Chapter 15: Compliance Considerations
Cash Account
A cash account with a brokerage firm requires that any securities transactions be payable in full from funds in the account at the time of the settlement. Short selling and buying on margin are thus prohibited in this type of account. The Federal Reserve's Regulation T governs cash accounts and the purchase of securities on margin. This regulation gives investors two business days to pay for security. It's known as T+2.
Mandatory AML (Anti Money Laundering) Compliance Programs (4)
All broker-dealers are now required to establish AML Compliance Programs which, at a minimum, must include: 1. Policies and procedures that are reasonably expected to detect and report suspicious transactions and deter money laundering 2. The designation of a compliance officer who is responsible for the firm's AML program (There's no requirement for this person to be FINRA-registered.) 3. An ongoing employee training program 4. An independent audit function to test the effectiveness of the firm's AML program (stress test) Industry rules also require AML programs to be in written form and approved by a member of senior management. The independent audit function, sometimes referred to as a stress test, must be conducted annually unless the member firm doesn't execute transactions for customers or otherwise hold customer accounts (i.e., it's a proprietary trading firm). In these cases, the stress test is only required to be conducted every two years (on a calendar-year basis).
Customer's Best Interest/Potential Violations of the Suitability Rule (4)
An investment recommendation should be in the customer's (not RR's) best interest. The simple fact that a customer may agree to a recommendation doesn't relieve a firm of its suitability obligation. Some examples of potential violations of the suitability rule include: 1. RRs making recommendations of one product over another in an effort to generate large commissions 2. RRs making mutual fund recommendations that are designed to maximize their commissions rather than to establish a portfolio for their customers 3. RRs attempting to increase their commissions by recommending the use of margin 4. RRs recommending a new issue that's heavily promoted by their firm in an effort to keep their jobs
Upon written request, how long can a broker-dealer hold the mail of a client who's engaged in extensive travel?
Based on a customer's written request, a broker-dealer can hold her mail for up to three months. Mail can be held longer, but the client must provide the broker-dealer with a valid reason for the request. (23779)
Business Continuity Plan (BCP) Client Disclosure
Client Disclosure Each member firm must disclose to its customers how its business continuity plan addresses the possibility of a future significant business disruption and how the member plans to respond to these events. This disclosure must be provided in written format at the time an account is opened and must be posted on the member's website.
Mandatory AML Compliance Programs (cont.) Customer Identification Program (CIP)
Customer Identification Program (CIP) As a part of their AML compliance program, broker-dealers must create a customer identification program in order to verify the identity of any person who seeks to open an account. Firms are also required to maintain records of the information used to verify a person's identity and determine whether the person is listed as a known or suspected terrorist or an affiliated organization.
Client Notifications (cont.) Electronic Delivery of Client Records
Electronic Delivery of Client Records All account records, such as confirmations, statements, and tax reporting information may be delivered to the client electronically. Under SEC rules, providing client access to the records equates to delivery. Essentially, if a client chooses to receive electronic documents, there's no need to follow up with paper copies. Some firms may charge customers a nominal processing fee if they choose to have confirmations processed in a paper format.
Regulation of Communications ( 3 categories)
FINRA divides communications with the public into three categories—correspondence, institutional communications, and retail communications. For exam purposes, part of the challenge is being able to distinguish between the different forms in situational questions.
FINARA Suitability Obligations (3)
FINRA has established the following three main suitability obligations: 1. The reasonable basis obligation - Requires a member firm and its RRs to have a reasonable basis to believe that a recommendation is suitable for at least some investors. If the firm or its RRs don't understand a product, it should not be recommended to customers. 2. The customer-specific obligation - Requires a member firm and its RRs to have a reasonable basis to believe that a recommendation is suitable for a particular individual based on the customer's investment profile 3. The quantitative obligation - Requires a member firm and its RRs to have a reasonable basis to believe that a series of recommended transactions, even if they're suitable for a customer, are not excessive when considering the customer's investment profile
Telemarketing — An Alternative Communication Method established business relationship (3) (only one of the 3 conditions needs to be met)
FINRA recognizes that when a representative has an existing relationship with a customer, it may be important to contact the client outside the 8:00 a.m. to 9:00 p.m. window. Therefore, the time-of-day and disclosure requirements don't apply to calls made to clients with whom the firm has an established business relationship. However, the purpose of these calls must be to maintain or service the existing accounts of the firm. An established business relationship between a broker-dealer and a person exists when one of the following conditions is met: 1. Within 18 months prior to the telemarketing call, the person has made a securities transaction, or has a security position, a money balance, or account activity with the broker-dealer or its clearing firm. 2. Within 18 months prior to the telemarketing call, the firm making the call is considered the broker-dealer of record for the account. 3. Within 3 months prior to the telemarketing call, the person has contacted the broker-dealer to inquire about a product or service that's offered by the firm.
