Chapter 15
Approvals
*Correspondence and institutional* communication must be supervised and reviewed by the brokerage firm; however, they *don't require approval*. Unless an exception applies, *retail communication must be approved by a qualified principal (supervisor)* of the firm. In addition, certain types of retail communication (e.g., those related to *options and mutual funds*) must also be *filed with FINRA.*
Money laundering generally takes place in the following three stages:
*1.) Placement:* The money launderers place illegal cash into the flow of a broker-dealer's business, most often through the purchase of securities *2.) Layering*: The launderers execute transactions in several layers to avoid detection or the triggering of a reporting requirement. One form of layering (also referred to as *structuring*) involves the purchase of several blocks of securities each with *cashier's checks* that are drawn on different institutions and in amounts of *less than $10,000*. Taking opposite positions on the same security (e.g. both long and short positions) or using different customer accounts for each purchase are other sophisticated forms of layering. *3.) Integration*: The launderers put the proceeds from the transactions back into the stream of commerce, making them appear to be from a legitimate source. For example, securities are purchased with illegally obtained cash, then after their sale, the proceeds are deposited in a bank account. Once the funds are used to purchase goods and services, the money has now been successfully integrated into the legitimate economy.
Which of the following statements is TRUE concerning the opening of a cash account? A. The customer must sign the new account form. B. A principal of the firm must sign the new account form. C. Both the customer and a principal must sign the new account form. D. Neither the customer nor a principal must sign the new account form.
*A principal of the firm must sign the new account form.* A principal of the firm must sign the new account form. Although many firms have established internal rules about obtaining a client's signature to open a cash account, it's not a FINRA requirement.
A broker-dealer's anti-money laundering (AML) compliance program must be approved: A. In writing by a member of senior management B. By FINRA and a member of senior management of the broker-dealer C. By the SEC and the head of compliance for the broker-dealer D. In writing by both the CEO and the CFO
*A. In writing by a member of senior management* Each member's AML program must be approved in writing by a member of senior management.
Which of the following statements is NOT TRUE about a fidelity bond? A. It protects customers in the event their broker-dealer goes bankrupt. B. It's insurance that protects a broker-dealer in case of fraud such as forgery or counterfeit currency. C. FINRA must be notified if the bond is cancelled or substantially modified. D. It covers securities that are held at the brokerage firm as well as those in transit.
*A. It protects customers in the event their broker-dealer goes bankrupt.* A fidelity bond does not protect customers in the event of broker-dealer bankruptcy; that's the role of *SIPC*. Instead, a fidelity bond is insurance that protects a broker-dealer in case of fraud such as forgery or counterfeit currency. The bond covers securities that are held at the brokerage firm as well as those in transit. FINRA must be notified if the bond is cancelled or substantially modified.
The SEC established Regulation S-P to provide for customer privacy. According to Reg. S-P, what information is a broker-dealer required to include in its customer privacy notices? A. The broker-dealer's policies that have been created to protect the security of the customer's private information B. The deadline to opt out of the privacy program C. The amount a customer needs to pay to opt out of the privacy program D. The broker-dealer's website
*A. The broker-dealer's policies that have been created to protect the security of the customer's private information* Regulation S-P was enacted to ensure that a customer's non-public information is protected. Broker-dealers are required to establish policies that are designed to protect their client's information. Those policies must be disclosed in a privacy notice and sent to customers. In some cases, broker-dealers are permitted to share a customer's information; however, customers are given the opportunity to opt out and refuse the sharing of information. Broker-dealers cannot charge a customer who wants to opt out.
electronic delivery of client records
*All account records, such as confirmations, statements, and tax reporting information may be delivered to the client electronically.* Under *SEC rules*, providing client access to the records *equates to delivery*. Essentially, if a client chooses to receive electronic documents, there's *no need to follow up with paper copies*. Some firms may charge customers a *nominal processing fee* if they choose to have confirmations processed in a *paper format.*
Account statements and other notifications
*At least quarterly,* broker-dealers are required to provide customers with account statements. Most firms provide *monthly statements* for any account in which activity has occurred. At a minimum, the account statement must contain: --A description of all security positions --All money balances --All account activity since the last statement Account activity includes purchases, sales, interest credits or debits, charges or credits, dividend payments, transfer activity, securities receipts or deliveries, and/or journal entries relating to securities or funds in the possession or control of the broker-dealer.
Jerry is planning to open an account at Grace Securities. Grace must furnish him with a privacy notice: A. Only if it plans to disclose any of Jerry's private information to nonaffiliated third parties B. Before Jerry enters his first order in the account C. By the end of the year in which the account is opened and annually thereafter D. At the time he opens the account
*At the time he opens the account* Grace must furnish Jerry with a privacy notice at the time he opens the account. Jerry is establishing an ongoing relationship with Grace Securities by opening an account with them. Thus, he is considered a customer under Regulation SP and must receive a privacy notice at the time he opens the account (first establishes the ongoing relationship).
