Notes from a Sponsor
The Annual Conference is FINRA’s premier event, providing the opportunity for practitioners, peers, regulators, and partners to exchange ideas on today’s most timely compliance and regulatory topics.
This year, LeapXpert was invited to attend and sponsor the event, which was held from May 16-18 in Washington DC. We’re proud to have played a significant role as a Silver Sponsor.
Among the topics covered during the conference’s many sessions were current trends in technology, cybersecurity, risk management and much more. Throughout these sessions and during the networking opportunities, we heard from hundreds of compliance teams who are looking for a solution like LeapXpert. The iMessage solution was especially popular.
One of the biggest challenges facing regulated firms today is how to adopt flexible communication channels without running afoul of record-keeping regulations. Over the course of the three-day conference, we spent a lot of time discussing this issue and best practices for messaging compliance.
The following is a brief summary of some highlights from the event:
1. SEC Chairman: it’s really important to capture e-communications
In the opening session, Robert W. Cook, President & CEO of FINRA, discussed the concerns that regulated firms have around electronic message recordkeeping especially in light of the number of fines that have recently been levied for non-compliance.
In a fireside chat, Cook asked Gary Gensler, Chair of the U.S. Securities and Exchange Commission, how firms should approach this issue. He said that companies understand the need to be in compliance with regulations, but “people just want to communicate in different ways and the world has changed. Investors…want to sometimes communicate with you in different ways…”
Gensler agreed that this is a challenge in today’s world. He reminded the audience that recordkeeping obligations have been mandated by Congress and dating back to the 1930s. The need to keep records serves two main functions:
First, so that “senior management can actually control their firms, the risks, the customer interfaces, the order flows.”
And second, to enable regulation – “both FINRA and the SEC can go in and examine against that.” And of course he reminded the audience that bank regulators have their own separate but similar books and records obligations.
Recognizing the changes in technology which have brought about new record-keeping challenges, Gensler’s main message was: “now we’ve got…text messages and off channel communications and the like. And so it’s just really important that firms always stay up-to-date, that they’re capturing those communications related to their operation and the order flows, the customer messages, and the like. That’s what’s critical.”
What channels should be permitted according to the Chairman? Any channel that is required, as long as the conversations are captured. In his words:
“And people can use whatever chat rooms or whatever communications channels that they find appropriate, but you’ve got to capture that communication, just as you did in earlier technologies and the like.”
Gensler added that compliance is just one reason for record-keeping – “So there’s a lot of reasons that firms want to add books and records for their risk management, but it also helps them comply with FINRA and SEC rules.”
2. Enforcement: Latest Developments and Trends
This session featured Chris Kelly, SVP at FINRA, Lisa Colone, VP, Enforcement Legal at FINRA, and Gurbir Grewal, Director, Division of Enforcement at the SEC.
The three spoke about the latest fines and actions for non-compliance over e-communications, mentioning that firms must protect themselves, and hinted that enforcement will continue.
3. Leveraging Regulatory Technology for Your Firm
In this session, Haimera Workie,VP and Head of Financial Innovation at FINRA, spoke with Afshin Atabaki,Special Advisor and Associate General Counsel, Regulatory Practice Policy at FINRA, Alexander Gavis,Adjunct Professor at Suffolk University Law School, and Kerry Gendron,SVP, Member Supervision, Analytics, Innovation & Solutions at FINRA
While much of the session centered around AI/Data Visualization tools to enhance compliance function, some best practices for off-channel communications were discussed as well, including:
- Make sure to have a crystal clear policy with an enforcement strategy
- Identify red-flag procedures and establish an internal escalation process
- Establish levels of discipline especially for systemic violators (individuals or groups)
- Adopt consistent monitoring tools that have been thoroughly vetted
- Consider MDM to control app downloads
- Train your managers and supervisors on an ongoing basis
- Review the SEC cases that are out there today, as they provide a best practice roadmap to help you align with SEC’s expectations
- Establish an e-communications committee
- Avoid manual workarounds/have a clear tested plan
- Watch emerging trends – especially watch the younger generation and what tools they are using
- Constantly examine new technologies and platforms
- Have legal teams review the new platforms to determine who owns/processes/stores communications content and at what point does some or all of the content ‘disappear’ on each app (and what happens to the data at that point).
