Skip to content

A Peek Inside SIFMA’s RegBI Vendor Forum

On January 16, SIFMA hosted its Regulation Best Interest Vendor Forum at its conference center in New York.  The Forum was sold out and demand was so high the event was live streamed as well.

The purpose of the forum was for technology vendors to highlight technology solutions and/or service offerings to assist firms to comply with the Regulation Best Interest (RegBI) requirements, which go into effect in mere months (July 1, 2020). Even with the deadline looming, regulatory guidance is still emerging; the SEC published an updated FAQ on RegBI on the Monday before the conference.

Consulting firms, technology vendors and others all shared their ideas on how to address RegBI compliance and accelerate implementation. The Forum also offered 3 panels of experts to discuss various aspects of RegBI. Topics ranged from measuring the business impact of RegBI, to analyzing various duty and disclosure requirements, to potential changes to supervision and surveillance practices. I was fortunate enough to participate in the afternoon panel entitled “RegBI Compliance from Front to Back,” where the panel focused on the duty of care and delivery of Form CRS in more detail. At our booth, we showed attendees a demo of how the delivery of Form CRS could be automated using Hearsay Relate, through integration with a CRM system.

The general sentiment of the Forum was that firms have to be realistic when implementing RegBI compliance programs, given the rapidly approaching July 1st deadline. While everyone wants a single end-to-end system, the scope of RegBI is too large to be completely outsourced. There was acknowledgement that the best approach is to evaluate how to make solutions modular. On people’s minds: Would there be an opportunity for systems to integrate or link into one another so that, even if there was no single system to manage RegBI compliance, a firm could implement a single RegBI workstream program that could be implemented across many different systems?

With this in mind, panels at the conference discussed how project plans to address RegBI have been conventionally split into two different implementation tracks: so called “Day 1 Implementation,” consisting of absolutely critical compliance requirements that must be in place by July 1st, and “Day 2 Implementation,” consisting of automating and scaling the program to complement other compliance workstreams. Day 1 activities included items such as expanded training programs for impacted individuals, policy reviews, and current advertising audits (including advertising lexicon reviews). Day 2 activities discussed were things such as CRM integration and the ability to automate review processes and other similar workflows.

Firms were challenged to view Day 1 activities vs Day 2 activities from three perspectives: monetary cost, time cost and opportunity cost. With limited budgets, firms should look internally to existing solutions and determine their capabilities to solve parts of the RegBI problem rather than finding net new solutions. Firms should also be mindful of IT and other resource constraints on time. For example, what is the best use of personnel time in achieving compliance and is there a way to naturally pair Day 1 time with Day 2 roadmaps? And given this limited amount of time, firms need to be mindful that the opportunities chosen provide the most value.

The conversations and discussions at the forum were very lively and honest. RegBI compliance is a serious challenge that requires thoughtfulness, flexibility and, most importantly, efficiency.  If you are interested in learning more about how Hearsay can assist with your firm’s RegBI compliance project plan, take a look at this previous blog post I wrote or please contact your customer success manager.

Understanding Regulatory Guidance and the Real Risks Around Initiating Client Texting

In a highly regulated space like financial services, it makes sense that there’s still confusion surrounding the legal obligations for firms engaging in one-to-one client texting. Many firms err on the side of caution, choosing an unnecessary opt-in policy. But when it comes to texting with clients, it’s imperative to make it easy for advisors and agents to adopt your compliant texting solution. Anything that stands in the way of that actually puts your firm at risk.