A broker-dealer's privacy notice must include all the following information, EXCEPT the: A. Type of personal information that the firm collects B. Names of any other financial institutions with which the firm is affiliated C. Fact that clients may opt out of having their information shared with non-affiliates D. Types of third parties to which the firm may disclose information
*B. Names of any other financial institutions with which the firm is affiliated* A privacy notice is not required to include the names of any other financial institutions with which the firm is affiliated.
A broker-dealer must file a Currency Transaction Report (CTR) when a customer: A. Deposits bearer bonds with a face value of $100,000 B. Purchases stock with a $20,000 personal check C. Opens an account with $11,000 in cash D. Opens an account with a credit card debit check valued at $20,000
*C. Opens an account with $11,000 in cash* CTRs are filed on FinCEN Form 104 when a customer deposits a total amount of more than $10,000 in cash on any one day.
Which of the following statements is TRUE concerning member firms' suitability requirements for institutional investors? A. Institutional investors are exempt from SRO suitability requirements B. The SRO suitability requirements apply unless the account is defined as a Qualified Institutional Buyer C. The suitability requirements are more stringent than those of retail accounts D. The suitability requirements are less stringent than those of retail accounts
*D. The suitability requirements are less stringent than those of retail accounts* Institutional investors are subject to FINRA suitability requirements, but they are less stringent than those of retail accounts. There is no special exemption for QIBs. Firms have a suitability obligation to all clients. When determining the suitability obligations of a broker-dealer concerning institutional customers, the two most important considerations are the customer's ability to evaluate the investment risk independently, and the extent to which the customer is exercising that ability in connection with the recommendation.
On a confirmation to a customer, a FINRA member must disclose all of the following , EXCEPT: A. Whether the member acted as agent or principal B. If acting as agent, the amount of the commission C. The time of execution (or an offer to reveal it upon request) D. Whether the broker-dealer is also an investment banker for the issuer of the security
*D. Whether the broker-dealer is also an investment banker for the issuer of the security* The customer confirmation must disclose whether the brokerage firm acted as a principal or agent. If it acted as agent, the amount of the commission must be disclosed. Also, the broker-dealer must disclose or offer to disclose the time that the trade was executed. Whether the broker-dealer is also an investment banker for the issuer of the security is disclosed in a research report, but is not required on a confirmation.
Excess Margin Securities
*Excess margin securities* are defined as those securities in a margin account whose *value exceeds 140% of the debit (loan) balance of a customer*. For example, a customer who owns stock worth $10,000 and has a debit balance of $5,000 would have excess margin securities worth $3,000 ($10,000 - [140% x $5,000]). On a *daily basis as of the close of the preceding business day*, a *broker-dealer is required to compute the quantity of fully paid and excess margin securities that are in its possession or control and those that are not in its possession or control*. The broker-dealer is *required to take affirmative action to promptly obtain possession and control of the required amount of securities*. (this includes excess margin securities) If a *customer sells securities and fails to deliver the securities within 10 business days of the settlement date*, the broker-dealer must *buy in the customer.* Under exceptional circumstances, the broker-dealer may *apply to FINRA for an extension.*
SEC Regulation SP
*Privacy of Consumer Financial Information* In November 1999, the *Gramm-Leach-Bliley Act* was enacted to require institutions that are engaged in certain financial-related activities to (1) establish privacy policies with regard to information they collect from and about their customers, (2) notify customers of those privacy policies, and (3) give customers the right to *opt-out* of any disclosures of their *non-public personal information* to certain *third parties* (i.e., customers may instruct the financial institution that their information may not be disclosed to unaffiliated third parties). The SEC adopted rules to implement these privacy requirements under *Regulation SP* which *applies to all broker-dealers, investment companies, and SEC-registered investment advisers.*
The Customer Protection Rule
*SEC Rule 15c3-3 (the Customer Protection Rule)* contains provisions to ensure the safekeeping of both customer securities and customer funds that are in the possession of broker-dealers. The rule defines a customer as any person for whom the broker- dealer holds funds or securities, but *doesn't include another broker-dealer, a partner, officer, or director of the broker-dealer, or a subordinated lender.*
Broker-dealers are required to send balance sheets to customers every: A. Nine months B. Six months C. Three months D. 12 months
*Six months* Broker-dealers are required to send balance sheets to customers every six months and upon request.
A customer has recently closed her account. How long is her broker-dealer required to keep records related to her account?
6 YEARS
E-Mail and instant Messaging
A *challenging* aspect to e-mail and instant messages is that they *may ultimately be considered correspondence, retail communications, or institutional communications.* For example, e-mail that's sent only to registered investment advisers (i.e., institutional investors) is considered institutional communication. E-mail that's sent to 25 or fewer retail investors is considered correspondence. And finally, e-mail that's sent to more than 25 retail investors is considered retail communication.
