SIE Chapter 9
Opt-Out Provisions
A firm can provide a toll-free number or a detachable form with a preprinted address so that customers and consumers can easily opt out from the BD disclosing any nonpublic personal information to non-affiliated third parties. The privacy notice must offer a reasonable way for a customer or consumer to opt out. In those states where an opt-in provision has been substituted, the notice must explain that failure to opt-in can result in an adverse action, such as having a loan application denied. Even if a consumer opts out of sharing information with a non-affiliated third party, the firm can still share the consumer's information with affiliate firms. While the regulation does not give people this right, the Federal Credit Reporting Act does. A consumer has the right to say "no" to the sharing of information, such as a credit report or application information, with the financial institution's affiliates and with affiliated third parties
Firm-Specific Do-Not-Call List
A list of any person who previously stated that they do not wish to receive an outbound telephone call made on behalf of the member.
National Do-Not-Call List
A list of people who have registered their telephone number on the Federal Trade Commission's national do-not-call registry.
Requirements
A person associated with the firm cannot be permitted to engage in the investment banking or securities business unless it is determined that the person satisfies minimum qualification requirements. The firm must register its representatives and principals. Their registration must be appropriate to the functions they perform and they must pass a qualification exam. A registered representative is an individual employed by and representing a broker-dealer while engaging in securities activity with the public. Employees exempt from registration include any person whose functions are solely clerical or ministerial, or employees not actively engaged in the securities business.
General Standards
All customer communications are required to be factually accurate and not misleading. Communications may not make exaggerated claims or omit material facts.
Lapse of Registration
Any person whose registration has been revoked, or has terminated for a period of 2 or more years immediately preceding the date of a new application, is required to re-qualify by examination.
Retained for 3 years
Corresponds and communications including emails, instant messages, recorded gifts
Retained for 6 years
Customer account records, blotters, municipal complaints, POAs
Retained for 4 years
Customer complaints
Private Securities Transactions with Compensation
If a BD approves an RR's participation in private securities, and the RR is receiving selling compensation, the transaction will be recorded on the books and records of the firm, and the member firm will be responsible for the supervision of the RR's participation in the transaction as if the transaction were executed on behalf of the BD.
Status of Persons Serving in the Armed Forces of the United States
If an associated person is called to active duty in the U.S. Armed Forces, the RR's firm must properly notify FINRA. This situation will be treated differently than other circumstances where RRs leave the industry. While the RR's registration will be considered inactive, it will remain in force during the service, and the RR will not have to re-register when returning to the industry. The associated person's continuing education requirements will also be suspended. The associated person may not perform duties that require registration, but may split commissions with another registered representative and receive transaction related compensation, including continuing commissions.
Responsibility of Member to Investigate Applicants for Registration
In reviewing the registration forms (U4), the principal must investigate the good character, business reputation, and experience of every applicant. The supervising principal must review, sign, and date all new hire registration forms (U4), and must verify the prior 3 years of employment history. If the new hire has previously been employed by another member firm, the principal must also review the applicant's U5 form. Member firms must also conduct background checks for all new hires. FINRA does not place limits on the scope of the background investigation. The firms must obtain all the necessary information to make an evaluation and may outsource the information gathering to third party providers. They may also run credit reports or seek reference letters. All background investigations must be in accordance with state and federal laws. Firms must complete the verification process no later than 30 calendar days after filing the U4 with FINRA.
Private Securities Transactions - No Compensation
In the case of a transaction in which an RR will not receive any selling compensation, a BD will inform the RR that it has received notification and might require the person to meet certain specified conditions in connection with their participation in the transaction.
Research Report
Information compiled by an analyst associated with an investment bank or broker-dealer that focuses on specific securities, or on market sectors, and may contain specific or nonspecific buy, sell, or hold recommendations.
Sharing Commissions with Non-Members
No member will deal with any non-member, except at the same prices, and for the same commissions, fees, and terms as accorded to the general public. Firms and RRs are prohibited from paying compensation to any individual who is not registered with FINRA. There are no rules prohibiting any FINRA member from granting to any other member of any securities association a dealer's discount, allowance, commission, or special terms.
Continuing Education
RRs are required to complete FINRA-mandated continuing education (CE). These CE requirements include a Regulatory Element and a Firm Element.
Limitations on Coverage Per Separate Customer
SIPC coverage provides each separate customer with protection up to $500,000, of which no more than $250,000 can be for cash claims. Determining what constitutes a separate customer is sometimes difficult to define. Each of the following are considered a separate customer: Individual accounts, regardless of how many are at the firm for that specific customer Retirement accounts, such as IRAs Joint accounts Custodial accounts Each separate customer under SIPC will receive the maximum coverage. If a customer has more invested with the broker-dealer, the investor will become a general creditor of the broker-dealer for the excess portion.
Anti-Money Laundering
The USA PATRIOT Act makes it easier to detect, prevent, and prosecute international money laundering and the financing of terrorism by requiring that broker-dealers (and every financial institution) establish an anti-money laundering program that includes, at a minimum: The development of internal policies, procedures, and controls Anti-money laundering compliance program to be supervised by a designated compliance officer An ongoing employee training program An annual independent audit, testing for compliance, conducted by member personnel or by a qualified outside party
Special Deals with Underwriters
The relationship between registered reps and underwriters also falls under FINRA's scrutiny. RRs are prohibited from taking additional compensation from a mutual fund underwriter if it is not disclosed in the prospectus.
