FINRA Rule 2090 will impose a new requirement on many firms, that of “knowing your customer.” Firms that have not previously been subject to a Know-Your-Customer requirement are determining what facts it deems essential in connection with servicing an account.
The rule, which went into effect Monday, requires member firms to “use reasonable diligence, in regard to the opening and maintenance of every account.”
It also requires firms to “know (and retain) the essential facts concerning every customer and concerning the authority of each person acting on behalf of such customer.”
This information is required to effectively service the customer’s account, to act in accordance with any special handing instructions, to understand the authority of all persons acting on behalf of the customer, and to comply with all laws, rules, and recommendations. The know-your-customer fact-gathering obligation (different from the suitability requirements) arises immediately upon the opening of an account regardless of whether the registered representative has made a recommendation to the customer.
Significantly, the new rule eliminates the requirement in NYSE Rule 405(1) that the firm/associated person learn the essential facts relative to “every order,” deferring instead to the specific order handling rules (such as FINRA Rule 5310, NASD Rules 2320, 2400).
With respect to the information gathered, FINRA has made clear that the requirement for the firm to “understand the authority of each person acting on behalf of the customer” does not require the firm to know more than the names of any persons authorized to act on behalf of the customer and any limits on the agents’ authority communicated to the firm by the customer.
However, some firms may decide, as a business practice, to accept only those customers who do not qualify the scope of authority of those acting on their behalf.
With respect to a client’s investment profile, firms may wish to consider how best to document situations in which a client declines to provide requested information and evidence that the firm is able to appropriately service the account without such information. As part of the know-your-customer determination, firms are giving thought to implementing processes to understand “the authority of each person acting on behalf of the customer… .”
In this regard, firms are developing processes to document: i) the names of any persons authorized to act on behalf of the customer; and ii) to the specific limits on that person’s authority. This aspect of the new rule calls for special thought and attention with respect to accounts established as corporate entities, trusts and the like.
As part of their new processes, firms are considering at what frequency to seek an update of the “essential facts” needed to service a customer’s account. The Know-Your-Customer rule ties in naturally to a firm’s Anti-Money Laundering (AML) process. Many firms are seeking to leverage their existing AML processes to comply with new FINRA Rule 2090.
FINRA’s new suitability and know-your customer rules essentially track the common law regarding the duties of broker-dealers in non-discretionary accounts. A broker-dealer owes more limited duties than an investment advisor to a customer in a non-discretionary account, and those duties cease “when the transaction is closed.”
The registered representative in a nondiscretionary account has limited duties i) to recommend a security “only after studying it sufficiently to become informed as to its nature, price, and financial prognosis”; ii) “to carry out the customer’s orders promptly in a manner best suited to serve the customer’s interests”; iii) “to inform the customer of the risks involved in purchasing or selling a particular security”; iv) “to refrain from self-dealing or refusing to disclose any personal interest”; v) “not to misrepresent any fact material to the transaction”; and vi) “to transact business only after receiving prior authorization from the customer.”
Under California law, a registered representative may be found to have a confidential relationship with a customer encompassing certain fiduciary duties. The registered representative’s duties “depend on the facts of the case.” Consideration of the relevant facts and circumstances to the determination of the scope or extent of a registered representative’s duty is guided by the nature of the registered representative/customer relationship.
Recently, the Georgia Supreme Court also held that registered representatives for nondiscretionary accounts owe “limited fiduciary duties” to their customers, including a “heightened” duty when recommending an investment for which the registered representative may have a conflict of interest.
Practical Compliance Considerations Raised by the New Rules
As discussed above, FINRA Rule 2111, while modeled after NASD Rule 2310, is different in many important respects. Rule 2111 requires that a firm or associated person “have a reasonable basis to believe that a recommended transaction or investment strategy involving a security or securities is suitable for the customer, based on the information obtained through the reasonable diligence of the member or associated person to ascertain the customer’s investment profile.”
Firms will have to grapple with many important practical considerations in designing processes and controls that satisfy the requirements of the new rule. Some of the most important considerations are addressed below.
Investment Strategies
As a result of the adoption of the new rule, questions arise concerning what constitutes an investment strategy, whether and how to document recommendations of investment strategies, and whether principal approvals will be required of any particular type of investment strategy.
As a first step, firms are seeking to define the term “investment strategy” in concrete terms for their registered representatives. Further, many firms are reviewing marketing materials with a view to determining whether they contain recommendations of investment strategy and if so whether any revisions or controls are called for.
Some firms are also compiling an inventory of possible investment strategies and for each investment strategy determining whether any additional controls are necessary. Firms may determine to prohibit certain investment strategies. For others, firms may require their registered representatives to capture the recommendation on something along the lines of an order ticket and require that such recommendation be approved. For other strategies, firms may determine that no additional controls are necessary. Either separate from or together with this inventory approach, many firms are conducting training with respect to investment strategies and advising their registered representatives to maintain comprehensive notes in their client files with respect to recommended investment strategies.