Client Notifications
Once an account is opened, broker-dealers are required to provide the client with information, including trade confirmations, statements, and other miscellaneous mailings. The SEC mandates the frequency and timing of the delivery of this information. Account Statements and Other Notifications At least quarterly, broker-dealers are required to provide customers with account statements. Most firms provide monthly statements for any account in which activity has occurred. At a minimum, the account statement must contain: 1. A description of all security positions 2. All money balances 3. All account activity since the last statement Account activity includes purchases, sales, interest credits or debits, charges or credits, dividend payments, transfer activity, securities receipts or deliveries, and/or journal entries relating to securities or funds in the possession or control of the broker-dealer.
Mandatory AML Compliance Programs (cont.) Record Retention and Penalties
Record Retention Under the CIP rules, a broker-dealer must maintain records of the methods it used to verify a customer's identity for five years following the closing of the account. Penalties In an effort to discourage money laundering activities, the penalties for violating existing AML laws are severe and include both potential incarceration and fines. Under criminal law, a registered representative who is found guilty of facilitating money laundering may be sentenced to 20 years in prison and may receive a fine of up to $500,000 per transaction or twice the amount of the funds involved—whichever is greater. Registered representatives don't need to have knowledge of a money laundering scheme or even participate in it to be prosecuted. Instead, RRs and their firms may be held liable for being willfully blind to the activity.
Retail Communications
Retail communication is defined as written or electronic communications that are distributed or made available to more than 25 retail investors within a 30-calendar-day period. A retail investor is considered any person who doesn't meet the definition of an institutional investor. Retail communications are the broadest category and include both advertising and sales literature. All materials that are prepared for the public media in which the ultimate audience is unknown are considered retail communications, including: Television, radio, and billboards Magazines and newspapers Certain websites and online interactive electronic forums, such as chat rooms, static blogs, or social networking sites (assuming retail investors have access to these sites) Telemarketing and sales scripts Independently prepared reprints (e.g., newspaper or magazine articles) that are sent to more than 25 retail investors ***SUBJECT TO PREAPPROVAL/FILING WITH FINRA
Anti-Money Laundering and the USA PATRIOT Act
The Bank Secrecy Act (BSA) is the primary U.S. anti-money laundering (AML) law. However, the BSA has been amended to include certain provisions of the USA PATRIOT Act to detect, deter, and disrupt terrorist financing networks that use laundered money to fund their operations. In response to the September 11, 2001 attack, President Bush signed the USA PATRIOT Act into law. The Act imposed a number of new regulatory obligations on broker-dealers and focused renewed attention on previously established AML laws.
FinCEN's (Financial Crimes Enforcement Network) Required Reports (two primary means used to detect money laundering)
The Financial Crimes Enforcement Network (FINCEN) is a part of the U.S. Department of the Treasury whose main purpose is to create and implement policies and procedures that are designed to detect and prevent money laundering. The two primary means by which FinCEN accomplishes its objectives are: 1. Requiring financial institutions (e.g., broker-dealers) to file certain transactions reports under the provisions of the Bank Secrecy Act (BSA), and 2. Providing law enforcement agencies with the information from the reports to assist in combating money laundering
Books and Records
The SEC and SROs rely on broker-dealer records and reports to monitor compliance with industry rules. Therefore, it's critical for a broker-dealer to maintain accurate records and file timely reports. SEC Rule 17a-3 requires broker-dealers to create specific records, while Rule 17a-4 requires those records to be kept for a number of years after their creation. Records may be divided into those that must be retained for the life of the firm, those that must be retained for six years, and those that must be retained for three years. Note that all records must be kept in an easily accessible place for the first two years of their existence.
Conclusion
The goal of this significant chapter was to provide details regarding many of the requirements that apply to the smooth operation of a brokerage firm. Firms are required to adhere to KYC rules, AML rules, privacy and recordkeeping requirements, as well as the process for handling the different forms of communication. The next chapter will examine activities which are prohibited for member firms.
New Account Documentation
This chapter will address the process of opening customer accounts. For broker-dealers and their RRs, proper compliance with many securities industry requirements begins with how they collect and document customer information for opening and maintaining accounts. Effective recordkeeping protects the interests of the customers, the firms, and the registered representatives. When opening a new account, certain information regarding the customer must be obtained to comply with industry rules. FINRA's Know Your Customer (KYC) Rule requires firms to use reasonable diligence to know the essential facts regarding every customer as well as any person who has been given the authority to act on the customer's behalf. The USA PATRIOT Act (described later in the chapter) imposes additional requirements on firms regarding both the verification of potential clients' identities and subsequent monitoring to ensure that they're in compliance with anti-money laundering regulations. Customer information is collected on a new account form not only to satisfy regulatory requirements, but also to help the registered representative and the firm understand the customer's investment objectives and ensure that her suitability concerns are addressed. Of course, every firm's new account form is slightly different, but all firms must collect certain minimum information in order to meet industry standards.