Exam Retake Requirements
There is a 30-day waiting period to retake the exam if a person fails the first or second attempt. After the third attempt, there is a 180-day waiting period for a retake.
Continuing Commissions
When a registered representative retires from a broker-dealer, it is permissible for the broker-dealer to pay continuing commissions to the retired representative only for business which the representative conducted while employed at the broker-dealer (not new business). There must be a written contract between the representative and the broker-dealer outlining the agreement. These continuing commissions may be paid to the retired registered representative or to the representative's heirs.
Currency Transaction Report
A Currency Transaction Report (CTR) must be completed by the financial institution to file reports of deposits, withdrawals, exchanges of currency, or other payments or transfers involving a transaction in cash totaling more than $10,000. The Currency Transaction Report includes: Identity of the person(s) involved in the transactions, including the Social Security number, date of birth, address, and other described methods of individual identification The identity of the individual conducting the transactions (if different than the person involved in the transaction) The amount and type of transaction(s) The financial institution where the transaction(s) takes place The report must be filed within 15 days
Sharing of Referral Fees and Commissions
A registered representative may share commissions with another registered representative only when they are both associated with the same broker-dealer or an affiliated broker-dealer.
Restricted Person
A restricted person is a person to whom the underwriter may not sell shares of a new issue. Each share of a new issue must be offered to the investment public, and a restricted person is considered an "industry insider," rather than a member of the public. Restricted persons include: Broker-dealers and associated persons (registered representatives) | Associated persons' immediate family members, including spouses, parents-, brothers-, and sisters-in law, children, parents, and any person who is at least 25% financially supported by a restricted person | Underwriters and their finders and fiduciaries Banks, savings and loans, and insurance companies
Arbitration Disclosure to Associated Persons Signing or Acknowledging Form U4
All associated persons filing Form U4 must be given a statement providing detailed disclosures regarding the predispute arbitration clause, and the RR should understand this communication. Any monetary related securities dispute that an RR may have with their BD, another RR, or a client must be handled by arbitration and not taken to court (litigation). This does not apply to cases involving employment discrimination. The associated person must also be informed of the details of how the arbitration process works.
Disclosure Requirements
All broker-dealers that sell stocks or bonds or clear these transactions must be members of SIPC. Member firms must advise all new customers in writing at the time of opening an account that they may obtain more information and the SIPC brochure by contacting SIPC. They must provide the SIPC website address and telephone number. Members must provide all customers with this same information in writing at least once per year. Member firms must display an official sign showing membership at each location. They cannot imply that SIPC membership confers approval or a recommendation concerning any security. Broker-dealers that sell only mutual funds or variable annuities o
Requirements Concerning Unsolicited Calls
All cold calling must be done between the hours of 8 a.m. to 9 p.m. in the customer's time zone RRs must state their name, the name of the firm, the purpose of the call, and provide a return phone number or address where they can be reached Prospects not wishing to be contacted must be placed on a "do-not-call" list These requirements also apply to wireless telephone solicitations and faxes, but not Internet communications and email. Not-for-profit organizations are exempt from the requirements of these rules. Brokerage firms may maintain around the clock "help desks" or service/information lines without violating these rules. If the customer is initiating contact, the hour of the day is irrelevant.
Restrictions Pertaining to Equity IPOs
An IPO is an offering of shares to the public for the first time. It is prohibited for an underwriter to withhold part of that offering to keep for their own account. The SEC rules on IPOs also prohibit member firms from selling new issues to any account where a restricted person has a beneficial interest. This rule makes sure that the new issue is truly a public offering
Independently Prepared Reprints
An independently prepared reprint is any reprint or excerpt of any article written by a publisher, as long as the publisher is not an affiliate of the member using the reprint, or an affiliate of any underwriter or issuer of a security mentioned in the reprint. In addition, the article must not have been commissioned by the member, an underwriter, or an issuer of a mentioned security. The member may not materially alter the article, except to make it consistent with a relevant regulation, or to correct factual errors. If the reprint is distributed to more than 25 investors, it is considered retail communication. Independently prepared reprints require principal approval before first use and do not have to be filed with FINRA.
Customer Claims When a Broker-Dealer Becomes Insolvent
Assume cash claims are settled first, followed by securities claims. When a member firm becomes insolvent, SIPC will ask a court to appoint a bankruptcy trustee to oversee the bankruptcy proceedings and the firm is closed. Securities registered in a customer's name are returned to the customer. Securities in street name and cash are distributed to customers on a proportional basis, according to SIPC guidelines. The date on which the broker-dealer is declared insolvent is the date of security valuation for customer claims.
Private Securities Transactions
Another potential conflict of interest is an RR's involvement in securities transactions that are outside of the normal scope of their duties as a representative. RRs must, at a minimum, notify their supervisors of such activities.
Nonpublic Personal Information
Any information a broker-dealer collects about a consumer that cannot be obtained from a source available to the general public, such as government records or widely distributed media, is considered nonpublic personal information. This includes information provided by an individual on an application to obtain financial products or services, information about an individual resulting from any transactions, information from a credit report, and information that can be derived using an individual's account number.