Customer Securities
A broker-dealer is required to promptly obtain and thereafter maintain *physical possession or control of all fully paid and excess margin securities that belong to its customers*. The term *control of securities* means that the securities are under the *direct control of the broker-dealer.* The rule defines several sites as good control locations, including the office of the broker-dealer, in transit between its offices, or in an *SEC-approved depository (e.g., the DTC).* (I think this includes excess margin securities)
Know Your Customer and Suitability
A broker-dealer must use *reasonable diligence* to learn the important facts regarding every customer. In other words, according to the regulators, it's vital to *know your customer* to provide them with appropriate services. This *obligation extends to any person who is authorized* to act on behalf of a customer, including an *investment adviser* that has been given the authority to enter orders in a customer's account. Only after a registered representative understands the financial needs of his customers are the proper investment recommendations able to be made.
Customer Verification
A broker-dealer must verify a customer's identity within a reasonable period either before or after the customer's account is opened. Under the new regulations, the following *minimum information is required to be obtained from a customer:* --Name --Date of birth (for an individual, not a business) --Address (For an individual this must be a residential or street address. For corporate accounts, it must be a principal place of business or local office.) --An identification number: − For U.S. citizens: taxpayer ID number (e.g., Social Security number or employer identification number) − For non-U.S. citizens: taxpayer ID number, passport number and country of issuance, alien identification card number, or government-issued identification showing nationality, residence, and photograph A broker-dealer may use *documentary* (e.g., driver's license or passport) or *non-documentary* (e.g., references from other financial institutions or consumer reporting agencies) methods in order to verify the identity of a customer. *Taxpayer ID Exception*: A broker-dealer that receives an application to open an account may *waive the obligation of obtaining a taxpayer ID number* if the person has *applied for, but not yet received, the number.* However, in lieu of the number, the broker-dealer must retain a copy of the person's *taxpayer identification application.*
Age-Based Suitability Concerns
A customer's age is typically one of the factors used to determine if a specific transaction is suitable. For clients who are *younger and willing to assume greater risks*, listing their investment objective as growth and/or speculation may be suitable. However, age-based suitability determinations are more difficult for income producing investments since they range from *high risk (non- investment grade securities) to very safe instruments (U.S. Treasury securities).* In fact, there are certain situations in which a firm may determine that *age is irrelevant* in determining suitability. For example, if a customer is seeking liquidity to meet a *short term* obligation, age is not a factor when making the investment decision since *liquidity* is the overriding concern. If a client is seeking *capital preservation*, age is again not a factor since safety of principal is the overriding concern.
Holding of client mail
A firm may hold mail for a customer who will not be receiving it at his usual address provided the firm: --Receives *written instructions from the customer* which include the time period during which the mail will be held. If the period requested *exceeds three consecutive months,* the customer's instructions *must* include the *valid reason* for this request. However, *convenience is not* considered a valid reason for this type of request. --Gives written disclosure to the customer regarding alternative methods through which he may monitor the account (e.g., through e-mail or the firm's website). --At reasonable intervals, verifies that the customer's instructions still apply. During the time that the customer's mail is being held, the firm is also required to ensure that the mail is *not being tampered with*, held *without the customer's consent*, or *used by any of the firm's associated persons in a manner that violate securities laws.*
Required information
A registered representative who intends to open an account for a customer must obtain all required information prior to entering the initial order in the account. According to *FINRA,* the following customer information is *required* to be obtained: --The customer's *name and residence* (although a P.O. box may *not* be used to open an account, correspondence may be sent to a P.O. box) --Whether the customer is of *legal age* --The *name* of the registered representative *(RR)* who is responsible for the account. If there's more than one RR responsible for the account, a *record of the scope of responsibility* for each representative is required. *This provision doesn't apply to an institutional account *. --(An *institutional account* is one that's established for a bank, savings and loan association, insurance company, registered investment company, registered investment adviser, or any person with total assets of at *least $50 million.*) --(If the customer is a business or organization rather than a person, an RR is required to obtain the names of the individuals who are authorized to transact business for the account.) --The *signature* of the partner, officer, or manager *(principal)* who approves the account Prior to the *settlement date* of the initial transaction, a registered representative must also make a *reasonable effort* to obtain the following customer information: --Taxpayer ID number *(TIN)*, such as a Social Security number --Occupation and name and address of the customer's *employer* --Whether the customer is associated with another *member firm* (This requirement *doesn't apply* to either *institutional accounts* or accounts in which transactions are only effected in non-recommended investment company shares (*mutual funds*).)
Mandatory AML Compliance Programs
All broker-dealers are now required to establish AML Compliance Programs which, at a minimum, must include: --Policies and procedures that are reasonably expected to detect and report suspicious transactions and deter money laundering --The designation of a *compliance officer* who is responsible for the firm's AML program (There's no requirement for this person to be FINRA-registered.) --An ongoing *employee training program* --An *independent audit function* to test the effectiveness of the firm's AML program (aka a stress test) Industry rules also require AML programs to be in *written form* and *approved by a member of senior management.* The independent audit function, sometimes referred to as a *stress test,* must be conducted *annually* unless the member firm doesn't execute transactions for customers or otherwise hold customer accounts *(i.e., it's a proprietary trading firm)*. In these cases, the stress test is only required to be conducted every *two years* (on a calendar-year basis). -Creating a *Customer Identification Program (CIP) is part of the mandatory AML compliance process*
What constitutes an established business relationship in the context of telemarketing?