SEC Recordkeeping Requirements (cont.)(3)
1. Trusted Contact Person When a customer account is opened, a firm must make a reasonable effort to obtain the name of, and contact information for, a trust contact person of the customer's choosing. If obtained, the firm is required to disclose to the customer in writing, which may be electronic, that an associated person of the firm is authorized to contact the trusted contact person and disclose information about the customer's account. The purpose of any disclosure is to address possible financial exploitation or to confirm the specifics of the customer's current contact information, health status, or the identity of any legal guardian, executor, trustee, or holder of a power of attorney. 2. Verification and Ongoing Updating of Client Information To ensure that an RR has properly characterized a client's profile and investment objective, copies of the account record or the documentation of the information collected must be sent to the customer either within 30 days of opening the account or with the client's next statement. Periodic updates and verification of account information must be sent to the customer at least every 36 months. 3. Change of Information If a customer provides a broker-dealer with updated account record information, the broker-dealer must send a copy of the revised account record to the customer. Member firms are required to send the updated documentation within 30 days after it received notification of the change or at the time the next statement is mailed to the customer. Examples of the changes that may be made to an account record include a name, address, and/or investment objective change. If a request is made to change a client's address, notification must be sent to both the previous address on file and to the registered personnel who are responsible for the account within 30 days of the change.
Know Your Customer and Suitability
A broker-dealer must use reasonable diligence to learn the important facts regarding every customer. In other words, according to the regulators, it's vital to know your customer to provide them with appropriate services. This obligation extends to any person who is authorized to act on behalf of a customer, including an investment adviser that has been given the authority to enter orders in a customer's account. Only after a registered representative understands the financial needs of his customers are the proper investment recommendations able to be made.
Fidelity Bonds (SIPC insurance policy)
A fidelity bond is a form of business insurance that offers an employer protection against losses that are caused by its employees' fraudulent or dishonest actions. Also known as an honesty bond, this form of insurance can protect against monetary or physical losses. FINRA members that are required to join the Securities Investors Protection Corporation (SIPC) must maintain a blanket fidelity bond (essentially an insurance policy) which covers officers and employees and provides protection against loss for fidelity (on premises or in transit), forgery and alteration (including check forgery), securities loss (including securities forgery), and counterfeit currency. The bond must include a provision that the carrier will promptly notify FINRA if the bond is canceled, terminated, or substantially modified.
Required Information (4)
A registered representative who intends to open an account for a customer must obtain all required information prior to entering the initial order in the account. According to FINRA, the following customer information is required to be obtained: 1. The customer's name and residence (although a P.O. box may not be used to open an account, correspondence may be sent to a P.O. box) 2. Whether the customer is of legal age 3. The name of the registered representative (RR) who is responsible for the account. If there's more than one RR responsible for the account, a record of the scope of responsibility for each representative is required. This provision doesn't apply to an institutional account *. 4. The signature of the partner, officer, or manager (principal) who approves the account * An institutional account is one that's established for a bank, savings and loan association, insurance company, registered investment company, registered investment adviser, or any person with total assets of at least $50 million.
Age-Based Suitability Concerns
Age-Based Suitability Concerns A customer's age is typically one of the factors used to determine if a specific transaction is suitable. For clients who are younger and willing to assume greater risks, listing their investment objective as growth and/or speculation may be suitable. However, age-based suitability determinations are more difficult for income producing investments since they range from high risk (non-investment grade securities) to very safe instruments (U.S. Treasury securities). In fact, there are certain situations in which a firm may determine that age is irrelevant in determining suitability. For example, if a customer is seeking liquidity to meet a short term obligation, age is not a factor when making the investment decision since liquidity is the overriding concern. If a client is seeking capital preservation, age is again not a factor since safety of principal is the overriding concern.
Business Continuity Plan (BCP) (5 covered concepts)
Although there are many elements that make up a business continuity plan, at a minimum, the plan must address the following concepts: 1. Data backup and recovery 2. Financial and operational assessments 3. Alternative communications between the firm and customers and between the firm and employees 4. Alternative physical location for employees 5. Regulatory reporting and communications with regulators Each member firm must provide its SRO with emergency contact information, including the designation of two emergency contact persons. At least one of these individuals must be a member of senior management and a registered principal of the member firm. If the second contact person is not a registered principal, she must be a member of senior management who has knowledge of the firm's business operations. FINRA Rule 4370 also specifies that both emergency contact persons must be associated persons of the member firm. In the case of a small firm with only one associated person (e.g., a sole proprietorship without any other associated persons), the second emergency contact person may be either a registered or non-registered person with another firm who has knowledge of the member firm's business operations. Possible candidates for this role include the firm's attorney, accountant, or a clearing firm contact.