Institutional Communication
Any printed or electronic communication that is directed only to institutional investors is Institutional Communication. Such investors include banks, trust companies, insurance companies, investment companies, employee benefit plans with at least 100 participants, government entities, investment advisers, and other broker/dealers and registered persons. This communication includes printed media and also all websites, emails, texts, and faxes. Institutional communication is not required to be filed with FINRA.
Retained for LIFE + 3
Articles of incorporation/partnership agreement, Board meeting minutes, stock certificate books
Regulation S-P
Because of the passage of the Gramm-Leach-Bliley Act, Regulation S-P requires financial regulators, including the SEC, to implement policies and procedures that restrict a financial institution's ability to disclose nonpublic personal information about consumers. As defined under regulation S-P, a consumer is an individual (or that individual's legal representative) who obtains, or has obtained, a financial product or service from a financial institution that is to be used primarily for personal, family, or household purposes. A customer is a consumer who has an ongoing relationship with the financial institution. A consumer who obtains products or service from a broker-dealer on a one-time basis is not a customer.
FINRA Retention Requirements
Broker-dealer communications are subject to spot check by FINRA for up to 3 years from last use. Broker-dealers must retain copies of all retail communication, institutional communication, correspondence, independently prepared reprints, research reports, and scripts of public appearances for 3 years after last use.
Gifts
Broker-dealers and RRs are not permitted to give or receive gifts in excess of $100 per person per year if the gift is given in relation to the business of that person's employer. This rule is designed to prevent commercial bribery. The rule also requires members to keep records regarding gifts and gratuities. This rule does not apply to gifts of a truly personal nature, such as wedding gifts to a friend or family member that is also a client. For example, an investment company representative may give a gift of up to $100 value, but not more, to a registered representative. A larger gift might be perceived as an attempt to "buy business" from the RR. This may also incent the RR to sell certain products without considering suitability. There is an exception to the gift rule that does allow for certain business expenses in excess of $100. For example, an investment company employee is permitted to take an RR out to dinner at a fine dining restaurant if the bill exceeded of $100, or to a sporting event if the tickets were valued at more than $100. The giving firm employee must attend the event with the receiving RR, and it must be considered a business expense to keep from violating the gift rule. The gift limit also does not apply to gifts with a corporate logo on them. For example, if a registered representative received a gift, such as a picture frame or travel mug with the logo of the mutual fund sponsor, the gift rule would not be violated. Even though certain gifts are allowed, members still need to keep records of all gifts received.
Annual Compliance Meeting
Broker-dealers are required by FINRA rules to conduct an Annual Compliance Meeting for all registered personnel. This meeting may be conducted in person or via video conference, interactive classroom setting, or other electronic means. The firm must address compliance issues that directly impact registered personnel. The firm must keep a record of attendee names and the topics presented.
Disclosure
Broker-dealers, investment companies, and investment advisers must provide their customers with an initial notice of their privacy policies and practices at the time the relationship is established and an annual notice every year after. An initial privacy notice must be provided to consumers before disclosing nonpublic personal information about the consumer to a nonaffiliated third party. The institution must refrain from sharing nonpublic personal information about a consumer with a third-party unless the consumer was provided the initial notice, an additional notice describing that practice, the consumer's right to "opt-out" of disclosure to nonaffiliated third-parties, and the available methods of opting out
Retained for 5 years
CTR & SAR reports
Correspondence
Correspondence consists of written or electronic communication that is targeted to one individual. Additionally, correspondence can be sent to 25 or fewer retail customers within 30 days. Examples include letters, e-mails, and text messages. For example, a letter sent to a single prospect an RR met at a networking event would be considered correspondence.
No Trading Ahead of Customers
Customer orders must be placed ahead of firm trading in their own accounts. The only way that a firm could place their order ahead of a customer order is if the customer's order was executed immediately following the firm's order and it was executed at the same price or better
Suspicious Activity Red Flags
Customers reluctant to reveal information about business activities, or supply unusual or suspicious identification or business documents Customers seem unconcerned about investment risks, commissions, or other transaction costs Customers have multiple accounts under a single name or multiple names for no apparent reason, with numerous inter-account or third-party transfers Customers' account is involved in a sudden increase in wire transfer activity Customers' account shows a large number of currency or cashier's check transactions, totaling a significant sum Customers request transaction processing in a manner that avoids the firm's normal documentation requirements Customers structure deposits (known as structuring)—several small deposits in one business day that are close to, equal to, or greater than $10,000
Fidelity Bond
Each broker is required to post this to protect against fraud and embezzlement. This is a form of insurance protection that covers policyholders for losses that they incur as a result of fraudulent acts by specified individuals. It usually insures a business for losses caused by the dishonest acts of employees.
Retention of Jurisdiction Following Termination
Even after a person is terminated, they are still subject to FINRA's discipline for violations that occurred prior to their termination: For 2 years after the effective date of a revocation or cancellation of registration In the case of an unregistered person, for 2 years after the date upon which they ceased to be associated with the member Terminated persons who fail to comply with any offer of compromise, settlement, arbitration award, or other written and executed agreements are subject to additional civil action.
Fingerprinting Requirements
Every employee of a national securities exchange, broker-dealer, registered transfer agent, and registered clearing agency who handle the firm's securities, monies, or accounting books and records must satisfy the fingerprinting requirement. Exception to fingerprinting applies to people not engaged in the sale of securities, who do not handle securities, monies, or accounting records, and who do not supervise persons engaged in such activities.