One-to-one advisor-client texting: No opt-in required

Compliance officers, we want to put your minds at ease: One-to-one text messages sent individually to a client by an advisor do not require prior client consent. The only legal obligation firms have is to monitor, supervise, and retain a record of the conversation.
Why is it important for you to know this? We’ve seen clients implement onerous opt-in policies to ‘play it safe’ with the undesired effect of lower texting technology/program adoption and lower customer opt-in rates than are necessary. Many advisors find it awkward to ask for consent to communicate with a client they’ve had a relationship with for many years. Since advisors are also set on using the channel their customers want to use – texting – they’ll use their personal mobile devices built-in texting features with no guardrails (i.e., no compliance oversight), putting themselves and their firms at risk.
The fact is, one-to-one communications for relationship management are different from mass sales and advertising messages. Since the main purpose of these types of communications is not advertising or solicitation but the facilitation of meetings and sharing information – just like an advisor would do from their built-in smartphone texting capability – they don’t carry the same compliance risks.
For lead follow-up and conversion it is absolutely acceptable for an advisor to reach out with a first unsolicited message to try to setup an initial client meeting. The texting technology you choose and your texting program, however, should include best practices such as providing clients an easy method to opt-out of further communications or the ability to proactively block and flag messages that don’t align with company policy around advertising, solicitation or brand representation.
So the real risk involved with initiating compliant texting program is not ensuring that prior consent is provided but that the necessary compliance and archiving controls are in place and that advisors feel comfortable using the tools to engage in conversations with clients.
That said, we’ve found that many enterprise clients still want prior consent controls in place so we’ve developed methods that improve the consumer and advisor experience while reducing common perceived risks.

Methods to Initiate Compliant Texting

Hearsay has designed a variety of ways to initiate compliant texting to suit the specific requirements of different organizations. Some of the options below do require explicit consent from the consumer prior to initiating a conversation even though this is not a legal requirement for one-to-one messaging.

Consent Notice A one-time text message triggered by the Hearsay Relate user to notify the contact about who the sender is, who they work for, and how to get more information or opt-out of the conversation.  Once this initial text is sent, the Relate User is free to start the conversation and does not need to wait for a response.
Whitelist A list of phone numbers that a Relate user will not need to ask for permission from. For example, if text message communication consent is part of the standard client agreement.
Advisor Confirmation In-app dialog box that prompts the Relate user to confirm that they have permission to text a client. No action is required by the client.
Opt-in (via Text) Text message requesting consent that is sent out by a Relate user prior to initiating the first conversation with a client. The conversation is only unlocked once the client texts back YES. This opt-in message can be sent out multiple times.
NEW: Personalized Opt-in – now advisors and agents can initiate new conversations with custom messages that deliver increased client opt-in rates.
Email Email sent out by a Relate user to a client’s email address that prompts a client to give permission for communication via text message.
Webform A webform is sent to the client asking them to give permission for receiving communication via text message. This can be completed as part of the new client on-boarding process.

At Hearsay, we understand that every compliance team’s needs vary. It is our job as a financial services technology leader to interpret the regulatory landscape into highly usable products that ultimately drive results across the organization. We will continue to partner with clients to find the right balance to empower their advisors and agents with digital tools that build lasting client relationships while safeguarding them and the firms they work for from compliance risk.
If you have questions about any of this or would like to reconfigure your current program, please contact your Hearsay customer service manager.

The Impact of Reg BI: Deep Dive with Mitch Avnet from Compliance Risk Concepts

On June 5, 2019 the Securities and Exchange Commission (“SEC”) voted to enhance the regulatory framework standard of conduct for broker-dealers (or “firms”) and provide an interpretation of the fiduciary duty for investment advisers by issuing Regulation Best Interest (“Reg BI”). Hearsay recently reached out to Mitch Avnet of Compliance Risk Concepts (“CRC”) to discuss the impacts of the new regulation.

