New hints about FINRA's approach to examinations

Register now

Financial planners under FINRA's supervision just received new hints about the regulator's approach to examinations.

FINRA issued a report this week summarizing for the first time in writing its observations on the compliance and supervision issues arising from recent examinations. Highlighted concerns include cybersecurity, outside business activities, anti-money laundering, product suitability, best execution, and alternative investments in IRA accounts.

The 10 most significant FINRA and SEC exam priorities
Regulators have revealed what kind of issues advisors must address if faced with a review.

"FINRA is issuing this report as another resource that firms can use to strengthen their compliance with securities rules and regulations," the report says. "This report focuses on selected observations from recent examinations that FINRA considers worth highlighting due to their potential impact on investors and markets or the frequency with which they occur."

The weaknesses in cybersecurity programs include failure to control access to data, insufficient risk assessments, and inadequate vendor supervision. FINRA also expressed concerns about failures to report OBAs and private securities transactions and failures to execute adequate reviews or retain documentation.

AML programs fell behind as firms changed and grew but failed to properly resource growing AML volume. FINRA raised suitability concerns over recommendations of unit investment trusts, fund share classes, and complex products. FINRA hopes that firms will use the report as a “resource in tailoring their compliance and supervisory programs to their business.”

It’s always good to get more transparency into the examination program. What’s less clear is how firms should react to this information, especially since FINRA generally issues its examination priorities letter in January. Regardless, advisors should expect FINRA to focus on these issues during cycle exams.

For reprint and licensing requests for this article, click here.
Compliance Exams Regulatory guidance Regulatory actions and programs AML IRAs Cyber security Vendor management