The 5% Markup Policy
FINRA and SEC regulations state that commissions and fees charged to customers must be reasonable. FINRA developed the 5% Markup Policy. This policy applies to markups, markdowns and commissions and applied to broker-dealers acting in a principal or agency capacity. This is only a guideline and it may be necessary and justified to charge higher amounts in certain circumstances, or 5% may be too high in other circumstances. In most situations, investors should not be charged more than 5% for buying or selling a security. There are several specific occasions that FINRA recognizes as ones that the 5% policy may not apply. Those include securities that are difficult to locate, very low-priced securities, small dollar transactions, and the offer of additional services in connection with doing business. In these cases, higher charges may be justified. Securities that require the delivery of a prospectus or offering document are exempt from this policy. Those would include IPOs, municipal bonds, and mutual funds.
Qualifying Examination
FINRA considers all its qualification examinations to be highly confidential. Removing content from an exam center, reproducing it, providing to another person, or using it for study purposes is prohibited. Any other use that would compromise the effectiveness of the exam, or the use of exam questions or answers, is prohibited. An applicant cannot give or receive assistance while taking the examination. Each applicant must certify that no assistance was given received during the examination. Any violation of the confidentiality requirements may result in sanctions by FINRA, including suspension or revocation of a person's registration.
Firm Do-Not-Call List Procedures
FINRA established the firm-specific do-not-call requirements. Broker-dealers are required to have a written policy on their cold call procedures and to provide training to their RRs concerning the use of the firm's do-not-call list. BDs are required to maintain an internal "do-not-call" list in order to track prospects not wishing to be contacted. RRs should consult this list prior to making their first phone call of the day. According to FINRA Rules on telemarketing, those requesting to be placed on a BD's do-not-call list must remain on the list indefinitely. A member making telephone solicitations before 8 a.m. or after 9 p.m. will not be liable under the firm-specific do-not-call rules if the member has an established business or personal relationship with the recipient of the call OR the member received prior written consent from the person to be contacted. Members must honor a person's do-not-call request within a reasonable time from the date the request is made. This period may not exceed 30 days from the date of request.
Statutory Disqualification
FINRA has the authority to bar a person from becoming or remaining associated with a FINRA member if the person is or becomes subject to a statutory disqualification. Disqualifying events include, but aren't limited to: Securities and theft-related misdemeanor convictions, and all felony convictions for a period of 10 years from the date of conviction, Temporary and permanent injunctions (regardless of their age) issued by a court of competent jurisdiction, involving a broad range of unlawful investment activities, Expulsions and current suspensions from membership or participation in a self-regulatory organization (SRO), Bars and current suspensions ordered by the SEC or SRO, Denials or revocations of registration by the SEC or Commodity Futures Trading Commission (CFTC), Findings that a member or person has made certain false statements in applications or reports made to, or in proceedings before, self-regulatory organizations. No member can continue membership if they are disqualified. No person can be associated with a member, continue to be associated with a member, or transfer association to another member if they are disqualified. Resignations from membership in FINRA take effect 30 days after receipt of a letter of resignation. A member that has resigned, or had its membership cancelled or revoked, remains subject to regulation following the filing of a complaint within 2 years after the effective date of resignation, cancellation, or revocation.
Regulatory Requests
FINRA has the right to require members to provide information in writing, or electronically, regarding any matter involved in any investigation, complaint, examination, or proceeding. The response to regulatory requests must be timely.
Outside Business Activities
FINRA regulations require representatives to notify their firms of any outside business activities or private security transactions prior to their start. FINRA states that you may not be an employee, independent contractor, trustee, sole proprietor, officer, director or partner of another person as a result of any business activity outside the scope of the relationship with your firm, unless you have provided written notice to your firm. Acting as a trustee for a trust account as a registered representative would have several potential conflicts of interest. Therefore, it is considered an OBA and must be disclosed to the firm in writing and treated as any other outside business activity. You must also disclose any offer to work with any other business or receipt of any form of compensation from a source other than your employing BD firm. These notifications are necessary to prevent misconduct or conflicts of interest that could harm the firm or their customers. Firms may or may not allow these activities. Representatives are required to follow the instructions of their employing firm.
Electronic Filing Requirements for Uniform Forms
FINRA requires member firms to file uniform forms, such as Form U4, electronically. These forms must be filed with the Central Registration Depository (CRD), sometimes called WebCRD, which is the central licensing and registration system operated by FINRA for the U.S. securities industry and its regulators. The applicant's manual signature is required when submitting a Form U4 for the initial registration or transfer for an associated person and any amendments. Persons applying for registration must be fingerprinted and those fingerprints must be submitted to FINRA. If the fingerprints are not received by FINRA within 30 days of the U4 being filed, the person's registration will be inactive, and they must cease all activities requiring registration. Each BD will have a principal that is designated to be responsible for managing the registration process, including reviewing and approving the filing of the appropriate forms. Uniform forms, such as Form U4, are subject to SEC record retention requirements. The records must be retained by the BD for 3 years total, with the first 2 years in an easily accessible location.