Transition period, comparison to DOL Fiduciary Rule and overview of Reg BI

Chris Fernandes: What does the transition period look like for compliance with Reg BI?
Mitch Avnet: The SEC is allowing firms a transition period until the June 30, 2020 compliance date.
Chris: How does this new regulation compare to the long-anticipated Department of Labor (“DOL”) Fiduciary Rule?
Mitch: The Reg BI framework is more expansive than the vacated DOL Fiduciary Rule, as it covers all securities investment recommendations to retail customers rather than just those for retirement accounts.  By setting out specific obligations of broker-dealers and investment advisers, the SEC is seeking to tailor requirements to the different types of products and services each provide in order to preserve customer choice in the industry.
Chris: So, it is more complex. Does it place an increased burden on firms?
Mitch: Reg BI sets out new rules which will increase compliance efforts for firms but provides a more uniform standard and does not include many of the onerous aspects of the DOL rule such as a private right of action.
Chris: Could you give a high-level overview of the framework of the rule?
Mitch: Absolutely. The regulation has five principal areas, and can be broken down as follows:

  • A “best interest” standard comprising four obligations for broker-dealers when providing recommendations to retail customers (Regulation Best Interest or Reg BI);
  • A required client relationship summary disclosure (Form CRS) for both broker-dealers and investment advisers;
  • An interpretation of the federal fiduciary standard for investment advisers that would reaffirm their fiduciary obligations; and
  • An interpretation clarifying that broker-dealers that provide advisory services are not considered to be investment advisors when such services are “solely incidental” to the conduct of their business.
  • Reg BI and Form CRS have a compliance date of June 30, 2020 while the interpretations will become effective upon publication in the Federal Register.

Requirements, disclosures and compliance for broker-dealers, under Reg BI

Chris: Let’s dig a bit deeper into what is required of broker-dealers under the rule.
Mitch: Reg BI consist of four obligations for broker-dealers when providing recommendations to retail customers. However, Reg BI does not expressly define “best interest.” Instead, it states that broker-dealers must act “without placing the financial or other interest of the broker ahead of the interest of the retail customer.” The SEC has made clear that the term does not create a fiduciary obligation and explains that it will determine whether a broker-dealer has acted in their customers’ best interest based on the four obligations: (1) disclosure, (2) care, (3) conflict of interest and (4) compliance.
Chris: Reg BI imposes an obligation to provide a 2-page relationship summary to clients. Can you provide additional details on what firms can expect this to entail?
Mitch: Broker-dealers are required to provide Form CRS, which is in a question and answer format, to clients. Disclosures must contain a summary of fees, costs, conflicts, and standards of conduct along with a link to the SEC’s site.
Chris: When are these disclosures supposed to go out?
Mitch: The timing of the disclosure varies. For broker dealers, firms should be distributing these to clients before a recommendation of an account type, a securities transaction, or an investment strategy involving securities or placing an order for the retail investor. These disclosures should also go out prior to the opening of a brokerage account for the retail investor. For investment advisers, the disclosures should be distributed prior to or at the time of entering into the advisory contract. Dual registrants should use the earliest of the deadlines imposed under requirements for BDs and RIAs.
Chris: Are there any other times throughout the client relationship when firms need to provide additional disclosures under the rule?
Mitch: Yes; firms must provide additional disclosures when they: open a new account that is different from the retail investor’s existing account(s); recommend that the retail investor roll over assets from a retirement account into a new or existing account or investment; or recommend or provide a new brokerage or investment advisory service or investment that does not necessarily involve the opening of a new account and would not be held in an existing account (e.g., securities sold through a “check and application” process).
Chris: What should firms be doing to comply with this part of the rule?
Mitch: CRC recommends firms review their current customer agreements and disclosures to determine what changes will need to be made and involve technology teams to consider potential digital solutions. We also recommend a cross-functional team of business, compliance and operational employees work together to confirm disclosure of all material facts pertinent to a conflict of interest associated with the recommendation that are “full and fair.”
Chris: Let’s talk about the duty of care.
Mitch: Firms will have an obligation to provide reasonable “diligence, care, and skill” to satisfy three obligations: reasonable-basis, customer-specific and quantitative. Additionally, firms must evaluate reasonably available alternatives, however broker-dealers will not have to evidence review of all alternatives. Similar to the DOL fiduciary rule, Reg BI’s care obligation covers recommendations concerning rollovers and account choice (e.g., brokerage or advisory), as well as those to take a retirement plan distribution for purposes of opening a securities trading account.
Chris: What should firms be doing to start on the path to compliance relative to this aspect of the rule?
Mitch: Our team recommends that firms dust off work done during their DOL Fiduciary Rule prep. Because the rule is not prescriptive, there is no “one size fits all” model for compliance.  The compliance obligation requires firms to maintain policies and procedures to ensure compliance with Reg BI. It’s important to note, this obligation provides an opportunity for the SEC and FINRA to bring enforcement actions for compliance failures without the existence of underlying violations of Reg BI. Therefore, firms should carefully develop Reg BI policies and procedures with a view towards how they will demonstrate that they have met the best interest standard – including documenting all written and oral disclosures to clients.