An *established business relationship* between a broker-dealer and a person exists when *ONE* of the following conditions is met: --Within *18 months prior to the telemarketing call*, the person has made a securities *transaction*, or has a security position, a money balance, or account activity with the broker-dealer or its clearing firm. --Within *18 months* prior to the telemarketing call, the firm making the call is *considered the broker- dealer of record* for the account. --Within *three months prior to the telemarketing call,* the person has *contacted the broker-dealer to inquire* about a product or service that's offered by the firm.
Customer Identification Program (CIP)
As a part of their AML compliance program, broker-dealers must create a customer identification program in order to verify the identity of any person who seeks to open an account. Firms are also required to maintain records of the information used to verify a person's identity and *determine whether the person is listed as a known or suspected terrorist or an affiliated organization.*
Use of stockholder information for solicitation
As indicated by Regulation SP and the FTC Rule, firms and their RRs are responsible for protecting their client's information. This requirement raises an important question—*can a firm that's acting as a trustee for a corporation use a shareholder list to cold-call or prospect in other matters*? Generally, this practice is a *violation of industry rules.* SRO rules *don't allow a trustee to use stockholder information for solicitation purposes unless the member firm is specifically directed to do so by, and for the benefit of, the corporation.*
Suitability Obligations
Broker-dealers have a *suitability obligation* to each of their customers. For *non-institutional (retail)* customers, broker-dealers and their registered persons must have a *reasonable basis for recommending* a specific transaction or investment strategy (e.g., day trading or margin trading). These recommendations must be based on information that's obtained from the customers and then used to identify their investment profile. A customer's investment profile includes the following items: --Age --Other investments --Financial situation and needs --Tax status --Investment objectives and experience --Investment time horizon --Liquidity needs --Risk tolerance --Any other information obtained from the customer Although customers are not obligated to provide all of the information listed above, an RR should *make an effort* to obtain as much information as possible to provide the most suitable recommendations. An investment recommendation should be in the customer's (*not RR's*) best interest. The simple fact that a customer may agree to a recommendation doesn't relieve a firm of its suitability obligation. Some examples of potential violations of the suitability rule include: --RRs making recommendations of one product over another in an effort to generate large commissions --RRs making mutual fund recommendations that are designed to maximize their commissions rather than to establish a portfolio for their customers --RRs attempting to increase their commissions by recommending the use of margin --RRs recommending a new issue that's heavily promoted by their firm in an effort to keep their jobs FINRA has three main suitability obligations to follow
Suspicious Activity Reports (SARs).
Broker-dealers may also be required to file *Suspicious Activity Reports (SARs).* Until the USA PATRIOT Act was passed, only broker-dealers that were subsidiaries of bank holding companies were required to file SARs. Today, a firm must file an SAR whenever a *transaction (or group of transactions) equals or exceeds $5,000* and the firm *suspects* one of the following activities: --The client is violating federal criminal laws. --The transaction involves funds related to illegal activity. --The transaction is designed to evade the reporting requirements (structured transactions). --The transaction has no apparent business or other legitimate purpose and the broker-dealer cannot determine a reasonable explanation after examining all the available facts and circumstances surrounding the transaction (i.e., something just doesn't seem right). The filing of an SAR is *confidential*, as is the information contained in the report. *Under no circumstances may a registered representative inform the subject of an SAR that the report has been filed.* Instead, disclosure may only be made to federal law enforcement or securities regulators.
Correspondence
Correspondence is defined as *written or electronic messages that a member firm sends to 25 or FEWER retail investors within any 30-calendar-day period.* The 25 or fewer investors may be *any type of retail client (i.e., existing and/or prospective)*. The typical delivery methods include physical (paper) written letters, text messages, and e-mail.
