Articles Tagged with Compliance

|

In its latest Risk Alert, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) heeds advisers and broker/dealers to take a fresh look at their policies and procedures in the area of electronic customer record storage in light of shortcomings discovered by OCIE’s staff as part of recently-conducted regular examinations. These shortcomings include weak or misconfigured security settings on a network storage device that, in the worst-case event, could result in unauthorized access to customer information.

OCIE Risk Alerts are highly useful resources for compliance professionals to consider as these published notices serve as a window into not only the recent experiences of OCIE staffers out in the field, but also the thinking of OCIE management as to where it will be directing its staff to focus on in future examinations. In other words, if the management of OCIE warrants it important enough to publish a Risk Alert on an particular topic, registrants can be assured that future exams will likely focus on deficiencies in that area.

This most recent Risk Alert zeros-in on deficiencies uncovered by examiners with respect to how advisers and brokers are protecting their customers’ electronic records—specifically, records kept in the “cloud” or on other types of networked storage solutions. OCIE defines cloud storage as the “electronic storage of information on infrastructure owned and operated by a hosting company or service provider.” Obviously, such storage systems may be especially vulnerable to hacking or other nefarious activities, and as such, warrant robust protections. Continue reading ›

|

The SEC’s Office of Compliance Inspections and Examinations recently conducted examinations of privacy notices and safeguarding policies of SEC-registered investment advisers and broker-dealers adopted pursuant to Regulation S-P. As a result of these examinations, the SEC issued a Risk Alert identifying common deficiencies that are important to keep in mind when adopting, implementing and reviewing compliant privacy notices and effective safeguarding policies.

Regulation S-P requires financial institutions such as investment advisers and broker-dealers to adopt written policies and procedures to safeguard nonpublic personal client information. These policies must be reasonably designed to protect the confidentiality and security of nonpublic personal client information from any anticipated threats or hazards and any unauthorized access or use. The policies should address administrative, technical, and physical safeguards.

Investment advisers and broker-dealers must also provide initial and annual privacy notices to their clients describing the types of information collected and disclosed, the types of affiliated and non-affiliated third parties the information is disclosed to and, unless exempted from the opt-out notice requirement, an explanation of the client’s right to opt out of disclosure of nonpublic personal information to a non-affiliated third party. The privacy notice should also generally describe the firm’s safeguarding policies and procedures.

Continue reading ›

|

On February 4, 2019, the Commissioner of Securities of the State of Georgia and the Office of the Secretary of State announced its intent to amend the rules governing examination requirements for registered representatives of a broker-dealer and investment adviser representatives.  According to the Commissioner, the primary purposes of these amendments are to harmonize Georgia’s rules with the Financial Industry Regulatory Authority’s new rules implementing the Securities Industry Essentials (“SIE”) Exam and to update the requirements regarding examinations to applicants.  The SIE Exam, which tests a FINRA registration applicant’s knowledge of securities-related topics, was launched to simplify FINRA’s qualification examination program after the program’s efforts to address new securities products and services resulted in FINRA offering multiple exams with immense content overlap.  FINRA also launched the SIE Exam in order to provide greater consistency and uniformity to the securities industry application process.

The State of Georgia requires applicants for registration as a registered representative of a broker-dealer and/or an investment adviser representative to take certain prerequisite examinations.  Georgia Rule 590-4-5-.02 details the examination requirements for registered representatives, while Georgia Rule 590-4-4.09 details the examination requirements for investment adviser representatives.

The proposed amendments to Rule 590-4-5-.02, detailing registered representative examinations, would require an applicant applying for registration as a broker-dealer to present proof to the Commissioner that its personnel have passed at least one of a list of specified examinations within a two-year period preceding the date of the application.  The amendments also eliminate the Series 87 Research Principal Examination as a potential examination that could be passed.  The amendments also would provide that an applicant who is applying to be a registered representative would need to present the Commissioner with proof that he or she has passed the required examinations within either a two-year period immediately preceding the application date or a four-year period in the case of an applicant who has taken the SIE Exam.  The amendments also provide that the Commissioner “may reserve the right to find the applicant qualified by other examinations or significant and comprehensive experience in the securities business.”

