Tag: mitch atkins broker dealer

Categories
FINRA Rules

Should I Tell the Regulators?

One question that comes up in the world of broker-dealer consulting is when and what to tell a regulator. This issue can arise in the context of a regulatory examination, responding to a regulatory inquiry, determining whether to self-report, or even in a FINRA OTR.

It is important to understand the context of the request in determining how to properly respond to a FINRA inquiry. First and foremost, a broker-dealer or registered representative should understand that FINRA’s Rule 8210 requires that its members and associated persons of members provide responses that are truthful and complete. And failure to do so can result in serious sanctions, including a lifetime from the securities industry. It is also important to understand that certain items require reporting whether or not FINRA has specifically asked for the information. For example, Rule 4530 requires reporting of certain complaint information and information about internal conclusions that broker-dealers may have made.

FINRA has also said that it will provide credit to firms who self-report or otherwise demonstrate extraordinary cooperation. For more information on this, see Regulatory Notice 08-70.

There are many things that are required by FINRA Rules to be reported. There are other things that are not specifically required to be reported, but probably should be. And then there are times when a response should simply answer the direct questions being asked by a regulator. Knowing the proper approach to preparing a regulatory response is critically important on many levels. If you have received a FINRA Rule 8210 letter, a request to appear for a FINRA OTR, or if you just have an issue that may need to be reported, make sure you contact a professional with extensive experience in addressing FINRA reporting requirements.

Mitch Atkins, FINRA’s former SVP and Regional Director is experienced in assessing FINRA regulatory inquiries and “FINRA Rule 8210 letters.” For help with your regulatory responses or a regulatory investigation, contact Mr. Atkins who is now Principal at FirstMark Regulatory Solutions in Boca Raton, Florida at 561-948-6511. Mr. Atkins is not an attorney and FirstMark Regulatory Solutions is not a law firm. Neither Mr. Atkins nor FirstMark Regulatory Solutions provide legal services.

Categories
Broker-Dealer Information

Regulation S-P and the Closure of a Broker-Dealer

One of the many challenges involved in closing down a broker-dealer is ensuring the security and privacy of customer data. There have been some very public instances in which broker-dealers have done this incorrectly and as a result, regulatory sanctions were imposed, in some cases against individuals. And regulatory bodies have shown that they are willing to take these cases, even if most of these cases are relatively small in the scope of all that they handle. This is because regulators take customer privacy very seriously, and they consider breaches, however small, to be serious.

The requirements related to this area are spelled out in Regulation S-P. And Rule 30 of that regulation includes requirements related to safeguarding and disposal of customer records. Regulation SP requires that broker-dealers deliver a notice of its privacy policy upon the opening of an account, and annually thereafter. These notices should contain a policy statement regarding what data the firm collections, how it uses that data and how it protect the data. If broker-dealers share information with certain third parties they must include an appropriate notice in the document along with an opt-out provision in the event that customers desire to opt-out of the broker-dealer sharing of their information. This opt-out provision is particularly important for firms that operate in the independent channel, as they typically allow departing representatives to take customer data with them upon departure. When a broker-dealer closes, the provision of customer information to third parties must be compliant with these provisions of Regulation SP. Also, the form of the opt-out notice is specified in the rule. For example, simply including an address to which the customer should write is not acceptable.

Finally, when a broker-dealer closes, there will invariably be customer data (electronically stored and in paper format) which will at some point require either transfer, storage and/or disposal. Any records that contain customer information (account numbers, account holdings, dates of birth, etc.) must be disposed of properly. And broker-dealers cannot transfer this information to other firms without first having provided the requisite privacy notice with the opt-out provision (and giving clients 30 days to opt-out before the transfer). Disposal of records should be by secure means and should not violate records retention rules spelled out in SEA Rule 17a-4. Also, there are many places one might not expect to find customer information, such as the hard drives now included with most copy machines. Finally, there are requirements related to storage of records and the appointment of a custodian of records when a broker-dealer closes. The custodian must be registered with the firm at the time of the filing of Form BDW.

Mitch Atkins, FINRA’s former SVP and Regional Director has extensive experience in Regulation S-P compliance and customer information protection.

For help with your data protection and Regulation SP compliance, contact Mr. Atkins at FirstMark Regulatory Solutions in Boca Raton, Florida at 561-948-6511.

Categories
Broker-Dealer Information

FINRA Broker-Dealer Cyber Security Matters

FINRA broker-dealers operate in one of the industries most frequently targeted by cyber criminals. In 2014 alone, there were numerous instances of highly-publicized cyber security and data breaches. And being a victim of these types of breaches comes with the added embarrassment of the negative press that invariably follows.SEC Chair Mary Jo White in a speech earlier this year said about Cyber threats,

“This is a global threat.  Cyber threats are of extraordinary and long-term seriousness.  They are first on the Division of Intelligence’s list of global threats, even surpassing terrorism. And [the] director of the FBI, has testified that resources devoted to cyber-based threats are expected “to eclipse” resources devoted to terrorism.”