Conflicts of Interest

Chris: What specific conflicts of interest should firms focus on when attempting to comply with that obligation?
Mitch: Reg BI does not explicitly define material conflicts of interest. In contrast to the DOL rule, Reg BI allows firms to sell proprietary products, including initial public offerings, and continue to receive payments from third parties for shelf space – as long as they disclose conflicts of interest. For example, in instances where a registered representative holds a limited license (e.g., only to sell mutual funds), but the firm offers a full suite of products, the representative may need to disclose this to their customers. However, the final rule makes clear that there are certain conflicts of interest that cannot be cured through disclosure, specifically prohibiting certain types of sales contests and quotas within defined parameters (e.g., for specific security types in short time periods).
Chris: Where would you recommend that firms focus their energies relative to this aspect?
Mitch: Our team at CRC recommends that firms review their range of products and services they offer along with their payout grid in order to identify potential conflicts and determine whether they will need to be mitigated, eliminated, or disclosed. The final rule also instructs firms to develop a penalty system for any representatives that do not adequately manage or disclose their conflicts of interest. Firms will need to establish, maintain, and enforce written policies and procedures reasonably designed to:

  • Identify and at a minimum disclose (in accordance with the Disclosure Obligation) or eliminate all conflicts of interest associated with the recommendation
  • Identify and mitigate conflicts of interest that create an incentive for a broker-dealer’s financial professionals to place either their interests or the broker-dealer’s interest ahead of the retail customer’s interest
  • Identify and disclose any material limitations on offerings (e.g., proprietary or other limited range of products) and any conflicts associated with the limitations, and prevent the limitations and associated conflicts from causing the broker-dealer or its financial professionals to place their interests ahead of the retail customer’s interests
  • Eliminate sales contests, sales quotas, bonuses, and non-cash compensation based on the sale of specific securities or specific types of securities within a limited period of time

SEC expectations and compliance

Chris: Can you map out the SEC’s expectation for compliance procedures relative to the rule?
Mitch: Reg BI requires firms to develop policies and procedures in order to demonstrate that they have met the best interest standard – including documenting all written and oral disclosures to clients. The SEC has made changes to Rules 17a-3 and 17a-4, which require broker-dealers to maintain records of all information collected and provided to retail customers pursuant to Reg BI for six years, including the identity of each natural person who is an associated person of the broker-dealer responsible for the customer accounts. Firms that fail to maintain adequate policies and procedures may face enforcement actions from the SEC and FINRA for compliance failures.
Chris: How should firms seek to comply?
Mitch: CRC advises firms to review and enhance their policies and procedures that address: Product and Pricing; Operations; Technology; and Communications. Additionally, firms should put in place processes to capture and retain disclosures, provide training on the new requirements and ensure that there is a supervisory structure to oversee compliance.

Is Reg BI different for Investment Advisors?