Continue reading ›

|

FINRA has alerted its Member Firms to be on the watch for a fraudulent phishing email scheme targeted at compliance personnel. A phishing scheme typically uses email or some other type of electronic message to trick the recipient into clicking a malicious link or infected file attachment by mimicking a message from a trustworthy party. This particular scheme employs an email purportedly originating from an Anti-Money Laundering compliance officer at an otherwise apparently legitimate Indiana-based credit union. The email—which was received recently by a number of FINRA Member Firms—specifically targets compliance personnel by appearing to be a communication regarding an attempted transfer of money by a client of the recipient’s firm to the credit union which has been placed on hold due to concerns about potential money laundering. The scam is designed to get the recipient to open an attachment, which, according to FINRA “likely contains a malicious virus or malware designed to obtain unauthorized access to the recipient’s computer network.”

FINRA noted the following additional aspects of the fraudulent email that recipients should be alert for:

  • An otherwise legitimate reference to a provision of the USA Patriot Act allowing financial institutions to share information with each other.
  • An actual email address that appears to be from Europe, rather than the U.S.-based credit union.
  • Numerous instances of poor grammar and sentence structure.

Continue reading ›

|

FINRA has announced a new self-reporting initiative covering potential violations by its Member Firms of various rules governing share class recommendations relating to 529 Plans. See FINRA Regulatory Notice 19-04 (Jan. 28, 2019). Similar to the SEC’s recent self-reporting initiative regarding mutual fund share class selection in connection with 12b-1 marketing fees (which we have blogged about last month and in May of 2018), this new FINRA initiative (the “Initiative”) offers potential leniency in return for Member Firms coming forward to self-report likely violations pursuant to the terms of the Initiative.

529 Plans are tax-advantaged municipal securities that are structured to facilitate saving for the future educational needs of a designated beneficiary. While the sale of 529 Plans is governed by the rules of the Municipal Securities Rulemaking Board (“MSRB”), FINRA is responsible for enforcing the MSRB’s rules. These rules, in turn, require that recommendations of 529 Plans be suitable in light of the customer’s investment profile, and that Member Firms selling 529 Plans have a supervisory system in place to achieve compliance with the MSRB’s rules.

Continue reading ›

|

At this time of year, it is important for registered investment advisers to assure that they are in compliance with federal and/or state rules requiring them to monitor their supervised persons’ security holdings and transactions for compliance with the firm’s code of ethics. Even seasoned compliance professionals will encounter questions regarding application of the rule from time to time. While this article is no substitute for a detailed analysis of the rule and its application to a specific firm and its supervised persons, an overview of the rule may be helpful.

As background, all SEC-registered investment advisers are required to adopt a Code of Ethics, which must describe the standards of conduct expected for representatives of the firm and address conflicts that arise from personal trading by advisory personnel. This federal requirement, which governs SEC-registered advisers only, derives from SEC Rule 204A-1, which took effect in 2005. Since then, many state securities administrators have adopted identical or similar requirements, either by adopting SEC Rule 204A-1 “by reference”—i.e., verbatim—into state law, or by crafting similar “me too” provisions. Accordingly, if your firm is SEC-registered, it will be bound by Rule 204A-1; but, if your firm is currently a state-registered adviser, it may be bound by the same or similar requirements. Continue reading ›

|

On December 20, 2018, two days before the recent partial federal government shutdown began, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations announced its 2019 Examination PrioritiesAs discussed previously, the shutdown resulted in the SEC operating at a quite minimal level.  Now that the shutdown is over, registered investment advisers and broker-dealers can likely expect OCIE to fully implement the following examination priorities.