Business Continuity Plans
FINRA rules mandate that member firms create and maintain Business Continuity Plans. The basis of the rule is to ensure that all customers are provided with a document that explains how a business interruption will be handled. Each firm should prepare a plan that is specific to their own business model. The FINRA rule states that the plan must provide, at a minimum, the following: The protection, backup, and recovery of books and records| All mission critical systems| Financial and operational assessments |Alternate communications between customers and the firm, and between the firm and employees| Alternate physical location for employees| Critical business constituent, bank, and counterparty impact| Regulatory reporting| Communications with regulators| How the firm will assure customers' prompt access to funds and securities in the event the firm is unable to continue business. FINRA requires that the plan be delivered to every customer in writing at account opening, available on the firm's website, and mailed to customers if requested. This plan is required to be reviewed annually and though a copy is not required to be sent to FINRA, it must be made available upon request and emergency contact information must be provided.
FINRA Rules Regarding Correspondence
FINRA rules require member firms to create a system to supervise both incoming and outgoing correspondence. This includes not only traditional hard-copy letters, but e-mail and text messages as well. The supervisory procedures for a particular firm will depend on the nature of its business. Therefore, some firms will require review of each piece of correspondence, while others may use spot checks. Whatever system is used, RRs must adhere to firm procedures regarding correspondence.
Firm-Sponsored Sales Contests
Firms are allowed to offer compensation to their own RRs (as long as the compensation is not from the mutual fund) above and beyond what is disclosed in the prospectus. The rules regarding firmsponsored sales contests are complex, but the general rule is that the product suite being covered must be broad enough so that it doesn't steer business into a particular product.
Termination of Registration
Form U5 is used by the employing firm to terminate a registered representative, voluntarily or involuntarily, and discloses the reason(s) for termination. The terminating firm must file the form with FINRA and provide a copy to the terminated employee within 30 days. Failure to notify FINRA could result in a fine. A new employing firm must obtain a copy of Form U5 from the prospective employee or FINRA. Terminated registered persons have 2 years to associate with a new member without having to retake a qualifying exam. If an RR is changing employers, Form U5 must be filed by the terminating employer before a new U4 can be filed with the hiring employer. The registration is held by the firm and is not transferable.
personally identifiable information (PII)
In Special Publication (SP) 800-122, The National Institute of Standards and Technology (NIST) defines PII as: "Any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual's identity, such as name, Social Security number, date and place of birth, mother's maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information." Other examples of PII would include, but not be limited to: Driver's license number Passport number Street address Email address Not all PII is created equal, however. Some types of PII would be more damaging to an individual if compromised than other types: the unauthorized disclosure of a person's cell phone number is less worrisome than the unauthorized disclosure of their Social Security number, for example. Firms should make it a point to collect only as much PII as is necessary for their specific needs, and to identify, for each piece of data collected, whether the information poses a low, moderate, or high risk. The firm's security policies and procedures should include more stringent safeguards and restrictions around PII that would potentially have a greater impact on customers if it were compromised.
Fraudulent Interstate Transactions
It is unlawful to engage in securities fraud across state lines.
Disclosure of Financial Condition
Member firms are required to disclose their current financial situation to customers every 6 months through their annual and semi-annual reports and at any time upon request. If the firm receives a request that is out of the 6-month time frame, they must honor that request and can do so by sending their most recent balance sheet.
Money Laundering Steps
Money laundering involves three independent, and often simultaneous, steps: Placement - Introducing funds to be laundered into the legitimate financial system. Layering - Separating the proceeds of criminal activity from their origins through layers of complex financial transactions to hide the source of the funds. Integration - Reintroducing the now clean funds back into the financial system by providing an apparently legitimate explanation for the illicit proceeds. Proper AML procedures include following the guidelines of the Customer Identification Program whereas financial institutions are required to implement procedures to verify the identity of each customer opening an account, maintain records used to identify the customer, and consult government-provided lists of known or suspected terrorists. Through the CIP, customer verification of name, date of birth, physical address, and tax ID number will all be accomplished. Non-U.S. Citizens must provide a passport and U.S. tax identification number to open an account.
Identity Theft
One of the key cybersecurity risks facing financial institutions (including BDs and IAs) and their customers is identity theft. Because of the Dodd-Frank Act, the SEC created Regulation S-ID, the "Red Flags Rule," which requires that firms have reasonable policies and procedures for: Identifying relevant red flags of possible identity theft, including: Alerts, notifications, or other warnings received from consumer reporting agencies or service providers, such as fraud detection services Presentation of suspicious documents, such as documents that appear to have been altered or forged Presentation of suspicious personal identifying information, such as a suspicious address change Unusual use of, or other suspicious activity related to, a covered account Notice from customers, victims of identity theft, law enforcement authorities, or other persons regarding possible identity theft relating to covered accounts held by the financial institution or creditor Detecting these red flags Responding appropriately to red flags once detected and updating the identity theft program Firms must also consider whether any applicable state laws impose substantive cybersecurity requirements. While these laws vary by jurisdiction, they generally require covered entities (such as broker-dealers and investment advisers) to notify individuals in the event their personal information is compromised. In addition, some laws require covered entities to notify state agencies of data breaches that exceed a specific threshold.
Supervision by a Registered Principal
One of the primary responsibilities of all member firms is to supervise the actions of associated persons who represent the firm in its dealings with the public. A principal is a person involved in the management of the firm's business activities; primarily, they carry out the supervisory responsibilities relating to solicitation and training, and they are required to pass special exams for these positions. Principals must carry out their supervisory responsibilities as described in the broker-dealer firm's Written Supervisory Procedures (WSP). The WSP is based on the types of business in which the firm engages and the activities of its RRs. Customer complaints against registered representatives may be a red flag that the representative is acting carelessly or criminally. Potential red flags that may indicate unethical or fraudulent activity include excessive trading (churning), making blanket recommendations (including selling only one share class of mutual funds to all customers), repeated customer complaints of the same or similar nature, and improper suitability determination for the sole purpose of generating revenue (selling only products that generate the highest revenue).