Fortunately, there is a significant amount of information available to broker-dealers that can help to ensure they are reasonably compliant with industry standards. FirstMark Regulatory Solutions conducts risk assessments in the area of cyber security and provides recommendations to broker-dealers that help to ensure compliance with industry requirements. Every broker-dealer has an obligation to protect customer information which is spelled out in the safeguarding standards of Regulation SP.

“…the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers’ nonpublic personal information.” – Gramm-Leach Bliley Act

Also, broker-dealers are required under FINRA’s supervision rule to have procedures that are reasonably designed to achieve compliance with rules applicable to each area of the firm’s business. Customer information protection is one of those areas.  

FirstMark advises clients on cyber security and customer data breach issues. With the former, security enhancements can include simple items such as restricting access to certain devices and technologies which can facilitate rapid transfer of large amounts of data (e.g. high speed data ports, copiers connected to the internet, portable media devices, etc.) to sophisticated penetration testing on a broker-dealer’s network. With the latter (data breaches), it is important to remember that many states have very significant penalties for failure to notify clients that their data has been compromised. For example, Florida implemented one of the toughest laws in the nation on July 1, 2014. An unreported breach could yield up to a $500,000 fine.

It is critical that broker-dealers are aware of these requirements and have procedures in place that are sufficient to address the risks inherent it their businesses. FINRA and the SEC have been conducting cyber-security sweep exams in 2014, and have indicated they will continue to do so going forward. For small firms, FINRA has created an excellent resource on cyber security that can be found here.

Mitch Atkins, FINRA’s former SVP and Regional Director has extensive experience in cyber security compliance and customer information protection. For help with your cyber security compliance, contact Mr. Atkins at FirstMark Regulatory Solutions in Boca Raton, Florida at 561-948-6511.

Categories
Variable Annuities

A New Twist on Variable Product Suitability

Mitch Atkins, FINRA’s former South Region Director who is now Principal of FirstMark Regulatory Solutions, recently had the opportunity to participate on a panel at FINRA’s South Region Compliance Seminar. The panel, which also included a member-firm representative and two FINRA representatives covered the topic of suitability, and focused in particular on two products, non-traded REITs and L-Share Variable Annuities.

The FINRA panelists expressed concern regarding what they are seeing as improper or unsuitable sales of L-Share classes of variable annuities. Several issues of note mentioned by the FINRA panelists included the time horizon of the customer and the fee structure of the product. Before we get into that here, a primer on L-Shares may be worthwhile.

L-Shares, like any other share class, are designed with a specific purpose in mind. First, an L-Share typically has a surrender period of 3 to 5 years, compared to a typical B-Share variable annuity which has a surrender period of 7 years. Typically, deferred sales charge variable annuities have a declining surrender charge. In the instance of a B-Share, this surrender fee schedule might be: 7%, 7%, 6%, 5%, 4%, 3%, 2%, 0%. Meaning if the product is surrendered in year one, the fee is 7%, year two, the fee is 7%, year three, the fee is 6% and so on. But in an L-Share situation, the surrender fee schedule looks more like this: 8%, 7%, 6%, 5%, 0%. So clearly the L-Share recoups a higher percentage if surrendered earlier. In exchange for this early termination of the surrender period, the products have higher M&E fees (Mortality and Expense). For example, a typical B-Share may have an ongoing M&E expense of 1.25% which is charged to the contract holder each year. However in a typical L-Share product, this ongoing fee is 1.65%. As a result, the higher ongoing fees over time can be substantial.

The FINRA staff’s point in this scenario is that broker-dealers and their associated persons must have a reasonable basis to believe that a recommended transaction in a variable annuity is suitable for a customer based on the information obtained from that customer about their investment profile. If a customer has a long term time horizon, an L-Share may not be the most appropriate share class to recommend.

Here are several key points were made during the presentation about monitoring transactions in L-Share variable annuities. First, broker-dealers must conduct an effective due diligence process such that they understand the products being sold, as well as the features of those products and for which of their clients that product may be appropriate. Second, broker-dealers must have written procedures that are designed to address the specific features of the products they sell, including in this instance, L-Shares. Some broker-dealers do not have specific procedures addressing these products. Third, firm training programs must address the unique features of these products, and that also means training the principals reviewing the transactions, not just the representatives selling them. Fourth, firms are required to monitor the sales of the product and the riders selected. In some instances, long-term riders are inappropriately being recommended with the shorter-term L-Share. Finally, questions regarding the suitability of the product should be confirmed directly with the customer when appropriate.

Broker-dealers should ensure that their supervisory systems are adequate to match customer time horizons with recommendations in L-Shares. These share class issues are not new. However, just like the days of the A vs. B share mutual fund, FINRA is now seeing issues with variable annuity share classes. As with any other recommendation, documenting the rationale for the recommendation is a critical aspect of a good recordkeeping system.

If you have questions regarding this aspect of suitability or any other issue, contact Mitch Atkins, Principal of FirstMark Regulatory Solutions at 561-948-6511.