Chris: Are there any specific issues that investment advisers should consider? Are they impacted differently than broker-dealers?
Mitch: While investment advisers have an existing fiduciary obligation, the SEC’s investment adviser interpretation of Reg BI makes these obligations explicit:

  • Provide advice in the best interest of the client
  • A duty of loyalty
  • Best execution for client transactions
  • Disclosure of conflicts of interest

Because the final rule did not include enhancements contained in the proposal, investment advisor are not likely to require significant analysis or operational changes as those for broker-dealers, e.g. – licensing and continuing education requirements, provision of account statements to clients and similar financial responsibility requirements.


Chris: How would a broker-dealer qualify for an exemption under the rule?
Mitch: To qualify for an exemption from the Advisers Act (“the Act”), broker-dealers must satisfy 2 conditions: they must not receive any special compensation (i.e., only commissions and not asset-based fees, and must provide only “solely incidental” advice.
Chris: How should firms identify whether advice provided to retail clients is incidental?
Mitch: Determining whether advice provided to retail clients is “solely incidental” will be determined by 2 criteria: level of investment discretion and account monitoring. Unlimited investment discretion is not solely incidental advice and the broker-dealer would be subject to the Act. If investment discretion is limited in time, scope, or some other way the advice provided may be deemed solely incidental. In addition, continuous, previously agreed-upon account monitoring would likely not be considered solely incidental, while periodic account monitoring or voluntary account monitoring likely would be.
The SEC also clarified the solely incidental exception under the Advisers Act: broker-dealers do not have a fiduciary duty to a retail investor unless that broker-dealer is exercising unlimited investment discretion with respect to the account, or the broker-dealer has agreed to continuous monitoring of the account.

State regulations

Chris: What about state regulators? How do they factor into this rule?
Mitch: After the DOL rule was vacated, a number of states began to introduce their own fiduciary or best interest standards. These rules vary across states – some states like Nevada, are contemplating a private right of action and a largely ongoing obligation. Others states like New York would only apply a best interest standard to the sale of life insurance annuities. These differences will make it operationally challenging for firms to adhere to each state’s specific requirements.
Chris: Has the SEC commented on this issue?
Mitch: Currently, the SEC declined to provide any opinion on whether its rules would preempt state standards and left the question to “future judicial proceedings.”
The industry can likely expect litigation on this issue as states continue to move forward with their rulemakings and attempt to retain control over standards in their jurisdictions. Meanwhile, the DOL has stated that it will issue an updated version of its fiduciary rule later this year. While there have not been any explicit assurances, it is likely that the concepts and requirements from the DOL will align with Reg BI.

Client behavior

Chris: Finally, do you have any insight into concerns that firms have regarding broker-dealers’ responsibilities under this rule, particularly with respect to client behavior?
Mitch: It is important to remember that Reg BI does not render a BD or IA responsible for a client’s behavior or choices, provided that all above mentioned criteria are satisfied. Reg BI does not extend beyond a particular recommendation or generally require a broker-dealer to have a continuous duty to a retail customer or impose a duty to monitor. The rule also doesn’t require the broker-dealer to refuse to accept a customer’s order that is contrary to the broker-dealer’s recommendation or apply to self-directed or otherwise unsolicited transactions by a retail customer, whether or not the customer also receives separate recommendations from the broker-dealer.
Chris: Thank you for taking the time to answer our questions and provide insight on some of the key components of Reg BI.
Mitch: My pleasure, as always. The CRC team is readily available to discuss relevant regulatory issues with our clients and colleagues in the industry, and we make it our top priority to keep our thumb on the pulse of the ever-evolving regulatory landscape so that we can provide accurate, up-to-date advice.

SEC Reg BI: Here’s How Hearsay Can Help

It’s been a long time coming, but it’s finally here. Compliance experts have been talking about these changes since April 2018, when our own Deep Kingra participated in a compliance conference where experts discussed how the Securities and Exchange Commission (SEC) would carry forward the “Best Interest Rule” originally promulgated by the Department of Labor. Those experts predicted SEC action in May of 2018. One year later, the SEC finally followed through. On June 5, 2019, the SEC voted 3-1 to raise the bar on the standard of conduct for how brokers and advisors operate. By passing the new Regulation Best Interest (Reg BI), the new Form CRS Relationship Summary, and updating two separate interpretations under the Investment Advisers Act of 1940, the SEC is enhancing “the quality and transparency of retail investors’ relationships with advisers and broker-dealers…while preserving (in terms of choice and cost) a variety of investment services and products.”