Client disclosure of business continuity plan
Each member firm must disclose to its customers how its business continuity plan addresses the possibility of a future significant business disruption and how the member plans to respond to these events. This *disclosure must be provided in written format at the time an account is opened* and must be *posted on the member's website.*
Regulation of Communications (FINRA's three communications categories)
FINRA divides communications with the public into *three categories*: *correspondence, institutional communications, and retail communications.* For exam purposes, part of the challenge is being able to *distinguish between the different forms in situational questions.*
FINRA's Three Main Suitability Concerns
FINRA has established the following *three main suitability obligations:* 1. The *reasonable basis obligation* - Requires a member firm and its RRs to have a reasonable basis to believe that a recommendation is suitable for at least some investors. If the firm or its RRs don't understand a product, it should NOT be recommended to customers. 2. The *customer-specific obligation* - Requires a member firm and its RRs to have a reasonable basis to believe that a recommendation is suitable for a particular individual based on the customer's investment profile 3. The *quantitative obligation* - Requires a member firm and its RRs to have a reasonable basis to believe that a series of recommended transactions, even if they're suitable for a customer, are not excessive when considering the customer's investment profile
Fidelity Bonds
FINRA members that are required to join the *Securities Investors Protection Corporation (SIPC)* must maintain a *blanket fidelity bond (essentially an insurance policy)* which covers officers and employees and provides protection against loss for fidelity (on premises or in transit), forgery and alteration (including check forgery), securities loss (including securities forgery), and counterfeit currency. The bond must include a provision that the carrier will *promptly notify FINRA if the bond is canceled, terminated, or substantially modified.*
Office of Foreign Assets Control (OFAC) List
Firms and their representatives must make certain that they're NOT doing business with any person whose name is on a list that's maintained by the *Treasury Department's Office of Foreign Assets Control (OFAC).* The *OFAC List identifies known and suspected terrorists*, other *criminals*, as well as *pariah nations (e.g., Syria and Iran*). Doing business with *any of these individuals or entities is prohibited*. If a firm discovers that one of its clients is on the OFAC List, it must *block* all transactions immediately and *inform the federal law enforcement authorities.* Broker-dealers are required to *exercise special due diligence* when opening private banking accounts for *foreign nationals*. They're also prohibited from maintaining correspondent accounts for *foreign shell banks (i.e., banks with no physical presence in any country).*
change of information
If a customer provides a broker-dealer with updated account record information, the broker-dealer must send a copy of the revised account record to the customer. Member firms are required to send the updated documentation *within 30 days after it receives notification of the change* or at the time the *next statement is mailed to the customer.* Examples of the changes that may be made to an account record include a name, address, and/or investment objective change. (If a request is made to change a client's address, notification must be sent to both the *previous address on file* and to the registered personnel who are responsible for the account *within 30 days* of the change.)
SEC Recordkeeping Requirements (in addition to FINRA's requirements)
In *addition* to FINRA's recordkeeping requirements for customer accounts, *SEC Rule 17a-3* requires broker-dealers to maintain the following records for each customer or owner of an account: --Name --Tax ID number --Address --Telephone number --Date of birth --Employment status, occupation, and whether the customer is associated with a broker-dealer --Annual income and net worth (excluding principal residence) --Investment objectives Any information that provides insight into a client's *investment experience* is critical when determining *suitability*; however, information regarding a client's *educational background is NOT required* to be collected. There may be circumstances in which customers are unwilling to provide their broker-dealers with certain personal information (e.g., their financial background). If an effort is made to collect the information, but the prospective customer refuses, an RR should (as a matter of good practice) document the fact that the effort was made to obtain the data. The documentation could be as simple as writing *refused* in the appropriate space on an account form, with no explanation required. Principals may refuse to approve an account if they feel that the prospective customer has provided the firm with insufficient information to appropriately assess investment objectives and/or suitability issues.
Penalties
In an effort to discourage money laundering activities, the penalties for violating existing AML laws are *severe and include both potential incarceration and fines*. Under criminal law, a registered representative who is found guilty of facilitating money laundering may be sentenced to *20 years in prison and may receive a fine of up to $500,000 per transaction or twice the amount of the funds involved— whichever is greater.* Registered representatives don't need to have knowledge of a money laundering scheme or even participate in it to be prosecuted. Instead, RRs and their firms may be held liable for being *willfully blind* to the activity.
Confidentiality Requirements and Safeguard Requirements
In order to safeguard customer records and information, every broker-dealer is required to adopt policies and procedures to *physically safeguard customer records and information.* These policies must ensure the security and confidentiality of customer records and information, protect against anticipated threats or hazards to the security or integrity of customer account records, and protect against unauthorized access to or use of customer records or information that could result in substantial harm or inconvenience to any customer.
Institutional Communications
Institutional communication includes any type of written or electronic communication that's *distributed or made available ONLY to INSTITUTIONAL investors*, but *doesn't include a member firm's internal communications.* FINRA defines institutional investors as: --Banks, savings and loans, insurance companies, registered investment companies, and registered investment advisers --Government entities and their subdivisions --Employee benefit plans, such as 403(b) and 457 plans, and other qualified plans with at least 100 participants --Broker-dealers and their registered representatives --Individuals or entities with total assets of at least $50 million --Persons acting solely on behalf of these institutional investors Under FINRA rules, a *member firm must establish policies and procedures that are designed to prevent institutional communications from being forwarded to retail investors.* One acceptable method is placing a *legend on the communication stating, "For Use by Institutional Investors Only."* If a member firm becomes aware that an institutional investor (e.g., another broker-dealer) *is* making institutional communications available to *retail* investors, the *firm is required to treat future communications to that institutional investor as retail communications.*
Institutional Suitability
Institutional suitability obligations may vary based on the nature of the institution. Some of these customers are *sophisticated* and manage billions of dollars, while others may be *relatively new* to the investment process. For a broker-dealer to determine the extent of its suitability obligations regarding an institutional customer, there are *two* important guidelines: 1.) The firm and the RRs servicing the account must have *reasonable basis* to believe that the institutional customer can *evaluate investment risks independently*, both in regard to the specific securities and the different investment strategies 2.) The institutional customer must *affirmatively state* that it's exercising independent judgement in evaluating recommendations *When dealing with institutional customers, firms are exempt from the customer-specific obligation* that was listed previously. However, the *reasonable basis and quantitative obligations standards still apply.*
Disclosure of Financial Condition
Member firms are required to send *balance sheets* to customers *every six months* and (upon request) make available to customers a copy of the *firm's most recent balance sheet*. A customer is defined as any person having funds or securities in the possession of the member firm.