FinCEN's Required Reports (cont.) (Bank Secrecy Act Currency Transactions Reports (BCTR))
Broker-dealers are required to file Bank Secrecy Act Currency Transaction Reports (BCTRs). The BCTR is filed for all cash transactions that exceed $10,000 and are executed by a single customer during one business day. The definition of currency includes both cash and coins. The reporting requirement is also triggered if a customer places multiple, smaller transactions in a single day that, in the aggregate, exceed $10,000. For example, one morning, a customer deposits $6,000 of cash at one of her brokerage firm's branch offices. Later, on the same day, she deposits an additional $7,000 in traveler's checks at one of the firm's other branch offices. The broker-dealer must file a BCTR to report these transactions since they total more than $10,000 when combined and they occurred on the same day. The customer's actions are an example of structuring. Structuring occurs when a customer executes several small transactions in dollar amounts that are below the reporting thresholds to evade the reporting requirements. Registered representatives should be on the alert for clients who execute several transactions in amounts that are just below the $10,000 reporting level or clients who deposit instruments that are sequentially numbered.
Suitability/Investment Profile (9)
Broker-dealers have a suitability obligation to each of their customers. For non-institutional (retail) customers, broker-dealers and their registered persons must have a reasonable basis for recommending a specific transaction or investment strategy (e.g., day trading or margin trading). These recommendations must be based on information that's obtained from the customers and then used to identify their investment profile. A customer's investment profile includes the following items: 1. Age 2. Other investments 3. Financial situation and needs 4. Tax status 5. Investment objectives and experience 6. Investment time horizon 7. Liquidity needs 8. Risk tolerance 9. Any other information obtained from the customer Although customers are not obligated to provide all of the information listed above, an RR should make an effort to obtain as much information as possible to provide the most suitable recommendations.
FinCEN's Required Reports (Suspicious Activity Reports (SARs))
Broker-dealers may also be required to file Suspicious Activity Reports (SARs). Until the USA PATRIOT Act was passed, only broker-dealers that were subsidiaries of bank holding companies were required to file SARs. Today, a firm must file an SAR whenever a transaction (or group of transactions) equals or exceeds $5,000 and the firm suspects one of the following activities: 1. The client is violating federal criminal laws. 2. The transaction involves funds related to illegal activity. 3. The transaction is designed to evade the reporting requirements (structured transactions). 4. The transaction has no apparent business or other legitimate purpose and the broker-dealer cannot determine a reasonable explanation after examining all the available facts and circumstances surrounding the transaction (i.e., something just doesn't seem right). The filing of an SAR is confidential, as is the information contained in the report. Under no circumstances may a registered representative inform the subject of an SAR that the report has been filed. Instead, disclosure may only be made to federal law enforcement or securities regulators.
SEC Regulation SP (cont.) Confidentiality Requirements and Safeguard Requirements and Scope of Information That Must Be Protected
Confidentiality Requirements and Safeguard Requirements In order to safeguard customer records and information, every broker-dealer is required to adopt policies and procedures to physically safeguard customer records and information. These polices must ensure the security and confidentiality of customer records and information, protect against anticipated threats or hazards to the security or integrity of customer account records, and protect against unauthorized access to or use of customer records or information that could result in substantial harm or inconvenience to any customer. Scope of Information That Must Be Protected Remember, Regulation SP is protecting a customer's non-public, personal information which includes information obtained from the customer or from customer lists that are created from personally identifiable information (i.e., personal financial and account information). However, disclosure of a customer's publicly available information is not restricted under the regulation. Publicly available information includes that which is lawfully available to the general public from official public records, information from widely distributed news media (e.g., generally accessible websites or newspapers), and information that's required to be disclosed to the general public by federal, state, or local law.
Client Notifications (cont.) Confirmations Statements (8)
Confirmations Statements The SEC requires broker-dealers to provide customers with a detailed confirmation of each purchase or sale. The confirmation must be given or sent at or before the completion of any transaction—which is generally the settlement date. The confirmation must include the following information: 1. The identity and price of the security bought or sold 2. The number of shares, units, or principal amount 3. The date of the transaction, as well as the time of execution (or a statement that the time will be furnished on written request) 4. The capacity in which the broker-dealer acted, such as: Agent for the customer Agent for another person Agent for both the customer and another person (referred to as a cross) Principal for its own account 5. The commission, mark-up, or mark-down for the transaction, calculated in compliance with applicable rules and expressed as a total dollar amount and as a percentage of the prevailing market price. 6. The dollar price and yield information on debt securities 7. Whether a security is callable and a statement that further information will be provided on request 8. The settlement date Even if an RR has discretion over a customer's account, confirmations for all transactions must be sent to the customer. Statements and trade confirms may also be sent to an investment adviser or other third party, but only if the written consent of the customer is obtained.
