Top exam personnel at three main regulators for advisors and broker-dealers — the Securities and Exchange Commission, Financial Industry Regulatory Authority and the states — laid out their exam priorities Monday, which included conflicts of interest, email retention, cybersecurity and a few specific products they’re zeroing in on.
Speaking during a panel discussion at the Insured Retirement Institute’s legal and regulatory conference in Washington — which was moderated by Brian Rubin, a partner at Sutherland, Asbill and Brennan — Dan Sibears, executive vice president of Member Regulation at FINRA, said that identifying conflicts of interest is a “No. 1 priority” for FINRA. One of the “key issues,” Sibears said, is conflicts between a firm or its salespeople and their customers.
Related story: House bill to require SEC, DOL fiduciary collaboration
Noting FINRA CEO Richard Ketchum’s remarks last year that firms should conduct “a top-to-bottom” review of their conflict policies, Sibears said that after Ketchum’s speech last year, FINRA launched a “national initiative” to collective information about firms’ conflicts and identified 12 firms. “We’ve picked up a lot of information” on firms’ conflicts, he said, adding that FINRA is drafting a best practices guide for firms in this area.
Willie Davis, examination manager at the SEC’s Chicago regional office, added that for the commission, conflicts of interest are considered a “perennial risk” that will always “be a focus of our examinations.”
Bruce Ramge, director of the Nebraska Department of Insurance, noted his belief that cybersecurity is the “No. 1 risk management issue now.” He said the issue must be on every firm’s radar as “costs associated with a breach are tremendous.”
Sibears noted that FINRA has seen “a proliferation of complaints in the cybersecurity space,” which involves customer information being compromised, particularly in the area of online accounts.
Susan Shroeder, FINRA’s deputy in charge of its New York operations, noted at FINRA’s annual conference in late May that its enforcement division is handling more than 100 wire-hacker cases. In some of these cases, “a customer’s email gets hacked and then the hacker reaches out to the customer’s broker and asks for a wire transfer to be sent” to a bank account, she said.
While all three panelists noted the importance of email retention policies, they zeroed in on the products that will face heightened scrutiny.
The SEC’s Davis noted that “product risk plays a key role” in how the commission decides which firms to examine. He noted the “retailization of complex products to the public, and more firms using alternative strategies in annuities and mutual funds” as areas of particular concern to the agency. The use of “alternative and hedge fund strategies in the variable space” are a concern for the agency, he said.