News page in the upcoming weeks for our expert commentary on the SEC's 2020 objectives, how they compare to other years, and how they may impact your legal and compliance matters in the future.
Banking Agencies Clarify SARs Requirements for Hemp, Possibly Paving the Way for Cannabis
Photo by Matteo Paganelli on Unsplash
A key to understanding new Bank Secrecy Act (“BSA”) guidance on the “legal status of commercial growth and production of hemp” can be found in provisions of the Agriculture Improvement Act (the “Farm Bill”) signed into law in December of last year. As Bates has noted, bipartisan support for legalization of hemp agricultural products was driven in part by Senate Majority Leader Mitch McConnell (R-KY), who included the provisions into the legislation and pointed out that “the crop is being grown in 101 out of 120 counties in Kentucky.” That legislation distinguished and removed hemp (though not marijuana) as a controlled substance under law, and directed the USDA, together with the U.S. Attorney General, to regulate its production.
Interim rules, issued by the USDA in late October 2019 (to accommodate the 2020 planting season), established a federal licensing approval plan that allows state departments of agriculture and tribal governments to submit plans for monitoring and regulating hemp production. They also establish a federal plan for producers that do not have a USDA-approved plan in their state or territory. The regulations (i) require retention of information “on the land where hemp is produced,” (ii) testing hemp to ensure that certain chemicals (i.e. THC) do not exceed levels that, by law, would make them a controlled substance, (iii) procedures for disposal of hemp that violates those levels, and (iv) other licensing and registration requirements.
Regulatory Clarification under BSA
Given this context, the Federal Reserve Board, the FDIC, FinCEN, the OCC and the Conference of State Bank Supervisors issued a statement clarifying BSA obligations under these new USDA interim rules. (The interim period runs from October 31, 2019 until November 1, 2021.)
The guidance makes clear that banks are no longer obligated to file Suspicious Activity Reports (SARs) on customers that produce hemp, since hemp is no longer on the controlled substance list. However, the agencies also make clear that institutions must still comply with BSA requirements, and, therefore, financial institutions serving hemp producers must establish and maintain effective compliance programs that address the complexity and risks involved in the production of hemp. As with other regulated entities, this means compliance with customer identification, suspicious activity reporting, currency transaction reporting, and risk-based customer due diligence, including the collection of beneficial ownership information for legal entity customers. Consequently, these financial institutions must still file SARs based on suspicious activity.
Potential Impact of BSA Clarification
The agencies’ issuance of a clarifying statement on BSA obligations related to hemp production provisions under the Farm Bill and USDA interim rules, paves the way for similar regulatory adjustments should the Secure and Fair Enforcement Banking Act of 2019 ("SAFE Banking Act") become law.
As described in a previous Bates Research post, the SAFE Banking Act creates a safe harbor for depository institutions that provide banking services to state-licensed cannabis businesses. As with hemp before the Farm Bill, financial institutions must file SARs for cannabis firms, regardless of the legal status of cannabis under state law. Should the SAFE Act—which recently passed in the House of Representatives—become law, proceeds from cannabis businesses would not be considered proceeds from illegal activity. That would open the door to the same kind of regulatory adjustments as the newly clarified treatment for hemp production.
Similarly, should the "Marijuana Opportunity Reinvestment and Expungement Act of 2019" (“the MORE Act”)—which passed a vote out of the House Judiciary Committee—become law, cannabis would be removed from the list of federally controlled substances and could potentially be dealt with under the treatment now afforded hemp. (See Bates coverage of the MORE Act here.) Though the MORE Act and SAFE Banking Act have made progress in the House, time is running out for action on the bills by the Senate. Bates will continue to keep you apprised of developments in this area.
Do The SEC Enforcement Directors’ 2019 Successes Preview Their 2020 Priorities?
Despite “significant headwinds,” including “adverse” holdings in Supreme Court cases and a significant disruption in Congressional funding in the beginning of the year, Co-Directors of the SEC Enforcement Division Stephanie Avakian and Steven Peikin announced that their efforts in FY 2019 have been successful. In a recently published Annual Report, the Directors described enforcement actions that held wrongdoers accountable, removed bad actors, stopped frauds and prevented losses. The report also highlighted that many of the enforcement actions resulted in harmed investors being made whole. According to the report, SEC enforcement in 2019 concentrated on two priorities: retail investor protection and combatting cyber threats. Here are some of the key observations.
Share Class Disclosure
The report highlighted “extraordinary results” from the agency’s Share Class Selection Disclosure Initiative, an effort intended to protect retail investors from failures by investment advisors to disclose conflicts of interest on different share class compensation schemes. (See here for our review of the latest alert on the SEC’s efforts concerning investment advisor compensation issues.) According to the report, the SEC, to date, has ordered 95 investment advisor firms that self-reported their disclosure failures to return $135 million to impacted investors. While the Division of Enforcement did not impose civil penalties in these cases (part of the incentive to report under the initiative), participating firms were required to align their practices and disclosures going forward.
The division was very active in “standalone” cases to protect retail investors. The numbers detailed in the report reflect this priority. Of the 862 enforcement actions brought in 2019, 526 were standalone actions brought in federal court or as administrative proceedings. (The others include “follow on” actions tied to other regulators or criminal authorities, and proceedings to deregister public companies that were delinquent in Commission filings.) The number of standalone cases breaks down as follows: investment advisory/investment company issues (constituting the greatest increase in enforcement actions at 36%), securities offerings (21%), issuer reporting/accounting and auditing matters (17%), broker-dealers issues (7%), insider trading (6%), and market manipulation (6%). Other areas include FCPA (3%) and Public Finance (3%). The charts below provide the numerical breakdown for comparison with FY 2018.
(source: U.S. SEC)
Furthermore, the division reported a total of $3.248 billion in disgorgement of ill-gotten gains, with additional penalties of $1.101 billion. This represents, in aggregate, a $404 million (10%) increase year-over-year.
The SEC also noted recent retail investor protection efforts under its Retail Strategy Task Force (“RSTF”). The RSTF is comprised of enforcement personnel from around the country and works with SEC staff employing data-driven analytics to help identify financial market practices that can harm retail investors. It also supports retail investor advocacy and outreach. The report underscored new initiatives to educate teachers, veterans and active duty military personnel on the basics of savings and investment, fees and expenses, retirement programs, and “the red flags of investment fraud.”
Cyber Enforcement Activity and Digital Assets
As part of its cybersecurity focus, the division counted victories in investigating “violations involving distributed ledger technology, cyber intrusions, and hacking to obtain material, nonpublic information.” Specifically, the division described its increasingly sophisticated capability and developing approach to distributed ledger accountability and misconduct. The division said that recent settlements with issuers of digital assets (ICOs) helped to establish registration and reporting frameworks for future resolutions. The commission also brought actions against third parties for violating securities laws regarding the offer, sale and promotion of digital asset securities. Legally, the SEC stated that its enforcement actions in this space “send the clear message that, if a product is a security, regardless of the label attached to it, those who issue, promote, or provide a platform for buying and selling that security must comply with the investor protection requirements of the federal securities laws.”
Market Integrity Issues
Among its broad efforts on cybersecurity the commission conducted investigations of public companies and regulated exchanges for potential violations of system compliance rules intended to ensure the security of the technology infrastructure of U.S. securities markets. The SEC said that in the last few years, it initiated investigations associated with accounting rule irregularities that pointed to such violations and concluded that “having sufficient internal accounting controls plays an important role in an issuer’s risk management approach to external cyber-related threats.” Further, the SEC described actions it took against financial institutions for improper conduct that undermined market integrity in connection with the “pre-release” of American Depository Receipts (ADRs).
Reporting and Trading
The SEC emphasized its developing use of analytics to identify trade-related impropriety. According to the report, for example, the identification of the overseas hackers who accessed the SEC’s EDGAR system to steal nonpublic information for use in illegal trading “showcased” the agency’s expanding capabilities to identify patterns in the suspicious activity. Central to this approach is the importance of accurate financial and other disclosures—“the bedrock of our capital markets”—critical to the detection, remediation and punishment of misconduct by individuals and corporations. The report went on to list a number of cases that focused on financial statement integrity, the accuracy of issuer disclosures, and the demonstrable willingness by the agency to punish significant corporate wrongdoing.
The Co-Directors lauded the efforts of the division, but noted that they were also limited by decisions from the Supreme Court, notably the 2017 holding in Kokesh v. SEC, which “continues to impact adversely the Commission’s ability to return funds to investors injured by long running frauds.” In that case, the court found that disgorgement constitutes a “penalty,” and is therefore subject to the five-year statute of limitations. As a result, the SEC cannot seek that remedy for ill-gotten gains older than five years. The Division calculated that the ruling forced it “to forego approximately $1.1 billion” and added that it does not include the impact Kokesh has had on SEC resource allocations, which were redirected toward cases with greater potential for recovery.
The Co-Directors also noted the impact of Lucia v. SEC, a 2018 decision that found the way the agency appointed Administrative Law Judges violated the “appointments clause” of the U.S. Constitution. The ruling forced a stay, and approximately 200 administrative proceedings were reassigned. Though many of the matters resolved without the need to have a rehearing, there were others that required a full rehearing before new ALJs and the co-directors said they anticipate additional rehearings in the next fiscal year.
It is clear that the Division of Enforcement has been aggressive this year, despite continued limitations on resources, evolving standards for retail investors and significant legal and cyber-regulatory developments. The Co-Directors provide a clear picture of the management challenges as well as the importance and reliance on data analytics to keep up with the changes. The SEC is likely to issue its Examination priorities soon, and it will be interesting to see if the enforcement trends identified in this report will be reflected in those priorities. Bates Research will continue to keep you apprised.
SEC Zeroes in on Investment Adviser Compensation Conflicts
On October 18th, 2019, more than a year after the launch of the SEC Share Class Disclosure Initiative and targeted enforcement activity, the SEC Division of Investment Management issued information clarifying conflicts of interest raised by different types of investment adviser compensation. In a new set of FAQs, SEC staff reviewed general conflicts of interest disclosure requirements and offered insight on the “material facts” that need to be disclosed concerning mutual fund share classes and an adviser’s receipt of revenue-sharing payments. Here’s a closer look.
Why It’s Important
In a recent regulatory alert, we highlighted recent actions targeting investment advisers by the SEC Enforcement Division. The noted actions were aimed at potential conflicts of interest that arose from revenue-sharing payments and other forms of representative compensation or cost offsets. In general, the actions test whether investment advisers are adequately disclosing potential conflicts of interest consistent with the fiduciary obligations owed to their clients.
These enforcement efforts follow on the heels of the Share Class Disclosure Initiative, an undertaking intended to encourage firms to self-report past violations relating to certain mutual fund share class selection conflicts, and to promptly return money to harmed clients. As Bates has cautioned, the enforcement activity sends firms a strong message to make sure that disclosure concerning revenue-sharing arrangements and other forms of compensation are consistent with SEC interpretations.
The new FAQs cover (i) general compensation disclosure obligations for investment advisers related to recommended investments, (ii) “material facts” that advisers should disclose concerning mutual fund share classes,” and (iii) disclosure requirements related to an adviser’s receipt of revenue-sharing payments. The FAQs also make clear that any amendments to share class or revenue-sharing arrangements made in annual updates are required to be highlighted on Form ADV.
General Compensation Disclosure
The FAQs restate the overarching principles that advisers must disclose financial incentives when recommending investments that are tied to compensation, and that the nature of the compensation affects the disclosure. Staff noted that conflicts are “especially pronounced” when certain share classes of the same funds that do not bear these fees are available.
The FAQs also describe more detailed disclosure obligations required under Form ADV, including the provision of “sufficiently specific facts” to enable clients to give informed consent. This includes “‘information not specifically required by’ the Form or more detail than the Form otherwise requires.”
Importantly, staff made clear (i) that merely reporting that the adviser “may” have a conflict is not adequate disclosure “if the conflict actually exists,” and (ii) that “an adviser should consider these disclosure obligations with respect to both recommendations to purchase and recommendations to continue holding an investment.”
Material Facts on Mutual Fund Share Classes
According to SEC staff, when recommending a mutual fund share class which is tied directly or indirectly to compensation, material facts include the existence and effect of different financial incentives that may lead to conflicts (e.g. those arising from shared incentives between the adviser and a clearing broker, various limitations on share class transactions within a fund, or adviser practices concerning transactions after the initial recommendations). It is also material to disclose how the adviser addresses the conflict, (e.g. on practices related to differences between share classes with different compensation structures for 12b-1 and transaction fees; or whether the adviser “has a practice of offsetting or rebating some or all of the additional costs to which a client is subject.”) The FAQs make clear that these examples are not comprehensive but rather should serve the broader message that all compensation arrangements are on the table.
Material Facts on Revenue-Sharing Payments
An investment adviser is required to disclose any arrangement they may have with anyone who provides an economic benefit for providing investment advice or other advisory services for clients. Under Form ADV, the adviser is obligated to “describe the arrangement, explain the conflicts of interest, and describe how it addresses the conflicts of interest.” The FAQs highlight examples of arrangements in which there are financial incentives provided to the adviser or shared between the adviser and clearing brokers, custodians, funds’ advisers or other service providers. SEC staff warns that such disclosures “should be concise and in plain English.”
Bates Experts Reflect
While the FAQs state explicitly that the interpretations provided do not alter or amend applicable law nor create any new or additional obligations for advisers, the SEC is clearly sending a message that the agency will continue its focus on disclosure and adviser compensation.
Bates Group White Collar, Regulatory and Internal Investigations Managing Director Alex Russell highlights several aspects of the new FAQs. He notes the SEC staff’s expansive view of adviser compensation (e.g. to include areas where a firm saved costs as well as earned fees) and the application of these staff interpretations to investments more broadly. He points out staff’s expectation as to the ongoing nature of the disclosure obligation “beyond point of sale,” underscoring the FAQ warning that “an adviser should consider these disclosure obligations with respect to both recommendations to purchase and recommendations to continue holding an investment.”
Bates Compliance Expert Robert Lavigne urges firms to work on the language of their disclosures to ensure not only that they are “concise, direct, appropriate to the level of financial sophistication of the adviser’s clients and written in plain English,” but that they also be explicit and specific (hence, the admonition against the use of the word “may” when a conflict of interests exists). Getting this right will require a deep dive into advisers’ policies and practices as firms can no longer rely on longer disclosures or references to “potential conflicts” to withstand examination or enforcement scrutiny.
Bates Group stands ready to support firms to ensure that their revenue sharing arrangements and other forms of compensation are consistent with SEC interpretations. Bates is actively engaged in providing assistance to firms responding to enforcement inquiries, providing analysis of large volumes of data to identify accounts that have been impacted by revenue-sharing arrangements, without inappropriately remediating those that have not been impacted.
Recently, on behalf of over twenty major national and regional financial institutions, Bates provided important assistance to firms and their counsel participating in the SEC’s Share Class Selection Disclosure Initiative and related SEC Examinations, as well as to firms addressing FINRA’s recent 529 Share Class Initiative. As a result, those companies have avoided unwarranted remediation costs as well as reputational harm.
Alex Russell, Managing Director, White Collar, Regulatory and Internal Investigations
FINRA issued its annual Report on Examination Findings and Observations on October 16th. Like last year’s Report, the 2019 version highlights selected firm compliance violations and provides “observations” on how firms can improve their programs and address “perceived weaknesses that elevate risk.”
The report is divided into four general categories of regulatory oversight: (i) supervision and sales practices, (ii) firm operations, (iii) market integrity, and (iv) financial management. Within each category, FINRA selected key areas of concern that have been the subject of significant regulatory activity over the past year—primarily, rule changes and enforcement. This year, the FINRA report leads with supervision, pre-Regulation BI suitability, anti-money laundering and cybersecurity. By prioritizing these high-profile subjects in this way, the Report puts firms on notice regarding the types of enforcement actions regulators might bring going forward. Here, we take a closer look at these priorities and note additional compliance concerns raised in the Report.
Supervision, Sales Practices and Firm Operations
The new examinations report emphasizes adequate supervision across all categories, underscoring many of the newly adopted and amended rules. FINRA warned that firms are expected to evaluate which new and amended laws and regulations apply to their business, and that firms should put in place adequate supervisory procedures and training programs to comply with these expectations.
Specifically, FINRA cited a host of failures to update processes and written supervisory procedures related to, for example, new fixed income mark-up disclosure requirements, new trusted contact person information requirements, new requirements on temporary holds and record retention requirements (related to the financial exploitation of specified adults) and new anti-money laundering program requirements (including FinCen’s Customer Due Diligence rule obligations).
In addition, FINRA found supervision failures related to branch activities. These failings include inadequate understanding of products and services offered through these branches, failures to conduct adequate branch inspections and failures to take corrective action.
Other supervisory failures noted in the Report include inadequate recordkeeping and reporting, as well as failures to establish and maintain processes to detect or prevent the falsification of documents. FINRA also found supervisory failures on restricted trading of insider accounts, margin accounts and options accounts.
The Report highlights a perennial area of focus, suitability. This year, however, FINRA emphasized that its review of suitability failures concerned pre-Regulation Best Interest standards and did not address issues raised by the new regulation.
The highlighted failures signal that FINRA will continue to examine the suitability of recommendations “in light of a customer’s individual financial situation and needs, investment experience, risk tolerance, time horizon, investment objectives, liquidity needs and other investment profile factors” as a high priority issue. The Report identifies specific supervisory failings. These include inadequate (i) processes necessary to identify patterns of unsuitable recommendations related to exchanges and their corresponding products, fees, costs and product values, (ii) supervisory systems that were not designed to detect red flags on unsuitable transactions, (iii) supervision over changes to customer account information and (iv) supervision of trading activity that raise suitability red flags.
FINRA also took action against registered representatives that recommended unsuitable complex options strategies to customers who did not have the sophistication to understand the options, and against brokers for failing to implement trade limits and other controls to identify and prevent trading in options that exceeded customer pre-approved investment levels.
FINRA focused on two areas of AML compliance concern. First, it identified deficiencies in systems and processes necessary for adequate AML transaction monitoring. FINRA found (i) failures to tailor such monitoring to address the firm’s particular business, (ii) failures to detect and report suspicious activity, and (iii) failures to detect red flags that might indicate an intent to manipulate stock prices or that may indicate a need to verify wire transfer instructions. Second, FINRA expressed concern for registered representatives’ overreliance on clearing firms to handle transaction monitoring and suspicious activity reporting.
CyberSecurity & Digital Communications
In the form of “observations,” FINRA notes how cybersecurity attacks are on the rise, both in terms of volume and sophistication. As a result, the self-regulatory agency wants firms to be vigilant and ensure the development and implementation of effective policies and procedures that address the protection of customer records and information. To this end, FINRA reminded firms to tailor their programs in the context of their business model and risk profile.
Specifically, FINRA advised firms to (i) develop, implement and maintain cybersecurity controls for branch offices in order to protect confidential data; (ii) document policies and procedures for vendors and third parties that provide services and handle sensitive client information; (iii) establish response plans for cybersecurity incidents; (iv) employ data protection encryption for all confidential information; (v) timely apply system security patches and establish appropriate data access controls (including two-factor authentication) to ensure protection of confidential information; (vi) ensure robust cybersecurity training; and (vii) implement change management procedures as necessary to protect sensitive information.
As to examination findings on digital communications, generally, FINRA urged firms to establish policies and processes to identify and respond to red flags when registered representatives were using prohibited channels (personal texting, social media or other sharing applications) in connections with firm business.
Other Examination Highlights
UTMA and UGMA Accounts: FINRA found that some firms did not have adequate supervisory systems in place to ensure that registered representatives knew key facts about their UTMA/UGMA Account customers, and did not have proper monitoring in place to effect timely transfers of responsibility for the account (such as on the date of majority). FINRA also criticized certain firms for allowing custodians to “withdraw, journal and transfer money from UTMA/UGMA accounts months, or even years, after the beneficiaries reached the age of majority.”
Business Continuity Planning: FINRA found that firms had not adequately prepared or maintained required business continuity plans. FINRA found deficiencies in identifying key “mission-critical” systems, such as for order management of trading desks, or vendor systems that processed and managed financing transactions, such as securities lending and repurchase agreements. FINRA also found business continuity plans that (i) contained outdated emergency contact information and principal registrations, (ii) failed to update operational changes, and (iii) failed to ensure sufficient capacity to handle higher levels of activity in the event of a business disruption.
Fixed Income Mark-up Disclosure: FINRA reaffirmed concerns raised in the 2018 Report regarding new rules associated with providing transaction-related pricing information to retail customers for certain trades in corporate, agency and municipal debt securities. This year, FINRA found disclosure inaccuracies (including mislabeling) of registered representative’s sales credits and concessions, and warned against “mischaracterizations” of certain charges which should be reflected as firm compensation. Other deficiencies were found in the miscalculation of “prevailing market price” determinations and inaccurate reporting of execution times.
Best Execution: FINRA identified issues with the quality of firms’ required execution reviews of customer orders. FINRA reminded firms that such reviews must be performed, at a minimum, on a quarterly basis and on a security-by-security, type-of-order basis. FINRA examinations also uncovered conflicts of interest and related disclosures deficiencies.
FINRA intends for the 2019 Report to be reviewed carefully. While the Report is not intended to be comprehensive, firms would be remiss if they do not consider their own programs and practices in light of the identified compliance failings and concerns. Bates will continue to track regulatory developments and enforcement actions to help you stay ahead of the curve.
For additional information and assistance, please follow the links below to Bates Group's practice pages:
New Federal Legislation Progressing on BSA, Beneficial Ownership and Cannabis Financing
Photo by Colin Watts on Unsplash
On September 26, a bipartisan group of Senators led by Tom Cotton, (R-AR) and Mark Warner (D-AR), formally introduced their bill to strengthen the authority of the Financial Crimes Enforcement Network (FinCEN) to fight money laundering. As Bates Group reported back in June, the Improving Laundering Laws and Increasing Comprehensive Information Tracking of Criminal Activities in Shell Holdings Act (“ILLICIT CASH Act”) would, among other things, establish federal reporting requirements that mandate all beneficial ownership information be maintained in a comprehensive federal database, accessible by federal and local law enforcement. The Act would also require the reporting of beneficial ownership information for domestic shell companies. A similar bill, sponsored by Congresswoman Carolyn Maloney, titled the Corporate Transparency Act (“CTA”), passed a vote in the House of Representatives this week, 249-173.
The House of Representatives also passed its version of the Secure and Fair Enforcement Banking Act of 2019 ("SAFE Banking Act"). As described in a Bates Research article early this August, the SAFE Banking Act would remove legal uncertainty for regulated banks and credit unions that provide banking services to cannabis businesses. The bill provides a safe harbor from federal anti-money laundering and regulatory enforcement actions for insured depository institutions.