Client notifications
Once an account is opened, broker-dealers are required to provide the client with information, including trade confirmations, statements, and other miscellaneous mailings. The *SEC mandates the frequency and timing of the delivery of this information.*
Required signatures
Once the customer's information is obtained, a *principal* of the firm must *sign* the new account form to indicate his approval. Although many broker-dealers have in-house rules requiring customers to sign the new account form, industry rules don't require their signatures when opening a *cash* account. However, for customers who are seeking to open *margin and/or option accounts*, their signatures are required.
Privacy notice timing
Regulation SP divides clients into *two categories*—*consumers and customers.* A *consumer* is a person who is in the process of providing information to the firm in connection with a potential transaction (basically a potential customer and then customer). A *customer* is a person who has an ongoing relationship with the firm. For example, if John has a meeting with a financial adviser from ABC Securities about establishing a financial plan, he's a consumer (a *potential customer*). However, if John opens an account with ABC Securities, he's a customer. For *consumers*, a firm must provide a privacy notice *before* it discloses non-public, personal information to any unaffiliated third party. However, if the firm doesn't intend to disclose any consumer information to an unaffiliated third party, then a notice is *not* required to be provided.**** TEST Q said regardless For *customers*, a firm must initially provide a privacy notice at the time the relationship is first established. Thereafter, it must follow up with an updated version of this notice *annually.* The notice must disclose to consumers/customers that they have the *right to opt-out of having their information shared with unaffiliated third parties* and the process for opting out. The opt-out method being used by a broker-dealer must be *reasonable*. Acceptable methods include electronic responses or a toll-free telephone number for customers to call; however, requiring a customer to write a letter is *unreasonable.*
Scope of Information that Must be Protected
Remember, Regulation SP is protecting a customer's *non- public, personal information* which includes information obtained from the customer or from customer lists that are created from personally identifiable information (i.e., personal financial and account information). However, *disclosure of a customer's publicly available information is NOT restricted under the regulation*. Publicly available information includes that which is lawfully available to the general public from official public records, information from widely distributed news media (e.g., generally accessible websites or newspapers), and information that's required to be disclosed to the general public by federal, state, or local law.
Retail Communications
Retail communication is defined as written or electronic communications that are distributed or made available to *more than 25 retail investors within a 30-calendar-day period.* A retail investor is considered any person who doesn't meet the definition of an institutional investor. Retail communications are the *broadest category* and include *both advertising and sales literature.* All materials that are prepared for the *public media* in which the ultimate audience is unknown are considered retail communications, including: --Television, radio, and billboards --Magazines and newspapers --Certain websites and online interactive electronic forums, such as chat rooms, static blogs, or social networking sites (assuming retail investors have access to these sites) --Telemarketing and sales scripts --Independently prepared reprints (e.g., newspaper or magazine articles) that are sent to more than 25 retail investors
Customer Free Credit Balances
SEC rules require broker-dealers to *advise their customers regarding their free credit balances* on *at least a quarterly basis*. Free credit balances represent the funds that are available to customers, but that are currently on deposit in their accounts (e.g., sales proceeds that haven't been reinvested or withdrawn). Customers must receive written notice of the amount that's due to them along with a statement that the funds are payable on demand. The notice is also required to state that the funds are *not segregated* and may be used in the conduct of the broker-dealer's business. *If the broker-dealer sends statements to its customers more frequently than quarterly, notification of the free credit balances must be sent with each statement.* A broker-dealer is *NOT* required to comply with these provisions if it *segregates customer free credit balances* in such a way that *prohibits their use by the broker-dealer.*
Social Media Sites
Social media sites fall under the requirements of a *public appearance* and *certain disclosures may be required.* Since firms may be unable to monitor their RRs' activities on these sites, *most firms don't permit their representatives to use them for communicating with customers or conducting business.*
Anti-Money Laundering and the USA Patriot Act
The *Bank Secrecy Act (BSA)* is the *primary U.S. anti-money laundering (AML) law*. However, the BSA has been amended to include certain provisions of the *USA PATRIOT Act* to *detect, deter, and disrupt terrorist financing networks* that use laundered money to fund their operations. In response to the September 11, 2001 attack, President Bush signed the USA PATRIOT Act into law. The Act imposed a number of new regulatory obligations on broker-dealers and focused renewed attention on previously established AML laws.
