Branch Office Inspection Program - finra

Half-Day Compliance Boot CampWoodbridge, NJAugust 9, 2012

Culture of Compliance• Attributes of a culture of compliance• Established from the top down and it is the responsibility of everyoneat the firm• Encompasses an overall environment that fosters ethical behavior anddecision-making• Consistent written policies and messages sent throughout the firm• CCO communicates directly with Senior Management or the Board• Significant business decisions include compliance staff© 2012 Financial Industry Regulatory Authority. All rights reserved. 1

Session 1 – Outside Business Activities

Outside Business Activities of Registered Persons(FINRA Rule 3270)• Unless registered person provides firm with prior written notice inthe form specified by the firm, he or she is prohibited from arelationship with another person as:• Employee;• Independent contractor;• Sole proprietor;• Officer;• Director or partner; or,• Being compensated, or expecting compensation, from another personas a result of any business activity outside the scope of relationshipwith the member firm.© 2012 Financial Industry Regulatory Authority. All rights reserved.3

Outside Business Activities of Registered Persons(FINRA Rule 3270)• Scope of compensation• Application of the rule is not dependent on prior receipt ofcompensation by a registered person– E.g., registered person working for a start-up company• “Reasonable expectation of compensation”• FINRA Rule 3270 clarifies prior construction of NASD Rule 3030as it relates to the receipt of compensation.• Compensation need not be received from the OBA.• Lack of compensation does not preclude a finding of employment.• Passive investments and activities subject to NASD Rule 3040 areexempt under the rule.© 2012 Financial Industry Regulatory Authority. All rights reserved.4

Considerations for Compliance With FINRA Rule3270• Unregistered persons reporting outside business activities (OBA)• Prior written notice• Form it should take• When it needs to be submitted• Updating written supervisory procedures (WSPs) regarding newrequirements in FINRA Rule 3270© 2012 Financial Industry Regulatory Authority. All rights reserved.5

Scope of Supplementary Material of FINRA Rule3270• Firms’ processes should assess impact of outside activity on thefirm's business and / or customers.• Questions to consider:– Are there time thresholds or specific activities that are problematic?– Is communication reviewed?– Does broker-dealer provide specific disclosures to customers?– Will the proposed activity interfere with or compromise registeredperson’s responsibilities to firm or firm's customers?– Does the activity have the potential to create conflicts of interest with thefirm’s business or its responsibilities to customers?– Will the proposed activity be viewed by customers or public as part offirm's business?– Would the activity be considered a private securities transaction?© 2012 Financial Industry Regulatory Authority. All rights reserved.6

Scope of Supplementary Material of FINRA Rule3270• Firms’ processes (continued)• Based on firm's review, evaluate advisability of imposing specificconditions or limitations on the OBA such as:– No involvement with firm customers in operation of OBA;– No raising capital, offering securities;– Ongoing certification to comply with conditions;– No custody / control over assets;– No Web presence for registered person;– Cannot operate from firm’s premises; and,– Must comply with all applicable state / federal rules.• Firms may prohibit OBAs© 2012 Financial Industry Regulatory Authority. All rights reserved.7

Broker-Dealer Processes for Evaluation of OBAs• Questions to consider when evaluating existing OBAs:• What information is on the registered person’s U4?• What is the structure of the activity?• Who is involved?• How much has the registered person invested?– Is he or she an owner?– Does he or she intend to solicit other ownership or raise capital?• Is there a Web presence?• Is there check-writing, trading authority / custody or control?• What email address is being used?• Are there any changes being contemplated?• Is the OBA still in the form as originally reported?© 2012 Financial Industry Regulatory Authority. All rights reserved.8

Subsequent Review of Permitted / Non-permittedOBAs• Permitted outside business activities• Determining if the scope has changed• Ongoing monitoring• Non-permitted outside business activities• What firm requires from registered person• Ongoing monitoring© 2012 Financial Industry Regulatory Authority. All rights reserved.9

Practical Compliance Considerations• Some practical steps firms may want to consider implementinginclude:• Training representatives;• Establishing clear policies and procedures;• Establishing procedures for reviewing, analyzing and following-up oninformation provided by representatives; and,– Review whether the activity would potentially allow the representative tocarry out or conceal securities law violations.• Ensuring that the language used to report outside business activitiesis detailed enough.© 2012 Financial Industry Regulatory Authority. All rights reserved.10

Practical Compliance Considerations• Some practical steps firms may want to consider implementinginclude: (cont’d)• Considering use of a database (or some other means) to track andmonitor “notice” given by the representatives;• Conducting on-site surprise examinations of representatives,especially those in remote offices; and,• Establishing policies and procedures regarding use of DBA names.– Consider requiring that any DBA name be submitted to the firm forreview.© 2012 Financial Industry Regulatory Authority. All rights reserved.11