These bills have the potential to significantly impact AML/BSA compliance programs. Here’s a closer look.
The Illicit Cash and corporate transparency Acts
In a recent Bates Research article on FinCEN, we noted that Director Kenneth Blanco publicly appealed for legislators to overhaul the BSA and provide additional federal authority to close loopholes left open by the Customer Due Diligence (“CDD”) Rule. Director Blanco advocated for more efficient law enforcement access to personal identity information. In particular, he was seeking the authority to collect beneficial ownership information at the “corporate formation stage” to prevent “sophisticated criminals of all kinds, including terrorists,” from establishing shell companies that “mask and further their criminal activity, to invest and buy assets with illicit proceeds.”
The ILLICIT CASH Act and the CTA respond directly to Director Blanco’s concerns. As described in the official legislative summary, of the ILLICIT CASH Act, the bill “comprehensively updates the BSA for the first time in decades and provides a coherent set of risk-based priorities in statute.” The Act (i) establishes “a comprehensive federal database, with strict privacy protections, accessible by federal and local law enforcement” and (ii) requires shell companies to report their beneficial owners, in order to prevent “exploitation of U.S. companies.” Further, the bill (iii) requires and improves “routine coordination, communication and feedback among financial institutions, regulators, and law enforcement to identify suspicious financial activities;” (iv) encourages greater data sharing “so that patterns of suspicious activities can be more easily tracked and identified;” and (v) provides new processes to encourage innovation.
Other highlighted provisions of the Act concern:
recruitment and retention of top talent and the creation of a “hub” of investigatory expertise at FinCEN;
the hiring of a Treasury liaison to improve communications about AML rules, regulations, and examinations;
the sharing of metrics on AML data and trends from financial institutions for law enforcement purposes;
the periodic feedback by regulators to financial institutions on their suspicious activity reports;
the protection of personally identifying information;
new recordkeeping requirements on foreign banks and new rules that compel them to comply with subpoenas;
updates to certain statutory definitions to include digital currency.
The House action on the CTA reflects real movement on the issue. Like the ILLICIT CASH Act, the CTA requires all corporations and LLCs to disclose their true “beneficial owners” to FinCEN and to create a federal database of beneficial owners. The proposed database is expected to be available to law enforcement agencies, and to financial institutions (with customer consent, consistent with “Know-Your-Customer” compliance obligations.) Otherwise, the bill exempts those entities already covered under SEC or state regulation.
The formal introduction of the ILLICIT CASH Act in the Senate and the passage of the CTA in the House are significant developments. These bipartisan legislative successes will dramatically empower both state and federal law enforcement.
The SAFE Banking Act
The formal purpose behind the SAFE Banking Act is “to increase public safety by (i) ensuring access to financial services to cannabis-related legitimate businesses and service providers and (ii) reducing the amount of cash at such businesses.” The SAFE Banking Act accomplishes this by creating a safe harbor for depository institutions that provide banking services to state-licensed cannabis businesses. Further, under the SAFE Act, proceeds from such businesses would not be considered proceeds from illegal activity. This means that these loans, and collateral provided by financial institutions, are effectively protected from anti-money laundering laws and the risk of asset forfeiture.
As a consequence, the SAFE Banking Act serves as an open invitation for financial institutions to fully engage in providing financial products and services to cannabis businesses. For the cannabis businesses themselves, the Act allows them full access to capital outside of cash transactions—this serves the goal of reducing reliance on cash for these businesses.
Other notable provisions of the Act:
prohibit regulators from taking adverse or corrective supervisory action on loans made to cannabis businesses, including their owners and employees, or real estate and equipment leased to them;
protect from criminal, civil and administrative forfeiture any loans or other financial services provided to cannabis businesses or owners of real estate or equipment leased or sold to them;
impose new obligations on FinCEN to provide written guidance and examination procedures for financial institutions that provide services to cannabis businesses;
promote diversity and inclusion in the cannabis industry.
The passage of the SAFE Banking Act by the House of Representatives is a major step toward the normalization of cannabis-related businesses. That said, the Act does not legalize cannabis, which remains a Schedule I drug under federal law—it merely carves out a safe harbor for state-licensed businesses. Consequently, even after the SAFE Act becomes law, some risk remains that an institution may continue to be in violation of federal law. This remains a point of contention and a source for other legislative initiatives, but it does not diminish the opening up of the cannabis marketplace.
“The bipartisanship exhibited with respect to the ILLICIT CASH Act and the SAFE Banking Act is notable,” said Bates AML and Financial Crimes Managing Director Edward Longridge. “Though these legislative efforts have not yet reached fulfillment, they do seem to be moving steadily down the path to becoming law. Until then, financial institutions must continue to comply with the prevailing AML frameworks.” Bates will keep you apprised as these and other legislative developments play out.
FinCEN Leaders Highlight Innovation, Identity Information and “Culture” as Keys to AML Approach
In two speeches delivered in September 2019, leaders of the Financial Crimes Enforcement Network (FinCEN) laid out their thinking behind the agency’s current regulatory approach to combatting money laundering and terrorist financing. FinCEN Deputy Director Jamal El-Hindi focused on innovation and reform of the Bank Secrecy Act (BSA) and emphasized compliance implementation and supervision in the non-bank financial institution (NBFI) sector. He also addressed federal coordination with state supervisors and delivered a message on the need to develop a “culture of compliance” in the context of national security.
In the second speech, FinCEN Director Kenneth Blanco described the use of financial data to fight money laundering and the vulnerability and abuse of personally identifiable information (PII) by bad actors. He too, urged financial institutions to embrace compliance as the surest way to prevent fraud and combat financial terrorism. Together, these speeches offer a clear picture of how FinCEN expects financial and technology firms to approach their compliance efforts. In this article, Bates takes a closer look at FinCEN’s message.
FinCEN Deputy Director Jamal El-Hindi
In his prepared remarks for the September 11, 2019, Money Transmitter Regulators Association Conference, Deputy Director El-Hindi discussed how the current Bank Secrecy Act/Anti-Money Laundering (BSA/AML) framework can be improved through regulatory reform. He emphasized three points: (i) a full embrace of the opportunities presented by fintech and regtech innovation, (ii) greater supervision and oversight into technology firms engaged in the financial markets, and (iii) the establishment of a culture of compliance for the purpose of national security.
Endorsing innovation as the key to their go-forward strategy, the FinCEN Deputy advocated for greater collaboration between government and industry to help “detect and safeguard against illicit activity.” He positioned FinCEN as a leader among regulators on innovation initiatives and cited a recent joint policy statement that encourages banking institutions to create pilot programs that “expose gaps in banking anti-money laundering compliance programs.”
Mr. El-Hindi shared that FinCEN is actively prioritizing the oversight of NBFIs by: (i) leading examinations of currency exchangers and other specialty providers, (ii) working to identify and collate new sources of data (geographical, operational, and transactional) that can be used to track trends and vulnerabilities, and (iii) strengthening the risk assessment framework for compliance. He repeatedly emphasized FinCEN’s efforts to collaborate with foreign counterparts that have similar regulatory regimes (Canada, the U.K., Australia, et al.) as well as other federal and state examiners.
Culture and Compliance
The Deputy Director described how FinCEN expects financial firms with international reach to be leaders in fostering a culture of compliance. At the same time, he also acknowledged the challenges: international cultural differences, corruption, cross border regulatory regimes with different “underpinnings,” and certain unique elements of the U.S. financial and legal system. He offered an update to FinCEN’s 2014 Guidance on the subject, advising that (i) financial leaders must be engaged and must provide the necessary human and technological resources to address the risk, (ii) revenue interests should not compromise compliance, (iii) there should be greater sharing of information within an organization, and (iv) there should be independent compliance testing to ensure effectiveness. He urged business leaders not to take the benefits of cooperation and collaboration for granted.
FinCEN Director Kenneth Blanco
In his remarks prepared for a September 24th, 2019 Federal Identity (FedID) Forum and Exposition, Director Kenneth Blanco applied many of the themes discussed in Mr. El-Hindi’s address to the management and use of identity information. The Director emphasized the fundamental nature of identity information to the regulatory framework affecting every aspect of our “lives, our businesses, and how we interact with customers and vendors in person and online.” Beyond a description of FinCEN’s mandate, his speech was devoted to how FinCEN is concentrating on securing identity information and how bad actors leverage it for gain.
Identity Information as the Key to the AML/CFT Regulatory Framework
Director Blanco explained how FinCEN requires financial institutions to “understand whom they are doing business with and to continue to monitor their risk throughout the business relationship.” He described how identity information—as informed through reporting and recordkeeping—is critical to law enforcement in order to ferret out illicit transactions and money laundering. (Reports are made available to approximately 12,000 authorized law enforcement and regulatory users all over the country.) He emphasized that the importance of beneficial ownership information, in particular, cannot be understated in terms of national security. He lauded the Customer Due Diligence Rule (CDD Rule) as essential to a “system in which we can identify the trail of transactions and actual account owners” and disrupt illicit activities and dismantle criminal and terrorist networks.
He described how the CDD Rule closed “regulatory gaps” but went on to call for further legislative measures. Specifically, he recommended new rules that would require the “collecting of beneficial ownership information at the corporate formation stage.” This would prevent “sophisticated criminals of all kinds, including terrorists,” from establishing shell companies that “mask and further their criminal activity, to invest and buy assets with illicit proceeds.” He noted that, currently, “there is no federal standard requiring those who establish shell companies in the United States to provide basic, but critical information at company formation.” (See here for a recently introduced Senate bill to improve AML laws.)
Illicit Use of Personally Identifiable Information
Director Blanco offered sobering statistics to describe the extent of the problem of illicit use of personal information. He speculated that “there is a high likelihood that most users of the U.S. financial system have had some information about themselves, whether PII or login information, compromised at some point.” He said that FinCEN receives over 5000 “account takeover” reports every month and estimates that this type of cybercrime may account for $350 million dollars in losses each month. Though banks are the most common targets, he said, “institutions like insurance companies, money services businesses, and casinos” are also affected.* He went on to describe several other cyber fraud typologies or schemes that involve “seemingly legitimate financial activity while creating a degree of separation from traditional fraud detection efforts.” These include: automated clearing house fraud, credit card fraud and wire fraud all enabled through the use of synthetic identities and through account takeovers via fintech platforms.
The common link in these schemes is the compromise of vulnerable business processes like weaknesses in verification and authentication systems for processing payments. Mr. Blanco shared that financial institutions filed SARs that revealed over 600,000 compromised social security numbers affiliated with identity theft. He relayed that institutions must consider the “entire attack surface and risk exposure to such illicit activity and misuse.” Further, he said that beyond system processes and vulnerabilities, firms should “evaluate the threat posture already affecting them or that has the potential to affect them, such as the availability of customer credential information available for sale on places like darknet marketplaces.”
Innovation and Emerging Technology
Director Blanco reaffirmed Deputy Director El-Hindi’s embrace of innovation, noting potential technology solutions involving digital identity and for improving inclusion, privacy, security, and cost-effectiveness for individuals and organizations. He also expressed a belief that technological innovation holds the key to strengthening the current regulatory framework and may not only improve the fulfillment of a financial institution’s due diligence obligations, but also provide law enforcement with ways to better investigate illegal activity. (Expanding the number of technical indicators in SARs reporting requirements, he said, was a step in that direction.)
Taken together, these two speeches provide a revealing overview of the approach FinCEN is taking toward addressing and deterring illicit activity. The fulsome embrace of technological innovation is matched by a determination to enlist the private sector—through regulation and promotion of a compliance culture—in the cause. Director Blanco’s appeal for additional authority to close loopholes in the collection of beneficial ownership is noteworthy. Bates will continue to monitor regulatory and legislative efforts at BSA reform.
In its 2019 annual enforcement report, the North American Securities Administrators Association ("NASAA") highlighted statistics from its 2018 state enforcement activities. The data show that the state securities regulators secured more than $1 billion in restitution and fines as well as significant criminal penalties. The report also notes that state regulators nearly doubled enforcement actions against investment adviser firms. Here, Bates Research takes a closer look.
In terms of sheer numbers, NASAA reports that 5,320 investigations and 2,067 enforcement actions were initiated by state regulators in 2018. NASAA notes that these figures do not include “extensive efforts” to resolve complaints and referrals by state regulators on an informal basis. Fines issued by U.S. members reached $490 million and restitution came to over $558 million. Some $10.5 million was ordered for investor education and another $11.6 million for other costs. The report also detailed aggregate criminal penalties including incarceration (estimated at 1048 years) and probation (estimated at 705 years).
In a continuation of longer-term trends, NASAA enforcement actions were evenly divided between registered and unregistered targets. Of the registered licensed respondents, however, NASAA noted an increase in the proportion of actions against investment adviser firms (up to 17% from 4% in 2014). Actions against investment advisers represented the largest percentage by category, and the report cites license revocations, bars and suspensions on almost 1000 individuals and firms. The report also notes that these actions do not include more than 4,500 registration withdrawals that occurred because of state-raised concerns. NASAA says that the actions against investor advisers reflects increased attention paid to addressing “bad actors” within the industry.
As to regulatory investigations, NASAA reported an increase against unregistered individuals (over 700) which represents a doubling of the effort since 2015. NASAA suggests that this effort will likely continue due, in part, to a “sustained” focus by regulators on crypto- fraud.
In the report, NASAA highlighted its extensive efforts to coordinate enforcement efforts against fraud related to cryptocurrencies and blockchain technology. Reviewing some of the successes of its 2018 initiative “Operation Cryptosweep,” NASAA restated that its task force opened more than 330 inquiries and investigations and brought more than 85 enforcement actions relating to ICOs and cryptocurrencies.
As Bates Group reported only a few weeks ago, NASAA’s continuing efforts to date have netted “130 new investigations into questionable cryptocurrency-related investment offerings” and “35 pending or completed enforcement actions since the beginning of this year.” NASAA warned firms that state and provincial securities laws and regulations apply to the sales of cryptocurrency-related investment products, and to be particularly wary of “dealing with promoters who claim their offering does not have to be registered with securities regulators.”
Senior Financial Exploitation
NASAA also provided some data concerning financial abuse against seniors. In total, member jurisdictions brought 141 enforcement actions and initiated 365 investigations involving a total of 758 senior victims. Of these, the cases involved schemes that targeted seniors to buy unregistered securities (249), traditional securities (193), variable annuities (44), affinity fraud (39), indexed annuities (18) and life settlement products (5). The remaining 145 cases involved lottery and sweepstakes scams, identity theft and internet romance scams, to name a few.
NASAA also summarized the growing influence of its 2016 Model Act to Protect Vulnerable Adults from Financial Exploitation which (i) “offers broker-dealer and investment adviser firms qualified immunity for delaying disbursements when the firm reasonably believed financial exploitation would result,” and (ii) requires mandatory reporting by an agent or representative upon reasonable belief of senior financial exploitation. NASAA reports that 23 jurisdictions have enacted some form of the legislation. Of those, 14 jurisdictions received 426 reports from broker-dealers and investment advisers regarding the potential financial exploitation of a vulnerable adult. According to NASAA, these notifications initiated 81 investigations which led to 57 delayed disbursements, and 32 enforcement actions.
NASAA’s annual report serves to remind firms of the role that state securities regulators play in the protection of their resident investors and the reach and impact of their enforcement efforts—two messages underscored by NASAA’s new President Christopher Gerold in his inaugural address. The aggregate numbers are a warning to firms to ensure that their compliance policies and procedures adequately cover state regulations that focus, in particular, on senior financial exploitation and cyber-fraud. Bates Group will continue to keep you apprised.
Bates Group has been a trusted partner to financial services firms and counsel for over 30 years, providing end-to-end solutions on legal, regulatory and compliance matters. Through our professional staff and roster of over 165 industry experts and consultants, Bates offers services in compliance solutions for IAs and BDs, AML and financial crimes, regulatory and internal investigations, litigation consultation, damages consulting and expert testimony.
FINRA Requests Feedback on Senior Financial Protection Rules
FINRA is asking its members a series of questions about the utility of rules and processes to curb financial exploitation of senior investors. In a new Regulatory Notice, FINRA asks for feedback about the experiences member firms are having applying Rule 2165 (temporary holds on disbursements) and Rule 4512 (trusted contacts) that were put in place just last year, as well as Rule 3240 (borrowing from, and lending to customers). FINRA indicated that responses to its questions will be evaluated as part of its retroactive rule review process and will be used to consider whether “additional tools, guidance or changes” are necessary.
Bates Research closely follows regulatory and enforcement developments on senior financial fraud. The growing utilization of Suspicious Activity Reports (SARs) is changing regulators’ understanding of the scope and nature of the problem by increasing the data available for measurement and analysis. As highlighted in the latest FINRA Notice, these studies “indicate that financial exploitation of seniors is often perpetrated by strangers, family members and caregivers—rather than by broker-dealers or other financial services organizations—[but] broker-dealers and other financial services organizations have an important role to play in protecting senior investors.” According to FINRA, the rules under review provide a way for member firms to deal with situations where there is “a reasonable basis to believe that financial exploitation has occurred, is occurring, has been attempted or will be attempted.” In this article, we recap those rules and consider the questions posed by FINRA in its latest Notice.
FINRA Rule 2165
FINRA Rule 2165 permits members to place temporary holds on disbursements of funds or securities from the accounts of specified customers where there is a reasonable belief of financial exploitation of these customers. (FINRA provided guidance on this rule in a FAQ published in January 2018.) The hold only applies to “suspicious disbursements” and not to the buying and selling of securities within an account.
Rule 2165 provides a member firm with a safe harbor from FINRA enforcement when the firm exercises discretion to place holds on disbursements. The Rule also prescribes certain supervisory procedures, the automatic initiation of an internal review of facts and circumstances, and oral and written notification of any hold (including the basis for the determination) to all parties authorized to effect transactions in the account within two business days. The temporary hold may only be extended by the firm for an additional 10 business days if so ordered by a state regulator, agency or court of competent jurisdiction.
FINRA is seeking comment on the safe harbor provision of Rule 2165, specifically, whether it should (i) apply to transactions in securities; and (ii) be extended “to apply where there is a reasonable belief that the customer has an impairment that renders the individual unable to protect his or her own interests…irrespective of whether there is evidence that the customer may be the victim of financial exploitation by a third party.” FINRA is also asking for comments on whether the temporary hold period should be extended, whether there should be a different mechanism to obtain an extension, and for examples of unintended consequences when placing or attempting to place a temporary hold on disbursements of funds. Finally, FINRA is asking for feedback on the reporting of Rule 2165 incidents including whether further guidance is needed to address Forms U4 and U5 reports.
FINRA Rule 4512
FINRA Rule 4512 requires members to make reasonable efforts to obtain the name and contact information for a “trusted contact person” when a customer account is opened or updated. There are a number of explicit disclosures and requirements for someone to be named a trusted contact person. For example, the trusted contact person must be at least 18 years old and must be formally authorized by the client to assume the responsibility to address possible financial exploitation, to confirm specifics about the customer’s current contact information or health status, or to identify any legal guardian, executor, trustee, or holder of power of attorney.
FINRA is now seeking information on firms’ experiences with Rule 4512. In particular, FINRA wants to know the methods by which firms have been obtaining trusted contact person information, the receptivity of clients to any outreach, and related examples including any experience of identified senior financial abuse where the firm did not have trusted contact information.
FINRA Rule 3240
In addition to these Rules, the agency is also reviewing FINRA Rule 3240 which covers permissible lending arrangements between registered persons and customers. The Rule prohibits borrowing money from or lending money to customers “unless the member firm has written procedures,” and then only under narrow conditions. Rule 3240 requires notification to the firm by a registered person entering into such an arrangement and for the firm to pre-approve it in writing. Because of the potential for misconduct as it relates to seniors, FINRA is asking whether any modifications should be made to the rule.
Additional Important Inquiries
In related inquiries, FINRA is asking whether it should consider prohibitions or limitations on allowing registered persons to be named beneficiaries, executors, powers of attorney, or trustees on the accounts of non-family member customers. FINRA is also asking for feedback on whether to amend its Sanctions Guidelines to incorporate as a “principal consideration” the customer’s age or impairments when determining appropriate sanctions.
The increasing awareness of the extent and severity of senior financial exploitation brings with it an urgency to take regulatory action. Such action may translate into a further tightening of the regulations, additional supervisory requirements and greater oversight. Bates Compliance Managing Director Robert Lavigne says: “even though FINRA is performing a retroactive rule review, it will expect member firms to have a fully matured senior investor program in place. This is a good time for firms to review and tighten their procedures relating to the protection of senior investors.”
The reply period for the FINRA inquiries runs until October 8, 2019. Bates will continue to keep you apprised.
The SEC’s adoption of the Regulation Best Interest (“Reg BI”) package in June was a defining moment in the long-running debate over the standard of care for broker-dealers and investment advisers. It triggered compliance schedules and required registered broker-dealers and advisory firms to develop internal policies and procedures in order to satisfy the new standards. The passage of Reg BI, however, did not quell the ongoing controversies over the appropriateness and adequacy of standards and investor protections.
Like its Department of Labor Fiduciary Duty Rule predecessor, Reg BI is undergoing a variety of challenges from numerous quarters. In past posts, we have reviewed some of the more serious challenges that impact broker-dealers and investment advisers. Most notably, state securities regulators are asserting their shared authority over financial market products and services by promulgating new state rules that offer their in-state-resident investors greater protection than afforded under Reg BI. New Jersey, Maryland, Nevada and New York, among others, have taken the lead in issuing proposed rules that would impose a uniform fiduciary standard of care for broker-dealer recommendations to retail investors. As discussed, these proposals, echoing the DOL Fiduciary Rule, will likely face federal preemption challenges and will require a judicial determination as to their sustainability.
This week, Reg BI suffered another state challenge, this time in the form of a lawsuit filed against the SEC by seven State Attorneys General (“State AGs”). Here’s a closer look.
State of New York, et. al. v. SEC and Walter “Jay” Clayton III
On September 9th , the State AGs from New York, California, Connecticut, Delaware, Maine, New Mexico, Oregon and the District of Columbia brought a declaratory and injunctive action against the SEC and Walter “Jay” Clayton III (in his capacity as SEC Chair) in the United States District Court for the Southern District of New York.
State Policy Position
The State AGs argue that Reg BI (i) “undermines” consumer protections for retail investors, (ii) “increases the confusion about the standards of conduct that apply when investors receive recommendations and advice from broker-dealers or investment advisers,” and (iii) allows brokers to hold themselves out as trusted advisers despite inherent conflicts of interest. SEC Chair Clayton has publicly addressed several of these concerns.