Safekeeping of Customer Funds and Securities Customer Securities
Customer Securities A broker-dealer is required to promptly obtain and thereafter maintain physical possession or control of all fully paid and excess margin securities that belong to its customers. The term control of securities means that the securities are under the direct control of the broker-dealer. The rule defines several sites as good control locations, including the office of the broker-dealer, in transit between its offices, or in an SEC-approved depository (e.g., the DTC). Excess margin securities are defined as those securities whose value exceeds 140% of the debit (loan) balance of a customer. For example, a customer who owns stock worth $10,000 and has a debit balance of $5,000 would have excess margin securities worth $3,000 ($10,000 - [140% x $5,000]). On a daily basis as of the close of the preceding business day, a broker-dealer is required to compute the quantity of fully paid and excess margin securities that are in its possession or control and those that are not in its possession or control. The broker-dealer is required to take affirmative action to promptly obtain possession and control of the required amount of securities. If a customer sells securities and fails to deliver the securities within 10 business days of the settlement date, the broker-dealer must buy in the customer. Under exceptional circumstances, the broker-dealer may apply to FINRA for an extension.
Mandatory AML Compliance Programs (cont.) Customer Verification
Customer Verification A broker-dealer must verify a customer's identity within a reasonable period either before or after the customer's account is opened. Under the new regulations, the following minimum information is required to be obtained from a customer: 1. Name 2. Date of birth (for an individual, not a business) 3. Address (For an individual this must be a residential or street address. For corporate accounts, it must be a principal place of business or local office.) 4. An identification number: 5. For U.S. citizens: taxpayer ID number (e.g., Social Security number or employer identification number) 6. For non-U.S. citizens: taxpayer ID number, passport number and country of issuance, alien identification card number, or government-issued identification showing nationality, residence, and photograph A broker-dealer may use documentary (e.g., driver's license or passport) or non-documentary (e.g., references from other financial institutions or consumer reporting agencies) methods in order to verify the identity of a customer. Taxpayer ID Exception A broker-dealer that receives an application to open an account may waive the obligation of obtaining a taxpayer ID number if the person has applied for, but not yet received, the number. However, in lieu of the number, the broker-dealer must retain a copy of the person's taxpayer identification application.
Under Regulation S-P, when is a firm required to provide a privacy notice to a consumer?
For purposes of Regulation S-P, a "customer" is an individual who has an ongoing relationship with a firm, while a "consumer" is an individual who does not. A firm is only required to provide a privacy notice to consumers if it intends to disclose any information about the consumer to non-affiliated third parties. On the other hand, customers must receive the privacy notice at the time their account is opened and annually thereafter. Both customers and consumers must also be given adequate notice of their ability to opt out of having their personal information shared with third parties, and the means by which they may opt out must be reasonable. (23783)
Client Notifications (cont.) Holding of Client Mail (3)
Holding of Client Mail A firm may hold mail for a customer who will not be receiving it at his usual address provided the firm: 1. Receives written instructions from the customer which include the time period during which the mail will be held. If the period requested exceeds three consecutive months, the customer's instructions must include the valid reason for this request. However, convenience is not considered a valid reason for this type of request. 2. Gives written disclosure to the customer regarding alternative methods through which he may monitor the account (e.g., through e-mail or the firm's website). 3. At reasonable intervals, verifies that the customer's instructions still apply. During the time that the customer's mail is being held, the firm is also required to ensure that the mail is not being tampered with, held without the customer's consent, or used by any of the firm's associated persons in a manner that violate securities laws.
Required Information (cont.) (3)
If the customer is a business or organization rather than a person, an RR is required to obtain the names of the individuals who are authorized to transact business for the account. Prior to the settlement date of the initial transaction, a registered representative must also make a reasonable effort to obtain the following customer information: 5. Taxpayer ID number (TIN), such as a Social Security number 6. Occupation and name and address of the customer's employer 7. Whether the customer is associated with another member firm This requirement doesn't apply to either institutional accounts or accounts in which transactions are only effected in non-recommended investment company shares (mutual funds). Required Signatures Once the customer's information is obtained, a principal of the firm must sign the new account form to indicate his approval. Although many broker-dealers have in-house rules requiring customers to sign the new account form, industry rules don't require their signatures when opening a cash account. However, for customers who are seeking to open margin and/or option accounts, their signatures are required.
Regulation Best Interest (Reg BI) (retail customer)
In June of 2019, the SEC adopted a package of rulemakings and interpretations that are designed to enhance the quality and transparency of retail customers' relationships with broker-dealers and investment advisers. These rules will bring the legal requirements and mandated disclosures in line with reasonable investor expectations, while preserving access (in terms of choice and cost) to a variety of investment services and products. Specifically, these actions include new Regulation Best Interest, the new Customer Relationship Summary (Form CRS), and separate interpretations under the Investment Advisers Act of 1940. Regardless of whether a retail customer chooses a broker-dealer or an investment adviser (or both), the retail customer is entitled to a recommendation (from a broker-dealer) or advice (from an investment adviser) that's in the customer's best interest and that doesn't place the interests of the firm or the financial professional ahead of the customer's interests. In other words, any strategy or product that firms or individuals recommend to retail customers must be in the customers' best interest (not just suitable).