OCIE listed six examination priorities for 2019: (1) matters of importance to retail investors, especially seniors and investors saving for retirement; (2) compliance and risk in registrants who are tasked with overseeing critical market infrastructure; (3) focus on FINRA and MSRB; (4) digital assets; (5) cybersecurity; and (6) anti-money laundering.  According to OCIE, this is not an exhaustive list, and one can expect OCIE to cover other issues in its examinations.  However, OCIE has concluded that these issues “present potentially heightened risk to investors or the integrity of U.S. capital markets.” Continue reading ›

|

Demonstrating its regulatory interest in the robo adviser industry, on December 21, 2018, the Securities and Exchange Commission issued an Order Instituting Administrative and Cease-and-Desist Proceedings against Wealthfront Advisers, LLC, a registered investment adviser which uses a software-based “robo adviser” platform in servicing its clients. The action is the second case against robo advisers filed on the same day. Wealthfront submitted an offer of settlement in light of the proceeding.

According to the SEC’s Order, Wealthfront utilizes a proprietary tax loss harvesting program (“TLH”) to help its clients garner tax benefits. These tax benefits would typically come through selling assets at a loss, which could potentially be used to reduce income or gains and create a lower tax liability. From October 2012 onward, Wealthfront has featured whitepapers on its website that provide information about the TLH strategy. Continue reading ›

|

As the partial federal government shutdown, which began at midnight on December 22, 2018, now approaches its fifth week, we write to update our readers on the shutdown’s specific impact on the SEC and securities regulatory activities.  While we have previously discussed many of these points with our clients who currently have matters pending before the SEC, below is more general information regarding the SEC’s most significant functions.

The SEC was able to operate fully and conduct regular business for a limited number of days following the commencement of the general federal shutdown, but was forced to effectively close its doors on December 27, 2018.  Since then, the agency has been operating at a very minimal level with a skeleton crew of staffers able to respond to only emergency situations.  As described on the SEC’s home page, the remaining staff is available to respond only to “emergency situations involving market integrity and investor protection, including law enforcement.”  The vast majority of the SEC’s employees have been furloughed and are not reporting to work at this time.  That said, we note that a number of familiar online filing platforms, such as EDGAR, IARD, and CRD, all remain fully operable. Continue reading ›

|

On December 21, 2018, the Securities and Exchange Commission issued an Order Instituting Administrative and Cease-and-Desist Proceedings against Hedgeable, Inc., a registered investment adviser.  Hedgeable utilizes a “robo adviser” program, which it offers to individuals, small business owners, trusts, corporations, and partnerships through both its website and social media.  The SEC’s Order alleges that from about 2016 through April 2017, Hedgeable made various misleading statements in advertising and performance data.  Hedgeable submitted an offer of settlement in order to resolve the proceeding.

According to the Order, Hedgeable launched a so-called “Robo-Index” to present comparisons of its performance against that of two unaffiliated robo advisers.  These comparisons were featured on both Hedgeable’s website and various social media sites.  The SEC found that Hedgeable’s method of preparing the Robo-Index had significant material issues.  For example, the SEC found that data from 2014 and 2015 only featured data from a small pool of Hedgeable client accounts and excluded over 1,000 other client accounts.  The SEC alleged that, because of the small sample sizes, the data likely reflected “survivorship bias,” stemming from the fact that the sample size likely only contained clients who received higher than average returns compared to Hedgeable’s other clients.  The SEC also determined that Hedgeable’s calculation methods did not correctly estimate expected returns for a standard client of the other two robo advisers.  Hedgeable allegedly produced the data in the Robo-Index using estimations of the other robo advisers’ trading models rather than using the robo advisers’ actual models. Continue reading ›

Contact Information
2987 Clairmont Rd
#200
Atlanta, GA 30329
Toll Free: (855) 322-2057Local: (404) 490-4060Fax: (404) 490-4058 jsparker@parkmac.com

Attorney Advertising

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please do not include any confidential or sensitive information in a contact form, text message, or voicemail. The contact form sends information by non-encrypted email, which is not secure. Submitting a contact form, sending a text message, making a phone call, or leaving a voicemail does not create an attorney-client relationship.

Copyright © 2024, Parker MacIntyre
JUSTIA Law Firm Blog Design