State Legal Arguments
As a matter of law, the State AGs allege, first and foremost, that the SEC disregarded the 2010 Dodd-Frank Act mandate that requires broker-dealers to act under the same standard of conduct as investment advisers and without regard to their own financial interests. The critical Dodd-Frank section at issue, Section 913 (Study and Rulemaking regarding Obligations of Brokers, Dealers and Investment Advisers), is explicit, say the AGs, in requiring that the standards be “harmonized” and that the standard for brokers “…shall be the same as [empasis added] the standard of conduct applicable to an investment adviser under section 211 of the Investment Advisers Act of 1940.” The plaintiffs also argue that the SEC disregarded the findings of the agency’s own study required under Section 913 of the Dodd-Frank Act by “fail[ing] to apply a uniform fiduciary standard to both broker-dealers and investment advisers.”
Second, the State AGs emphasize that Section 913 amended both the Securities Exchange Act of 1934 and the Investment Advisers Act of 1940 to authorize the Commission to promulgate rules regarding the standards of conduct. The State AGs contend that the Commission cannot base its authority to issue Reg BI on provisions of the Exchange Act that flow from those amended authorities and that do not authorize the Commission to disregard the standard of conduct mandated by that section.
Finally, the State AGs argue that, as a matter of law, Reg BI exceeds the SEC’s statutory authority and that it is arbitrary and capricious under the Administrative Procedures Act. The State AGs are asking the Court to vacate and set aside the rule, and to permanently prevent the SEC from “implementing, applying, or taking any action” under it.
States Claim Reg BI Harm
In terms of harm caused by Reg BI, the State AGs argue, in part, (i) economic harm due to lower tax revenues as a result of the diminished value of investment and retirement accounts beset by conflicts of interest; (ii) additional economic costs, including the need to provide public assistance, “in meeting the unmet needs of retirees and other residents in their states”; and (iii) a reduction in the “strong quasi-sovereign interest” that states have in maintaining the economic well-being of their residents.
If there is a feeling of déjà vu, that should come as no surprise. Only eighteen months ago, the Fifth Circuit vacated the Fiduciary Duty Rule after a finding that the Department of Labor exceeded its statutory authority by promulgating it.
That is not to say that the same outcome is expected on Reg BI. Though the SEC has not yet even filed an answer, the policy arguments are not new. (The states may likely reassert them again, along with their authority to issue higher standards on behalf of their in-state residents, in any future preemption case.)
In the meantime, “firms should not slow their efforts or their implementation preparation for Reg BI compliance,” says Robert Lavigne, Managing Director, Bates Compliance. Bates will continue to keep you apprised.
NASAA Roundup: Crypto Crackdown, Reg BI, New Warnings on Complex Products
The past few months have been a particularly busy time for state financial regulators and enforcement officials. At almost every turn, the complicated and overlapping relationship between federal and state officials is being tested. A review of recent activities by the North American Securities Administrators Association (NASAA) provides several examples. In this article, Bates recaps recent NASAA developments on cryptocurrency, fraud enforcement, Regulation Best Interest (Reg BI), and supervision of complex financial products (i.e. non-traditional Exchange Traded Funds).
NASAA Updates Cryptocurrency Enforcement Activity
In April, 2018, NASAA launched a multi-state enforcement initiative to crack down on fraud related to Initial Coin Offerings (ICOs) and cryptocurrency-related investment products. The strategic effort, nicknamed “Operation Cryptosweep,” was lauded by both state and federal regulators. This week, NASAA announced that the continuing effort has netted “130 new investigations into questionable cryptocurrency-related investment offerings” and “35 pending or completed enforcement actions since the beginning of this year.”
NASAA claims that the advent of Facebook’s Libra proposal, together with the “near tripling in value of some cryptocurrencies and the sharp increase in market capitalization for all cryptocurrencies” are creating an environment that “attracts white-collar criminals, bad actors, and other promoters of illegal and fraudulent securities schemes.”
NASAA President Michael Pieciak (pictured above) cautioned firms selling cryptocurrency-related investment products to understand that state and provincial securities laws or regulations may apply to these sales, additionally warning investors about “dealing with promoters who claim their offering does not have to be registered with securities regulators.” NASAA also produced a series of investor videos highlighting issues around crytpto-fraud.
NASAA and Regulation Best Interest
In our last report on state reaction to the SEC adoption of Reg BI, Bates Research noted the caution NASAA has taken in support of its members’ differing approaches to effective standards for protecting their state constituents. Then, as now, NASAA continues to highlight the shared responsibility of both federal and state authorities to protect investors from harm.
In filings to varying state agencies in June and July, NASAA touts the goals of Reg. BI while also supporting states that are proposing higher standards. In June, NASAA filed a comment letter in response to the New Jersey Bureau of Securities rule proposal to impose a (higher than Reg BI) fiduciary standard on all investment professionals. In the letter, NASAA described the longstanding legal framework that supports its members’ efforts to protect resident investors, stating that any “reading by the industry of broad preemption of state authority in the federal securities laws is simply an overreach.” NASAA also emphasized the authority of the New Jersey Bureau to enact these protections, and argued that “the securities industry has proven itself adaptive and can accommodate these new regulations.”
In a virtually identical comment letter submitted in response to a proposed rule by the Massachusetts Securities Division to impose a fiduciary standard of conduct on broker-dealers, NASAA stated: “the Rule Proposal is a valid exercise of state regulatory authority because it would not be impossible to comply both with the Rule Proposal and the federal securities laws…”
NASAA’s narrowly formed comments do not resolve the underlying issue of different standards between the federal government and certain states, and different standards for different states. But it does afford NASAA members the widest possible latitude to set their own standards and have a voice in the long-running debate. Prior to enactment, NASAA argued that legal questions of federal preemption over state law should be resolved in court. NASAA’s ongoing position, as asserted in its comment letters, seems to assume that future resolution in court is inevitable.
NASAA Cautions Firms on the Suitability of Non-Traditional ETFs
In a new Report, NASAA reviewed broker-dealer sales practices for non-traditional Exchange Traded Funds products. The products include Leveraged ETFs, which hold out the promise of returning multiples on the performance of the index or benchmark they track, and Inverse ETFs, which allow traders to benefit from price declines in an index. As defined in the Report, a third product, Leveraged Inverse Funds, “seek to achieve a return that is a multiple of the inverse performance of the underlying index.”
After surveying 118 broker-dealers on their experiences with these leveraged and/or inverse ETFs, NASAA recommended that firms review and update their supervisory procedures as they apply to these products.
Specifically, NASAA found that a number of firms are not adequately addressing and monitoring customer suitability concerns and holding periods. NASAA President Peiciak went so far as to say that “Broker-dealers should carefully consider whether to permit purchases of leveraged and/or inverse ETFs in retail customer accounts.”
For those firms that continue to sell these complex products, NASAA recommended “tailored supervisory procedures” to address the heightened risks associated with leveraged and/or inverse ETF transactions.
In June, NASAA announced that New Jersey Securities Bureau Chief Christopher W. Gerold will succeed Michael Pieciak to serve as NASAA’s president for the 2019-2020 term. Mr. Gerold served as Bureau Chief since 2017 and will assume the leadership of NASAA in September.
NASAA is playing a critical role in defining the evolving relationship between federal and state authorities. It is noteworthy that Mr. Gerold hails from New Jersey, the leading state asserting its authority in the ongoing battle over broker-dealer standards. The battle over preemption will advance during his term. With each of these issues, from enhanced collaboration over cyber enforcement to adequate oversight on complex products, Mr. Gerold, like his predecessor, will be challenged to navigate the relationship between the state and federal authorities and in many instances among NASAA members. Bates will continue to keep you apprised.
Look for Bates Managing Director Hank Sanchez at the NASAA 2019 Annual Meeting, September 8-10 in Austin, Texas.
Bates Group has been a trusted partner to financial services firms and counsel for over 30 years, providing end-to-end solutions on legal, regulatory and compliance matters. Through our professional staff and roster of over 165 industry experts and consultants, Bates offers services in litigation consultation and testimony, regulatory and internal investigations, compliance, financial crimes, forensic accounting and damages consulting.
Bates Group's suite of Reg BI services helps firms navigate Reg BI implementation. To learn more, visit our Reg BI service page or contact Robert Lavigne, Managing Director, Bates Compliance Solutions, at email@example.com.
Last October, when considering the myriad federal and state authorities engaged in regulating variable annuities and rewriting standards, Bates retirement, insurance and annuity consultant Michael Lacek cautioned:
“it remains to be seen whether the requirements imposed by the [new] New York regulation will differ materially from the ‘best interest’ regulations currently under consideration by the SEC and the NAIC [National Association of Insurance Commissioners] … but, for now, companies should be looking to be in compliance with the actual New York rules coming on-line.”
That pragmatic advice turned out to be warranted as the New York Supreme Court last week upheld the “Suitability and Best Interest in Life Insurance and Annuity Transactions” regulation (a/k/a Regulation 187) in the face of legal challenges brought by several associations and insurance agent groups. In this article we take a look at what the decision means, recent developments in both the SEC and NAIC efforts to rewrite standards, and we update you on the latest in the legal battle over commission trails for brokers selling variable annuities.
New York State Suitability and Best Interest Rule for Variable Insurance Brokers Survives Legal Challenge
As previously covered, Regulation 187 is the first state regulation to require insurers to establish policies and procedures so that broker-dealers would put the “best interest” of consumers ahead of their own when making any variable annuity and life insurance product recommendations. On July 31, 2019, the New York State Supreme Court issued a decision to uphold the constitutionality of the regulation. That was one day before the regulation, as applicable to variable annuity products, went into effect. (The effective date for life insurance products is February 1, 2020.) In a lengthy opinion that could possibly be appealed, the Court stated that the regulation “specifically seeks to prevent insurers and producers from recommending a product designed to maximize compensation to seller and one that may be otherwise properly disclosed and suitable, but not in the best interest of the consumer. As such, … [the regulation] was properly considered …and is not unconstitutional.” (at p. 42)
“That means that broker-dealers licensed by New York State and selling variable annuity products must now comply with Regulation 187 requirements,” said Bates insurance regulation consulting expert Sheila Murphy. “These include performing suitability reviews, disclosing compensation information (e.g. fee- or commission-based) and product information, as well as prohibiting a broker from representing that a recommendation is part of financial planning or investment advice without proper professional certifications.) The regulation also requires compliance with written procedures on transaction documentation, on preventing financial exploitation or abuse, on supervision and training, and other features on the sales or servicing of the annuity product.”
Reportedly, reaction has been muted. The Life Insurance Council of New York Inc. said, "although we remain hopeful that its implementation will have a positive influence on the annuity market in this state, we don't yet know what effect it will have, especially when taking into consideration that it appears likely that many states and the SEC will be taking a different approach.”
Other Approaches: the SEC and NAIC
In February, Bates reported that the SEC extended to March 15, 2019 the comment period for a proposal to change existing disclosure rules for variable annuity products. The proposed rule would allow issuers of variable products to fulfill compliance obligations by preparing and delivering a “reader-friendly” summary prospectus and layered disclosure. As previously discussed, the central features of the proposal were generally embraced by the financial community (most of the later comments were from private market participants), but were deemed insufficient, or in need of further clarification, by investor advocates (e.g. see comments by the AARP recommending, among other things, greater disclosure and standardization). Interestingly, commenters, perhaps anticipating the passage of Regulation Best Interest (Reg. BI) (adopted three months later) urged the SEC to ensure “collaboration with federal, FINRA, and State regulators for all types of securities products to avoid marketplace disruption and harm to consumers.” (See, e.g. comments by the Association for Advanced Life Underwriting at p.2, and, more generally, concerns raised by the Financial Services Institute). The comment period is now closed. Though the SEC proposal is generally within the framework of Reg. BI, the details of how these two regulations may affect each other and the regulatory burdens they place on broker dealers is still playing out.
NAIC Keeps on Keeping on
The need to harmonize standards on variable annuities with SEC Regulation Best Interest and the New York regulations was the subtext of debate at the National Association of Insurance Commissioners (NAIC) conference last week. According to a summary of the August 3rd meeting, the Annuity Suitability Working Group discussed a framework for including a best interest standard of conduct in the revisions to its “Suitability in Annuity Transactions Model Regulation” with the goal being to complete the annuity sales model by December. But, there is reportedly still significant disagreement among the state regulators about “what best interest means,” particularly in light of the effective New York regulation. For many participants, the New York regulation contains too many elements of the now-defunct Department of Labor fiduciary rule and is considered unacceptable. The chair of the Annuity Suitability Working Group, Jillian Froment, was quoted summing up the broader debate: “We set up the guardrails that 'best interest' is something more than suitability but it’s less than fiduciary…We’re trying to decide what is a best-interest standard and evaluate that against both suitability and fiduciary."
Movement in Ohio, Update on Commission Trail Suits
While regulators debate the finer points, the legal controversy over Ohio National Financial Services’ (“Ohio National”) strategic decision to pull out of the market for variable annuities and to stop paying trail commissions continues. As discussed previously, in September 2018, Ohio National announced that after a “comprehensive strategic review of [its] businesses, taking into account the continuously changing regulatory landscape, the sustained low interest rate environment, and the increasing cost of doing business …the company will no longer accept applications for annuities or new retirement plans, while continuing to service and support existing clients in both businesses.”
Ohio National’s attempt to replace the older contracts with new "servicing agreements" spurred several suits with all sides pressing for the courts to weigh in on the rights, duties, and liabilities of the parties. Those suits, including a class action, have recently survived legal challenges and are heading to trial. At the same time, last week, another broker dealer firm sued Ohio National alleging, similarly, that they are entitled to the trail commissions as deferred up-front commissions. Ohio National, in turn, has sued a number of parties to avoid arbitration before FINRA.
“For variable annuities brokers, the regulatory picture is complicated and uncertain. Compliance with the now effective New York regulation remains the most prudent course,” says consultant MIchael Lacek. Given the uncertainty as to (i) the outcome of the NAIC debate on model rules, (ii) final rules from the SEC, (iii) changes in the market for variable annuity products, and (iv) legal outcomes in the dispute over trail commissions, Bates will keep following developments.
Cannabis: Federal and State Efforts Picking up Steam
The growing global cannabis market is estimated to reach $66.3 billion by 2025, up from $13.8 billion in 2018. (Another estimate is even higher, projecting that the market will reach $89.1 billion by 2024.) That kind of growth is spurring congressional and state legislators to seek to normalize the market for marijuana-related businesses (MRBs) and speed up the resolution of federal-state legal conflicts. In this article Bates looks at some of the recent federal legislative and state developments on what appears to be real momentum toward a fully functioning and legitimate market.
Federal Law and Anti-Money Laundering
Judging by the sheer number of cannabis-derived items now for sale, from topical creams and therapeutic remedies (like CBD) to edibles, extracts and other products, consumers have ready access to an ever-growing assortment of goods all tied to an activity that is federally proscribed in the United States.
The manufacture, sale and possession of marijuana is illegal under the federal Controlled Subtances Act (CSA). Technically, revenue generated by any business transaction in cannabis could be considered criminal proceeds. In 2014, for anti-money laundering (AML) purposes under the Bank Secrecy Act, the Financial Crimes Enforcement Network (FinCEN) recognized “recent state initiatives to legalize certain marijuana-related activity…” and instructed financial institutions that transact with such business to comply with specific restrictions as to the filing of Suspicious Activity Reports (“SARs”).
According to the most recent FinCEN Marijuana Banking Update, as of March 2019, 493 banks and 140 credit unions were providing financial services to MRBs (an increase from 438 banks and 113 credit unions several months prior). Further, according to the latest report, these financial institutions submitted 81,725 SARs concerning MRBs.
The SAFE Banking Act was drafted to remove legal uncertainty for regulated banks and credit unions that provide banking services to cannabis businesses. The bill provides a safe harbor from federal AML and regulatory enforcement actions for insured depository institutions. Under the SAFE Act, proceeds of an MRB would not be considered proceeds from illegal activity. Beyond offering a safe harbor for these institutions, the intention is to protect the financing of marijuana-related real estate, the broker-dealer custody of cannabis-related stocks and investor returns.
Of the three proposed solutions, the SAFE Banking Act is furthest along in the legislative process. At a U.S. Senate Committee on Banking, Housing and Urban Affairs hearing on July 23, 2019, Senators from both sides of the aisle expressed support for the bill. Chair Mike Crapo (R-In) called recent federal enforcement initiatives against MRBs inappropriate because “law-abiding businesses were targeted strictly for operating in an industry that some in the government disfavored.” Senator Jeff Merkley (D-OR), a SAFE Banking Act cosponsor, said the Act would reduce the legal uncertainty perpetuated by FinCEN’s 2014 guidance. He noted support for the passage of the SAFE Act from Governors, the National Association of Attorneys General, the American Bankers Association, the National Association of State Treasurers, and all 59 state Bankers Associations.
Opposition to the bill was expressed by advocates concerned with the "massive public policy and public health ramifications" of “highly potent products targeted at younger audiences” and the "abysmal job of regulating the drug" by the states. Other opponents argued that the Act would increase money laundering and black market activity.
The STATES Act
The STATES Act would amend the Controlled Substances Act by restricting federal enforcement against state cannabis activity. The STATES Act would protect the manufacture, production, possession, distribution, dispensation, administration and delivery of cannabis by those who are complying with state law. The Act would also prevent forfeiture of any assets and exempt funds derived from state-legal cannabis businesses. The bill is intended to empower states to freely implement their own cannabis laws. It is not yet clear how FinCEN’s AML provisions would apply under the Act. At the least, SARs would be required to be filed in any case of non-state compliant MRB activities.
The MORE Act
The newest entrant in the legislative arena, the MORE Act, was introduced by Representative and Chair of the Judiciary Committee Jerrold Nadler (D-NY) and Senator Kamala Harris (D-CA). Like the STATES Act, the MORE Act would modify the CSA to exclude marijuana. That said, it goes much further. The MORE Act provides for the expungement and resentencing of convictions for marijuana crimes, prevents federal agencies from using cannabis to deny access to benefits or citizenship status for immigrants, specifies that federal agencies may not use marijuana use as a criteria for granting or denying a security clearance, and levies a five percent federal tax on marijuana products. The MORE Act also directs cannabis-generated tax revenue toward a number of efforts including combatting “racially motivated enforcement.” (These efforts would be managed by a new Department of Justice “Cannabis Justice Office.”)
Other Federal Action
On July 25, the Senate Committee on Agriculture, Nutrition, and Forestry heard testimony from officials with the U.S. Department of Agriculture, Food and Drug Administration and Environmental Protection Agency. The hearing covered similar themes as the Senate Banking Committee about access to financial services by businesses involved with the crop and its derivatives. Testimony included examples of businesses that have been denied credit lines and insurance policies due to a lack of guidance from federal regulators. Notably, the bipartisan support for legalization of hemp through the Agriculture Committee is driven, in part, by Senate Majority Leader Mitch McConnell (R-KY) who included the provisions into agriculture legislation and pointed out that the crop “is being grown in 101 out of 120 counties in Kentucky.”
State developments are coming at a rapid pace and take many forms from legislation fully embracing the burgeoning industry to more cautious decriminalization. Collectively, all of these legislative initiatives are significant in that they chip away at longstanding perceived taboos on the drug and help to change public opinion.
A few recent examples: on July 29, New York Governor Cuomo signed into law a bill decriminalizing marijuana use. Echoing some of the provisions of the MORE Act, the new law reduces unlawful cannabis possession to a misdemeanor punishable by a fine, and establishes a process for individuals with certain cannabis convictions to have their records cleared both retroactively and for future convictions. The New York law makes it the 27th state to legalize or decriminalize cannabis, following similar efforts in Hawaii by a few weeks. In late June, Illinois Governor J.B. Pritzker signed a recreational cannabis legalization bill. According to one source, the state, which already had “over 73,000 qualifying patients in medical cannabis programs,” expects that “the recreational segment will eclipse the medical segment” and will “generate upwards of USD 2.5 billion annually.”
That may be true, but it all still depends on reducing the federal restrictions on financing and fully opening the industry to outside investment. According to one analysis, this remains the main hurdle for cannabis companies, with state legislators trying to find ways to encourage interstate investment (Oregon and Colorado) or protect or spur intrastate investment (Arizona and California). Along with the state legislative activity, there are a multitude of municipal efforts, from local taxation and licensing to packaging and advertising regulation.
State legislators keep pushing the boundaries of the legal cannabis market. Federal legislators appear to be coming together with solutions that offer ways to address a variety of compliance issues for investors and for the finance of cannabis businesses. Freeing regulated financial institutions to safely participate in the market by resolving state-federal legal conflicts would certainly spur the growth of the industry.
Based on the comments at the recent Senate hearing, the SAFE Banking Act, with its narrow focus on a safe harbor, appears to have significant support. But all the legislative initiatives would raise the temperature on AML Compliance programs as cannabis-related transactions shift to regulated institutions (subject to KYC and BSA requirements). That includes, of course, continuing obligations to file SARs on all marijuana-related activity and strict adherence to FinCEN guidance, as well as additional considerations for ensuring that MRBs are operating as qualified legitimate businesses. Bates will keep you apprised as these and other legislative battles play out.
To learn more about Bates Group’s Financial Crimes and AML services, please contact:
FinCEN Updates Advisory on Business Email Fraud: Billions Thought to Have Been Stolen
After analyzing data collected in Suspicious Activity Reports (SARs), the Financial Crimes Enforcement Network (FinCEN) issued an update to a 2016 Advisory alerting financial institutions on how best to combat criminal schemes that compromise business email accounts. The problem of criminals targeting business fund transfers is not small. So-called “Business Email Compromise” (BEC) scammers possibly stole billions of dollars from companies and individuals in 2018, more than in prior years, according to a new FinCEN Financial Trend Analysis of the SARs data. In this article, Bates considers the informed guidance in FinCEN’s new 2019 Advisory to financial institutions, as well as some of the salient conclusions drawn from the trend analysis report.
FinCEN’s 2019 Advisory on Email Compromise Fraud
As reflected in the SARs filings, the problem of BEC fraud has grown. In 2016, BEC accounted for under 500 reports per month, with the attempted thefts averaging about $110 million over that period. By 2018, nearly 1,100 reports per month were generated with attempted thefts averaging over $300 million for the same period. According to the 2019 Advisory, since the last advisory was issued, “FinCEN has received over 32,000 reports involving almost $9 billion in attempted theft from BEC fraud schemes affecting U.S. financial institutions and their customers. This represents a significant economic impact on the businesses, individuals, and even governments that are targeted by these schemes.”
FinCEN concluded that the sectors most targeted by BEC fraudsters are (i) manufacturing and construction, (ii) commercial services and (iii) real estate. That led FinCEN to caution industries with “public-facing information about their business transactions and processes”—i.e. education, real estate and agriculture—that they are particularly vulnerable to BEC crime.