SEC Recordkeeping Requirements (8)
In addition to FINRA's recordkeeping requirements for customer accounts, SEC Rule 17a-3 requires broker-dealers to maintain the following records for each customer or owner of an account: 1. Name 2. Tax ID number 3. Address 4. Telephone number 5. Date of birth 6. Employment status, occupation, and whether the customer is associated with a broker-dealer 7. Annual income and net worth (excluding principal residence) 8. Investment objectives Any information that provides insight into a client's investment experience is critical when determining suitability; however, information regarding a client's educational background is not required to be collected. There may be circumstances in which customers are unwilling to provide their broker-dealers with certain personal information (e.g., their financial background). If an effort is made to collect the information, but the prospective customer refuses, an RR should (as a matter of good practice) document the fact that the effort was made to obtain the data. The documentation could be as simple as writing refused in the appropriate space on an account form, with no explanation required. Principals may refuse to approve an account if they feel that the prospective customer has provided the firm with insufficient information to appropriately assess investment objectives and/or suitability issues.
Institutional Suitability (2)
Institutional Suitability Institutional suitability obligations may vary based on the nature of the institution. Some of these customers are sophisticated and manage billions of dollars, while others may be relatively new to the investment process. For a broker-dealer to determine the extent of its suitability obligations regarding an institutional customer, there are two important guidelines: 1. The firm and the RRs servicing the account must have a reasonable basis to believe that the institutional customer can evaluate investment risks independently, both in regard to the specific securities and the different investment strategies. 2. The institutional customer must affirmatively state that it's exercising independent judgment in evaluating the recommendations. When dealing with institutional customers, firms are exempt from the customer-specific obligation that was listed previously. However, the reasonable basis and quantitative obligations standards still apply.
Institutional Communications
Institutional communication includes any type of written or electronic communication that's distributed or made available only to institutional investors, but doesn't include a member firm's internal communications. FINRA defines institutional investors as: 1. Banks, savings and loans, insurance companies, registered investment companies, and registered investment advisers 2. Government entities and their subdivisions 3. Employee benefit plans, such as 403(b) and 457 plans, and other qualified plans with at least 100 participants 4. Broker-dealers and their registered representatives 5. Individuals or entities with total assets of at least $50 million 6. Persons acting solely on behalf of these institutional investors Under FINRA rules, a member firm must establish policies and procedures that are designed to prevent institutional communications from being forwarded to retail investors. One acceptable method is placing a legend on the communication stating, "For Use by Institutional Investors Only." If a member firm becomes aware that an institutional investor (e.g., another broker-dealer) is making institutional communications available to retail investors, the firm is required to treat future communications to that institutional investor as retail communications. **SUBJECT TO REVIEW OF PRINCIPAL, NOT PREAPPROVAL
Introduction
Key Topics: Opening and Updating Client Accounts USA Patriot Act and Anti-Money Laundering Rules Regulation SP and Customer Statements Communication Rules and Protecing the Customer The goal of this chapter is to increase a person's knowledge of the rules and regulations regarding anti-money laundering (AML), AML compliance programs, monetary reports, the U.S. Treasury's Office of Foreign Asset Control (OFAC), recordkeeping requirements, customer mail, business continuity plans, privacy requirements, Regulation S-P, communications with the public, telemarketing, suitability requirements, and know-your-customer (KYC) rules.
Anti-Money Laundering and the USA PATRIOT Act (3 stages of money laundering)
Money laundering generally takes place in the following three stages: 1. Placement—The money launderers place illegal cash into the flow of a broker-dealer's business, most often through the purchase of securities. 2. Layering—The launderers execute transactions in several layers to avoid detection or the triggering of a reporting requirement. One form of layering (also referred to as structuring) involves the purchase of several blocks of securities each with cashier's checks that are drawn on different institutions and in amounts of less than $10,000. Taking opposite positions on the same security (e.g., both long and short positions) or using different customer accounts for each purchase are other sophisticated forms of layering. 3. Integration—The launderers put the proceeds from the transactions back into the stream of commerce, making them appear to be from a legitimate source. For example, securities are purchased with illegally obtained cash, then after their sale, the proceeds are deposited in a bank account. Once the funds are used to purchase goods and services, the money has now been successfully integrated into the legitimate economy.
