FINRA NAMES ITS TOP REGULATORY ROLES 10 June 2015 Top brokerage industry compliance concerns in 2015 include the role compliance officers in managing risk, on-boarding measures, cybersecurity and anti-money laundering enforcement, as well as managing conflicts of interests and advising senior investors. The list was announced last week during a panel discussion at the FINRA (Financial Industry Regulatory Authority) conference in Washington. The session featured Chip Jones, senior vice president for member relations and education at FINRA, Susan Axelrod, the head of regulatory operations at FINRA, Mari Buechner, the president and chief executive officer of Coordinated Capital Securities, Inc., Alan Cohen, executive vice president and global head of compliance at Goldman Sachs, and Daniel Kosowsky, chief compliance officer of Morgan Stanley Wealth Management. FINRA has cited conflicts of interests and anti-money laundering violations as areas of focus for years. In its examinations priorities letter, it told firms they needed to improve their culture if they wanted to root out bad actors. A key theme in this year conference was the need for firms to carefully and periodically review their cybersecurity procedures. FINRA officials said firms should constantly assess the level of access they were giving to employees because rogue employees continue to pose a major cybersecurity threat. Another emphasis was the need for firms to develop an effective process for identifying and managing conflicts of interests. Here is a roundup of FINRA's top regulatory concerns: Role of the senior compliance officer: The panelists from Goldman Sachs and Morgan Stanley Wealth Management said they had created structures to reflect the changing role of the senior compliance officer. Morgan Stanley created a Culture Values and Conduct Committee that organized town halls addressing compliance and conduct issues, Kosowsky said. Goldman held a Chairman Forum, which included Goldman chairman and all the chief executive officers in the firm, Cohen said. The forum meets frequently to discuss how the firm should handle its governance challenges. Cohen also said that senior compliance officers had a voice in the promotion of employees into senior positions. Compensation reflects a company adherence to compliance and is an appropriate area for senior compliance officers to voice their opinions, he said. Cybersecurity: Firms needed to constantly review the access rights of employees to minimize the risk of a data breach, Axelrod said. Firms should look for aberrational behavior in its employees, noting that the internal threat is large. Such monitoring can help the firm detect when a non-permissioned user is posing as an entitled one, Cohen said, posing the hypothetical question: Why is Cohen printing 400 pages at 4 a.m., EST? Firms should engage in conversations with employees about its cybersecurity procedures, Axelrod said. Firms should maintain open lines of communication with FINRA about the firm efforts to rein in cybersecurity threats and to let clients know how their information is being protected. Firms who use outside vendors and have branch offices should hold all of them to the same cybersecurity standards the parent firm has, and should make onsite visits to confirm compliance, Kosowski said. On-boarding: Firms should use multiple tools to vet new brokers. This includes using FINRA Broker-Check system, checking public records, and creating a supervision process, the panel said. The should also conduct regular credit checks of their brokers and ask them similar questions over time, checking for consistency in their answers. The on-boarding process reinforces the premise of knowing who you hire, Axelrod said. Firms also must put the right supervision processes in place so employees know how to report internal misconduct when they witness it. Anti-money laundering/sanctions/bribery: Firms should conduct detailed checks of client transactions and wire transfers to ensure they are complying with anti-money laundering laws, Cohen said. He suggested running media checks on clients every night to see if the news outlets are mentioning them and looking for transactional behavior that is out of synch for that client. Buechner said her firm uses exception reports from clearing firms to look for evidence of suspicious transactions. Underscoring the regulators' concerns about money laundering, Axelrod noted that FINRA has two specialized teams, and one of them is focused exclusively on anti-money laundering issues. Senior investors: FINRA has made the protection of seniors a top priority in its regulatory exams. It has also offered firms guidance on addressing the needs of seniors. The panel said firms should review the investment objectives of the senior over time. Firms should have an escalation process for branch offices and conduct training sessions for staff who deal with senior clients, Beuchner said. Conflicts of interests: Many firms needed to build a centralized conflicts management system to help them identify and manage their conflicts, Axelrod said. She said firms who find the task too difficult should seek help from outside firms. The panel suggested that firms have: (1) a process to identify and report conflicts to a supervisor; (2) an escalation process so senior managers are aware of the problem; (3) a mitigation plan or removal plan, depending on which the firm deems appropriate; (4) a robust and timely disclosure process to the appropriate regulatory body and plain-English disclosures to clients. Everyone in the firm is responsible for helping to identify and help mitigate, remove and disclose conflicts, Cohen said. The panelists noted that firms doing a conflicts analysis consistently need to ask if they can take on this client. But they should also consider going one step further and asking: Should the firm take on this client? The answer to the former depends on the ability of the firm to be able to mitigate the conflict, and the answer to the latter depends on the compliance culture of the firm.