In the updated advisory, FinCEN reaffirmed the “typologies” of BEC schemes contained in its original advisory. These include, among others, hacking into accounts, spear phishing, specialized malware, “spoofing domains to send familiar-looking messages seemingly from a trusted party,” vendor impersonation and the like.
In the update, FinCEN discussed broadening the definitions of BEC to cover (i) more affected entities and (ii) any type of email fraud that may be used to misdirect payments or other things of value, including personal or business data and forms. As to the latter, FinCEN warned financial institutions that “risk from BEC fraud extends to the authentication and authorization processes for receiving sensitive data about the organization or their customers.” FinCEN noted enforcement actions taken against, for example, criminals that stole Personally Identifiable Information (PII) and Wage and Tax Statement (W-2) forms.
As to broadening the definition of “payments,” FinCEN now includes virtual currency payments, automated clearing house transfers, and purchases of gift cards, to name a few. (Note: This is consistent with FinCEN’s recent advisory on cryptocurrencies. See Bates’ coverage here.)
Regarding broadening the category of entities affected by BEC, FinCEN warned of an increasing trend by criminals to not only target high-net-worth individuals through their financial institutions, but also to attack non-business entities, including non-profits and government agencies that use email to transact payments between partners, customers, and suppliers.
For government agencies, FinCEN reports that the SARs reflect the targeting of pension funds and payroll accounts, as well as other contracted services. For non-profit institutions, FinCEN references attacks against educational institutions (“appealing targets for BEC criminals”) because these institutions engage in high-dollar tuition, endowments, grants and construction transactions. FinCEN also warned financial institutions that they themselves could be victims of BEC schemes. In particular, FinCEN noted enforcement actions in 2018 in which criminals spoofed bank Internet domains and sent messages to bank employees with payment instructions containing fraudulent SWIFT reference numbers.
The Financial Trend Report
The Financial Trend analysis compared changes in the data since 2016. The primary findings included the identification of the three sectors hardest hit by BEC scams mentioned above and the diversification of their targets (non-profit, government and financial institutions) in 2018.
FinCEN also found that of the many types of BEC fraud schemes, fraudulent vendor invoice scams grew to 39 percent in 2018 (from 30 percent in 2017) and accounted for 41 percent of total transaction amounts. FinCEN asserted that fraudulent vendor invoicing was the most common form of BEC crime last year. Only a year earlier, the most frequent BEC method used by criminals (based on the SARs reports) involved emails impersonating a company executive (a scam which declined over 20 percent year-over-year.)
The 2018 figures are instructive, as this Trend Report graph illustrates:
FinCEN concluded that the emergence of one type over the other was “likely due to awareness of such schemes in the business community.” Further, FinCEN surmised that scammers have turned to fraudulent vendor invoices and the targeting of certain industries because those methods are more lucrative. For example, FinCEN concluded that the average transaction amount related to a vendor or client invoice was $125,439, versus scams involving the impersonation of a CEO ($50,373). With these observations, FinCEN offers an early glimpse at the sophistication and versatility of BEC scammers. The report also shows the potential of SARs data—which will only get more robust as more data is collected—to inform enforcement and regulatory policy.
FinCEN offered a number of conclusions based on the SARs data. Generally, BEC criminals target certain sectors of the economy more than others (manufacturing, commercial services and real estate); they do so with particular types of scams aimed at particular vulnerabilities inherent in that sector; they prioritize those markets that offer the greatest return per scam, and they react to changing market business conditions.
FinCEN’s Financial Trend Report is both an exercise in mining data from SARs reports and a demonstration of how that information impacts the direction of law enforcement. For the BEC analysis, the data indicates that there have been substantial changes in how the scam has developed over the last few years. According to Bates Group’s Financial Crimes Managing Director Ed Longridge, “The advisory is an example of how those findings may translate into regulatory priorities. It is important for firms to adapt their compliance policies, payment and reconciliation procedures, training and internal controls to both report and work to prevent this type of financial fraud.”
To learn more about Bates Group’s AML and Financial Crimes services, please contact:
Is the Increase in Option-Related Cases Affecting Your Firm and Clients?
Bates Group is alerting counsel that we are seeing an uptick in option-related cases where firms offered their clients strategies to increase the yield in their investment portfolio, often involving options trading in order to earn premium income to enhance a portfolio’s regular returns.
Examples of these strategies include covered call writing, zero cost collars and the use of so-called “iron condors” – cashless options trading strategies used to generate premium income in addition to the yield on an investor’s current portfolio, while offering downside protection from potential losses.
Bates Group Support:
Bates staff and experts have provided both consulting and testimony services in matters involving options trading within a client account. Bates experts have opined on the appropriateness of the options trading, as well as the role the option positions play within the client’s overall investment strategy and portfolio of holdings. Bates has performed quantitative analyses examining the likelihood that an option position bought or sold by a client will end in a gain or loss, providing a single figure capturing the probability weighted expected value from the purchase or sale of the option position.
Bates experts have also provided in-depth knowledge and analysis concerning commonly employed options trading strategies and the role of these strategies within an overall investment objective, as well as the relative risks created for the client. Bates consultants and experts have also provided analysis and testimony in support of matters involving premium generation strategies employed to generate additional yield on a client’s portfolio, such as those involving iron condors or other means by which the held portfolio serves as collateral for options-related, income-focused trading.
Specifically, Bates can assist in the following ways:
Analyzing the trading in claimant’s brokerage accounts to determine the P/(L) associated with the strategy, and quantifying out-of-pocket losses.
Assessing if the strategy changed over time, where the strategies may have failed, and explaining how any losses occurred. This can include an evaluation of whether the stated strategy was deviated from in a meaningful way, leading to losses.
Assessing the adequacy of internal and external disclosures.
Assessing the net premium received versus the level of risk involved in a position.
Estimating position risk and return; forecasting the probability of a loss and the probable size of a loss at the time positions were written.
Assessing the suitability of the strategy and the suitability of the size of the strategy mandate.
The Bates team of consulting and testifying experts bring a clear understanding of the theory behind how these strategies work from an academic and industry perspective, from a business side and in-house perspective during the client education phase, and from a sales practice aspect when clients invest using this strategy.
SEC Chair Responds to Seven Criticisms of Regulation Best Interest
In previous posts, Bates Group looked at early reaction from SEC Commissioners and key industry players to the adoption of the new standards and interpretations that will impact the conduct of broker-dealers and investment advisers toward their retail clients. Additional articles have considered some of the reactions of state-level securities officials concerning the new rule in defense of their own state residents.
Since then, the U.S. House of Representatives weighed in and voted for an amendment to a Financial Services Appropriations bill to “prohibit the Securities and Exchange Commission from implementing, administering, enforcing, or publicizing the final rules and interpretations of the Securities and Exchange Commission rule entitled ‘Regulation Best Interest [Reg BI]: The Broker-Dealer Standard of Conduct’ …along with the other related issued guidance and interpretations.” House Financial Services Committee Chair Maxine Waters urged the SEC to rescind the rule, which “will only create confusion” for investors.
The amendment is not likely to pass the Senate. Senate Banking Committee Chair Mike Crapo is on record supporting the regulation, and SEC Chair Jay Clayton is not going to be rescinding the rulemaking anytime soon.
As this week’s formal publication of Reg BI in the Federal Register makes clear, the dates for implementation and compliance are set, even as the debate over the new rule package continues. In this article we review Chair Clayton’s endorsement of the regulation, and his point-by-point rebuttal of the criticism that it has received since agency adoption.
Mr. Clayton stated and then rebutted the following claims:
1. That the Reg BI standard of conduct will not do enough to protect retail investors.
Mr. Clayton argued that Reg BI not only substantially enhances the standard of conduct for broker-dealers, but also affords an investor the ability to choose between a broker-dealer transaction-based model and an investment adviser portfolio-based model. He said that Reg BI “affirmatively requires broker-dealers to act in the best interest of their retail customers and not place their own interests ahead of the customer’s interests.” Further, he argued that Reg BI requires the broker-dealer to comply with four component obligations: those of disclosure, care, conflict of interest, and compliance in order to ensure this higher standard. (See here for details of these obligations.)
2. That Reg BI is deficient because it does not define “best interest.”
Mr. Clayton stated that the SEC concluded that the best approach to ensuring high standards was principle-based rather than prescriptive. He argued that a determination as to whether a broker-dealer acted in a customer’s best interest would be better assessed on an objective basis after reviewing “the facts and circumstances of how the specific components of the rule [particularly the Care Obligation] are satisfied.”
3. That the fiduciary interpretation weakens the existing fiduciary applied to investment advisers by not requiring advisers to “put clients first.”
Contrary to this claim, Mr. Clayton contends that the fiduciary guidance provided in the regulatory package actually “reaffirms the important protections that the fiduciary duty, under the Advisers Act, has long provided and will continue to provide.” He stated that the interpretation restates and formalizes what the law already requires consistent with “decades of administering this standard.”
4. That the fiduciary interpretation weakens the existing fiduciary duty applied to investment advisers by not requiring advisers to avoid all conflicts.
Mr. Clayton dismisses this claim. He says that there is no “independent legal requirement for an adviser to seek to avoid all conflicts,” and that Reg BI goes far in addressing broker-dealer conflicts of interest.
5. That the standards of conduct under Reg BI and the fiduciary interpretation can be satisfied by disclosure alone.
Mr. Clayton asserted that “Reg BI cannot be satisfied by disclosure alone.” He reiterated that the conflict of interest obligation is just one of the four obligations owed by broker-dealers under the rule and that broker-dealers “will also need to comply” with the “care obligation, which applies to every single recommendation, regardless of whether a broker-dealer has disclosed, mitigated, or eliminated its conflicts of interest.” Further, he said, an investment adviser owes both a duty of care and duty of loyalty, and, as a result, cannot fulfill these duties through disclosure alone.
6. That Reg BI is a weak standard because it does not require broker-dealers to monitor a customer’s account or impose an ongoing duty.
Mr. Clayton argued that imposing such an ongoing requirement would rob investors of the ability to choose whether they want those services and whether to incur the cost of those services. Further, he said, “Reg BI adopts a specific and tailored approach that recognizes that it would be inappropriate to apply certain generally applicable obligations of investment advisers (e.g., duty to monitor) in the context of a transaction-based relationship.”
7. That the relationship summary (CRS) will not accomplish its goals of addressing investor confusion regarding the differences between broker-dealers and investment advisers.
Noting the extensive and “even unprecedented” level of investor testing of elements of the customer relationship summary, Mr. Clayton said that it will provide “material assistance to retail investors in understanding the duties they are owed by financial service providers.” He said that “no existing retail disclosure provides this level of transparency and comparability across SEC-registered investment advisers, broker-dealers, and dual registrants.” Further, Mr. Clayton stated that “the design of the final form will result in more meaningful comparisons among firms that will be more relevant to retail investors—because they will be considering the actual services, fees and conflicts of firms in a format that allows comparability between and among firms.”
Given the long history of the standards debate and the final demise of the fiduciary duty rule, strong criticism of any revised approach was to be expected and will likely continue. Despite this, deadlines are set and firms should continue working to meet them. Bates will keep you apprised of developments.
Bates Group helps firms navigate the compliance challenges presented by the new Reg BI requirements. Please visit our Reg BI service page to learn more about our Reg BI implementation support, or contact Robert Lavigne, Managing Director, Bates Compliance Solutions, at firstname.lastname@example.org.
For more information about Bates Group, click the link below to fill out our contact form, and a Bates representative will be in touch with you soon.
AML Legislative Update: Seeking Transparency, House and Senate Propose Beneficial Ownership Database
As described in Bates’ last review of congressional initiatives on Anti-Money Laundering / Countering the Financing of Terrorism (AML/CFT), the House Financial Services Committee has adopted an aggressive legislative agenda aimed at modernizing and closing loopholes in the framework. This month, a bipartisan group of Senate Banking Committee members introduced their own legislation to address current gaps inhibiting the fight against illicit financing of criminal activity. A key interest of both the House and Senate is the expansion of the use of “beneficial ownership information” of the type now collected under the Customer Due Diligence (CDD) rules that went into effect last year. In this article, Bates reviews the developing congressional legislative efforts to detect and deter financial crime.
The House and Senate Bills
The proposed requirement reintroduced earlier this year is to collect ownership information is contained in a House reform bill entitled the Corporate Transparency Act (CTA) introduced by Congresswoman Carolyn B. Maloney (D-NY). The bill would require all corporations and LLCs to disclose their true “beneficial owners” to FinCEN and to create a federal database of beneficial owners. The CTA is intended to address the use of shell companies for illicit purposes, and, according to an explanatory House staff memorandum, the proposed database that would house this information would be available “only to law enforcement agencies, as well as to financial institutions, with customer consent,” consistent with “Know-Your-Customer” compliance obligations. Otherwise, the bill exempts those entities already covered under SEC or state regulation. On June 12th, 2019, the House Committee on Financial Services voted to pass Congresswoman Maloney’s (D-NY) Corporate Transparency Act out of committee. It now moves to the House for a full vote.
Introduced in June 2019, the bipartisan Senate legislation is called the Improving Laundering Laws and Increasing Comprehensive Information Tracking of Criminal Activities in Shell Holdings Act (ILLICIT CASH Act). Like their House counterparts, the sponsors of the bill, Mark Warner (D-VA), Tom Cotton (R-AR), Doug Jones (D-AL) and Mike Rounds (R-SD) expressed concern that “the United States has become one of the go-to destinations for the creation of anonymous shell companies, allowing human traffickers, terrorists, money launderers, sanctions evaders, kleptocrats, and other criminals to promote criminal activities here in the United States undetected.” This conclusion is drawn in part from a recent Senate Banking Committee hearing in which law enforcement officials testified that they would be better able to address illicit financing if they were able to easily identify the beneficial owners of these companies. Case examples of these concerns were presented in testimony by Kenneth A. Blanco, Director of the Treasury Department Financial Crimes Enforcement Network.
Noting also that the Financial Action Task Force (FATF) “identified the United States as an outlier among developed nations for failing to disclose and track shell company ownership,” the Senators committed to working “to close our nation’s doors to shady shell companies and illicit financial activity.”
The proposed Senate legislation contains a wide array of provisions in alignment with the House bill, first among them being the establishment of federal reporting requirements mandating that all beneficial ownership information be maintained in a comprehensive federal database and readily accessible by federal and local law enforcement. Other provisions include (i) the hiring of additional financial investigators and technology experts at FinCEN, plus salary increases, (ii) data development and sharing among law enforcement agencies and financial regulators, (iii) new authority to compel foreign banks to cooperate and to comply with subpoenas subject to contempt sanctions, (iv) additional safeguards to protect personally identifying information, and (v) legislative updates to ensure applicability to digital currency.
The bi-partisan vote on CTF by the House Financial Services Committee and bipartisan announcements on the introduction of the Senate of the ILLICIT CASH Act is significant and demonstrates a serious leadership determination to address the gaps in beneficial ownership information. . Should that happen, the expansion of the use of beneficial ownership information would bring the United States in line with the anti-money laundering framework of the international community and be a potential help to law enforcement. The American Banking Association has voiced their support for both bills, and lawmakers are requesting public feedback on the proposed Senate bill by July 19th, 2019. Bates will keep you apprised.
To learn more about Bates Group’s AML and Financial Crimes services, please contact:
Massachusetts Proposes State Fiduciary Rule; Trade Groups Ask New Jersey to Pause its Process
Last month, Bates described a New Jersey proposal to apply uniform fiduciary standards to broker-dealers and investment advisers for recommendations and advice they may give to New Jersey investors. At the time of its introduction, the state proposal was positioned—quite explicitly by Governor Phil Murphy and Attorney General Gurbir Grewal—as a challenge to the anticipated adoption of a proposed federal standard. In this respect, the New Jersey proposal followed in the footsteps of other states, including Maryland, Nevada and New York, in making the case for a higher standard of care as applied to broker-dealer recommendations and in asserting the authority of the state to protect resident investors from harm.
Two weeks ago, the SEC adopted the long-awaited Regulation Best Interest (“Reg BI”), a package of rules and interpretive guidance affecting both broker-dealers and investment advisers and directing broker-dealers to act in the “best interest” rather than under a uniform fiduciary standard of care toward a retail client. (See here for a summary of the provisions of Reg BI and for some early reactions.) The SEC action has not stopped the states from pursuing their own higher standards. Last week, Massachusetts became the latest state to propose a uniform fiduciary standard for broker-dealers and advisers when dealing with its residents. This article takes a closer look at the Massachusetts proposal and the federal/state power struggle.
Massachusetts Joins the Fray
On June 14, 2019, the Massachusetts Securities Division solicited public comments on a proposal to establish statewide fiduciary conduct standards for broker-dealers, agents, investment advisers, and investment adviser representatives. In a broadside against Reg BI, Secretary of the Commonwealth William Galvin listed his problems with the Reg BI package, including its: (i) failure to establish a strong and uniform standard, (ii) failure to define key terms like “best interest” and setting “ambiguous requirements” for addressing “longstanding conflicts,” (iii) failure to prohibit known problematic practices in the securities industry, and (iv) alleged contradiction of “years of data gathered by studies and reports on disclosure and the conduct standards applicable to broker-dealers.”
The proposed Massachusetts fiduciary standard would apply to “recommendations, advice, and to the selection of account types,” including “recommendations to open IRA roll-over accounts, as well as recommendations to open accounts involving asset-based or transaction-based remuneration.” Further, the proposed conduct standard “allows for the payment of transaction-based remuneration if the remuneration is reasonable, it is the best of the reasonably available remuneration options, and the care obligation is satisfied.” The comment period runs until July 26, 2109.
Nasaa and sifma on reg bi
NASAA remains cautious in its response to the adoption of Reg BI, deferring a public conclusion until after additional membership discussion and additional review “against our comment letters.” In its first comment letter, dated August 23, 2018, NASAA noted its “members’ shared responsibility with the SEC for oversight of the firms and individuals that will be impacted by the Proposals,” and the need for the SEC to “clarify and expand the scope of the new conduct standard for broker-dealers, specifying the types of practices that would be prohibited under the new broker-dealer standard, establishing clearer lines of demarcation between investment advisory and broker-dealer activities, preserving investor rights and remedies, improving the effectiveness of proposed Form CRS, and expanding how the Commission proposes to move forward on the use of certain professional titles.”
As NASAA reminded in a 2017 filing (see Enclosure 2) on a matter before the Massachusetts Office of the Secretary of the Commonwealth Division of Securities: “the intersections of federal and state securities laws and the scope of federal preemption of state securities regulatory authority are complex and, in some areas, unsettled.” Preemption would “strip the Division of its legitimate regulatory authority over broker-dealers operating in the Commonwealth of Massachusetts and potentially do damage to the ability of other states to exercise their legitimate police powers as preserved by Congress.”
In a comment letter on the New Jersey rulemaking, SIFMA, a strong supporter of Reg BI, makes the case that “A state-by-state approach…would result in an uneven patchwork of laws that would be duplicative of, different than, and possibly in conflict with federal standards.” SIFMA urged the Bureau “to pause its rulemaking process, review Reg BI, and reevaluate its proposal before deciding whether it is necessary to proceed with an additional state regulation.” Further, SIFMA warned that “the proposal would generally incentivize firms to curtail their brokerage services in New Jersey. Earlier this year, some broker-dealers expressed similar concerns over Nevada’s fiduciary duty proposal, arguing that “the liabilities and compliance costs associated with an ongoing fiduciary duty would make it impractical to offer the basic brokerage services favored by low- and middle-income investors.”
A group of trade associations have also expressed concerns regarding the New Jersey proposal, joining SIFMA in "encouraging the Bureau to pause its process and reevaluate its Proposal in light of Reg BI." New Jersey has since called a public hearing, and the comment period for the proposal has been extended to July 18th, reportedly following "70 requests from industry groups opposing the New Jersey measure."
In a supplemental comment to the Reg BI proposal, and in response to a SIFMA request that the SEC take up the issue of preemption, NASAA successfully urged the SEC to decline “to weigh-in on the scope of federal preemption of state regulatory authority in any final Commission Reg BI rulemakings,” further arguing that the issue is “more properly reserved for the courts.” The SEC did not take up the preemption issue in its final rule adoption.
The Massachusetts proposal (and other state proposals) are significant obstacles on the road to acceptance of Reg BI as the final word. While it is likely that the issue of federal preemption will be resolved in court, any final outcome is not self-evident. Bates will keep you apprised.
Bates Group’s compliance consultants can help your firm through the implementation phase of Reg BI. To learn more about Reg BI compliance consulting support for your firm, please visit our Reg BI service page or contact Robert Lavigne, Managing Director, Bates Compliance Solutions, at email@example.com.
SEC Adopts Regulation Best Interest: Early Reaction and its Impact
On the day the SEC approved a set of regulatory proposals affecting the obligations that broker-dealers and investment advisers owe retail investors, Commissioner Hester Peirce issued a “plea” to critics to “take a fair look at what it says before you proclaim it a success or failure.” In this article, Bates reviews the core elements of the rules and related guidance, and some of the early reactions.
Regulation Best Interest
Regulation Best Interest ("Reg BI") is actually part of a package of rules and interpretive guidance directing broker-dealers to act in the “best interest” of the retail client when recommending a securities or investment strategy. To fully understand the scope of the package, all of its parts must be considered. Here are some of the highlights under the new rule:
Under the new standard, a broker-dealer who makes recommendations to a retail client must satisfy obligations related to (i) disclosure, (ii) diligence, skill and care, (iii) conflicts of interest and, generally, (iv) compliance.
The disclosure obligation requires a broker-dealer to provide in writing to a retail client all “material facts” about the broker-dealer’s relationship with that client. This includes disclosing that the broker-dealer is acting in the capacity of a broker or dealer but not as an investment adviser; the type and scope of services to be provided; the costs of those services; any “material limitation” on a recommendation or investment strategy; and all material conflicts of interest.
The care obligation requires a broker-dealer to exercise reasonable “diligence, care and skill” when making investment recommendations. In order to satisfy the Reg BI obligation, a broker-dealer must understand and communicate the “risk, rewards and costs of any recommendation;” have a reasonable basis to believe that the recommendation is in the best interest of the client and, therefore, not place the interests of the broker-dealer over that of the client; and that any series of transactions are not “excessive,” given the client’s investment profile.
The conflicts of interest obligation requires a broker-dealer to create written policies and procedures and to monitor, mitigate and/or eliminate potential perceived conflicts. A conflict is defined as “an interest that might incline a [broker-dealer] . . . consciously or unconsciously . . . to make a recommendation that is not disinterested.” Consequently, the obligation requires firms to eliminate sales contests and sales quotas, or other techniques that are based on the sale of specific securities in a limited period of time and/or to prevent incentive compensation that may lead to broker-dealers prioritizing their interests over those of a client.