Selling Away
Registered representatives may not sell investments the broker-dealer does not offer, unless they disclose the transaction to their firm. This practice is known as selling away, and it can lead to disciplinary action by regulators and the broker-dealer as well. RRs may not even realize they are involved in selling away. They may believe an outside business venture in which they are participating does not involve securities transactions, when, in fact, it might be an unregistered securities transaction. For this reason, RRs should inform their brokerdealers of their involvement in any outside business activity, not just to follow the rules, but also to protect themselves.
Retail Communication
Retail Communication is any printed or electronic communication directed to more than 25 retail investors in any 30-day period. A retail investor is any party other than an institutional investor. All individuals, including accredited individuals, are considered retail investors. Retail communication includes sales literature and advertising. Sales literature is a type of retail communication where the broker-dealer controls the distribution of this material. It is provided to a targeted audience, such as group emails, text messages, and form letters to more than 25 prospects. Research reports and brochures are other examples of sales literature. Advertising is retail communication that is distributed via mass media; the broker-dealer has no control over who receives this material. Examples include newspaper ads and commercials on TV or radio. Retail communication must be approved by a principal prior to use and must be kept on file for at least 3 years. Records must indicate who prepared and who approved sales literature and advertising. FINRA requires all retail communication to be filed with FINRA within 10 days of first use, not beforehand
Approval and Recordkeeping Generally Applicable to Member Firms
Retail communication must be approved by a principal before the earlier of its filing with FINRA or first use. Correspondence and institutional communication can be approved by a principal before or after use. If the broker/dealer permits approval after use, it must have an adequate, documented training program addressing correspondence. Independently prepared reprints, research reports, and public appearances can be approved by a principal after first use.
Record Keeping Requirements
SEC rules set which records must be kept by member firms, how long those records must be retained, and the manner in which they must be kept. If the firm maintains their records utilizing an electronic storage media, they must verify the storage media recording process, be able to download records as required by FINRA or the SEC, and preserve the records in a non-rewritable, non-erasable format. A separate duplicate copy needs to be maintained in an alternate location. If a time period is not specifically stated for a particular record, the default time period of retention is 6 years. Member firms must keep the most recent 2 years' records readily accessible and available for inspection. The following records must be kept for the life of the firm, and for an additional period of 3 years. following the termination of the enterprise: Articles of incorporation or Partnership Agreement, Minutes of Board Meetings (or Partnership meetings), and stock certificate books.
Prohibitions Relating to Interstate Commerce and the Mail
Sales materials cannot go across state lines unless a prospectus accompanies the material.
Definition of Compensation
Selling compensation involves any compensation paid in connection to a purchase or sale of a security, including commissions, finder's fees, securities or rights to acquire securities, expense reimbursements, or rights of participation in profits, tax benefits, or dissolution proceeds as a general partner.
Specially Designated Nationals (SDNs)
The Office of Foreign Assets Control (OFAC) publishes a list of individuals and companies associated with certain targeted countries. It also lists individuals and entities, including terrorists and narcotics traffickers, who are not country-specific. Together, these individuals and companies are called Specially Designated Nationals (SDNs) and U.S. persons are generally prohibited from dealing with them. Financial institutions must regularly check OFAC's list, block or freeze assets of any SDNs on the list, and report these incidents within 10 days of occurrence. Each broker-dealer must designate a compliance officer to oversee execution of its customer identification program.
Unlawful Representation SEC "No Approval" Clause
The SEC does not warrant the accuracy of the registration statement or pass any judgment on the quality of the investment. It is unlawful to say or imply that the SEC approves of any investment; this disclaimer must be at the front of every prospectus. Anyone soliciting securities by use of a prospectus containing false or misleading information, or omitting material information, may be held liable. Criminal penalties may be imposed for anyone offering securities through fraud or misrepresentation.
Customer Confirmations
The SEC requires that member firms provide their customers with confirmations of each transaction. Confirmations are generally sent on or before the settlement date. The confirmation must include the price and identity of the security, the number of shares, date of transaction, time of execution, capacity of the firm (agent or principal), commission, mark-up or mark-down, price and yield and the settlement date. Confirmations may only be sent to a third-party with written consent of the customer.
Securities Investor Protection Act of 1970 (SIPA)
The Securities Investor Protection Act created the Securities Investor Protection Corporation (SIPC) to protect customer accounts in the event their broker-dealer goes bankrupt. SIPC is a non-profit entity funded by broker-dealer member assessments. SIPC provides insurance coverage on customer accounts held in "street name" in the event the customer's cash and securities are liquidated after the broker-dealer declares bankruptcy. An account held in "street name" refers to accounts held under the broker-dealer's name at the firm to facilitate trading activities more effectively for both the firm and customer. The broker-dealer is responsible for retaining a list of all beneficial owners. SIPC offers no protection for the decline in value of a security, market loss, or against fraud or embezzlement. Commodity accounts and personal accounts of senior officers of the firm are not covered under SIPC.