FINRA Enforcement Action• Robert Anthony Cataldo: In this enforcement action, a registeredrepresentative engaged in OBAs without providing prompt written noticeto his employer member firm. Specifically, he failed to disclose hisownership interests in two companies engaged in the business ofconstruction, and acted as a director for an insurance company. Inconnection with one of the undisclosed construction businesses, therepresentative received payments of approximately $145,000 from one ofhis firm customers. The representative failed to disclose these OBAs onhis employer member firm's compliance questionnaires. As a result, therepresentative was permanently barred from association with any FINRAmember in any capacity.© 2012 Financial Industry Regulatory Authority. All rights reserved.12

Tools and Resources• FINRA Rule 3270. Outside Business Activities of RegisteredPersons – www.finra.org/finramanual/rules/r3270• SEC Approval Order for File No. SR-FINRA-2009-042. SeeExchange Act Release No. 62762 (August 23, 2010), 75 FR 53362(August 31, 2010)www.finra.org/web/groups/industry/@ip/@reg/@rulfil/documents/rulefilings/p121995.pdf• NASD Rule 3040. Private Securities Transactions of anAssociated Person – www.finra.org/nasdmanual/rules/r3040© 2012 Financial Industry Regulatory Authority. All rights reserved.13

Session 1 (continued) – Case StudyExercise: Group Wide Financial

Session 2 – Branch Office Examinationsand Audits: Broker-Dealer Inspections

Developing a Supervisory Program• Key considerations for an effective supervisory program:• Firm model / business lines– U.S. vs. foreign-based operations– Introducing vs. self-clearing vs. hybrid– Independent contractor model vs. office of supervisory jurisdiction (OSJ)– FINRA, NYSE, SEC and state-registered investment advisory business– Niche-based business– Proprietary trading, market making, employee stock services, publicfinance, etc.• Products offered– Complexity of the products– Concentration in certain products• Types of customers serviced– Seniors and members of the military, high net-worth investors, etc.© 2012 Financial Industry Regulatory Authority. All rights reserved.16

Developing a Branch Office Inspection Program• Inspection cycles• Office of supervisory jurisdiction and non-OSJ branches thatsupervise non-branch locations– Annually• Non-supervising branch offices– Every three years• Factors to consider when developing an inspection program:• Use a “risk-based” approach• Know your resources• Consider frequency of visits• Perform announced vs. unannounced visits© 2012 Financial Industry Regulatory Authority. All rights reserved.17

Branch Office Inspection Program Implementation• A broker-dealer’s branch inspection program is a key part of itssupervisory system.• Firms with an effective branch office inspection program, typicallyhave:– tailored the focus of branch exams to the business conducted in thatbranch and assess the risks specific to that business;– engaged in a significant percentage of unannounced exams, selectedthrough a combination of risk-based analysis and random selection;– scheduled the frequency and intensity of exams based on underlying riskposed at the branch rather than on an arbitrary cycle;– designed procedures to avoid conflicts of interest by examiners that mayserve to undermine complete and effective inspection; and,– deployed senior branch office examiners who understand the businessand will challenge assumptions.© 2012 Financial Industry Regulatory Authority. All rights reserved.18

Branch Office Inspection Program: Roles andResponsibilities• Supervision of branch offices can be centralized (offsite) ordecentralized (onsite):• Field supervisor / branch manager may perform the followingsupervisory responsibilities:– Review and approve new accounts and trades– Monitor trends– Handle and investigate customer complaints– Review and approve correspondence– Maintain office such as physical safeguards, information security (e.g.,shredding)– Hiring / firing– Preparation of advertising or marketing materials– Monitor and report gifts, gratuities and entertainment– Conduct annual compliance interviews with registered representativesand client file reviews– Conduct firm Element (Annual Compliance Meeting)© 2012 Financial Industry Regulatory Authority. All rights reserved.19

Branch Office Inspection Program: Roles andResponsibilities• Home office may perform the following supervisoryresponsibilities:• Review of field supervisor’s / branch manager’s producing andsupervisory activities• Conduct onsite visits• Report and investigate customer complaints• Approve advertising and marketing materials• Conduct certain specialized reviews (e.g., unique product oversight,broad-based email reviews, etc.)© 2012 Financial Industry Regulatory Authority. All rights reserved.20

Branch Office Inspection Program: Roles andResponsibilities• The compliance department should:• Maintain and support supervisory procedures• Develop compliance training programs• Review, approve and archive advertising and sales materials• Handle reporting of customer complaints• Conduct investigations of representatives• Facilitate periodic reporting requirements• Conduct email and social networking reviews• Conduct personal trading and outside activity reviews© 2012 Financial Industry Regulatory Authority. All rights reserved.21

Preparing for a Branch Office Inspection• Exam preparation pre-onsite visit• Examiners should prepare by gathering as much information aspossible.– Google representatives to help identify outside business activities.– Notify other areas in home office of upcoming visit to solicit any concernsand / or areas to be reviewed.– Review areas of concern identified during monthly home office OSJoversight meetings.– Review transaction and trend monitoring system reports to identify anyconcerns / areas to be reviewed.– Obtain completed questionnaires from representatives prior toinspections.© 2012 Financial Industry Regulatory Authority. All rights reserved.22

