Earlier this month, the Financial Industry Regulatory Authority, Inc. (FINRA) released its annual Risk Monitoring and Examination Priorities Letter (“Priorities Letter”).

This year’s letter includes several new features that are intended to “support” firms in their “significant efforts” to comply with applicable rules. Specifically, each highlighted topic includes a list of practical considerations and questions that are designed to help member firms “evaluate the state of their compliance, supervisory and risk management programs.” Firms can take advantage of these practical considerations and questions by considering how well their practices, policies, and procedures address each relevant consideration and question. Another new feature in the Priority Letter is an appendix that lists and links to helpful resources.

More generally, the Priority Letter is organized around several broad topics: Sales Practices and Supervision, Market Integrity, Financial Management, and Firm Operations. A quick summary of ongoing areas of concern is followed by a more in-depth focus on several new and emerging areas. While these topics are summarized below, firms are encourage to carefully review applicable portions of the Priorities Letter in their entirety.

Sales Practice and Supervision. Areas of continued focus include complex products, variable annuities, private placements, fixed income mark-up/mark-down disclosure, representatives acting in a position of trust or authority and senior investors.

New or emerging areas on which FINRA intends to focus include:

• Reg. BI and Form CRS. New to this year’s Priorities Letter is, not surprisingly, a focus on Regulation Best Interest (“Reg. BI”) and Form CRS (Client Relationship Summary). Both Reg. BI (Securities Exchange Act Rule 15l-1) and Form CRS (Securities Exchange Act Rule 17a-14) become effective June 30, 2020. Reg. BI imposes a number of disclosure and other obligations on broker-dealers and natural persons associated with broker-dealers if they make recommendations to retail customers.  Our blog post on the issuance of the regulation may be found here. Form CRS applies to both registered broker-dealers and registered investment advisers who have “retail investors” as customers or clients. Covered firms are required to file Form CRS with the SEC, post the form on their website and also deliver it to current and future customers.  With respect to Reg. BI and Form CRS, FINRA intends to review firms over the first half of the year to better understand implementation challenges, with compliance reviews beginning on and after June 30^th. Though not stated in the Priorities Letter, it seems likely that firms that were found by FINRA to be behind on their implementation efforts should not be surprised to receive a return visit from FINRA after the June 30^th effective date.
• Communications with the Public. Area of focus includes “core obligations” such as compliance with FINRA Rule 2210 (Communications with the Public) and supervision and recordkeeping relating to correspondence and internal communications pursuant to FINRA Rule 3110(b)(4) (Supervision) and FINRA Rule 4510 (Books and Records Requirements) as well as a focus on private placement retail communications and communications via digital channels.
• Cash Management and Bank Sweep Programs. The Priorities Letter states that as commission practices have changed, i.e., decreased, bank sweep programs have taken on increased importance, presumably as a source of potential, additional revenue for firms. In light thereof, FINRA intends to evaluate firms’ sweep programs carefully, with special attention given to firms’ communications and disclosures to customers concerning such programs.
• Sales of IPO Shares. FINRA’s focus on IPO sales will include allocation practices, how firms detect and address flipping and spinning, the calculation and reporting by lead managers of aggregate retail demand to issuers’ pricing committees, and the obtaining, recording and verifying of information relating to allocated customers.
• Trading Authorization. Areas of focus will include whether supervisory systems are reasonably designed with respect to trading authorization, discretionary accounts and key transaction descriptors, such as solicitation indicators. FINRA also intends to focus on supervisory processes with respect to the detection of the improper exercise of discretion by registered representatives.

Market Integrity. Areas of continued focus include market manipulation, TRACE reporting, short sales, and short tenders. The Priorities Letter also reminds firms that they will be required to begin reporting to the Consolidated Audit Trail (CAT) in April 2020. While FINRA continues to work with firms as they prepare for reporting to CAT, once reporting does begin, FINRA will initiate its surveillance and investigative program to review for compliance with CAT reporting requirements. The Priorities Letter also encourages firms “to continue devoting the necessary resources to ensure continually high levels of accuracy in their [current] Order Audit Trail System (OATS) reporting.”

Other areas of focus include:

• Direct Market Access Controls. While not a new area of focus, the Priorities Letter identifies “continued growth in automated and high-speed trading” as increasing the potential risks to firms, and the securities markets more generally and, therefore, warranting an increased focus by FINRA on compliance with the Market Access Rule (Securities Exchange Act Rule 15c3-5).
• Best Execution. Best Execution is another area of perennial concern. Areas of focus include routing decisions, odd-lot handling, U.S. Treasury Securities, and options.
• Disclosure of Order Routing Information. FINRA intends to review firms’ compliance with recent amendments to National Market System (NMS) Rule 606 that require broker-dealers to provide new customer-specific reports for not held orders in NMS securities.
• Vendor Display Rule. FINRA intends to evaluate the adequacy of firms’ controls and supervisory systems relating to their compliance with NMS Rule 603, which requires firms to provide a consolidated display of market data for NMS stocks for which they provide quotation information to customers.

Financial Management. FINRA plans to continue to focus on firms’ compliance with the Customer Protection Rule (Securities Exchange Act Rule 15c3-3) and the Net Capital Rule (Securities Exchange Act Rule 15c3-1) as well as firms’ overall financial risk management programs.

New areas of focus include:

• Activities Related to Digital Assets. Particular areas of focus will include whether firms engaged in digital assets activities have filed a timely continuing membership agreement with FINRA, whether customers are provided with a fair and balanced presentation in marketing materials and retail communications, and whether firms have appropriate controls and procedures to support such transactions.
• Liquidity Management. FINRA’s area of focus in this regard will measure firms against the guidance provided in FINRA Regulatory Notice 15-33 (Guidance on Liquidity Risk Management Practices) as well as practices that may create challenges for clearing and carrying firms’ contingency funding plans.
• Contractual Commitment Arising from Underwriting Activities. FINRA intends to give particular focus on the impact of underwriting activities on firms’ capital compliance under the Net Capital Rule (Securities Exchange Act Rule 15c3-1).
• LIBOR Transition. Outside of its examination program, FINRA intends to engage with firms to understand how the industry is preparing for LIBOR’s retirement at the end of 2021.

Firm Operations. Continued areas of focus include firms’ supervisory controls related to commissions (Securities Exchange Act Rule 10b-10) and FINRA Rule 2232 (Customer Confirmations). Of course, FINRA will also continue its long standing focus on anti-money laundering compliance.

New areas of focus include:

• Cybersecurity. The Priorities Letter describes cybersecurity as “an increasingly large operational risk” for firms with the result that firms should expect FINRA to “thoroughly assess whether their policies and procedures are reasonably designed to protect customer records and information consist with Regulation S-P Rule 30.”
• Technology Governance. Areas of focus will include whether firms have made changes to their business continuity policies to keep up with changes to firms’ business and technology. FINRA also intends to look at how, in the event of a business continuity event, firms would maintain customers’ access to their funds and securities, and would manage their back-office operations. Other areas of focus will include controls to mitigate system capacity performance and integrity issues, the documentation of system change requests and approvals, practices related to testing, and the tracking of information technology problems and remediation.