Written Supervisory Procedures (WSP)
The ____must include, but is not limited to, procedures for all the following: Review, by a registered principal, of all transactions. There is an exception to this rule, however: if the firm uses a "risk-based review system," enabling the firm to focus on the areas that pose the greatest risks of violation, they are not required to conduct detailed reviews of every individual transaction., Review and approve of new accounts ,Review of incoming and outgoing written correspondence and internal communications by a registered principal, Safeguard customer funds and securities, including procedures for review of transmittal of funds and securities into and out of customer accounts, Monitor the outside activities of registered representatives, Handle customers written complaints, Maintain required books and records
Customer Complaints and Correspondence
The definition of a customer complaint is a grievance that is received in writing. If an RR receives a written complaint, they must give it to a manager immediately; it is the manager's responsibility to resolve the complaint. A record of the complaint must be retained for 4 years. If the customer later wants to rescind the complaint, the original must be kept, and a copy returned to the customer. Under FINRA rules, certain customer complaints must be reported to FINRA. These complaints need to reported within 30 days of the discovery of the event. Written customer complaints that involve theft of funds or securities must be reported. Member firms are also required to provide quarterly reports summarizing the customer complaints received by the firm. The report is due on the 15th of the month following the calendar quarter. No complaints, no report is necessary. Statements or correspondence sent to a customer must be sent to the mailing address that was provided by the customer. It cannot be kept in a branch, held, or sent to a different address designated by the RR. This is intended to keep the customer informed of any account activity and to help prevent fraud.
Civil Liabilities Arising in Connection with Prospectuses and Communications
The person who purchases a security has the right to pursue civil tort claims if the items in the filing statements include false statements regarding material facts or omit material facts required to be stated.
Membership Qualification
The purpose of FINRA is to protect America's investors by ensuring the securities industry operates fairly and honestly. Any registered broker-dealer, municipal broker-dealer, or government securities broker-dealer authorized to transact securities business, as well as any branch of the investment banking or securities business, is eligible for membership unless excluded by reason of statutory disqualification. Nearly all broker-dealers are members of FINRA and are referred to as "member firms." As members, these firms agree to abide by the rules set by FINRA, as well as all federal and state laws regarding the securities industry. Membership must always be kept current, with any changes filed within 30 days. Members must pay required dues, assessments, and other charges, and must agree to comply with all: By-laws and rules Regulations and dispute resolutions Rulings, orders, directions, decisions issued, and sanctions imposed
Suspicious Activity Report
The purpose of the Suspicious Activity Report (SAR) is to report known or suspected violations of law or suspicious activity observed by financial institutions subject to the Bank Secrecy Act (BSA). The SAR has been instrumental in enabling law enforcement to initiate or supplement investigations into major money laundering or terrorist financing, as well as other criminal cases. As part of their anti-money laundering training programs, broker-dealers must train RRs and other employees to detect suspicious activities, or red flags that may indicate money laundering. As an example, a customer wishes to engage in transactions that are inconsistent with their stated objectives or that lack economic sense. If an employee suspects such activity, a report must be filed with the broker-dealer, who will in turn file with the Financial Crimes Enforcement Network (FinCEN), a branch of the Treasury Department. SARs include detailed information about transactions that appear to be suspicious and must be filed with FinCEN within 30 calendar days if a broker-dealer suspects such activity involving $5,000 or more. Financial institutions and their employees face civil and criminal penalties for failing to properly file suspicious activity reports. Under criminal law, a representative found guilty of violating AML laws may be sentenced to 20 years in prison and receive a fine of twice the amount of funds involved or $500,000, whichever is greater.
Telephone Consumer Protection Act of 1991
This act was passed in response to public concerns about perceived telemarketing abuses. The rules generally apply to cold calls, which are telephone solicitations initiated by a broker-dealer to encourage an investment in property, goods, or services. No member or person associated with a member can initiate any telephone solicitation in violation of the standards under the Act or established by the member firm.
FINRA BrokerCheck Disclosure
Through FINRA BrokerCheck, consumers have the opportunity to research current and former BDs and RRs registered with FINRA within the past 10 years. The following information is made available to people inquiring over the telephone, in writing, or electronically: Any information available in filed uniform forms, such as Form U4, Approved registrations Arbitration awards, Information about qualification exams passed, including the corresponding date Information about the broker's disciplinary history, Information about current and former affiliations with member firms, Complaints, Personal information, such as history of residence and Social Security number, are not included. If a customer cannot access BrokerCheck, a FINRA toll-free number must be provided. Broker-dealers must supply customers with the following information at account opening and least once per calendar year: FINRA's BrokerCheck hotline number, FINRA's website address, A statement regarding the availability of an investor brochure that includes information describing FINRA's BrokerCheck
Political Contributions
Under Rule G-37, the MSRB addresses political contributions made by the municipal securities industry. This rule specifically prohibits brokers, dealers, or municipal securities dealers from engaging in municipal securities business with an issuer within two years after any contribution is made to an official of the issuer by either the broker, dealer, municipal securities dealer, or any municipal finance professional (MFP) associated with these firms. The term municipal securities business includes engaging in negotiated underwriting; the offer or sale of a primary offering of municipal securities on behalf of any issuer, such as a private placement; providing financial advice or consultant services to or on behalf of an issuer with respect to a primary offering of municipal securities. An MFP is an associated person who solicits business from municipal issuers, renders advice to municipal issuers, or prepares research and reports on municipal issues. There is one exception to this rule, which is considered a de minimis rule. The prohibition would not apply if the only contributions to officials of issuers are made by MFPs entitled to vote for such officials, provided the contributions are not in excess of $250 by each MFP to each official, per election
Customer Protection Rule
Under SEC Rules, broker-dealers must ensure the safe keeping of customer funds and securities. This Customer Protection Rule does not apply to other broker-dealers, partners, officers or directors. The firm is required to obtain and hold all customer funds and securities in a timely and efficient manner while abiding by all settlement and delivery rules. The firms must also provide customers with their free credit balances with every statement but, at a minimum, quarterly. The concern is the proper segregating, record keeping and accounting of customer funds and securities in situations where the firm can use them in the conduct of their business. For example, if they are held within a margin account.