Some, like SIFMA President & CEO, Ken Bentsen, say this is a big win for the industry and investors alike, imposing substantial new requirements and ramifications for those found to be out of compliance. Others, like AARP don’t think it goes far enough to protect investors contending the new rules leave too much ambiguity and can easily confuse investors.

Regardless of whether the rules go far enough, there are definite actions firms will need to take before the transition deadline of June 30, 2020. Reg BI and the new advice reform package will require brokers and advisors to change their operations, including mandatory disclosures, marketing materials and compliance systems. The good news, Hearsay customers, is that Hearsay is here to help.

Four Ways Hearsay Can Help with Reg BI Compliance

Pre-approved content: Organizations will soon have an affirmative obligation to demonstrate that certain marketing materials sent to clients serve that client’s best interest. Features such as Hearsay’s Content Library allow Hearsay customers to pre-review and approve content before advisors send those communications to their clients. Customers are able to adapt their current work activities to Reg BI requirements without substantial change management.

Proof of action: Organizations will now have to affirmatively prove that an organization is serving a customer’s best interest. Hearsay Cloud’s compliance layer helps here by archiving all communications sent by advisors through Heasay software, allowing organizations to not only show records of communication, but to show those records within the context of the full conversation between the advisor and client.

Profile automation API: Reg BI also placed emphasis on mandatory disclosures and how advisors market themselves to the general public. This will have a concrete impact to advisor profiles on social media and biographical information on an advisor website. Organizations will need technological assistance to ensure continued compliance with these requirements. With the soon to be released (Q3 2019) profile automation API, Hearsay customers will be able to analyze and update broker / advisor profiles at scale. Profiles include Facebook, LinkedIn, Twitter, Instagram and advisor websites.

Professional Services engagement: In a recent audit of one client’s field social profiles, the client discovered only 11% had mandatory disclosures included. Reg BI will not leave room for that kind of lax compliance. The Hearsay Professional Services team can help you determine what your specific Reg BI challenges are and how we can help.

Are there other ways you can think of that we haven’t discussed here? Reach out to your customer success manager to learn more.

The New Regulatory Focus in Financial Services: Texting

Prudential. Cetera. Allstate. Thrivent. Modern Woodmen of America. They’ve all recently empowered their massive field force of advisors and agents to text clients and prospects.
As the trend continues to accelerate, regulators are watching with increasing scrutiny.
FINRA released Regulatory Notice 17-18 last year, which reaffirmed the requirement that financial services companies archive business-related texts in the same way that they would email or written communication, as required by SEC Rules 17-a3 and 17a-4, and FINRA Rules 4511 and 2010.
This essentially means that regardless of your company policy, an audit of your advisors’ texting activities could be requested.
It’s not just FINRA and the SEC. According to an August 2017 study by the Institute of Legal Reform, litigation of the Telephone Consumer Protection Act (TCPA), a law that regulates commercial text messaging, has increased by 46 percent since July 2015; of that number, nearly 36 percent of all TCPA litigation target the financial services industry.
The consequences of this can be severe: Liability under the TCPA ranges from $500 to $1,500 per text message, which can quickly add up given the volume of texts and the size of most advisory sales teams.
A growing number of regulatory actions regarding advisor texting in just the last two years should put all compliance leaders on high alert. Here are some examples.