The compliance obligation is an important enforcement provision requiring a broker-dealer to establish, maintain and enforce their written policies and procedures reasonably designed to obtain compliance with the entirety of the Reg BI package.
Client Relationship Summary
A key requirement under the Reg BI package is that both broker-dealers and investment advisers must provide a Client Relationship Summary form (“Form CRS”) to their retail clients. The SEC provided for significant flexibility in the design of a firm’s Form CRS, as it is intended to provide simple and understandable information to retail clients about their relationship with their financial professional. That said, the form is specific in a number of ways. For example, the Form CRS must include information on fees and costs incurred by the client, compensation structures and relationship models of the firm, types of services offered, the differences between investment advisers and broker-dealers and perceived general conflicts of interest. It also prohibits broker-dealers from using the term “advisor” or "adviser" when communicating with retail clients.
Additional Guidance on Investment Advisers
In addition to the core elements required under Form CRS, the SEC also published interpretive guidance that further distinguishes this new best interest standard from that of the fiduciary duty requirement owed to retail clients by registered investment advisers. The fiduciary duty requirement owed under the Investment Advisers Act requires an investment adviser to satisfy both a duty of care and a duty of loyalty. The new guidance explains that an investment adviser’s duties apply to the entire adviser-client relationship. The guidance also refers to an investment adviser’s relationship to institutional clients and provides additional clarity on full and fair disclosure and informed consent. Additionally, the guidance provided clarification that the best interest standard under Reg BI would only apply to recommendations made by the broker-dealer unless the broker-dealer has disclosed or stated there would be an ongoing duty of care to the client for those recommendations.
More Clarity on “Solely Incidental” Advice
The SEC also provided interpretive guidance on Investment Advisers Act registration exemptions for broker-dealers who provide certain investment advice that would otherwise make these broker-dealers subject to the regulations required for investment advisers. The guidance clarifies that if a broker-dealer’s advice is "solely incidental" to the conduct of their business, and if they don't receive "special compensation," broker-dealers would be exempt from investment adviser registration requirements under the Investment Advisers Act. According to the new guidance, if such advice is “reasonably related to the broker-dealer’s primary business of effecting securities transactions,” then the advice would be “solely incidental” and within the exemption.
In a definitive vote, the SEC Commissioners voted 3-1 in favor of the proposed rules and guidance issued under Reg BI. Acknowledging the “courage and commitment” of the staff in delivering the final 750+ page package, Chair Jay Clayton restated the SEC’s objectives: “to bring the required standards of conduct for financial professionals and related mandated disclosures in line with reasonable investor expectations; and … to preserve retail investor access (in terms of both choice and cost) to a variety of investment services and products.” The Chair and the other SEC Commissioners supporting the package—some with notable reservations—stated that the rule achieves both objectives. Dissenting, Commissioner Robert J. Jackson Jr. disagreed, saying broadly that Reg BI (i) fails to put retail clients first, (ii) fails to be based on a proper cost benefit analysis, (iii) fails to protect America's savers from conflicted advice, and (iv) does not raise the standard for investment advice.
Upon the adoption of the new rule, SIFMA President and CEO Kenneth E. Bentsen, Jr. applauded the new framework, saying it “will impose a materially heightened standard of conduct for broker-dealers when serving retail clients.” He noted that in some instances, the duties imposed on broker-dealers under the rule go further than those required of investment advisers. Specifically, he said, that “not even the so-called fiduciary standard under the Investment Advisers Act includes the obligation to eliminate or mitigate conflicts.”
He also recognized that “compliance with the rule will not be easy … and the costs to implement will no doubt be significant, but we believe, worthwhile to uniformly enhance investor protection to the level investors should and do expect, while preserving investor choice and access to investment advice.”
Reportedly, the Public Investors Arbitration Bar Association, the Consumer Federation of America (“CFA”) and Better Markets all contended that the new rule package would not raise broker advice obligations above the existing suitability standard. In a statement released by the CFA, director of investor protection Barbara Roper said, “the SEC is throwing ‘Mr. and Ms. 401(k)’ under the bus.” Among other concerns, she said that Reg BI will make “it easier for brokers to mislead their customers into believing they are getting trusted, best interest advice when they are actually getting investing recommendations biased by toxic conflicts of interest.”
Bates has been covering the efforts to reform broker-dealer best interest standards for many years (see here, for example), and it was no surprise that Commissioner Peirce’s admonition against prematurely judging the new regulation went unheeded.
That said, the adoption of the Reg BI package still only represents the beginning of a long journey toward achieving the aims articulated by Chair Clayton. As he reminded us: “there are an estimated 43 million American households that have a retirement or brokerage account; there are over 2,700 SEC-registered broker-dealers that provide services to retail investors, with nearly $4 trillion in total assets and almost 139 million customer accounts; there are over 8,000 SEC-registered investment advisers that provide services to retail investors, with over $41 trillion in assets under management and over 40 million client accounts; and there are approximately 960,000 women and men employed by broker-dealer and investment advisory firms that provide services to retail investors.”
The significance of the new rules is undeniable. There will no doubt be many compliance, enforcement and litigation stops likely along the way.
Cryptocurrencies Regulatory Update: FinCEN Guidance, SEC and Commissioner Commentary
The state of play in cryptocurrency regulation continues to reflect legitimate tensions between promoting innovation and entrepreneurship and maintaining sound markets and investor protection.
In previous articles, Bates Research has described some of the definitional challenges that directly affect which agencies govern which crypto assets. For example, the SEC asserts jurisdiction over virtual digital offerings presented as securities (under certain legal tests,) while the CFTC maintains authority when the digital assets present as commodities and options. FinCEN covers digital assets by extending money transmission regulations for businesses subject to Bank Secrecy Act (“BSA”) and Know Your Customer (“KYC”) obligations. State and international regulators sometimes take conflicting positions as they attempt to control how these new technologies may affect their economies. In short, regulators are alternatively encouraging, threatening and enforcing compliance as new business models push the boundaries of traditional commerce.
In this article, we review recent developments including new guidance and a recent advisory issued by FinCEN, anticipated guidelines from the Financial Action Task Force (“FATF”) and the latest developments at the SEC.
FinCEN Issues Guidance and an Advisory
Last month, FinCEN issued interpretive guidance affirming its regulatory approach and warning financial institutions about the threat of virtual currencies used to support criminal activity. Specifically, FinCEN took two steps in order “to provide regulatory certainty for businesses and individuals.” First, the agency consolidated current FinCEN regulations, administrative rulings and preexisting guidance and explained how they apply to “Convertible Virtual Currencies” (CVCs) businesses. Second, FinCEN issued warnings “to assist financial institutions in identifying and reporting suspicious activity related to the criminal exploitation of CVCs for money laundering, sanctions evasion, and other illicit financing purposes.”
The FinCEN guidance starts by defining key concepts including the definition of money transmitters and “money transmissions…that substitute for currency.” This is important, as the definitions serve to distinguish FinCEN’s authority over money services businesses (“MSBs”) from those of the SEC (derived from the definition of “securities”) and the CFTC. (derived by definitions related to commodity futures.)
FinCEN then explains its current regulatory scheme involving money transmission under the BSA. The agency restates key requirements including written AML compliance policies, the collection of KYC information, the monitoring of transactions by a designated officer, the filing of SARs and adequate record-keeping. Remaining sections summarize FinCEN’s most recent guidance on the application of money transmission regulations to transactions denominated in CVC; highlight certain patterns of activity that raise concern and demonstrate how different business models that utilize CVCs are covered. As Director Kenneth A. Blanco stated: “our regulatory approach has been consistent and despite dynamic waves of new financial technologies, products, and services, our original concepts continue to hold true. Simply stated, those who accept and transfer value, by any means, must comply with our regulations and the criminal misuse of any methodology remains our fundamental concern.”
The companion FinCEN advisory provides examples of “prominent typologies” and details some thirty red flags for compliance professionals. The advisory identifies information important to enforcement agencies contained in SARs. The guidance and advisory warns of suspect conduct related to peer-to-peer transactions, custodial wallets, crypto ATMs (physical CVC kiosks), anonymity-enhanced CVC transactions, money transmission performed by internet casinos, decentralized applications (dApps), crypto-payment processors and mining pool operators.
Sigal Mandelker, Under Secretary of the Treasury for Terrorism and Financial Intelligence offered some additional perspective. Of the more than 47,000 SARs received by the Treasury Department since 2013, she said, “half of these SARs were filed by virtual currency exchangers or administrators themselves…. Nobody  wants to see innovative products and services misused to support terrorism and weapons proliferation.”
FATF Interpretive Guidance Coming in June
Expected later this month, the Financial Action Task Force (FATF) will finalize certain updates to its international standards and provide clarifying interpretive notes. Specifically, the intergovernmental standards-setting body will recommend that virtual asset service providers require the identities of both the sender and recipient of every virtual asset transmittal of funds. To date, the industry has not reacted favorably to this recommendation, declaring that bad actors would simply move toward unregulated markets. But as one influencer remarked, stricter standards would “actually legitimize crypto-currencies globally … and set the stage for the conventional financial sector to use the technology, in line with established regulatory frameworks.”
Additional Developments From the SEC
In April, William Hinman (SEC Director, Division of Corporation Finance) promoted a newly published framework “for analyzing whether a digital asset is offered and sold as an investment contract, and, therefore, is a security.” Though the framework is intended to be an analytical tool for assessing whether the securities laws “apply to the offer, sale, or resale of a particular digital asset,” – and officially “not a rule, regulation, or statement of the Commission.” The framework serves as yet another guide by the SEC to define what is and is not within the jurisdiction of the agency and, therefore, whether an entity must register and be subject to applicable registrations. The framework reaffirms that covered entities include those that offer, sell, distribute, market, buy, sell, trade, facilitate exchanges and offer financial services concerning digital assets.
The overall SEC approach, which included the issuance of an SEC registration exemption letter, was criticized by SEC Commissioner Hester Peirce, who compared the agency’s approach to Jackson Pollack splashing paint across a canvas. Though she acknowledged preliminary steps by the agency that provide some clarity on the legal test, she encouraged greater guidance by the regulators and warned that “without a functional secondary market, which encompasses broker-dealers and trading platforms that can legally trade digital securities, and advisers and funds that can buy and hold the assets, the primary market in the U.S. will wither, and retail investors will not enjoy the protection our securities laws offer.”
While there is continuous movement to strengthen the definitions that anchor agency authority and jurisdiction, as evidenced by FinCEN’s new guidance and advisory, the upcoming FATF interpretive guidance, and additional information pushed out by SEC staff, there is also great debate in the market on the slow pace toward a holistic regulatory approach to fintech. Bates will keep you apprised.
For information on how we may help, please follow the links below to Bates Group's Practice Area pages:
NASAA Members Adopt Investment Adviser Information Security Model Rule Package
Only a few weeks ago, Bates described an SEC Office of Compliance Inspections and Examination (OCIE) Risk Alert that highlighted privacy and information security issues raised during examinations of registered investment advisers and broker-dealers. The Alert urged registrants to pay closer attention to all aspects of SEC regulations that obligate firms to safeguard client information.
The SEC has not been the only regulatory agency to express concern over data privacy and information security. As Bates reported last October, the North American Securities Administrators Association (NASAA) proposed a new model rule for consideration by state regulators that would require state-registered investment advisers to adopt new policies and procedures in order to safeguard client information. The model rule was based in part on the results of NASAA’s 2017 supervisory examinations of state registered firms and on NASAA’s evolving Cybersecurity Checklist.
Fast forward to last week: NASAA announced that its members voted to adopt the model rule package “which now is available for individual jurisdictions throughout the United States to implement through regulation.” That announcement is significant. State implementation of the model rule package may have serious enforcement implications. In this article, we take a closer look at what those could be.
NASAA’s Model Rule Package
The NASAA model rule package has three parts:
The third element of the package concerns enforcement and non-compliance. It amends NASAA’s Unethical Business Practices and Prohibited Conduct Rules to include failing to establish, maintain, and enforce practices and procedures to the list of unethical business practices/prohibited conduct. Practically speaking, once embraced by a state, the model rule will place a significant burden on investment advisers. Failure to comply with information security practices or procedures, a security incident, the release of confidential information, or some other data breach could trigger a determination that a firm engaged in an unethical business practice or prohibited conduct thereby subjecting an investment adviser to penalties and consequences.
According to Michael S. Pieciak, NASAA President and Vermont Commissioner of Financial Regulation (pictured above), this model rule package “provides a basic structure for how state-registered investment advisers may design their information security policies and procedures.” The model package is intended, he said, “to create uniformity in both state regulation and state-registered investment adviser practices.”
Potential Impact of New Rule Package
In its 2019 Annual Report, NASAA offers a snapshot of the current status of those potentially affected by the model rule. The Report cites some 17,500 state-registered investment advisers. Of that number, NASAA states that 80% operate out of one- or two-person “shops,” and almost 19% operate in businesses with between 3 and 10 representatives. Further, the data shows that 99% of the businesses serve main street/retail investors. In the NASAA release, Andrea Seidt, Chair of NASAA’s Investment Adviser Section, points to the potential impacts for companies and small shops when faced with a security breach, saying "The reputational damage and loss of client trust that often follows an information security breach can be devastating to the bottom line of any business, especially small businesses.”
Given any overlapping obligations required under federal law (e.g. SEC regulations), the compliance burden on independent advisers continues to grow. State-registered investment advisers should anticipate that they will need to conform their current policies and practices to NASAA’s model rule and stay alert to the adoption of the model rule in their state. Bates will continue to keep you apprised of both state and federal developments.
For additional information and assistance, please follow the links below to Bates Group's Practice Area pages:
SEC Office of the Investor Advocate Releases New Report on Efforts to Protect Seniors
An Engagement Adviser in the SEC Office of Investor Advocate (OIA) has prepared a valuable overview report on the SEC’s efforts to protect seniors from financial exploitation. The 25-page paper highlights the agency’s examination, enforcement and regulatory policy, in addition to its education and outreach activities. The paper also offers suggestions for financial firms and financial service providers to consider when reviewing their compliance processes and procedures.
Bates follows regulatory and enforcement developments on senior financial exploitation issues closely. In addition to tracking current events across the wide spectrum of state and federal regulators and legislators, Bates Research published its own white paper on senior fraud last September. In that paper—citing to some of the previous work done by the OIA Adviser—we described some of the compliance challenges facing firms as they confront a complex and evolving regulatory environment. In this article, we review key observations from this latest OIA report which hones in, specifically, on the SEC’s approach to combating senior financial fraud.
SEC Compliance Inspections and Examinations
The OIA Adviser summarized the “evolution of industry policies, procedures and practices” as a way of understanding the agency’s current regulatory framework. The summary is also important in order to appreciate the urgencies, the multiple actors and the historical progression of the issue.
Of more practical significance, perhaps, is the review of the most recent risk examinations of broker-dealers, investment advisers, and other entities conducted in several ways by the Office of Compliance Inspections and Examinations (OCIE), including OCIE’s findings on the recurring gaps in compliance. These include (i) failures to tailor policies to a firm’s specific business models and client bases and (ii) policies and procedures that lack necessary specificity.
The Adviser provided many specific examples, including firms’ wholesale adoption of policies and procedures from other entities, improper delegations of core responsibilities to third parties without documentation and vaguely defined criteria for identifying senior customers. Other examples highlighted uneven procedures designed for some products (like insurance, IRAs and retirement products) but not others, deficiencies in monitoring and supervision, and inadequate training. He described issues related to diminished capacity, retirement account management, trusted points of contact and changes to account beneficiaries. In so doing, the report provides a helpful checklist for compliance officers as they review their policies and procedures.
SEC Enforcement Cases
The author also reviewed a handful of Enforcement Division cases (in particular those derived from the data driven investigations by the Retail Strategy Task Force) concerning fraudulent schemes against seniors. These were selective but include prosecuted Ponzi, boiler room, pyramid, theft and misappropriation of funds and securities price (or volume) manipulation schemes. Among the sources the agency draws on to “ferret out” these schemes are suspicious activity report filings (see Bates article here for a review of a recent CFPB Report on SARs filings and elder financial exploitation), the tips and referrals hotline, and programs to encourage and reward whistleblowers.
Regulatory Policy and Public Education
In a brief review of SEC-related regulatory policy, the report touches on FINRA rule amendments on “Customer Account Information” and “Financial Exploitation of Specified Adults.” It emphasizes that these regulatory changes are part of the new toolkit designed to help regulators combat senior financial fraud and notes, generally, the importance of the NASAA Model Act, state laws and Congress’ Senior Safe Act of 2018. It also describes the importance of the no-action letter process for the mitigation of potentially serious impacts of the amended rules on broker dealers, as well as the SEC efforts to educate the public through a series of activities ranging from live events and town halls to webinars and other online content. Highlighting the work of Office of Investor Education and Advocacy (OIEA), the importance of access to background checks for financial professionals is also underscored.
OIA Warns of Continuing Challenges
The report also cautions that there are demographic, market and technological challenges that will continue to impact the fight against financial fraud. The lure of the scam, the aging of the American population, issues of cognitive impairment, shifts from defined-benefit to defined-contribution retirement plans (that require retirees to more actively manage their own savings), a continuing low interest rate environment (which “tempts” investors to reach for yield)—these are all trends that are part of the landscape. In addition, he cites the challenges that are presented by new technologies, which give fraudsters new ways to exploit seniors but also allow “the SEC and others to work smarter and more effectively in combatting elder abuse.”
Another interesting observation is the challenge presented by the sheer size of the problem and the heavy financial and emotional toll it inflicts. The OIA recognizes that this creates an urgent desire for action on the part of legislators, regulators and law enforcement. In doing so, however, they must acknowledge the complexity of balancing the rights of the elderly to make their own financial decisions (and to have access to their accounts and to privacy) against the efforts and rules intended to protect the vulnerable from suspected financial exploitation, “even if it comes at the expense of the individual’s autonomy.”
The value of the OIA report lies in its collation of all the various activities undertaken by the SEC on a single priority: curbing senior financial exploitation. As to its guidance for financial firms, the OIA offers general, but common-sense recommendations. These include greater attention to: (i) tailored policies, procedures and practices that specifically address seniors; (ii) better awareness of the growing list of federal and state requirements, safe harbors and rules; and (iii) training employees on the signs of and steps to take regarding financial exploitation.
The OIA also recommends that financial firms “go beyond compliance and strongly consider taking voluntary action, if warranted, to protect seniors.” Such voluntary action would include more aggressive intervention in pausing disbursements in suspicious circumstances, engaging with trusted contacts when health or cognitive decline questions emerge, notifying authorities and extensive training.
As the SEC and other regulators raise expectations on firms for more risk-based compliance, the OIA report is helpful. Its overview of the many elements of regulatory intervention helps firms to understand the broader view of the regulator and, therefore, to better anticipate and prepare for regulatory oversight on senior financial exploitation. Bates will continue to keep you informed.
FINRA on AML, Departing Registered Representatives, New Proposed Rules for Firm Misconduct
Over the last month, FINRA issued guidance on anti-money laundering (AML) compliance and customer communications concerning departing registered representatives. FINRA also proposed a rule adding obligations to firms with a significant history of misconduct. In this article we take a closer look at these moves and the stepped-up expectations that flow from them.
Compliance and Anti-Money Laundering
Concerned with emerging areas of risk, particularly with respect to digital assets, FINRA published new AML guidance “to assist broker-dealers in complying with their existing obligations.” The new guidance highlights conditions under which brokers must monitor and report suspicious activities under a firm’s written AML compliance program, as required by FINRA Rule 3310.
As noted in Bates’ recent Compliance Alert, circumstances that require the filing of reports include the detection and reporting of transactions by a broker-dealer that “involves or aggregates funds or other assets of at least $5,000, and the broker-dealer knows, suspects or has reason to suspect that the transaction” (i) contains funds from an illegal activity; (ii) is designed to evade regulations under the BSA; (iii) does not appear to have a "reasonable explanation;" or (iv) might be facilitating criminal activity. Broker-dealers must report such activity by filing suspicious activity reports (SARs).
The FINRA guidance enumerated examples of potential money laundering “red flags” for firms to consider incorporating in their compliance programs. FINRA highlighted these examples under various categories, including customer due diligence and interactions with customers, deposits of securities, securities trading, money movements, insurance products and other indicators of suspicious customer behavior. The sheer number of red flags—likely taken from examinations—should urge firms to review the myriad potential vulnerabilities in their existing compliance program.
Compliance on Communications Concerning Departing Brokers
Concerned that customers may be less than fully informed about the maintenance of their assets in the event that their registered representative leaves a firm, FINRA offered guidance on what firms must do under these circumstances. FINRA recognized how different business models (customer advisory center, group service or one-on-one) may affect customer relations. However, they expect that all firms must “promptly and clearly communicate to affected customers how their accounts will continue to be serviced” and “provide customers with timely and complete answers, if known, when the customer asks questions about a departing registered representative.”
Specifically, FINRA expects firms to have appropriate policies and procedures in place to ensure direct communication and continuity for the client should their registered representative depart. Firms are obligated to update these policies annually and make them available to all customers. Among the required elements, firm policies must include providing a customer with points of contact, ongoing trade instructions and answers about the departing representative themselves. FINRA expects firms to clearly communicate to customers an option to stay with the firm (and be serviced by a newly assigned registered representative or someone else) or to transfer the assets to another firm. FINRA also stated that the firm must provide the departing registered representative’s contact information, so long as the departing representative consented to such disclosure. That said, FINRA noted that any information provided about the departing representative must be “fair, balanced and not misleading.”
Proposed New Rules For Firm Misconduct
Concerned with the heightened risks that firms with “a significant history of misconduct” pose to investors, FINRA proposed new rules that would identify these firms and then place additional obligations on them. The proposed new Rule 4111 (the Restricted Firm Obligations Rule) would require these designated firms to (i) make deposits of cash or qualified securities that cannot be withdrawn without FINRA's written consent, (ii) be subject to restrictions on operations deemed necessary or appropriate to protect investors, or (iii) be subject to a combination of both those obligations.
A further proposed rule outlines expedited procedures that allow for the review of determinations under the Restricted Firm Obligations Rule, providing members the right to challenge any new obligations that may be imposed. FINRA states that the determination is based on specified numeric disclosure event thresholds “developed through a thorough analysis” and relative to “the number of events at similarly sized peers.”
At the 2019 FINRA Annual conference, Robert W. Cook, President and CEO of FINRA, said that “the goal is to use objective criteria” when determining whether a firm must comply with additional obligations. He said that FINRA’s chief economist found, when focusing testing on the objective criteria, that the number of miscondent events is high. “Firms that have been caught in a funnel may have as many as nine times events than their peers,” said Cook.