Protecting Customer Information
Under Securities and Exchange Commission (SEC) Rule 30 of ______________, members, as well as other financial institutions, are required to adopt written policies and procedures that address the protection of customer information and records. Specifically, the policies and procedures must be reasonably designed to: Ensure the security and confidentiality of customer records and information Protect against any anticipated threats or hazards to the security or integrity of customer records and information Protect against unauthorized access to, or use of, customer records or information that could result in substantial harm or inconvenience to any customer Of utmost importance is safeguarding customer information. Firms always have a duty and obligation to protect confidential customer records and information. As part of normal business practices, and because of regulatory requirements such as the need to positively identify customers in order to thwart money launderers and other criminals, financial institutions and financial services firms collect a great deal of potentially sensitive personal information about customers. As a result, firms must take special care to protect customers' personally identifiable information (PII)
Payments to Unregistered Persons
Under no circumstances may commissions be paid to unregistered persons. Registration is required in order to effect securities transactions, or attempt to effect securities transactions, including soliciting and taking orders. Member firms are permitted to employ unregistered persons for the purposes of determining whether a prospective customer wants to receive information from the firm, inquire whether a prospect wishes to discuss investment products and strategies with a registered person, and invite individuals to firm-sponsored events at which presentations and account or order solicitation is offered by the licensed personnel.
Social Media
With the explosion in the use of social networking applications such as LinkedIn, Twitter, and Facebook, many financial services professionals are using these tools to communicate with customers and prospects. It is important to remember that the same rules that apply to other forms of customer communication, such as correspondence and advertising, apply to the use of social media and other electronic communications, including email. Broker-dealers and investment advisers are required to maintain records relating to these communications. To comply with these requirements, broker-dealers must be able to access social media accounts used by employees for business purposes. RRs who use social media and/or personal email accounts for any business communication, no matter how informal and infrequent, must allow their firms access to these accounts, and should understand that any communications in these accounts may be subject to archiving by their firm.
Bank Secrecy Act
authorizes the Treasury to require financial institutions, including broker-dealers, to keep records and file reports about the source, volume, and movement of funds into and out of the country and through domestic financial institutions. A monetary instrument log is required of wire transfer cash purchases of monetary instruments, such as money orders, cashier's checks, and traveler's checks, totaling between $3,000 and $10,000. This form must be kept on record at the financial institution for 5 years and produced at the request of examiners or auditors to verify compliance.
Regulatory Element
is a computer-based training session administered by FINRA. The training covers relevant rules, regulations, and industry practices. All information in the training module must be satisfactorily reviewed and completed within the allotted time period. RRs are required to complete the Regulatory Element training on the 2nd anniversary of their initial securities registration, and every 3 years thereafter. RRs failing to complete the training within a 120day grace period from their anniversary date will have their registration deemed "inactive." RRs with an inactive status may not perform in any capacity that requires a securities registration. They are also prohibited from collecting compensation tied to their registration.
Affinity Fraud
is a tool used by criminals to gain the trust of victims by claiming to be members of the same identifiable group, such as a religious affiliation, race, national origin, or profession, or to have similar interests. While affinity fraud has always been common, social media gives con artists a rapid and largely anonymous way to identify, and identify with, target groups.
Public Appearance
is any participation in a seminar, forum (including an interactive electronic forum), radio or television interview, or other public appearance or public speaking activity. Any scripts, presentation materials, or handouts are subject to FINRA communication rules. If the appearance is attended by more than 25 people, it is considered retail communication.
Form U4
is the application used to register an associated person with the firm. It includes the following information: Name, address, aliases 5-year residency history, 10-year employment history, Outside employment, including employment with another broker-dealer, Securities-related complaints and disciplinary issues, Felony convictions and misdemeanor convictions relating to handling money or securities, Financial information, including bankruptcies, that could put investors at risk. Form U4 must be amended promptly to reflect any material changes, such as change of name or address, change of employer or outside employment, new felony or misdemeanor convictions, new customer complaints, or changes in relevant financial status.
Disciplinary Actions
may be initiated if any member includes incomplete, inaccurate, or misleading information on an application, fails to disclose required information, or fails to make timely corrections to the application after filing. The member is also subject to disciplinary action for failure to register personnel or branch offices when required by FINRA.
Firm Element
of continuing education is required for any registered person who has direct client contact. FINRA members are required to evaluate the firm's training needs annually and provide training based on those findings. Training should cover areas such as sales practices, suitability, product information, and regulation, but cannot include sales skills or closing techniques.