Identity Theft Prevention -- FTC Red Flags Rule
The *Federal Trade Commission's (FTC) Red Flags Rule* requires many financial institutions, such as banks and broker-dealers, to create and implement a *written Identity Theft Prevention Program*. Each firm must have policies and procedures that address the appropriate actions to take if identity theft is suspected and/or detected. The intent of the rule is to assist firms in *quickly spotting suspicious activities (red flags) with the goal of preventing the theft of their clients' assets*. The policies and procedures that are found under these programs must be *referenced in a firm's Written Supervisory Procedures documentation.*
FinCEN's required reports
The *Financial Crimes Enforcement Network (FINCEN)* is a part of the U.S. Department of the Treasury whose main purpose is to *create and implement policies and procedures that are designed to detect and prevent money laundering.* The *two primary means* by which FinCEN accomplishes its objectives are: *1.)* Requiring financial institutions (e.g., broker-dealers) to file certain transactions reports under the provisions of the Bank Secrecy Act (BSA), and *2.)* Providing law enforcement agencies with the information from the reports to assist in combating money laundering *Broker-dealers are required to file Bank Secrecy Act Currency Transaction Reports (BCTRs).* The BCTR is filed for *all cash transactions that exceed $10,000* and are executed by a *single customer* during *one* business day. The definition of currency includes both cash and coins. The reporting *requirement is also triggered if a customer places multiple, smaller transactions in a single day that, in the aggregate, exceed $10,000.* The second method is an example of *structuring.* Structuring occurs when a customer executes several small transactions in dollar amounts that are *below the reporting thresholds to evade the reporting requirements*. Registered representatives should be on the alert for clients who execute several transactions in amounts that are just below the $10,000 reporting level or clients who deposit instruments that are sequentially numbered. Broker-dealers may also be required to file *Suspicious Activity Reports (SARs).*
Books and Records
The *SEC and SROs rely on broker-dealer records and reports to monitor compliance with industry rules*. Therefore, it's critical for a broker-dealer to maintain accurate records and file timely reports. *SEC Rule 17a-3* requires broker-dealers to *create specific records*, while *Rule 17a-4* requires those records to be *kept for a number of years after their creation*. Records may be *divided* into those that must be retained for the *life of the firm,* those that must be *retained for six years*, and those that must be *retained for three years.* Note that *all records must be kept in an easily accessible place for the first two years of their existence.* Table in notebook
Confirmation statements
The *SEC* requires broker-dealers to provide customers with a detailed *confirmation of each purchase or sale.* The *confirmation must be given or sent at or before the completion of any transaction*—which is generally the *settlement date.* The confirmation must include the following information: --The identity and price of the security bought or sold --The number of shares, units, or principal amount --The date of the transaction, as well as the time of execution (or a statement that the time will be furnished on written request) --The capacity in which the broker-dealer acted, such as: − 1. Agent for the customer − 2. Agent for another person − 3. Agent for both the customer and another person (referred to as a cross) − 4. Principal for its own account --The commission, mark-up, or mark-down for the transaction, calculated in compliance with applicable rules and expressed as a total dollar amount and as a percentage of the prevailing market price. --The dollar price and yield information on debt securities --Whether a security is *callable* and a statement that further information will be provided on request --The settlement date *Even if an RR has discretion* over a customer's account, confirmations for all transactions must be sent to the customer. Statements and trade confirms may also be sent to an investment adviser or other third party, but only if the written consent of the customer is obtained.
Telemarketing
The process of attracting new customers is often accomplished through *telephone solicitations or cold calling*. In an effort to combat abuses, Congress passed the federal *Telephone Consumer Protection Act of 1991* which applies to both *wired and wireless telephone numbers.* The *industry has incorporated the main provisions of this law into their SRO rules*, including the following: --Telephone solicitations may be placed only between *8:00 a.m. and 9:00 p.m. local time* of the party being called, unless that person has given prior consent or the person being called is *another broker-dealer.* --When calling prospective customers, callers must provide their *name*, the entity or person on whose behalf the call is made (e.g., the *name of the member firm*), a telephone number or address where that entity or person may be reached, and that the *purpose of the call* is to solicit the purchase of securities or other related services. This information must be provided *promptly* and in a *clear* and conspicuous manner. --Each broker-dealer is responsible for creating a *Do Not Call List*. If an individual is solicited by telephone and asks not to be called again, the broker-dealer *must* place that number on the list. Under FINRA rules, broker-dealers are required to honor a person's do not call request within a *reasonable* period, which *may not exceed 30 days from the date the request was made.* In addition, the firm must train its registered personnel to use the list properly and must create a written policy to describe how the list will be maintained. --Registered representatives may not make calls that *harass or abuse the person called*. Examples of prohibited behavior include using *language that may be interpreted as threatening or intimidating*, using *profane or obscene* language, or causing a phone to *ring repeatedly or continuously* with the intent to annoy, abuse, or harass. --When a broker-dealer engages in telemarketing, it's required to ensure that its outbound telephone number is *not being blocked* by the recipient's caller identification service. --The rule *prohibits the use of pre-recorded messages* unless the broker-dealer has received the caller's prior written permission. FINRA recognizes that when a representative has an existing relationship with a customer, it may be important to contact the client outside the 8:00 a.m. to 9:00 p.m. window. Therefore, *the time-of-day and disclosure requirements don't apply to calls made to clients with whom the firm has an established business relationship.* However, the *purpose* of these calls must be to *maintain or service the existing accounts of the firm.*