Executing a Branch Office Inspection• What to do when onsite?• Discuss completed representative questionnaires• Review required books and records• Review client files for suitability documentation• Review supervision files• Tour the branch• Pursuant to NASD Rule 3010, the written inspection report mustalso include the testing and verification of the firm's policies in:• safeguarding of customer funds and securities;• maintaining books and records;• transmittal of funds between customers and registeredrepresentatives and between customers and third parties;• validation of customer address changes; and,• validation of changes in customer account information.© 2012 Financial Industry Regulatory Authority. All rights reserved.23

Learning from a Branch Office Inspection• Assess the risk associated with findings by weighing aggravatingand mitigating factors.• Isolated or systemic• Procedural deficiency• Customer harm• Repeat finding• Administrative oversight© 2012 Financial Industry Regulatory Authority. All rights reserved.24

How to Address Branch Office Inspection Findings• Develop and implement escalation process• Communicate findings to branch office management• Implement corrective action process• Leverage findings in ongoing training efforts• Implement heightened supervision• Develop feedback loop© 2012 Financial Industry Regulatory Authority. All rights reserved.25

Branch Office Inspection Program Deficiencies• FINRA and the SEC have noted that firms with significantdeficiencies in their overall program, typically:• utilize generic examination procedures for all branch offices;• leverage novice or unseasoned branch office examiners;• perform the inspection in a “check the box” fashion; and,• devote minimal time to each exam.© 2012 Financial Industry Regulatory Authority. All rights reserved.26

Branch Office Inspection Program Deficiencies• FINRA and the SEC have noted that firms with significantdeficiencies in their overall program, typically: (cont’d)• fail to follow the firm’s own policies and procedures by:– not inspecting branch offices as required,– announcing exams that were supposed to be unannounced; or,– failing to generate a written inspection report.• fail to have adequate policies and procedures; and,• lack heightened supervision of individuals with disciplinary historiesor individuals previously associated with a firm with a disciplinaryhistory.© 2012 Financial Industry Regulatory Authority. All rights reserved.27

Branch Office Inspection Program Sound Practices• FINRA and the SEC have identified some strong compliancepractices, which include:• using risk analysis to determine frequency of branch inspections;• using surveillance reports and current technology to help identify risk;• employing checklists that incorporate previous inspection findingsand trends from internal reports;• tracking corrective action that is taken; and,• elevating the frequency and/or scope of branch inspections whennecessary.© 2012 Financial Industry Regulatory Authority. All rights reserved.28

Branch Office Inspection Program Sound Practices• FINRA and the SEC have identified some strong compliancepractices, which include: (cont’d)• conducting unannounced branch inspections;• including in the written report of each branch inspection any noteddeficiencies and areas of improvement;• using examiners with sufficient experience;• designing procedures to avoid conflicts of interest;• involving qualified senior personnel in several branch officeexaminations per year;• providing branch office inspection findings to management;• using a centralized compliance database; and,• requiring branch office managers to take corrective action on findings.© 2012 Financial Industry Regulatory Authority. All rights reserved.29

FINRA and SEC Examinations• What will FINRA and SEC examiners look for?• Policies and procedures, including supervisory procedures as theypertain to supervision of customer accounts• Policies and procedures relating to the handling of money andsecurities physically received at the branch• Validation of changes in customer addresses and other accountinformation in accounts serviced by the branch• Procedures related to transmittals of funds between customers andthird parties, and between customers and registered representatives• Firm testing of policies and procedures related to specific retailproducts© 2012 Financial Industry Regulatory Authority. All rights reserved.30

FINRA and SEC Examinations• What will FINRA and SEC examiners look for? (cont’d)• Firm testing in retail sales practice areas• Firms following guidelines concerning advertising and othercommunications with the public or with customers• Evidence of unreported outside or other unauthorized businessactivities by review of customer files, written materials, branch officeaccounting records, appointment books and calendars, phonerecords, bank records, etc.• Procedures for handling of customer complaints• Risk-based reviews of bank accounts of the branch and affiliatedentities, third-party wire transfers and branch signature guarantee log• Procedures to uncover use of unauthorized computers or otherelectronic devices and/or social media© 2012 Financial Industry Regulatory Authority. All rights reserved.31

Tools and Resources• Staff Legal Bulletin No.17: Remote Office Supervisionwww.sec.gov/interps/legal/mrslb17.htm• FINRA Regulatory Notice 11-54, FINRA and SEC Issue JointGuidance on Effective Policies and Procedures for Broker-DealerBranch Inspections (November 2011)www.finra.org/web/groups/industry/@ip/@reg/@notice/documents/notices/p125204.pdf• NASD Notice to Members 99-45, NASD Provides Guidance onSupervisory Responsibilities (June 1999)www.finra.org/web/groups/industry/@ip/@reg/@notice/documents/notices/p004311.pdf• Branch CRD registrationwww.finra.org/CRD/© 2012 Financial Industry Regulatory Authority. All rights reserved.32

Session 2 (continued) – Case StudyExercise: Lake Success