Beyond the numbers, Mr. Cook shared with the conference audience that FINRA considered other factors including information from the member applications program (MAP), the firm’s regulatory history and examinations. He also said that there would be dialogue with the firm including as to the types of things they are doing that pose the greatest risk to investors and ask the firm to “put aside greater capital to cover future unpaid arbitration awards.”
The proposal states that restricted firms, “while small in number, present heightened risk of harm to investors…their activities may undermine confidence in the securities markets as a whole.” Mr. Cook echoed this rationale, stating, “we want to be sure that FINRA is doing everything we can to address this outsized risk and the high numbers of misconduct issues” they represent.
To learn more about Bates Group’s services, please contact:
Safeguarding Client Information: OCIE Wants Firms to Increase Efforts
In a new Risk Alert, the SEC’s Office of Compliance Inspections and Examination (OCIE) highlighted privacy and information security issues raised during examinations of registered investment advisers and broker-dealers. The OCIE wants registrants to pay closer attention to all aspects of Regulation S-P, the SEC’s rule that obligates firms to safeguard client information. In addition, the OCIE wants firms to be more diligent about integrating their overall compliance efforts and to better communicate privacy policies to their retail investors—particularly as they relate to electronic and web-based platforms. As Bates Research described in a previous post, the OCIE is prioritizing the protection of retail investors (see its annual report on market risk). Securing customers’ personal information is at the heart of that protection. In this article, we takes a closer look at the new Alert and the OCIE’s emphasis on improving Regulation S-P compliance.
SEC Rules and OCIE Exam Results
As FINRA states, “protection of financial and personal customer information is a key responsibility and obligation of FINRA member firms.” Regulation S-P requires firms to enact written policies and procedures to protect the confidentiality, security and integrity of client information. The Safeguards Rule requires these policies to “address administrative, technical and physical safeguards.” Among other things, this rule obliges firms to protect against anticipated “threats or hazards” and against any unauthorized access to personal information. Further, the regulation requires firms to issue privacy notices to clients on firm information-sharing practices, to further explain customer rights to opt-out, to develop programs to prevent identity theft and to address potential risks of bad actors intent on stealing account assets or accessing a client account to manipulate the market.
OCIE reports that it found gaps in firm compliance with many of these obligations. The most common deficiencies included failures to have written policies and procedures related to the administrative, technical, and physical elements as required under the Safeguards Rule. But OCIE found many specific failings including, for example, failures in the provision of the required notices, inaccuracies in the content of the notices, failures to provide opt-out information on sharing non-public personal information, as well as policies containing blank spaces that registrants left incomplete.
Just as significant, OCIE reports that many of the written policies were “not reasonably designed” to protect client’s personal information. The agency highlighted a host of examples including failures (i) to protect customer information on personal devices; (ii) on the use of personally identifiable information (“PII”); (iii) in the training and monitoring on the use of unsecured networks and encryption in electronic communications; and (iv) related confidentiality when employing outside vendors. More broadly, the OCIE found examples of firms failing to keep an inventory of all the systems that may access PII; inadequate incident response plans; PII that was stored in unsecure locations, customer login credentials that had been too widely disseminated; and failures to ensure that former employees terminated access rights to PII after their departure.
The Regulation S-P issues addressed in the OCIE Risk Alert implicate broader concerns about protection of financial information and cybersecurity. As Bates has reported before, both FINRA and NASAA have addressed related issues (see here and here). Recently, SIFMA published a thinkpiece on battling current risks associated with cybersecurity for financial firms. It points out that “cybersecurity is not just about building defenses around a perimeter…but have expanded to include malicious or destructive attacks, that go beyond stealing money and data.”
The author concludes that firms must not only address the issue through compliance but through the development of a culture of cyber resiliency:
“Security is not just IT or compliance’s problem, it is everyone in the organization’s problem. And the key to mitigating cyber risk is having everyone in the organization concerned about cyber awareness. Financial services employees understand cyber resiliency is critical to meeting client expectations, delivering client services and safeguarding client data…There is evidence to show that there is a benefit to all parties if they work together—collaboration, not silos—to protect the firm from cyber attacks and the reputational risk from an incident. Training and ongoing communication changes the mentality of employees.”
The underlying message of the OCIE’s Risk Alert is that firms must engage in a deep dive to ensure that adequate firm policies exist and are being implemented in a way that can effectively address the risk. SIFMA’s opinion piece takes this a step further, arguing effective risk management requires cultural change that supports but goes beyond integrating administrative, technical and physical safeguards under Regulation S-P.
When the OCIE sends out an alert, it is providing information to help firms adopt and implement effective policies and procedures under the applicable regulation—in this case Regulation S-P. The Alert is also a strong message that the agency has made the subject a priority, thus increasing the likelihood that enforcement efforts are not far behind.
Visit Bates Group at the 2019 FINRA Annual Compliance, Booth #7, on May 14th-17th in Washington D.C. and learn more about our compliance and regulatory solutions for your firm.
For additional information and assistance, please follow the links below to Bates Group's Practice Area pages:
New Jersey Makes Its Move, Proposes Financial Services Fiduciary Standard
On April 15th, the New Jersey State Bureau of Securities proposed applying uniform fiduciary standards to broker-dealers and investment advisers for recommendations and advice they give to New Jersey investors. The new, no-nonsense proposal is certainly aggressive. Any breach of a fiduciary duty owed to a customer under the proposed regulation would be deemed a “dishonest and unethical practice.”
The proposed New Jersey rule was expected—New Jersey Governor Phil Murphy (pictured above) and Attorney General Gurbir Grewal have been promoting it since at least September 2018 and issued a pre-proposal of the rule in October. Notably, these early steps were taken only months after the SEC introduced Regulation Best Interest, and some six months after the Fifth Circuit struck down the Labor Department’s version of a fiduciary duty rule, (see Bates’ discussion of these actions at the time.) Regarding timing, SEC Chair Jay Clayton said that Regulation Best Interest will be issued sometime in 2019, with many expecting that it will happen this summer.
The formal promulgation of the new rule has garnered a lot of attention for both its terms as well as its proactive approach to the SEC efforts. In this article, Bates describes this state proposal rule and considers some of the implications and reaction to the New Jersey move.
The State Makes Its Move
In introducing the bill, New Jersey’s leaders threw down the investor protection gauntlet. Arguing that the proposal offers “some of the strongest investor protections in the nation,” Governor Murphy stated: “At a time when the federal government is undermining the consumer protections implemented in the wake of the 2008 economic crash, we are committed to ensuring our residents and families are protected from predatory financial practices." Attorney General Grewal added, “If the federal government won’t act to protect investors, then we will.”
The state leadership left little doubt about its position. The proposal criticizes the suitability standard as inadequate and vulnerable to conflicts of interest and excessive fees. Dual registration is criticized as confusing and blurring the lines between advisory services and sales. The Acting Director of the Division of Consumer Affairs was blunt: “nothing short of [the fiduciary standard] provides investors with the protections they deserve.”
The proposed rule requires all registered investment professionals to act as a fiduciary when providing advice “or recommending an investment strategy, the opening of or transfer of assets to any type of account, or the purchase sale or exchange of any security.” The term fiduciary includes both a duty of care and a duty of loyalty. The former requires the registered professional to make a reasonable inquiry into the risks, costs, and conflicts of interest related to any recommendation or advice, and to understand the “customer’s investment objectives, financial situation and needs, and any other relevant information.” The duty of loyalty is intended to ensure that any advice be made without regard to the financial interest of the investment professional or any other third-party.
The proposed rule lays out several presumptions, conditions and clarifications which establish guideposts for expected behaviors. For example, existing incentive practices, such as sales contests or anything that might lead to a conflict of interest, would be considered presumptively invalid. Existing disclosures of conflicts of interest practices by themselves would not be sufficient to satisfy the duty of loyalty required by the proposed standard. As to transaction-based fees, they are still allowed under limited conditions.
Further, the rule defines how long and in what instances the fiduciary duty lasts. For specific recommendations by a broker-dealer, for example, the fiduciary obligation “extends through the execution of the recommendation and, therefore, would not be considered an ongoing obligation.” This is distinguishable from obligations related to advice for investment advisers and dual registrants, for whom the obligation would be applicable to the entire customer relationship on an ongoing basis.
As noted, failure to act in accordance with this fiduciary duty when making a recommendation or providing investment advice would constitute “a dishonest or unethical business practice.” Comments on the proposal are due by June 14, 2019.
To the extent that the New Jersey proposal represents an assertion by a state to use its authority to protect its resident investors from harm, New Jersey joins other states, such as Maryland, Nevada and New York that have, in various forms and with limited success, joined the fight. (See, e.g. here and here.) The New Jersey proposal may add momentum to these state efforts to impose standards on broker dealers and investment advisers.
Given that likelihood, the New Jersey proposal highlights legal questions of federal preemption over state law. A fight over federal preemption ensures that federal courts will be needed before any final resolution. Initial preemption concerns were already discussed in a SIFMA comment letter requesting that the SEC adddress it, and a NASAA response asking the SEC to bypass the question and let the courts determine such questions.
It is easy to see the New Jersey proposal as merely the latest skirmish in a long-running battle to address serious systemic and conflict of interest issues in financial services. On substance, however, the proposed New Jersey fiduciary standard can very much be viewed as a direct challenge to SEC Regulation Best Interest. Under a section titled “Federal Standards Analysis,” the New Jersey Bureau states clearly that its “proposed new rule will exceed [the SEC-proposed] standard.”
In an op-ed titled SEC Proposal Packs an Investor-Protecting Punch supporting Regulation Best Interest, SIFMA’s CEO Ken Bentsen wrote a direct appeal to the Commissioners: “Ultimately, the SEC proposal represents a true best-interest standard with real teeth. We urge the SEC to present a final rule at their earliest opportunity….After more than a decade of debate, the time to finalize the rule is now.”
As the debate continues, Bates will keep you apprised of developments.
Longstanding opposition to mandatory arbitration is finding renewed momentum as federal legislators introduce bills to limit or even eliminate the binding provisions in consumer, employment and financial contracts. In the name of protecting consumers, employees and investors, legislators introduced the Forced Arbitration Injustice Repeal Act (“FAIR Act”), the Arbitration Fairness for Consumers Act (“AFC”) and the Investor Choice Act (“ICA”). This recent activity is in addition to persistent calls by House and Senate members to ensure greater fairness and transparency in FINRA’s arbitration process.
Given the importance that mandatory arbitration plays in the overall framework of dispute resolution for financial firms and professionals, these bills reflect a wave of political action not so easily dismissed. In this article, Bates Research looks at the new legislation, some reactions by industry groups and recent developments on the broader subject, including continued pressure on FINRA.
A Concerted Attack on Mandatory Arbitration?
The Investor Choice Act - For broker-dealers and advisers, the proposed ICA may be the most explicit of the new proposals. Sponsored by Representative Bill Foster (D-IL), the bill would amend securities laws to prohibit mandatory pre-dispute arbitration agreements. The underlying premise of the bill is the assertion that “brokers, dealers, and investment advisers hold powerful advantages over investors,” and that “mandatory arbitration clauses…leverage these advantages to severely restrict the ability of defrauded investors to seek redress.” The bill would give investors a choice to use arbitration “if they judge that arbitration truly offers them the best opportunity to efficiently and fairly settle disputes,” but would also allow investors to “be free to pursue remedies in court should they view that option as superior to arbitration.” Other provisions would amend securities laws and the Investment Advisers Act to prohibit the listing of any security that mandates arbitration between an issuer and its shareholders. (Made explicit is the prohibition against any such provision in an issuer’s bylaws, registration statements, or other governing documents). Further, the bill would make preexisting mandatory arbitration clauses in contracts void.
The Arbitration Fairness for Consumers Act - The AFC, introduced by Senator Sherrod Brown (D-OH), would be applicable to contracts involving real or personal property, services (including services related to digital technology), securities and other investments, money and credit. As applied to consumer financial products or service disputes, the AFC would prohibit mandatory pre-dispute arbitration agreements and any “practices that interfere with the right of individuals and small businesses to participate in a joint, class, or collective action related to a consumer financial product or service dispute.”
The Forced Arbitration Justice Repeal Act - The FAIR Act, sponsored by Hank Johnson (D-GA) in the House and Richard Blumenthal (D-CT) in the Senate, would amend federal arbitration law to prohibit pre-dispute arbitration agreements related to “future employment, consumer, antitrust, or civil rights disputes.” Similar to the above bills, it would “prohibit agreements and practices that interfere with the right of individuals, workers, and small businesses to participate in a joint, class, or collective action” related to these areas.
Notably, the Supreme Court just handed down its latest decision in Lamps Plus, Inc., et. al. v. Varela, a case involving this very issue. In a 5-4 decision, the majority found that companies may use unambiguous contractual arbitration provisions to prevent class actions in arbitration proceedings. The Supreme Court stated that class arbitrations were “markedly different” from “traditional individualized arbitration.” Citing previous case law, the majority reasoned that “in individual arbitration, 'parties forgo the procedural rigor and appellate review of the courts in order to realize the benefits of private dispute resolution: lower costs, greater efficiency and speed, and the ability to choose expert adjudicators to resolve specialized disputes.'” (at pp. 7-8). The majority concluded that the parties, by consenting to the individual arbitration provisions, did not agree to “'sacrifice the principal advantage of arbitration.'” The proposed legislation would likely overturn this decision.
Under Dodd-Frank, the SEC has the authority to review arbitration for both consumer products and securities. To date, it has not done so and has not addressed formally the recent legislative proposals. On the record, however, is the U.S. Chamber of Commerce, which opposes, in particular, the ICA. In a April 2019 statement, Thomas Quaadman, Executive Vice President of the Center for Capital Markets Competitiveness at the U.S. Chamber of Commerce, argued that “many of the criticisms of arbitration are based upon the flawed premise that alternative mechanisms—such as litigating through the courts—provide better outcomes for consumers and investors and give them a meaningful and realistic option for resolving a dispute. In fact, the opposite is true.” He cited FINRA estimates stating that “the average arbitration dispute is settled in a little over a year…[which]…stands in stark contrast to class action lawsuits which can drag on for years without a resolution.” FINRA states that “When an arbitration case goes to a hearing, it can take up to 16 months for an award to be determined.”
SIFMA also opposes the legislative efforts. In testimony submitted to the House Financial Services Subcommittee on Investor Protection, Entrepreneurship and Capital Markets, SIFMA defended FINRA’s arbitration forum, stating that it “stands above because it incorporates substantive and procedural protections comparable to court-based litigation, and thereby ensures fair case outcomes for retail customers.”
In addition to this commentary before the House Subcommittee, the Senate Judiciary Committee held a hearing this month titled “Arbitration in America.” (Click the following links to listen to the testimony or to read about the hearing.)
While FINRA has not commented officially on these bills, the self-regulatory organization has been working on transparency concerns and alleged perceived issues of unfairness in its arbitration system for a long time. For example, as part of its efforts to improve its arbitration process (see, e.g. Bates’ review here), FINRA approved for SEC consideration, amended procedures related to new guidance on expungement of customer dispute information and related fees. This recommendation follows FINRA’s 2017 proposal, Regulatory Notice 17-42, which would establish a roster of trained and experienced arbitrators from which a panel would be selected to decide expungement cases.
Issues around the FINRA expungement process are part of aggressive oversight and legislative activity by Senator Elizabeth Warren (D-MA). In a letter sent by the Senator in March 2019, she pressed FINRA on when it plans to submit these proposed expungement regulations to the SEC for approval. Beyond this, Senator Warren previously proposed legislative reforms that would require FINRA to address unpaid arbitration awards. Last year she proposed that FINRA establish a relief fund for unpaid arbitration awards “issued against brokerage firms or brokers regulated by the Authority.”
Other FINRA steps continue at a deliberate pace. At the end of last year, FINRA made available “in one place on its website a list of firms and individuals responsible for unpaid customer arbitration awards” in order to “make this information more readily accessible to investors.” In addition, FINRA issued a rulemaking proposal which would, if approved by the SEC, prevent non-attorneys (“NARs”) from being compensated for representing parties in arbitration cases (see also Bates’ discussion here). These actions reflect the industry’s movement toward addressing the overall political perception that the arbitration process is not adequately protecting investors.
Collectively, the proposed legislation reflects a consistent, increasingly partisan position on binding arbitration. Mandatory arbitration has now become part of the current debate on financial and consumer services, as well as employee-employer relations. As applied to financial services, the bills put pressure on the SEC, and FINRA in particular, to demonstrate the adequacy of their arbitration system.
Whether mandatory arbitration under law is perceived as perpetuating a system that provides a reasonable and effective solution for dispute resolution, or a system that is rigged to immunize firms from costly litigation (or otherwise fails to offer meaningful recourse to injured investors and consumers), it is not going away anytime soon. In the meantime, Bates will keep you updated.
Spotlight: Q&A with R. Gerald (“Jerry”) Baker, Bates Group Senior Compliance Consultant
Bates Research interviews our most senior experts to get their perspective on the latest regulatory and compliance concerns affecting clients today. We sat down recently with R. Gerald (“Jerry”) Baker, a Consultant with Bates Compliance Solutions who has over 45 years of financial services and compliance experience, and asked him to share his observations on some of the current challenges confronting broker dealers and RIAs, including trends, resource constraints and individual and firm accountability.
Bates Research: Jerry, thanks for sharing your time with us. Let’s start with a bit about you and your background—please share with us some of the highlights.
Jerry Baker: Glad to be with you. I’ve been fortunate to have had an extensive career in our industry. It started on the operations or “back office” side, followed by financial reporting and administrative roles. For a short period I was also a registered representative with two major firms.
My compliance career began in 1966, and I remained in compliance up until my retirement in 2001. I served as the Chief Compliance Officer (“CCO”) for First Union Securities following its acquisition of EVEREN Securities (formed by the consolidation of five broker-dealers owned by Kemper Corporation). Prior to that I served as the CCO for Prescott, Ball & Turben, Roney & Co. and briefly Morgan Stanley. I also co-chaired both SIFMA C&L working groups on its White Papers the Role of Compliance and The Evolving Role of Compliance, and I am a contributing author in the book Modern Compliance. From 2001 until 2014, I served as Executive Director and Special Advisor to SIFMA’s Compliance & Legal Society and was the recipient of the SIFMA C&L Alfred J. Rauschman Award in 2011. In the past fourteen years I have also served as the Independent Consultant required in a number of SEC enforcement settlements.
BR: You are currently working with clients facing serious compliance challenges. What areas do you see as the most troubling for broker-dealers or RIAs today?
JB: From a year-to-year perspective, broker-dealers and RIAs must pay attention to subject matter priorities that agencies identify through their examinations findings. As a general matter, though, firms are always challenged by costs and resource constraints, which are often affected by their size.
BR: Let’s talk about specifics. What are some of the top subject matter concerns you are seeing?
JB: There were many highlighted agency priorities this year. Take elder financial exploitation, for example—every industry regulator, including state regulators and attorneys general have announced robust compliance and oversight programs focused on elder abuse by broker-dealers and investment adviser firms and their registered representatives. They’ve prioritized this in their respective examination programs and, as recently seen, they will take both administrative and criminal action against firms and individuals for misconduct affecting seniors.
I am also seeing a good deal of concern with compliance on Mark Up/Mark Down. These compliance issues are particularly challenging and complicated for non-traded securities. I’ve seen this firsthand with closed-end bond funds. I would not be surprised to see more enforcement actions against not just wrong-doers, but also against supervisory and control persons. I warn compliance professionals that they should not feel they are in a safe harbor.
In addition, I would say that regulators are increasingly concerned about compliance with, and the adequacy of, disclosure. Look no further than FINRA’s recent regulatory initiative on 529 Plan Share Class enforcement for a sense of things to come. From a compliance point of view, the not–so-simple point is that firms should be mindful to present the requisite knowledge, support and supervision for all the types of businesses or services they offer.
BR: Tell us more about what you meant by resource challenges for firms.
JB:Resource constraints are a challenge for every firm, regardless of size. That is to say, how should they best commit financial and software development to regulatory support and compliance programs? Regulators have made it very clear that every firm will be held to a high standard to develop, implement and maintain compliance, supervisory and other internal control programs designed and tailored to its businesses and business model. In the last few years many firms have streamlined their compliance and internal control programs in an effort to manage expenses while still meeting regulatory expectations. A number of times they fall short, which raises questions about the depth of their programs and, therefore, increases risk exposure.
Deep down, firms are always trying to find the right balance as to the resources—personnel, technology as well as outside resources—they can commit. This can present big problems for many firms. Sometimes, they learn the hard way that their “adequate” system” may not meet regulatory expectations. Firms that recognize the potential risk often retain independent third parties to help evaluate the efficacy of their compliance, internal control and supervisory systems. Of course, the best time to do this is before a regulatory action occurs.
BR: How are these resource and compliance challenges you are seeing affecting RIAs?
JB: I see particular challenges regarding costs and resources in the RIA space. Independent RIAs often do not have the financial or personnel resources to develop meaningful internal supervisory and compliance oversight programs. Even when there is someone named and delegated with these responsibilities, too often the person does not have the necessary experience for the role or the authority that is needed. I have seen an overreliance on cookie-cutter, third-party service providers for support. In many instances this “one-size-fits-all” approach is inadequate because it fails to match the firm’s businesses or business model.
A similar issue, where attempts to keep costs down actually winds up costing more in the long run, is in the area of clearing and operations. Support for these functions is frequently provided by an unaffiliated broker-dealer who has very limited compliance responsibilities. In recent assignments, I’ve seen firms subscribe to the bare minimum of support in an effort to keep costs low.
Some perspective is important here. The independent RIA may be a registered representative with an unaffiliated broker-dealer. The broker-dealer sees the RIA business as an outside business activity and wants to limit its oversight liability in these cases, but FINRA has made it clear that the broker-dealer has supervisory responsibility for what is considered an outside business activity. The dual-registrant business model has its own unique supervisory and compliance challenges, too. Some firms design separate supervisory and compliance structures for each business, while many, particularly those with limited resources, use the same compliance resources for both.
BR: Robert Cook, President of FINRA, announced at the January 2019 SIFMA C&L luncheon that FINRA is developing its examination program and staffing based on a firm’s size, businesses, resources and regulatory history. Would that address the concerns you are raising?
JB: It would help in many ways. However, it’s important to note that over many years, both FINRA and the NYSE (and legacy NASD), have proposed this concept. Their efforts have never fully materialized or met their intended goals. Hopefully, the newly announced effort will be developed and implemented because both the industry and FINRA will benefit.
As to firm size, it is important to understand that regulators don’t look at how big your firm is as they are focused on the businesses and services you offer and the resources you have versus what they believe are necessary to meet your regulatory obligations.