Verification and ongoing updating client information
To ensure that an RR has properly characterized a client's profile and investment objective, copies of the account record or the documentation of the information collected must be *sent to the customer either within 30 days of opening the account OR with the client's next statement.* Periodic updates and verification of account information must be sent to the customer at *least every 36 months.*
Privacy Notice
Under *Regulation SP*, firms must provide their customers with a description of their *privacy policies (a privacy notice*) at the time of the account opening and *annually* thereafter. Among other things, these privacy notices must state the types of personal information that the firm collects and the *categories of both affiliated and unaffiliated third parties* to whom the information may potentially be disclosed. The *timing of the notice depends on the client's relationship with the firm.*
Record Retention
Under the CIP (customer identification program) rules, a broker-dealer must maintain records of the *methods it used to verify a customer's identity for five years following the closing of the account.*
Business Continuity Plan (BCP)
What steps must a member firm make if it's faced with a catastrophe, such as flooding or a terrorist attack? Although a member firm's WSP (written supervisory procedures) manual is designed to establish its day-to-day policies and procedures, FINRA also requires that its members have plans in place to address the unexpected. Broker-dealers must establish a *written business continuity plan that will identify the procedures to be followed in the event of an emergency or significant business disruption.* These procedures must *provide for all customer obligations being met and must address the firm's existing relationship with other broker-dealers and counterparties.* The plan is *required to be reviewed annually* in light of any changes to the firm's business structure, general operations, or location. The *BCP is NOT required to be filed with FINRA*, but it must be made available to an SRO upon request. Although there are many elements that make up a business continuity plan, at a minimum, the plan must address the following concepts: --Data backup and recovery --Financial and operational assessments --Alternative communications between the firm and customers and between the firm and employees --Alternative physical location for employees --Regulatory reporting and communications with regulators Each member firm *must provide its SRO with emergency contact information*, including the *designation of two emergency contact persons.* At least one of these individuals must be a *member of senior management and a registered principal* of the member firm. If the second contact person is not a registered principal, she must be a member of *senior management* who has knowledge of the firm's business operations. *FINRA Rule 4370* also specifies that *both emergency contact persons must be associated persons of the member firm*. (In the case of a small firm with only one associated person (e.g., a sole proprietorship without any other associated persons), the second emergency contact person may be either a (registered or non-registered person with another firm) who has knowledge of the member firm's business *operations*.) Possible candidates for this role include the *firm's attorney, accountant, or a clearing firm contact.*
Trusted Contact Person
When a customer account is opened, a firm must make a *reasonable effort* to obtain the name of, and contact information for, a trust contact person of the customer's choosing. If obtained, the firm is required to disclose to the customer in writing, which may be electronic, that an associated person of the *firm is authorized to contact the trusted contact person and disclose information about the customer's account.* The purpose of any disclosure is to address possible financial exploitation or to confirm the specifics of the customer's current contact information, health status, or the identity of any legal guardian, executor, trustee, or holder of a power of attorney.
New Account Documentation
When a firm and RR opens a new account for a customer they have to follow rules to make sure everything is in the best interest of the customer *FINRA's Know Your Customer (KYC) Rule* requires firms to use *reasonable diligence* to know the *essential facts* regarding every customer as well as any person who has been given the authority to act on the customer's behalf. *The USA PATRIOT Act* (described later in the chapter) imposes additional requirements on firms regarding both the verification of potential clients' *identities* and subsequent monitoring to ensure that they're in compliance with *anti-money laundering regulations.* Customer information is collected on a *new account form* not only to satisfy regulatory requirements, but also to help the registered representative and the firm understand the customer's *investment objectives* and ensure that her suitability concerns are addressed. Of course, every firm's new account form is slightly different, but all firms must collect certain minimum information in order to meet industry standards.
National Do Not Call List
When a person registers her telephone number on the *Federal Trade Commission's (FTC) National Do Not Call registry*, an RR is *prohibited* from contacting her. Firms are required to update their Do Not Call list by contacting the FTC and adding any telephone number that appears on the national list. However, *one exception to the prohibition* is when the person to be called has *given prior written consent to being contacted by the member firm.* Another *exception* is based on a *personal relationship that exists between the RR and the person to be called*, such as a *family member, friend, or an acquaintance.*
FINRA Rules
While *most* financial responsibility rules have been created by the SEC, FINRA has *additional* rules that are designed to enhance the fiscal security of members and their customers. These include disclosures of (the firm's) financial condition and blanket fidelity bond policies
clients must be notified of their credit balances how often?
at least quarterly