  • In May, FINRA fined and suspended an advisor who sent hundreds of texts about securities to a person who was statutorily disqualified from the brokerage industry, without seeking or receiving his firm’s prior written approval. This prevented the firm from supervising those communications.
  • FINRA fined and suspended a Texas-based broker for unapproved securities-related communications with two customers via text, in violation of the firm’s policy. The firm did not capture, review or retain the broker’s text communications.
  • FINRA fined a Georgia-based firm $1.5 million for, in part, failing to archive approximately 1 million texts sent using firm-issued mobile devices. Evidently, the firm had a “no texting” policy that several employees violated.
  • That same month, a New York-based advisor was fined and temporarily suspended for using a mobile device to text customers without the firm’s knowledge. The firm did not review or retain any of the text messages.
  • A New York-based advisor was fined and given a 60-day suspension for sending business-related texts to a customer on a non-firm-issued smartphone, in violation of the firm’s policies. As a result, the firm was not able to supervise or archive those communications.
  • Additionally, the SEC alleged an investment advisor sent false and misleading text messages to induce a client to make a risky transaction.

With this heightened focus on non-compliant texting, it’s only a matter of time before regulators begin enacting penalties on larger and larger financial services companies. Forward-thinking firms must invest in compliant texting technologies, such as Hearsay Relate, now to prepare for the inevitable – while also making sure current compliance and supervisory processes remain as efficient as possible.
Disclaimer: The material available on this blog is for informational purposes only and not for the purpose of providing legal advice.

How FINRA's 2017 Exam Findings Report, 2018 Priorities Letter May Impact Digital Communications Policies

In its annual tradition, FINRA recently published two reports, one summarizing enforcement actions that took place in 2017 and the other providing a preview of important topics it will focus on in 2018. As usual, the report highlighted FINRA’s continued emphasis on investor protection and market integrity.
However, what do these reports tell member firms about their electronic communications policies?

2017 Examination Findings Report, December Board of Governors Meeting

The 2017 year-in-review report highlighted continued problems with member firms’ inability to comply with FINRA rules regarding broker-dealers properly disclosing outside business activities to member firms.
Indeed, this was a topic addressed at FINRA’s December Board of Governors meeting. Specifically, FINRA will be seeking comment on a practice to “require registered persons to provide their member firms with prior written notice of a broad range of outside activities, and would impose on firms a duty to reasonably assess a narrower set of activities that are investment-related, allowing firms to focus on outside activities that are more likely to raise potential investor-protection concerns.”
The best case scenario is that FINRA will develop a list of criteria in order to help firms determine a smaller set of activities that will represent a real conflict of interest. Currently, because there isn’t any concrete guidance on what outside activities are a conflict of interest, compliance departments spend an inordinate amount of time reviewing advisor activities that are clearly not prohibited.
If adopted, this new proposal would immensely help compliance departments in reducing the amount of review of advisors’ outside business activities. This could also mean that member firms would be more willing to allow their advisors to disclose outside business activities, hobbies and other interests on their social media profiles.

2018 Regulatory and Examination Priorities Letter

The 2018 preview report offers some insight that FINRA is looking deeper into the technical and security controls that member firms employ when dealing with customer information. The report has an extensive section on cybersecurity considerations, including risk assessments of technology systems as well as vendor management programs.
Compliance departments in charge of company electronic communications channels would do well to critically examine the vendors employed to enable these channels and ensure compliance on an annual basis. This is especially important given additional legislation looming on the horizon, such as New York’s cybersecurity regulation that will come into effect on March 1, 2018, placing increased pressure on financial services companies to take cybersecurity – including the cybersecurity of its vendors – seriously.
Overall, FINRA’s reports show a continued focus on eliminating fraud and consumer deception. By highlighting concerns with cybersecurity in 2018, new technology might come under heightened scrutiny as it evolves to meet consumer demands (for instance, increasing consumer demand for text messaging options).
For more information, check out these excellent summaries of the wide variety of topics addressed in the reports: The Broker-Dealer Law Corner, Financial Services Observer and the BD/IA Regulator.
Disclaimer: The material available on this blog is for informational purposes only and not for the purpose of providing legal advice. We make no guarantees on the accuracy of the information provided herein.