Certainly having the right budget to meet these obligations is critical. But, as all firms know, they are challenged to manage with what they can afford. This is where Bates and its services often come into play. We can make an assessment of a firm’s supervisory, compliance and internal control systems and also provide support on an as-needed basis to assist in developing, implementing and monitoring programs. This is what I do—conduct independent, first-hand reviews on prioritized areas. That usually results in an initial report, assessment and enhancement recommendations and other evaluations on implementation and continued monitoring.
BR: Thank you very much, Jerry. We appreciate your compliance insights.
About Bates Group’s Compliance Solutions
The Bates Compliance Solutions team of experienced industry professionals provide comprehensive offerings for broker-dealer and registered investment adviser clients, assisting them with supervision, compliance, risk assessments, WSPs, AML, and internal audit functions. BCS can perform as-needed or ongoing reviews and guidance to meet your regulatory compliance obligations. Our seasoned professionals closely review and test policies and procedures, supervisory and compliance processes, and the related practices involved in operating your business, recommending changes and industry standards to supplement and enhance clients' compliance and supervisory systems, and to remediate the results of regulatory, litigation, and internal audit findings and decisions.
For additional information and assistance, please follow the links below to our Practice Area pages:
On March 13, 2019, the U.S. House of Representatives adopted a resolution declaring that “the lack of sunlight and transparency in financial transactions poses a threat to our national security and our economy’s security.” On the same day, a subcommittee of the House Financial Services Committee (HFSC) considered legislative proposals aimed at modernizing the Bank Secrecy Act (BSA) and closing loopholes in the Anti Money Laundering/Countering the Financing of Terrorism (AML/CFT) framework, including building on the use of beneficial ownership information collected under Customer Due Diligence (CDD) rules that went into effect last year. In this article, Bates Research continues its review of developing Congressional legislative efforts to detect and deter financial crime.
The House Resolution
The House resolution, sponsored by HSFC Chair Maxine Waters, formally supports efforts to close loopholes that allow for corruption, terrorism, and money laundering. It resolves to (i) encourage transparency “to detect, deter, and interdict individuals, entities, and networks engaged in money laundering and other financial crimes;” (ii) urge compliance with BSA and AML laws and regulations; and (iii) affirm that “financial institutions and individuals should be held accountable for money laundering and terror financing crimes and violations.”
According to the resolution, the estimated amount of money laundered globally in one year is 2-5% of global GDP, somewhere between $800 billion and $2 trillion. By adoption, the House acknowledges broad vulnerabilities in the U.S. financial system due to its “scale, efficiency and complexity,” and “increasing interrelatedness.” The House further acknowledges that sophisticated “money launderers, terrorist financiers, corrupt individuals and organizations, and their facilitators” have proven their ability to adapt and “avoid detection.”
Beyond these broad justifications, the resolution cites very specific concerns that were identified by the Financial Action Task Force (FATF) in 2016, but which have yet to be addressed. These concerns include (i) money laundering by “designated non-financial businesses and professions,” namely, casinos, dealers in precious metals and stones and art and antiquities dealers, and (ii) money laundering in commercial and residential real estate, particularly as it relates to the influx of illicit money from Russian oligarchs through anonymous shell companies. The resolution also establishes the concern that high-profile enforcement actions against financial institutions “raise troubling questions about the effectiveness of U.S. domestic anti-money laundering and counterterrorism financing regulatory, compliance, and enforcement efforts.”
HFSC Subcommittee Considers Proposals to Strengthen the BSA/AML/CFT Framework
A week prior to the resolution, the HFSC majority staff provided a preparatory briefing memorandum in anticipation of a March 13th hearing by the Subcommittee on National Security, International Development, and Monetary Policy. The memorandum laid out three significant legislative proposals for discussion. The first is an extensive reform bill offering substantial changes to the BSA (the BSA Reform Bill), the second is titled the Corporate Transparency Act, and the third is called the Kleptocracy Asset Recovery Rewards Act.
As described in the memorandum, the BSA reform bill “would reform the structure, capabilities, and oversight of BSA/AML to keep pace with changing priorities, adapting threats, and new technologies.” These threats include, to name a few: lone-actor terrorists, nuclear weapons proliferation, cyber-attacks, and the opioid crisis, as well as “longstanding threats like human trafficking, [that] have been magnified and accelerated through the advent of technologies such as virtual currency and dark-web online marketplaces.”
The BSA reform bill is massive, with three titles. Title I would broaden the Treasury Department’s authority to strengthen FinCEN, while requiring greater relationship building and information sharing among agencies and financial and non-financial institutions. It would also require Treasury to “engage on the development and review of regulation, including the evaluation and oversight of new technologies where there may be a civil liberties concern.” Title II would allow sharing of Suspicious Activity Reports (SARs) with foreign law enforcement, codify existing guidance on interagency information sharing, improve examiner training, close loopholes related to the (above-mentioned) designated non-financial businesses and professions, and real estate shell companies, “require reports on the value of BSA data,” enhance protections for whistleblowers, and require DOJ to report to Congress on the use of deferred prosecution agreements. And Title III would, among other things, codify an interagency statement encouraging innovative approaches for financial institutions to meet their compliance obligations.
The Corporate Transparency Act of 2019 would require all corporations and LLCs to disclose their true “beneficial owners” to FinCEN. This is not a new idea, (see Bates post here) but it would be a significant expansion of the entities that are already required by Federal or state law to disclose their beneficial owners. The proposal is intended to address the use of shell companies for illicit purposes. According to the memorandum, the beneficial ownership database would be available “only to law enforcement agencies, as well as to financial institutions, “with customer consent,” consistent with “Know-Your-Customer” compliance obligations.”
The Kleptocracy Asset Recovery Rewards Act would establish a program to “incentivize individuals to notify the U.S. government of assets in U.S. financial institutions that are linked to foreign corruption.” The proposal would allow authorities to recover and return the assets and pay the rewards.
The adoption of the House resolution, the amalgamation of legislative proposals—both old and new—and the considered rollout (the memorandum, the hearings, the timing) by HFSC leadership reflect a seriousness and determination to address identified gaps in the BSA/AML framework. In a recent joint letter by SIFMA, the Institute of International Bankers, the American Bankers Association, the associations supported efforts by the HFSC to fix the "outdated" BSA/AML regulatory framework including by creating a federal registry of the beneficial owners of legal entities. This suggests that there may be some momentum from the industry behind the effort. It’s not a clear sign of bipartisanship yet, but these efforts cannot be ignored. Bates will keep you apprised.
To learn more about Bates Group’s AML and Financial Crimes services, please contact:
NASAA Update: Legislative Agenda, President Provides Testimony on Regulation Best Interest
The North American Securities Administrators Association (NASAA) has been in the public eye this month as state regulators (i) issued a set of federal legislative priorities and (ii) provided written testimony to the U.S. House Financial Services Committee concerning the need for greater clarity on the SEC proposed Regulation Best Interest.
In previous posts (see here, and here) Bates Group has emphasized the importance of state players to many of the key regulatory and enforcement issues being debated in Congress and before federal agencies. We noted that when taking office as NASAA president in September 2018, Vermont commissioner of financial regulation Michael Pieciak (pictured above) acknowledged that the top priority of its members—“head and shoulders” above all others—is “to fight preemption and preserve our [state] authority.” As if to underscore that point, in his written statement submitted to Congress last week, Mr. Pieciak recited “recently compiled enforcement statistics showing that in 2017 alone, state securities regulators conducted nearly 4,790 investigations, leading to more than 2,000 enforcement actions, including 255 criminal actions.” More specifically, he reported that NASAA members undertook “150 enforcement actions involving broker-dealer agents, 187 actions involving investment adviser representatives, 120 involving broker-dealer firms, and 190 involving investment adviser firms.”
In this article, we look at NASAA’s 2019 legislative and regulatory priorities and summarize Mr. Pieciak’s latest take on the SEC’s efforts to find an acceptable compromise on broker standards of conduct.
NASAA Sets its 2019 Legislative Agenda
The NASAA 2019 legislative agenda reflects the dual oversight by the federal government and the states over similar financial market issues. The agenda is organized under four principles: (i) putting investors first, (ii) ensuring integrity of the markets by combatting fraud, (iii) promoting capital formation and market transparency and (iv) reaffirming the rights and protections of investors in the modern securities marketplace. When it comes to many of the policy prescriptions, these categories often overlap.
More Protection for Main Street Investors
To protect main street investors, NASAA advocates for "enhanced standards of conduct for broker-dealers," encouraging more rigorous oversight and regulation of new financial technologies (such as cryptocurrencies and ICOs), and for more attention to be paid to intergenerational investor issues (including senior financial exploitation and millennial investor education).
Strengthening State Regulators to Fight Fraud
With respect to fighting fraud, NASAA supports solutions that maintain the enforcement independence of state securities regulators, including enhancing remedies (such as eliminating the five-year statute of limitations on certain disgorgement actions) and beefing up civil penalties; providing state security regulators access to Suspicious Activity Report filings (SARs) and ensuring effective oversight of private placement brokers and finders (including refraining from taking any action that could limit state oversight).
Promoting Capital Formation
On encouraging capital formation, NASAA asserts that its members are positioned to “provide a level of accessibility to small businesses and investors that is unavailable from any federal regulators.” As a result, the state regulators support legislation that would (i) direct the SEC to coordinate with the states more closely in order to unify or harmonize federal and state exemptions and (ii) ensure that state regulators have the information needed to police the private offering marketplace to discourage fraud and protect retail investors (primarily through amendments to strengthen Rule D filings). Other NASAA priorities include supporting efforts to exempt merger and acquisition brokers from federal registration requirements and to limit adjustments to federal crowdfunding laws. Finally, NASAA wants Congress to modernize the definition of accredited investor “to more accurately measure investor sophistication and improve regulatory oversight.”
Rebalancing the Power Relationship in Arbitration
Regarding further empowerment and protections for investors in today’s marketplace, NASAA takes the position that “broker-dealers enjoy powerful advantages over retail investors in dispute resolution.” As a consequence, NASAA advocates for improving the dispute resolution process by banning the use of mandatory pre-dispute agreements by broker-dealers and investment advisers that limit investors’ ability to pursue recourse in any forum. Also recommended are stronger provisions to “make harmed investors whole” by requiring broker dealers to pay arbitration awards, and by safeguarding shareholder rights by imposing limits on “dual-class shares” and increasing the oversight of proxy advisers.
NASAA Continues to Press for Improvements on SEC Regulation Best Interest
In his written remarks to the now-Democratic-controlled U.S. House Committee on Financial Services, NASAA President Michael Pieciak restated the history of NASAA’s involvement in enhancing broker standards of care (having supported in the past, for example, the move to impose a fiduciary standard on brokers recommending to investors securities or investment strategies). In his submitted testimony, Mr. Pieciak reaffirmed NASAA’s longstanding position in support of raising the "standard of care" to "reflect the evolution of how financial advice is delivered to customers." He argued that the standard of care must go beyond the adoption of a "conflicts disclosure regime," and must require brokers to fully serve the best interests of the investor. In previously submitted comments on the SEC’s Best Interest Rule, NASAA recommended clear definitions of the new standard, application of the standard to all investors, and including "cost" as a required factor when explaining recommendations.
Mr. Pieciak’s written submission to the Finance Committee primarily concerned proposed interpretive guidance that would accompany the new regulation. He warned that, as written, the guidance sends “conflicting messages” about what is permissible under the proposed rule, which undermines the goal “to develop a standard that eliminates and mitigates conflicts such that investors receive the maximum benefit of their investments.”
Specifically, Mr. Pieciak recommended that any guidance must address specific conduct: that sales contests are inconsistent with the standard; revenue-sharing arrangements between brokers and product manufacturers must be carefully examined; that broker-dealers must not be allowed to give certain customers preferential treatment; that broker-dealers should not be allowed to meet their "best interest" obligations by "recommending securities from a limited menu of products without any comparison whatsoever;" and that “nothing should be permitted to limit an investor's recovery rights under the new standard.”
Mr. Pieciak communicated NASAA’s position that any guidance should make clear that “self-serving incentives and conflicts are prohibited,” and that “investors must be steered toward products that serve their best interest, which will most often be the best-performing, cost-effective products.” He emphasized that “the SEC should close any misinterpretation that could allow the industry to continue business-as-usual and yet [still] comply with the rule.” Such an outcome, he said, would undermine the rulemaking.”
NASAA’s legislative agenda and Mr. Pieciak’s remarks reflect assertive positions on proposed regulation and robust enforcement, as well as a strong defense of state jurisdictional interests. NASAA members remain significant players in the ultimate resolution of many key issues as state regulators continue to push alternative solutions in the absence of federal final action. Bates will continue to keep you apprised of both state and federal developments.
Justice Department Coordinates Largest Ever Elder Fraud Sweep:
260 Global Defendants said to have Targeted 2 Million Americans, Mostly Elder
On March 7th, federal and state enforcement agencies announced they had embarked on a massive crackdown on financial fraud directed at seniors. As part of the “sweep,” the Justice Department (DOJ) reported the filing of criminal or civil charges against hundreds of alleged offenders as well as the launch of targeted public education efforts throughout the country. According to the United States Attorney General, the coordinated actions reached into every federal district across the country and served to underscore the government’s efforts to protect a vulnerable population and address this complex and widespread problem.
In our last post, Bates Research highlighted the Consumer Financial Protection Bureau’s analysis of five years’ worth of Suspicious Activity Reports (SARs) as they relate to elder financial exploitation. The use of the information contained in these financial institution filings represents an attempt by regulators to create and use data to better understand the scope of the problem and to inform enforcement and public education efforts. In this article, we look at current efforts on the enforcement side, as represented by the actions undertaken last week.
Law Enforcement Narrows its Focus and Increases Collaboration
The Attorney General disclosed that the enforcement sweep emphasized two types of schemes: technical support scams and mass mail fraud. To some extent, this emphasis distinguishes the current announced action from an enforcement crackdown undertaken last February. The prior action covered a broad range of activities from telemarketing to investment fraud, and included, for example, so-called “lottery phone scams,” "grandparent scams,” “romance scams,” "IRS imposter schemes” and “guardian schemes.” Though the Justice Department continues to bring cases against perpetrators of a variety of fraudulent acts targeting seniors, the action announced last week focused on bringing down specific networks and international actors. According to the Attorney General, in the aggregate, this year’s coordinated sweep resulted in 260 defendants being charged for victimizing more than 2 million Americans to the tune of nearly three quarters of a billion dollars.
It is also notable that the level of coordination and the number of agencies involved in this year’s sweep represents an expansion over last year’s effort. Among others, the sweep included the FBI, Immigration and Customs Enforcement’s Homeland Security Investigations, the Federal Trade Commission (FTC), The National Association of Attorneys General, the Secret Service and the Postal Inspection Service.
“Technical Support” Scams
“Technical support” schemes are perpetrated by scammers calling the victim (or using internet pop-up messages) and warning them about computer problems such as viruses or malware. According to the FTC’s Consumer Sentinel Network, over 142,000 complaints have been filed about technical support scams (see Bates coverage about recent findings from this database). It was the number-one fraud category reported by seniors to the Sentinel Network and therefore an imperative for the DOJ.
A specific focus of the sweep centered on so-called “runners,” “money mules,” or “payment gateways.” These participants collect the money from the victim and steer them to call centers (mostly identified in India). The DOJ stated that the FBI and Postal Service “took action against over 600 alleged money mules nationwide” and Secret Service agents seized “elder fraud proceeds in transit from victims to perpetrators.”
In a Fact Sheet, the DOJ described examples of the charges filed against the alleged perpetrators of these technical support fraud schemes. The charges include, among others, wire fraud, aggravated identity fraud, conspiracy to commit money laundering, mail fraud and bank fraud. In addition, the DOJ’s Consumer Protection Branch and the Postal Inspection Service brought “infrastructure”-related charges focused on U.S. citizens facilitating the operation of implicated call centers. The actions included injunctions against entities and individuals to prevent them from conducting or facilitating the fraudulent scheme.
Mass-Mailing Fraud and Transnational Fraud
The second focus of the elder fraud enforcement sweep concerned global, mass-mailing fraud schemes. The DOJ and the U.S. Postal Service pursued actions against direct mailers that defrauded millions of elderly victims out of hundreds of millions of dollars. The schemes involved direct personalized mailings that promised something of value (money or prizes) if the victim sent cash (purportedly for fees or taxes). Law enforcement brought actions that included both criminal charges and civil injunction lawsuits.
Many of the cases cited by DOJ involved national boundaries and transnational organizations. Some of the defendants in these cases were extradited from Canada, Cayman Islands, Costa Rica, Jamaica and Poland. In other cases, like the mass mailing fraud, the perpetrators were apprehended in Spain.
The Attorney General lauded the domestic and international law enforcement collaboration as key to the success of the effort. In announcing this sweep, the DOJ reminded that “The charges are merely allegations, and the defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.”
The enforcement sweep is a statement by law enforcement agencies that they are (i) prioritizing the protection of vulnerable seniors from financial exploitation; (ii) increasing collaboration across federal agencies and across state and international boundaries; and (iii) improving their capabilities and effectiveness. These messages parallel the ones regulators are sending as they improve their data collection methods through enhanced financial institution disclosure.
But the progress made from last year to this year on the enforcement side, and the mining and collation of new sources of information that mandatory disclosure offers on the regulatory side, means it’s possibly only a matter of time. The educational outreach ties it all together. That said, the numbers of fraudsters (that we know of) and their creativity, as exemplified in this announcement, is telling. It is important for companies to continue to be vigilant in protecting their most vulnerable investors.
New CFPB Report finds SARS Filings on Elder Financial Exploitation Quadrupled from 2013 to 2017
A recent analysis by the Consumer Financial Protection Bureau (CFPB) of Suspicious Activity Reports (SARs) related to elder financial exploitation provides the most detailed look to date at the size and scope of this issue. The Report, issued by the CFPB’s Office of Financial Protection for Older Americans, covers SARs filings between 2013—the date the Financial Crimes Enforcement Network (FinCEN) introduced the category on its electronic forms—and 2017. According to the CFPB, the Report represents the first publicly available analysis of the non-public data provided by financial institutions on senior financial abuse.
Bates Group has been following the issue of senior financial exploitation for some time. The findings from the CFPB analysis affirm previous reports that senior financial abuse is pronounced, but that the current number of SARs filings “likely represent a tiny fraction of actual incidents.” In this article, we review the findings and recommendations contained in the new Report.
The SARs Data
The CFPB Report was based on an analysis of the over 180,000 SARs on elder financial exploitation filed during the period. The numerical data paints a dramatic picture, with activities totaling more than $6 billion. Over the period of review, the number of relevant SARs filings quadrupled to over 63,000 by 2017. By that year, financial institutions reported suspicious activities totaling $1.7 billion.
Almost 80 percent of the SARs filed involved an actual monetary loss to older adults or the financial institution. The findings from these SARs can be broken down into two broad categories affecting: (i) individuals and their losses, and (ii) institutions and their actions.
For older adult victims in general, the average amount lost was $34,200, though losses exceeded $100,000 in 7% of the SAR cases. The CFPB states that, on average, losses were about $50,000 when the older adult knew the suspect and about $17,000 when the suspect was a stranger. Further, senior adults ages 70 to 79 had the highest average monetary loss at $45,300. Thirty three percent of the victims categorized in the SARs were seniors over the age of 80. (For a description of many of the types of financial exploitation, please see previous Bates Research article here.)
As for the financial institutions that submitted the SARs, by 2017, money service businesses comprised 58 percent of the filings, while depository institutions accounted for most of the remainder. The average loss incurred by all institutions was approximately $16,700. For the suspicious activity related to a money service businesses, the CFPB found that 69% of the SARs were scams by strangers, where the average monetary loss (including both individuals and institutions) was $32,800. When the suspicious activity was related to depositary institutions, only 27% of the SARs involved strangers, but the average monetary loss, primarily related to checking and savings accounts, was $48,300.
Another important finding was that under a third of financial institutions actually reported the suspicious activity to a local, state, or federal authority. For money services businesses, the CFPB states that only 1% reported the SARs to authorities.
The CFPB SARs analysis confirms that the problem of senior financial fraud is prevalent. The information and filing of these SARs is lauded as a “useful and untapped resource for monitoring elder financial exploitation.” The failure to report the suspicious activity to law enforcement or state adult protective services, however, is seen as a significant gap in protections for consumers and represents “a missed opportunity to increase investigation and prosecution.”
The CFPB also concludes that using SARs offers law enforcement a way to tailor “interventions” and develop new strategies in response to the types of suspects and activities, e.g. money services versus depository institutions. As a result, CFPB suggests that law enforcement should mine the Treasury database of SARs, on its own, to enhance investigations and initiate prosecutions.
The CFPB Report is notable for its use of SARs as a new data source to measure aspects of the problem of senior financial exploitation. Last October’s Federal Trade Commission’s Report (see Bates’ coverage) came to similar conclusions on information it collected primarily through the Consumer Sentinel Network, an online database that provides law enforcement agencies with secure access to consumer reports on fraud. Both the FTC and the CFPB are explicit in stating that these databases are not capturing the full scope of the problem.
There is clearly potential, however, in the different informational tools that are now becoming available. These new data sets can provide new and deeper insights into the problem of elder financial exploitation. One of the most significant data points in the CFPB Report, for example, is the increase in the filing of SARs from an average of about 1,300 filed per month in 2013, when the category of elder financial exploitation was added to electronic SARs filings, to about 5,300 filed per month in 2017. As more SARs are filed annually, and as they begin to reflect a greater share of the problem, we should expect the conclusions drawn from them to be more grounded.
Bates News, Bates Research, Compliance and Regulatory Alerts | 02-25-19
Planning Your Response to FINRA’s 529 Initiative — Q&A with Bates Managing Director Alex Russell
Bates Research recently conducted a Q & A session with Alex Russell, Managing Director of Securities Litigation & Regulatory Enforcement at Bates, to discuss FINRA's new 529 Share Class Initiative. Alex talks about responding by FINRA's deadline and potential pitfalls firms should keep in mind when preparing their response.
Bates Research: What is FINRA's 529 Plan share class initiative -- and deadline?
Alex Russell: FINRA is providing firms with an opportunity to review their activity in and around 529 plans, allowing firms to self-report where supervisory violations may have occurred during the period of January 2013 through June of 2018. Similar in nature to the SEC’s Share Class Selection Disclosure Initiative last year, FINRA is concerned that share class recommendations were made to clients that are inconsistent with the accounts’ investment objectives. In particular, FINRA is asking firms to ensure that 529 plan recommendations took into account breakpoint discounts, sales charge waivers, and other fees in determining suitability. Depending on the facts and circumstances of each client (in particular the age of the plan beneficiary) FINRA believes that economically disadvantageous share classes may have been selected, wherein the expenses incurred by the client are greater than they need to be. Firms must provide a response by April 1, 2019 in order to participate in the self-reporting initiative.