Hold Recommendations
Similar to other investment strategies, firms should consider whether and how to document recommendations to hold. While Regulatory Notice 11-25 makes clear that there are no explicit documentation requirements for a recommendation to hold or other recommended strategies, FINRA cautions firms to undertake a risk-based approach to documentation.
It may be important to document a hold recommendation where the securities involved have a shorter-term investment component, have a periodic reset, or have some similar mechanism that alters the securities’ character over time. It may also be appropriate to document a hold recommendation where the securities are particularly susceptible to changes in market conditions or are otherwise risky to hold at the time the hold recommendation was made. Firms may wish to document hold recommendations when the customer is heavily concentrated in the security or industry at issue, if the security is particularly risky, or if the security is inconsistent with the investor’s profile for the account.
Firms wishing to document hold recommendations (and other strategy recommendations) will be faced with the challenge of whether and how to best update their systems and technology so as to capture these recommendations and trigger supervisory review. Some firms are considering a “hold ticket” which, like an order ticket, would reflect the representative’s recommendation to hold. The hold ticket would be updated on a “hold blotter” that would be separate from the trade blotter. Firms may also need to train their representatives on what constitutes a “hold” recommendation triggering suitability analysis.
Quantitative Suitability
Firms may wish to consider whether it is necessary to develop any new reports to determine quantitative suitability— i.e., having a reasonable basis for believing that a series of recommended transactions, even if suitable when viewed in isolation, are not excessive and unsuitable for the customer when taken together in light of the customer’s investment profile. While many firms already maintain such reports, the new rule is a good opportunity to examine the reports that are being generated with respect to quantitative suitability and determining whether any enhancements are called for.
Reasonable Basis Suitability
A key to the reasonable basis suitability assessment may be improved vetting of products and training of registered representatives to understand the products offered by the firm. Further, firms may wish to enhance the documentation of these efforts to ensure the creation of a robust record that likely will be of interest to regulators testing for compliance with these new requirements.
Investment Profile Information
Prior to the new rules becoming effective, firms may want to consider whether to develop additional procedures to gather customer “investment profile” information and whether to memorialize that information in written form. The new rule adds age, other investments, investment experience, time horizon, liquidity needs and risk tolerance to the list of information that should generally comprise a customer’s investment pro file. Firms may want to consider whether to seek such information from existing customers, and if so when. This calls for a risk assessment by the firm. For some customers, a firm may determine that there is an immediate need to seek this information.
For other customers, a firm may determine that this additional profile information needs to be captured, but it can wait until the firm’s 36-month outreach letter to the customer, pursuant to Exchange Act Rule 17a-3 or some other period of time.
A compliance challenge is presented where a firm maintains multiple accounts for the same person, and the accounts have different investment profile factors. For example, for one type of account the customer may indicate a conservative risk tolerance, while for another of its accounts the customer may indicate an aggressive risk tolerance. Firms may wish to consider what, if any, documentation should be maintained to acknowledge the multiple, and perhaps contradictory account profile information. An additional challenge is presented where a customer refuses to provide requested profile information.
Firms may wish to consider what sort of processes and controls are necessary in connection with instances of a client’s refusal to provide requested information. In this regard, firms are developing documentation to evidence their attempts to obtain the requested information about the customer and why information that is not provided is not relevant to the ultimate suitability determination for a particular recommended transaction or strategy.
Institutional Suitability
Given the new requirements regarding institutional suitability, many firms which today rely on the current exception provided for institutions may need to change their oversight and processes regarding sales to institutions.
First, the current suitability rule permits any entity other than a natural person to be considered an institution, while FINRA has previously cautioned that status as an institution for purposes of the current suitability rule “is more appropriately applied to an institutional customer with at least $10 million invested in securities in the aggregate in its portfolio and/or under management.”
The new rule sets forth an objective test with respect to status as institution for purposes of the carve-out. The new rule defines institutional customer by means of cross-referencing NASD Rule 3110(c)(4) which provides that the term “institutional account” includes the accounts of banks, savings and loan associations, insurance companies, registered investment companies, registered investment advisers, or any other entity (not listed above) with total assets of at least $50 million.
As a result, many firms are reassessing the categories of entities that are considered institutions for purposes of the institutional carve-out. Second, firms may wish to consider how to document their determination that a particular institutional customer is capable of evaluating investment risks independently, both in general and with regard to the particular transactions and investment strategies involving a security or securities. As part of this process, firms may wish to give thought as to who at the firm is the appropriate person to make this determination and what factors should be considered to support such determination.
Finally, many firms have prepared a template for use by their institutional clients which would serve the purpose of allowing the entity to affirmatively indicate that it is exercising independent judgment in evaluation of a member’s or associated person’s recommendations.
These pieces are excerpted from an article published in Thomson Reuters’s Wall Street Lawyer and authored by Clifford Kirsch, a partner and member of the financial services practice group in the New York office of the law firm Sutherland Asbill & Brennan; S. Lawrence Polk, a partner and member of Sutherland’s litigation practice group in the firm’s Atlanta office; Brian Rubin, a partner and member of the litigation practice group in the firm’s Washington, D.C. office; and Avital Stadler, a counsel and member of the firm’s litigation practice group in Atlanta
