2023 was another big year for regulation. Here are 7 reasons why

December 22, 2023 1:00 PM

With ambitious regulators at the head of some of the biggest watchdog agencies, 2023 was another big year for new rules for the industry.

The year saw the Securities and Exchange Commission, the Financial Industry Regulatory Authority and others propose and sometimes adopt regulations governing everything from cybersecurity, to the use of artificial intelligence and similar technologies, to working from home. As often happens when regulators push forward with ambitious plans, industry representatives were quick to complain that they were being asked to do too much in too little time.

But watchdog agencies showed little interest in relenting. Here are some of the biggest regulations and regulation-related topics taken up during the year:

Regulatory avalanche?

By the reckoning of one industry group — the Investment Adviser Association — firms could find themselves having to comply with at least parts of 13 new regulations over the course of two years. That, according to the association, is asking for too much.

The IAA and other critics are quick to take the SEC and other agencies to task for not fully thinking out how each of these new regulations will work with each other. Redundancies and, in some cases, irreconcilable obligations will be the result, the IAA warns.

One proposal for instance would make firms responsible for ensuring that any subcontractor that they outsource services to abides by the fiduciary duty to always put clients' interests first. The IAA argues there's no need for the change, since current fiduciary requirements already oblige advisors to work only with third parties that make clients the top priority.

The IAA also warns of redundancies and possibly confusing obligations in the SEC's cybersecurity proposals.

Compliance hack

The SEC has already adopted one big cybersecurity rule this year. In July, the Wall Street watchdog adopted a rule giving publicly traded companies four days to report hacks or other data breaches.

The SEC is meanwhile weighing three separate cybersecurity proposals applying directly to broker-dealers and advisors. The proposals together take up 1,200 pages and have prompted much howling on their own.

The first would give brokers that have been hacked 30 days to alert their clients of the breaches. It's coming as the proposed change to the SEC's Regulation S-P, which was adopted in 2000 to strengthen protection of customers' online data.

The other two proposals would give brokers and advisors timelines for telling authorities when they've suffered breaches. Brokers would have to report cyberattacks immediately to federal regulators and then follow up with detailed accounts within 48 hours. Advisors, under their separate proposal, would get the same 48 hours to provide confidential reports of data breaches to the SEC and to disclose to clients current cybersecurity risks and past attacks.

The similarity between the two time periods have prompted questions about whether they might not be consolidated. Critics also worry that providing regulators with detailed reports on data breaches could expose weaknesses that could be exploited in future attacks.

AI time

This past year marked the first time that many people in many white-collar industries had to come to grips with the possibility that machines might soon be able to do aspects of their jobs just as well, if not better. Financial planning was no different.

Regulators have been quick to uncover risks. Giving artificial intelligence, machine learning and similar systems a great deal of sway over investments and market controls could have results that, at the very least, are unpredictable.

Of more immediate concern, though, is the way advisors might use AI and predictive analytics in making investment recommendations. With no one completely understanding how these systems function, there's a chance that their advice will at times run counter to clients' best interests.

The SEC wants advisors to be on guard against that possibility. A 243-page proposal it put forward in July would make financial planners of all stripes responsible for scouring any use of AI or other advanced technologies for possible conflicts of interest and then eliminating or "neutralizing" any problems that they find.

The industry has responded with some acknowledgement that precaution is likely in order with AI. Still, critics contend that the proposal is too far-reaching. As currently written, it would seem to apply not only to the most cutting-edge of technologies but also to more mundane systems that have been around for years without eliciting much objection. In a frequently cited example, industry groups warn advisors could find themselves having to pore over their spreadsheets in search of conflicts.

Robinhood case

Not all of the biggest developments in the regulatory world came from agencies. In some instances, it was the courts that caused the biggest movement.

A case in point is the victory Massachusetts Secretary of the Commonwealth William Galvin scored in August against the popular online brokerage Robinhood Markets. The dispute arose out of Galvin's attempt to impose on Robinhood and other broker-dealers a state-level fiduciary obligation similar to the conduct standard separately applying to investment advisors throughout the U.S.