BR: What is required to be included a firm's response?
AR: Firms must provide written notification to FINRA by 12:00am EST on April 1, 2019 of their intent to self-report. A firm that has submitted their intent to self-report then has until May 3, 2019 to provide the following information back to FINRA:
A list of the 529 plans sold by the firm, including the 529 plan name and the dates the firm offered each 529 plan.
The total aggregate principal amount invested in each 529 plan sold by the firm during the disclosure period.
A description of the firm’s supervisory systems and procedures relating to 529 plan sales during the disclosure period.
A description of the changes to the firm’s supervisory systems and procedures that the firm has implemented or will implement in order to strengthen compliance with its supervisory obligations. To the extent the firm identifies changes that have not yet been implemented, the firm should identify the individual supervisor at the firm who is responsible for the implementation.
The firm’s assessment of potential impact on customers of supervision weaknesses, including a description of the firm’s methodology for assessing impact on customers and a description of the firm’s proposal to make restitution payments to harmed customers.
Any other information the firm believes would assist Enforcement in understanding the firm’s assessment of an account’s expected investment horizon, the suitability of the firm’s recommendations, or the reasonableness of the firm’s supervisory system regarding share class recommendations
Bates has been actively assisting clients with item 5 above.
BR: What are some of the nuances/pitfalls in planning a firm's response?
AR: There are a number of challenges firms face in assessing the potential impact on clients related to 529 plan share class purchases. One of which is data availability from plan sponsors – sponsors may have difficulty producing the relevant data, especially for older time periods, given different record retention policies, plans changing hands, etc. Of particular note, while the review period is January 2013 to June 2018, FINRA notes that the period for calculating restitution may extend further into the past (as alluded to in footnote 16 to Notice 19-04) making getting data all the more difficult. Beyond that firms must also decide whether to review for possible supervisory failures on a client specific basis, or to apply a “statistical approach” that would group multiple clients into different impact categories and proceed to analyze the potential harm to those clients on an aggregated basis. Considerations such as whether to use a standard estimate for fee differentials, or breakpoints as of a certain point in time, versus using the exact fee rate differentials during the entire review period as well as the breakpoints in place at the time of purchase give firms even more to consider. Careful curation of the data, as well as access to historical information on share classes, are crucial to successful reporting and are both areas Bates can assist with.
BR: What are the risks for not responding?
AR: FINRA’s Member Supervision and Enforcement divisions will continue to examine and investigate member firms’ activity around 529 plans throughout 2019. Firms who choose not to self-report that are later found to have supervisory failures related to 529 plans during the course of an exam will likely result in additional sanctions beyond those made available for firms that do self-report under the initiative. Under the umbrella of the initiative Enforcement will recommend that participating firms make restitution payments to all impacted clients and accept a censure, but will face no fine. In some instances, Enforcement may decide that no formal action is necessary and may resolve the matter informally or with no further action taken. Both the potential for an informal resolution, no further action, or the absence of a fine in the event that action is taken, create a strong incentive for firms that believe they may have had 529 plan supervisory failures during the relevant period to self-report.
Support for Firms:
Bates has deep and proven experience and expertise in share class disclosure matters. Most recently, on behalf of over a dozen major national and regional financial institutions, Bates provided important assistance to firms and counsel participating in the SEC’s Share Class Selection Disclosure Initiative and related SEC Examinations.
To support firms facing FINRA’s 529 Plan disclosure and remediation initiative, Bates Group can help by providing solutions to identify and address accounts and clients impacted by share class selection. Bates performs data analysis, examines regulatory reporting, reviews share class selection policies and disclosure practices, identifies methodology and impacted accounts, performs calculations and provides remediation amounts. Most importantly, after consultation with counsel, Bates' disclosure and remediation plan culminates in a report which can be used directly with regulators. For more information, see our original alert here.
Bates is ready to help you and your firm. Please contact us today.
Latest Developments in Variable Annuities and Life Insurance
In our last review of developments concerning variable annuities and life insurance, Bates discussed the SEC’s issuance of a comprehensive new rule proposal intended to create a “layered disclosure approach” for regulating these products. That proposal was issued against the backdrop of an ongoing debate among state insurance regulators on revising model legislation on “Suitability in Annuity Transactions.” The National Association of Insurance Commissioners (NAIC) remains determined to create these standards and procedures for providing suitable recommendations to consumers, despite the likely impact and continuing uncertainty created by the unresolved SEC proposed Best Interest rulemaking.
In this article, we update the most recent SEC action on variable contract disclosure as well as some important private sector activity, notably Ohio National Financial Services’ (“Ohio National”) strategic decision to pull out of the market for variable annuities.
SEC Extends Comment Period for Proposed Rule on Variable Contracts
On February 14th, the SEC announced that it was offering a brief, one-month extension for market participants to provide comments on its proposal to change existing disclosure rules and allow issuers of variable products to fulfill certain compliance obligations by preparing and delivering a “reader-friendly” summary prospectus (see Release and Fact Sheet). The comment period was extended to March 15th .
To date, commenters have been supportive of the concepts of simple summary and layered disclosure. Most communicated that, for various reasons, an extension was warranted. The American Council of Life Insurers, for example, said it needed additional time to consider the “regulatory, structural and financial implications of the proposals for life insurers, salespersons and consumers,” and that “each of these considerations must be analyzed against unique fact patterns, business models, and organizational structures.” The independent, non-profit investor advocacy organization Better Markets expressed concerns about whether simplified disclosure would have any impact at all on investors.
Such a short timetable may or may not result in a commitment by the SEC to do more testing. But as this process continues in its ordinary course, other developments in the variable annuities market may also become a factor.
Market Players Make Decisions
One of these factors may be the continuing fall-out from a move taken by Ohio National, a Cincinnati-based mutual insurance company. In September, 2018, Ohio National announced that after a “comprehensive strategic review of [its] businesses, taking into account the continuously changing regulatory landscape, the sustained low interest rate environment, and the increasing cost of doing business …the company will no longer accept applications for annuities or new retirement plans, while continuing to service and support existing clients in both businesses.”
Sheila Murphy, a Bates insurance regulation consulting expert, notes: “most annuity issuers did not anticipate the continued low-interest rate environment they find themselves in. Given the current market, it is likely that issuers will continue to look for ways, such as eliminating trail commissions, to reduce expenses and increase revenues. Such actions may have unforeseen consequences for both market participants and for customers. It won’t be long before a regulator will ask whether a broker will give the same level of advice on an annuity with no trail commission.”
Reportedly, the Ohio National decision already has led to concerns that other insurance carriers would stop writing new business in variable annuities and that advisers and broker dealer firms will not “honor obligations to distributors who selected a trail rather than upfront commission during an annuity sale.” The Ohio National decision is not going down easily. While there are varying opinions as to whether other issuers may or may not pull out of the variable annuities business, one thing is for certain: Ohio National’s attempt to replace the older contracts with new "servicing agreements" which exclude trail commissions is being met with legal resistance by some advisers. All sides are pressing for the courts to weigh in on the rights, duties, and liabilities of the parties.
The specific dispute over commission trails is raising a number of very serious compliance issues, including the regulatory dilemma created if advisers attempt to engage clients without a formal brokerage agreement or insurance relationship in place. More broadly, however, the dispute is serving to highlight some of the key issues regulators have been raising concerning the complexity over variable annuity products and whether investors have any idea what the costs of these products are. Alluding to the recent FINRA 2019 Examination Priorities Letter, one commenter described it like this: “The environment for high-commission variable annuities sales gets a little less friendly by the day…[as] regulators are looking for product sales where pricing and commissions appear excessive, and instances where advisors are doing costly swaps of clients’ existing contracts for new [variable annuities] that add little or no client benefit but generate new commissions and fees.”
Federal and state regulators are already at heightened attention on these investment products. They are (i) in the midst of new proposed rules on variable annuity products and suitability; they are (ii) communicating their concern through Enforcement Priorities Letters; and they are (iii) taking enforcement actions. (Note FINRA’s recent settlement in a case involving failure to supervise and train registered representatives concerning the recommendation and sale of share class variable annuities.) The Ohio National strategic decision and the consequent lawsuits over commissions and how they are handled are not tangential to regulator concerns. Bates will keep following the developments.
Bates News, Bates Research, Compliance and Regulatory Alerts | 02-13-19
The State of Play on Cryptocurrency Regulation
For legislators and regulators, writing rules for crypto-related assets requires balancing the tension between innovation and entrepreneurship, and between sound markets and investor protection. In previous articles, Bates Research has described some of the definitional challenges which directly affect which agencies govern crypto assets: the SEC asserts jurisdiction over most initial coin offerings (ICOs) as securities (but not Bitcoin or Ether), while the CFTC asserts jurisdiction over Bitcoin futures and options. To FinCEN the subject is simply a currency (and, thereby, subject to Bank Secrecy Act [BSA] and Know Your Customer [KYC] obligations); to the IRS, it’s just another capital asset. Regulators of all stripes continue to issue warnings, advisories, guidance and in some cases—as in NASAA’s crypto-sweep—take enforcement actions that remind everyone that the States also have an interest in asserting their authority. In this article, we review recent developments in the ongoing debate over regulating crypto, including legislative proposals, and regulatory activity by leadership at the SEC, the CFTC and FINRA.
SEC Commissioner Hester Peirce on First Principles
In a February 8th speech titled “Protecting the Public While Fostering Innovation and Entrepreneurship: First Principles for Optimal Regulation,” SEC Commissioner Hester Peirce described the challenges facing regulators that want to apply old models of regulation to cryptocurrencies. She argued that applying securities laws and legal tests (as to what is or is not a security) to virtual currencies and ICOs will negatively impact cryptocurrency development and investment.
The Commissioner raised many questions as to whether tokens are securities for purposes of raising funds. In a pointed comment, she explained that “enforcement actions are not my preferred method for setting expectations for people trying to figure out how to raise money.” Then she announced that the SEC staff is working on "supplemental guidance" to "help people think through whether their crypto-fundraising efforts fall under the securities laws."
Beyond the token issue, however, Commissioner Peirce questioned how certain crypto trading platforms may differ from exchanges or alternative trading systems designed for traditional securities. She also questioned how traditional regulation may need to change to accommodate these differences. Further, she raised important questions about the regulation of exchange-traded products based on Bitcoin or other cryptocurrencies.
In a final cautionary note she stated: “We owe it to investors to be careful, but we also owe it to them not to define their investment universe with our preferences.”
CFTC Setting Stage for Ethereum Futures
On December 11, the CFTC announced that it was seeking public comments to better understand “the technology, mechanics, and markets for virtual currencies beyond Bitcoin, namely Ether and its use on the Ethereum Network.” Currently, Bitcoin is the only regulated network trading in futures. The outcome of this CFTC effort may be a futures trading framework for Ether that will likely impact the agency’s broader approach to virtual currency futures, options and swaps. Such a result would further strengthen the CFTC’s authority to define and regulate such classes of crypto assets.
FINRA Seeks Feedback, but Wants Compliance
As Bates Group described previously in July 2018, FINRA issued regulatory guidance stating it was monitoring developments in the digital asset market. As a result, FINRA requested that firms notify it if they or their associated persons or affiliates, “engage, or intend to engage, in any activities related to digital assets…” The Notice stated that firms must disclose “purchases, sales or executions of transactions in digital assets, pooled funds that invest in digital assets; or derivatives tied to digital assets.” FINRA said that firms should provide these updates to their regulatory coordinator until July 31, 2019, along with disclosure of any facilitation activities such as clearing or settlement of digital assets.
In its 2019 Risk Monitoring and Priorities Examination Letter, FINRA alluded to this effort, saying that “some firms have demonstrated significant interest in participating in activities related to digital assets.” FINRA asserted that it will be reviewing “firms’ activities through its membership and examination processes related to digital assets and assess firms’ compliance with applicable securities laws and regulations and related supervisory, compliance and operational controls to mitigate the risks associated with such activities.” Specifically, FINRA noted it will “consider how firms determine whether a particular digital asset is a security and whether firms have implemented adequate controls and supervision over compliance with rules related to the marketing, sale, execution, control, clearance, recordkeeping and valuation of digital assets, as well as AML/Bank Secrecy Act rules and regulations.”
Congressional representatives have also jumped into the debate. While regulators are asking for more input from the market, legislators are offering sweeping solutions. Though the current climate would not suggest that legislation that could significantly alter the crypto landscape can pass, several bills—some bipartisan—were introduced in the waning days of the last Congress. Perhaps the most-discussed bill comes from Representatives Darren Soto (D-FL) and Warren Davidson (R-OH), who introduced the Token Taxonomy Act.
The bill, expected to be reintroduced in the new Congress, would, among other things, (i) amend securities laws to exclude digital tokens from the definition of a security, (ii) adjust taxation of virtual currencies held in individual retirement accounts, (iii) create a tax exemption for exchanges of one virtual currency for another, and (iv) create an exemption from taxation for gains realized from the sale or exchange of virtual currency for other than cash. The bill also serves to define the term “digital token” and to clarify the application of securities laws to certain companies that use blockchain.
The Token Taxonomy Act is a reaction to startups fleeing offshore and to the downturn in the market. That downturn, is generally perceived to be due to SEC securities designations and other uncertainties and costs of U.S. regulation. SEC Commissioner Peirce referred to this legislation in her recent address, noting that Congress has the power to clear up many uncertainties by “simply requiring that at least some digital assets be treated as a separate asset class.”
The debate over current and future government regulation of cryptocurrencies may come down to reworking the definitions and legal tests that force them uncomfortably into traditional regulatory categories. It is also possible that the future may be a prolonged period of uncertainty punctuated by enforcement interpretations, conflicting agency guidance and short-lived rules. There is even a possibility that some legislative action could create an entirely new alternative regulatory framework. What can be discerned from Commissioner Peirce’s insight, the CFTC and FINRA market inquiries, and the recently proposed legislative fixes, is that any or all of these outcomes are possible.
The best that market participants can do is to keep up with these developments, do their best to anticipate regulators’ expectations, and attempt to develop compliance risk frameworks accordingly.
New Congress, New Priorities for Financial Services in 2019
Congresswoman Waters (L), Senator Crapo (R)
The priorities of the congressional committees that oversee financial services are changing. The contours of that change are beginning to take shape as Democrats take control in the House of Representatives and leadership from both parties announce committee assignments. This article takes a look at the agendas of Representative Maxine Waters (D-CA), the new Chair of the House Financial Services Committee, and Senator Mike Crapo (R-Idaho), Chair of the Senate Banking Committee. Their dynamic will set the stage for potential political confrontation, possible bipartisan legislation, and certain administrative and regulatory oversight impacting the financial services industry.
It would be hard to overstate the breadth of jurisdiction of the committees these two lawmakers oversee. Together they have oversight over the Federal Reserve, CFPB, the FDIC, the Office of the Comptroller of the Currency, the SEC, HUD, and the Federal Housing Finance Agency, to name only a few. They also have oversight over national security and law enforcement at the Treasury and Commerce Departments, including the Committee on Foreign Investment in the United States (CFIUS); and the Office of Terrorism and Financial Intelligence, (including OFAC and FinCEN, among others). The leadership of these two Committees influence the policy priorities and enforcement actions of these regulators.
House Financial Services Committee
Maxine Waters is not a newcomer to the House Financial Services Committee (HFC). She served on the HFC, the Committee that oversees all U.S. financial services affecting securities, insurance, banking and housing since 1991. Since 1995, she has served as either Ranking Member or Chair of every Subcommittee of the Committee.
Since her appointment as Chair, Representative Waters moved quickly to set her agenda. On January 24th, 2019 Chair Waters announced new leadership for HFC Subcommittees. (She even changed some Subcommittee names and created a new Subcommittee on Diversity and Inclusion.) See here for the appointments and preliminary statements of the Subcommittee Chairs from New York, Missouri, Ohio and Texas. A few days later, Chair Waters announced membership assignments.
New Agenda Prioritizes Consumers, Housing, FinTech and Diversity
In her first meeting, Chair Waters highlighted the broad themes of consumer protection, expanding affordable housing, encouraging responsible innovation in financial technology and promoting diversity in—and financial access to—the financial services system as the key agenda items for the Committee.
On consumer protection, Chair Waters stated that she will seek to strengthen Dodd-Frank financial regulation that protects consumers and investors. She has been a frequent critic of administration efforts to weaken the Consumer Financial Protection Bureau and made clear that she will be using HFC oversight to ensure regulators are fulfilling their obligations as well as holding bad actors accountable.
On housing, Chair Waters said the Committee will focus on affordability and homelessness. She intends to re-raise a bill to provide $13.27 billion in new funding over five years to federal programs and initiatives on the issue. On housing finance, she wants to reform Fannie Mae and Freddie Mac to ensure that underserved borrowers and communities have access to affordable mortgage credit, as well as access to affordable rental housing, and ensure rigorous enforcement of fair housing laws. She said the HFC will be conducting robust oversight of the administration’s activities in the Department of Housing and Urban Development (HUD).
On FinTech, Chair Waters stated that she will focus the Committee on ways to foster "responsible innovation with the appropriate safeguards in place to protect consumers and without displacing community banks and credit unions." In this regard, her focus is on “opportunities for those who have been excluded from access to responsible credit.” Similarly, Chair Waters expressed her intention to shut down abusive payday lending practices and protect minority communities from lending discrimination.
In a speech earlier this year, she also described areas of international concern that the HFC would address, including reviewing governance at the International Monetary Fund and World Bank, Russia sanctions, reauthorization of the expiring Terrorism Risk Insurance (TRIA) and the Charter of the Export-Import Bank.
Senate Banking Committee
Senator Mike Crapo (R-ID) continues his role as Senate Banking Committee (SBC) Chair in the new Congress. His announced priorities reflect continuity, yet with an open offer for bipartisanship. On January 29, 2019, he set forth specific goals to (i) advance bipartisan legislative efforts, and (ii) ensure Committee oversight and federal agency implementation over legislation enacted in the last Congress, notably, the Economic Growth, Regulatory Relief and Consumer Protection Act (EGRRCPA), Foreign Investment Risk Review Modernization Act (FIRRMA), and the Countering America’s Adversaries Through Sanctions Act (CAATSA).
On housing, Chair Crapo’s agenda includes finance reform of Fannie Mae and Freddie Mac, enhancements to HUD’s Family Self-Sufficiency program and streamlined compliance for Public Housing Authorities.
On capital markets reform, Chair Crapo said that he will continue to press for some thirteen bills that would encourage capital formation, reduce burdens for small businesses and improve corporate governance.
On digital security, Chair Crapo relayed that the Committee will consider legislative solutions so that consumers would have more control over their financial data and that any privacy breach would be disclosed to consumers in a timely way. As for FinTech, the Chair committed the SBC to work to ensure that the regulatory landscape welcomes innovation. He pledged that the Committee would “consider appropriate ways to advance innovation and coordination to protect the integrity of the U.S. financial system in a smart way.”
On access to financial services, Chair Crapo said the Committee will continue to examine whether regulation should be tailored for financial companies to ensure they can adequately deliver credit to local communities. He also said the Committee will conduct oversight of financial companies that might “use their market power to manage social policy by withholding access to credit or services to customers and industries they disfavor.” On consumer credit, the Chair noted that the Committee would explore targeted reforms of the credit bureau system, such as improving consumers’ ability to interface with credit bureaus and to dispute inaccuracies.
On international affairs, Chair Crapo stated that the Committee will conduct oversight of agencies tasked with national security and law enforcement missions. He pointed out that the Committee held hearings last year that “lay the groundwork for modernizing the decades-old anti-money laundering and beneficial ownership regime.”
Finally, the Chair stated that SBC will review the efficacy of many expiring programs as part of the reauthorization process for programs such as TIRA (which expires at the end of 2020); the National Flood Insurance Program (NFIP) (which expires end of May); the Export-Import Bank’s charter expires (which expires the end of September 30); the Fixing America’s Surface Transportation (FAST) Act (which expires the end of 2020).
Despite the fact that these leaders are considered to be at two opposite ends of the political spectrum, they both have significant records of legislative success. As their overall agendas suggest, there are identifiable areas of alignment. There may also be areas of common ground on data privacy and security, FinTech, anti-money laundering and housing reform. Their preliminary nods to reaching across the aisle may be nothing more than that, but there may emerge a few bipartisan surprises in 2019.
In his latest annual priorities letter to members, FINRA Chief Executive Officer Robert Cook emphasized that FINRA will be monitoring firm developments “to identify risks and assess their prevalence and impact.” He noted that the 2019 letter highlights new areas of focus that will allow member firms to determine whether certain issues “are relevant to their businesses” and how they might be best addressed. For the upcoming year, these areas include (i) the distribution of securities through online platforms; (ii) firm compliance with recently effective requirements on mark-up or mark-down disclosure for fixed income transactions; and (iii) firm use of new regulation technology (RegTech) to address compliance risks and challenges.
In addition, Mr. Cook explicitly stated that these highlighted areas do not affect the ongoing monitoring and enforcement efforts detailed in previous priorities letters. In this article, Bates will review the highlights from FINRA’s newly released 2019 Risk Monitoring and Examination Priorities Letter. We once again list and compare the new priorities to preceding years in the attached Bates’ 2019 FINRA Chart.
New Areas of Focus
Securities Distributions through Online Platforms
FINRA is concerned with a host of issues tied to growth in the use of online distribution platforms used to sell and trade securities. According to the letter, FINRA will evaluate how firms that use online distribution platforms “conduct their reasonable basis and customer specific suitability analyses, supervise communications with the public and meet AML requirements.” FINRA also stated that it will review certain specific risks, including those associated with (i) offering documents or communications with the public that omit material information or may contain false or misleading statements, (ii) promises of claims of high targeted returns, (iii) sales to non-accredited investors and non-compliant escrow arrangements; and (iv) excessive or undisclosed compensation arrangements between firms and the issuers.
Mark-up Disclosure for Fixed Income Transactions
In the latest letter, FINRA highlighted its intention to review compliance with mark-up or mark-down disclosure obligations on fixed income transactions effective on May 14, 2018. This does not come as a surprise. In its December 2018 Examination Report (covered by Bates here), FINRA found that firms were facing challenges implementing the new rules, including putting in place confirmation review processes, systems and vendors, as well as inadequate disclosure in Order Entry Systems, customer confirmations, transactions in certain structured notes, and incorrect designations of institutional accounts. In the priorities letter, FINRA stated it will review behavior to determine whether a firm is attempting to avoid their obligations concerning mark-up and mark-down disclosures.
For additional resources, FINRA directs firms to an available Mark-up/Mark-down Analysis Report that provides, among other things, trade details and “graphical displays of data across longer periods of time for trend analysis.” FINRA also refers readers