SEC Regulation SP (cont.) Privacy Notice
Privacy Notice Under Regulation SP, firms must provide their customers with a description of their privacy policies (a privacy notice) at the time of the account opening and annually thereafter. Among other things, these privacy notices must state the types of personal information that the firm collects and the categories of both affiliated and unaffiliated third parties to whom the information may potentially be disclosed. The timing of the notice depends on the client's relationship with the firm. Regulation SP divides clients into two categories—consumers and customers. A consumer is a person who is in the process of providing information to the firm in connection with a potential transaction. A customer is a person who has an ongoing relationship with the firm. For example, if John has a meeting with a financial adviser from ABC Securities about establishing a financial plan, he's a consumer (a potential customer). However, if John opens an account with ABC Securities, he's a customer. For consumers, a firm must provide a privacy notice before it discloses non-public, personal information to any unaffiliated third party. However, if the firm doesn't intend to disclose any consumer information to an unaffiliated third party, then a notice is not required to be provided. For customers, a firm must initially provide a privacy notice at the time the relationship is first established. Thereafter, it must follow up with an updated version of this notice annually. The notice must disclose to consumers/customers that they have the right to opt-out of having their information shared with unaffiliated third parties and the process for opting out. The opt-out method being used by a broker-dealer must be reasonable. Acceptable methods include electronic responses or a toll-free telephone number for customers to call; however, requiring a customer to write a letter is unreasonable.
SEC Regulation S-P Privacy of Consumer Financial Information (3)
Privacy of Consumer Financial Information In November 1999, the Gramm-Leach-Bliley Act was enacted to require institutions that are engaged in certain financial-related activities to (1) establish privacy policies with regard to information they collect from and about their customers, (2) notify customers of those privacy policies, and (3) give customers the right to opt-out of any disclosures of their non-public personal information to certain third parties (i.e., customers may instruct the financial institution that their information may not be disclosed to unaffiliated third parties). The SEC adopted rules to implement these privacy requirements under Regulation SP which applies to all broker-dealers, investment companies, and SEC-registered investment advisers.
Customer Free Credit Balances
SEC rules require broker-dealers to advise their customers regarding their free credit balances on at least a quarterly basis. Free credit balances represent the funds that are available to customers, but that are currently on deposit in their accounts (e.g., sales proceeds that haven't been reinvested or withdrawn). Customers must receive written notice of the amount that's due to them along with a statement that the funds are payable on demand. The notice is also required to state that the funds are not segregated and may be used in the conduct of the broker-dealer's business. If the broker-dealer sends statements to its customers more frequently than quarterly, notification of the free credit balances must be sent with each statement. A broker-dealer is not required to comply with these provisions if it segregates customer free credit balances in such a way that prohibits their use by the broker-dealer.
Safekeeping of Customer Funds and Securities The Customer Protection Rule
Several SEC rules are designed to protect customer funds and securities that are in the possession of broker-dealers. The Customer Protection Rule SEC Rule 15c3-3 (the Customer Protection Rule) contains provisions to ensure the safekeeping of both customer securities and customer funds. The rule defines a customer as any person for whom the broker-dealer holds funds or securities, but doesn't include another broker-dealer, a partner, officer, or director of the broker-dealer, or a subordinated lender.
Mandatory AML Compliance Programs (cont.) Specially Designated Nationals and Blocked Persons List
Specially Designated Nationals and Blocked Persons List Firms and their representatives must make certain that they're not doing business with any person whose name is on a list that's maintained by the Treasury Department's Office of Foreign Assets Control (OFAC). This list is referred to as the Specially Designated Nationals and Blocked Persons List, or simply the SDN List. The SDN List identifies known and suspected terrorists, other criminals, as well as pariah nations (e.g., Syria and Iran). Doing business with any of these individuals or entities is prohibited. If a firm discovers that one of its clients is on the SDN List, it must block all transactions immediately and inform the federal law enforcement authorities. Broker-dealers are required to exercise special due diligence when opening private banking accounts for foreign nationals. They're also prohibited from maintaining correspondent accounts for foreign shell banks (i.e., banks with no physical presence in any country).
Identity Theft Prevention—FTC Red Flags Rule
The Federal Trade Commission's (FTC) Red Flags Rule requires many financial institutions, such as banks and broker-dealers, to create and implement a written Identity Theft Prevention Program. Each firm must have policies and procedures that address the appropriate actions to take if identity theft is suspected and/or detected. The intent of the rule is to assist firms in quickly spotting suspicious activities (red flags) with the goal of preventing the theft of their clients' assets. The policies and procedures that are found under these programs must be referenced in a firm's Written Supervisory Procedures documentation. Use of Stockholder Information for Solicitation As indicated by Regulation SP and the FTC Rule, firms and their RRs are responsible for protecting their client's information. This requirement raises an important question—can a firm that's acting as a trustee for a corporation use a shareholder list to cold-call or prospect in other matters? Generally, this practice is a violation of industry rules. SRO rules don't allow a trustee to use stockholder information for solicitation purposes unless the member firm is specifically directed to do so by, and for the benefit of, the corporation.
