The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) on Wednesday issued a Risk Alert and a Regulatory Notice on broker-dealer branch inspections, urging BDs to use the joint guidance to beef up their supervisory oversight.
This is the second in a continuing series of Risk Alerts that the SEC’s national examination staff has issued. The Alerts give a heads-up to senior management, risk management and compliance managers in the securities industry to significant risks identified by the SEC’s exam staff.
Carlo di Florio, director of OCIE, said in a statement announcing the alert that "a robust process for self-inspection of branch offices is a critical element of a firm’s compliance and supervision process, and a vital part of a comprehensive risk management program. The Risk Alert, he said, “highlights practices that are characteristic of effective branch office supervisory systems, and describes major deficiencies that SEC and FINRA examiners have found in the branch inspection process.”
Stephen Luparello, vice chairman of FINRA, said in the same statement that "an effective risk based branch office inspection program is an important component of a broker-dealer’s supervisory system and, when constructed and implemented reasonably, it can better protect investors and the firm's own interests." FINRA, he said, “encourages broker-dealers to review this guidance and consider enhancements to their own branch office inspection programs."
Along with specific requirements outlined in the report, effective practices observed by examiners include:
- Using risk analysis to identify whether individual non-supervising branches should be inspected more frequently than the FINRA-required minimum three-year cycle, with more frequent inspections of branches meeting certain risk criteria. In addition, some firms conduct "re-audits" when routine inspections reveal a high number of deficiencies, repeat deficiencies, or serious deficiencies. Typically, these re-audits and audits for cause are conducted as unannounced inspections.
- Using surveillance reports and employing current technology and techniques to help identify risks and develop a customized approach for branch office inspections based on the type of business conducted at each branch.
- Employing comprehensive checklists that incorporate previous inspection findings and trends noted in internal reports such as audit reports.
- Conducting unannounced branch inspections either randomly or based on certain risk factors. "Surprise" exams may yield a more realistic picture of a broker-dealer's supervisory system as they reduce the risk that individual RRs and principals might attempt to falsify, conceal, or destroy records in anticipation for an internal inspection.
- Involving qualified senior personnel in several branch office examinations each year.
- Incorporating findings of branch office inspections into management information or risk management systems and using a centralized, comprehensive compliance database that enables compliance personnel in various offices to access to information about all of the firm's RRs and their business activities. Such a system appears to be very useful when supervising independent contractor RRs dispersed across a broad geographic area.
- Providing branch office managers with the firm's internal inspection findings and requiring them to take and document corrective action.
- Tracking corrective action taken by each branch office manager in response to branch audit findings.