4. Redefining Communications Compliance for the Digital Age
This panel was moderated by Amy Sochard, Vice President, FINRA Advertising Regulation. She was joined by Lule Demmissie, Chief Executive Officer,eToro US Holdings Inc., Kristi Crawford, Managing Director and Deputy Chief Counsel, Charles Schwab & Co., Inc., and Bob Chao, Senior Director, Risk Monitoring Retail, FINRA Member Supervision.
The panelists discussed relevant regulatory obligations, including FINRA Rules 2210 and 2220. FINRA Rule 2210 classifies all communications as either correspondence, retail communications, or institutional communications and sets content standards designed to apply to ongoing developments in communications technology and practices. FINRA Rule 2220 governs member firms’ communications with the public concerning options.
In keeping with these rules, there are certain considerations firms need to take into account in thinking about their digital communications channels:
- Does the firm’s digital communication policy address all permitted and prohibited digital communication channels and features available to customers and associated persons?
- Does the firm look for indications that a registered representative is communicating through an unapproved communication channel, and is there a process for following up on such red flags (e.g., email chains that copy unapproved representative email addresses, references in emails to communications that occurred outside approved firm channels or customer complaints mentioning such communications)?
- How does the firm supervise and maintain books and records in accordance with SEC and FINRA Books and Records Rules for all digital communications with the public?
- Does the firm have a process to confirm that all business-related communications with the public comply with the content standards set forth in FINRA Rule 2210?
According to the panelists, FINRA findings have included insufficient supervision of and record-keeping for digital communications. This means that firms are not maintaining
- reasonably designed policies and procedures to identify and respond to red flags—such as those arising from customer complaints, representatives’ emails, OBA reviews or advertising reviews—indicating that registered representatives may be making business-related digital communications to firm customers using channels not approved and controlled by the firm, including texting, messaging, social media, collaboration apps or “electronic sales seminars” in chat rooms.
In order to prevent non-compliance and the resulting fines and consequences, the panelists had a number of recommendations:
- If a firm chooses to allow employees to communicate through messaging apps, they must capture all of those messages via a set policy that all employees receive training on.
- When choosing which apps to allow, it’s important to consider what types of firm business can be done on each channel and train the team accordingly.
- Cooperation with regulators is key. The SEC levied smaller fines for self-reporting firms who acknowledged their wrongdoing. At the same time, the 2022 penalties were extremely high in the tens and hundreds of millions each, and those firms are required to come to regulators with any non-compliance issue, no matter how small, for many more years.
- It’s important to be thoughtful about how you react to situations, especially when it comes to following procedures. Rather than simply checking a box, take the time to consider the best course of action and ensure that you’re following the correct procedures.
- Teams need to work together to bridge the gap between compliance and adapting quickly to technological change for the benefit of productivity.
During the session, participants were asked: “How do you respond to the rapid pace of change in your business?” 58% said they feel unsure and don’t know where to begin, while only 28% reported that they “rush to embrace the new as quickly as possible…”
5. Key takeaways from FAC
FINRA’s 2023 Annual Conference served as a vital forum for industry professionals, regulators, and partners to tackle pressing compliance and regulatory challenges. Key discussions emphasized the importance of capturing communications, adapting to evolving communication channels while ensuring compliance, and protecting firms through robust procedures.
Sessions covered various aspects, including technology trends, enforcement, leveraging regulatory technology, and redefining communications compliance for the digital age. Firms were encouraged to establish clear policies, train employees, monitor adherence, and strike a balance between compliance and technological innovation. By embracing these insights and staying agile, firms can thrive in the digital age while safeguarding information flow and customer interactions.
Overall, the conference underscored the need for firms to adapt, comply, and continuously evolve in a rapidly changing landscape. Collaboration between compliance officers, technology teams, and regulators is crucial to bridge the gap, ensuring productivity while meeting regulatory obligations.
SUBSCRIBE TO OUR NEWSLETTER
Useful tips and helpful information.
You can unsubscribe at any time - obviously!