Telemarketing — An Alternative Communication Method (6)
The process of attracting new customers is often accomplished through telephone solicitations or cold calling. In an effort to combat abuses, Congress passed the federal Telephone Consumer Protection Act of 1991 which applies to both wired and wireless telephone numbers. The industry has incorporated the main provisions of this law into their SRO rules, including the following: 1. Telephone solicitations may be placed only between 8:00 a.m. and 9:00 p.m. local time of the party being called, unless that person has given prior consent or the person being called is another broker-dealer. 2. When calling prospective customers, callers must provide their name, the entity or person on whose behalf the call is made (e.g., the name of the member firm), a telephone number or address where that entity or person may be reached, and that the purpose of the call is to solicit the purchase of securities or other related services. This information must be provided promptly and in a clear and conspicuous manner. 3. Each broker-dealer is responsible for creating a Do Not Call List. If an individual is solicited by telephone and asks not to be called again, the broker-dealer must place that number on the list. Under FINRA rules, broker-dealers are required to honor a person's do not call request within a reasonable period, which may not exceed 30 days from the date the request was made. In addition, the firm must train its registered personnel to use the list properly and must create a written policy to describe how the list will be maintained. 4. Registered representatives may not make calls that harass or abuse the person called. Examples of prohibited behavior include using language that may be interpreted as threatening or intimidating, using profane or obscene language, or causing a phone to ring repeatedly or continuously with the intent to annoy, abuse, or harass. 5. When a broker-dealer engages in telemarketing, it's required to ensure that its outbound telephone number is not being blocked by the recipient's caller identification service. 6. The rule prohibits the use of pre-recorded messages unless the broker-dealer has received the caller's prior written permission.
Correspondence
Traditionally, correspondence has been viewed as any communication that's sent to one person. However, FINRA's current definition is more precise. Correspondence is defined as written or electronic messages that a member firm sends to 25 or fewer retail investors within any 30-calendar-day period. The 25 or fewer investors may be any type of retail client (i.e., existing and/or prospective). The typical delivery methods include physical (paper) written letters, text messages, and e-mail. **SUBJECT TO REVIEW OF PRINCIPAL, NOT PREAPPROVAL
Business Continuity Plan (BCP)
What steps must a member firm make if it's faced with a catastrophe, such as flooding or a terrorist attack? Although a member firm's WSP manual is designed to establish its day-to-day policies and procedures, FINRA also requires that its members have plans in place to address the unexpected. Broker-dealers must establish a written business continuity plan that will identify the procedures to be followed in the event of an emergency or significant business disruption. These procedures must provide for all customer obligations being met and must address the firm's existing relationship with other broker-dealers and counterparties. The plan is required to be reviewed annually in light of any changes to the firm's business structure, general operations, or location. The BCP is not required to be filed with FINRA, but it must be made available to an SRO upon request.
National Do Not Call List
When a person registers her telephone number on the Federal Trade Commission's (FTC) National Do Not Call registry, an RR is prohibited from contacting her. Firms are required to update their Do Not Call list by contacting the FTC and adding any telephone number that appears on the national list. However, one exception to the prohibition is when the person to be called has given prior written consent to being contacted by the member firm. Another exception is based on a personal relationship that exists between the RR and the person to be called, such as a family member, friend, or an acquaintance.
An older client is opening an account with a firm and the registered representative has some concerns about possible financial exploitation of this client. What step should be taken when opening this account?
When opening any accounts, registered representatives should request from the client the name and address of a trusted contact person for the account. A trusted contact person is a person that the account owner authorizes her brokerage firm to contact in limited circumstances, such as if her firm cannot reach her or if the firm has a reasonable belief that her account may be exposed to possible financial exploitation. (23803)
FINRA Rules Disclosure of Financial Condition
While most financial responsibility rules have been created by the SEC, FINRA has additional rules that are designed to enhance the fiscal security of members and their customers. Disclosure of Financial Condition Member firms are required to send balance sheets to customers every six months and (upon request) make available to customers a copy of the firm's most recent balance sheet. A customer is defined as any person having funds or securities in the possession of the member firm.
Regulation Best Interest (Reg BI) (Client Relationship Summary (Form CRS))
Who's a Retail Customer? Currently, Reg BI only applies to retail customers. According to the regulation, a retail customer is defined as a natural person, or this person's non-professional legal representative, who: 1. Receives a recommendation of any securities transaction or investment strategy involving securities from a broker-dealer; and 2. Uses the recommendation primarily for personal, family, or household purposes Professional legal representatives (e.g., financial industry professionals) and other fiduciaries are not considered retail customers. Client Relationship Summary (Form CRS) Along with the passage of Reg BI, the SEC adopted a new relationship summary disclosure document that broker-dealers must provide for retail customer—the Client Relationship Summary(Form CRS). Form CRS must be no longer than two pages. The purpose of Form CRS is to provide retail investors with information about the nature of their relationship with their financial professional in a simple, easy-to-understand format. - New retail investors must receive a copy of Form CRS by no later than the time they open a brokerage account, place an order, or receive a new recommendation for an account type, securities transaction, or investment strategy. Broker-dealers must file Form CRS with the Central Registration Depository (CRD), while registered investment advisers must file Form CRS with the Investment Adviser Registration Depository (IARD) as Part 3 of Form ADV.