Robinhood responded by arguing that Massachusetts' fiduciary rule was superseded by the federal Regulation Best Interest, a conduct standard the SEC adopted for broker-dealers in June 2019. Although Reg BI calls on brokers to act in their clients' best interest, many regard it as a relatively weak conduct standard.

In defending his state's stricter fiduciary rule, Galvin accused Robinhood of promoting certain stocks without regard for the particular needs and circumstances of individual clients. He said the online brokerage was "gamifying" the market by presenting video-game-like features that encourage frequent trading.

In siding with him, a superior court judge in Boston found Galvin was within his state-granted authority to adopt a fiduciary rule for brokers. One of the big questions for 2024 will be over how many other states now try to follow his lead.

Work from home permanency

Not all regulatory changes in 2023 were unwelcome in the industry. Two proposals in particular were greeted with cheers for helping to make permanent work-from-home policies first adopted during the COVID-19 pandemic.

The first would allow firms to sign up for a three-year pilot program meant to furnish FINRA with data on which remote work procedures and protocols best serve the twin goals of accommodating advisors while also protecting investors. Firm representatives have been able to operate out of their homes under emergency rules that were first adopted during the pandemic and then subsequently extended several times. FINRA's hope for the pilot program is to eventually be able to make its remote work policies permanent.

Separately, FINRA has won approval for a proposal that will make branch supervisors' home offices subject to less frequent inspection. The policy calls for these "non-branch" offices to be subject to internal inspections once every three years, down from the current requirement of once a year.

Both proposals underwent significant revisions before being formally approved by the SEC in November. Regulators have not said when firms can start signing up for the three-year pilot program. But with FINRA's emergency rule on working from home due to expire on June 30 next year, firms that don't join the program could be faced with the loss of their work-from-home privileges.

You name it

Truth in advertising shouldn't just apply when companies are hawking a new wonder drug or cleaning solvent. It should also be a bedrock principle for investment funds purporting to use money that investors entrust them with to further certain environmental, social and governance, or ESG, causes.

The SEC in September proposed a series of revisions to its 20-year-old names rule, which is generally meant to ensure that the official names of mutual funds and other vehicles actually shed some light on their investing priorities and strategies. In general, the rule calls on managers to make sure that at least 80% of the money placed in a fund is invested in a way that's consistent with its name.

In proposing the revisions, SEC officials made it clear that their main concern was ESG. Charges of "greenwashing" — or making deceptive claims about environmental benefits for investing strategies that fail to live up to the promise — have been rampant in recent years.

But regulators also have their eyes on funds that claim to use advances like artificial intelligence and big data to tease out sophisticated investing strategies. And they're anxious to make sure that words like "value" and "growth" are being used in the way that they're commonly understood in the investing world.

So funds that claim a value investing strategy should be scouring the markets for companies that are in fact undervalued. And growth funds should be looking for stocks that show potential for quick gains in coming years.

Expungeable assets

Life got a little tougher for brokers who are hoping to clear their names using a formal process known as expungement.

FINRA in October put in place a series of changes meant to make sure that expungement remains the "extraordinary remedy" it was always meant to be. Expungement — the only way to have ill-founded customer complaints and other erroneous disciplinary information removed from online records — is meant for allegations that are factually impossible, clearly erroneous or made against a person who wasn't involved in the disputed activity.

Among other things, the changes approved by FINRA stipulate that most expungement requests can be granted only by the unanimous consent of three-person arbitration panels. A simple majority is no longer enough.

The changes also set stricter time limits on when brokers can submit expungement requests and give state regulators and clients greater opportunities to weigh in on arbitration proceedings. Behind the reforms is a general feeling that expungement is too readily granted to advisors who go to the trouble of asking for it.

The Public Investors Advocate Bar Association frequently cites a study finding that FINRA arbitrators had agreed to erase complaint records in nearly 90% of the cases that came before them. PIABA representatives have since expressed optimism that greater participation by state securities regulators will make expungement a remedy reserved only for egregious cases.

But advisors are quick to note that customer complaints often receive very little vetting before being added to public databases. With the cost and difficulty of expungement now rising, many worry erroneous information will simply linger online.