|
On June 17, 2004, the Securities and Exchange Commission (SEC)approved rule changes (Supervisory Control Amendments) by FINRA
that both create and amend certain rules and interpretive materials to address a members supervisory and supervisory control
procedures.On September 30, 2004, the SEC granted accelerated approval to proposed rule changes to the Supervisory Control
Amendments to conform certain parts of the new rule requirements to the New York Stock Exchanges recently approved internal
control.
Create Rule 3012 to require a member to designate one or More principals who will establish,maintain and enforce a system
of supervisory control policies and procedures that test and verify that the members supervisory procedures are
reasonably designed to comply with applicable securities Laws and FINRA rules and amend those supervisory procedures where
necessary. Rule 3012 also requires that a person Senior or;otherwise independent; to a producing manager perform the day-to-day
supervisory reviews of the producing managers account activity.In addition, a member must have in place heightened upervisory
procedures for the Supervision of a producing manager who is responsible for 20 percent or more of the revenue generated by
the business units supervised by the producing managers supervisor.
Amend Rule 3010(c)codifies the minimum inspection cycles for a members offices and to require that office inspections
include, without limitation, the testing and verification of the members policies and procedures,including supervisory policies
and procedures in certain specified areas. There is a general requirement that an office inspection may not be conducted by
the branch office manager for that office, any person within that office who has supervisory responsibilities, or any individual
who is directly or indirectly supervised by such persons.Depending upon the position of the person within the member who conducts
the inspection, a member must have in place heightened inspection procedures for the inspection of an office where the producing
manager is responsible for 20 percent or more of the revenue generated by the business units supervised by the producing managers
supervisor.
Amend Rule 3110 to require that before any customer order is executed, the account name/designation must be placed upon
the memorandum for each transaction. Additionally, no changes to the account name/designation can be made unless previously
authorized by a member or a person designated under FINRA rules (who must pass a qualifying principal exam). Such person,
prior to giving such approval, must be informed of the essential facts and indicate his/her approval in writing on the order
or similar record. The facts relied upon by the person in approving the change must be documented in writing and preserved
for a period of not less than three years, with the documentation preserved for the first two years in an easily accessible
place, as the term easily accessible place is used in SEC Rule 17a-4.
Amend Rule 2510(d)(1) to require that time and price discretionary authority is limited to the day it is granted, absent
a specific, written indication signed and
dated by the customer. The limitation does not apply to time and price discretion exercised for orders in an institutional
account pursuant to valid Good-Till-Canceled instructions issued on a not held basis. Any exercise of
time and price discretion must be reflected on the order ticket.
FINRA has amended certain rules and interpretive materials and has created new Rule 3012 (Supervisory Controls System)And
recently approved Rule 3013(Annual certification of Compliance and Supervisory Processes).
New Rule 3013 requires each member firms chief executive officer (CEO) to certify annually that senior executive management
has in place processes to: (1) establish,
maintain, and review policies and procedures reasonably designed to achieve compliance with applicable FINRA rules, Municipal
Securities Rulemaking Board (MSRB)rules, and federal securities laws and regulations; (2) modify such policies and procedures
as business, regulatory, and legislative changes and events dictate; and (3)test the effectiveness of such policies and procedures
on a periodic basis, the timing of which is reasonably designed to ensure continuing compliance with FINRA rules, MSRB rules,
and federal securities laws and regulations.
IM-3013 sets forth the language of the CEO certification and gives further guidance as to the requirements and limitations
of Rule 3013.
Rules 3010 and 3012 also address a member firms supervisory policies and procedures, firms have questioned whether these
rules impose duplicative requirements regarding the establishment of a firms supervisory policies and procedures. Although
Rules 3010, 3012, and 3013 are closely related, their obligations are complementary, not duplicative, in nature. The three
rules essentially come together to form an overarching regulatory scheme for the supervision of member firms. First, Rule
3013 requires the
CEO of each member to certify that they have a process to adopt compliance policies and supervisory procedures reasonably
designed to achieve compliance with applicable
securities laws and regulations and FINRA rules. Rule 3010 requires the establishment of a supervisory system for the
firms business activities, including the adoption of polices and procedures reasonably designed to achieve compliance with
applicable securities laws and regulations and FINRA rules. The establishment of the supervisory system required to be adopted
in Rule 3010 should result from the processes that are the subject of the certification of Rule 3013. Finally, Rule 3012 requires
firms to have supervisory control procedures that test and verify that the members supervisory procedures are reasonably designed
to achieve compliance with applicable securities laws and regulations and FINRA rules, and where necessary, amend or create
additional supervisory procedures. In sum, new regulatory supervisory scheme consists of process, supervision, and adoption
of policies and procedures,and testing and amendment of such policies and procedures.
New Rule 3012 requires that a member designate and specifically identify one or more principals who will establish, maintain,
and enforce supervisory control procedures that will test and verify that the members supervisory procedures are sufficient
and amend or create additional supervisory procedures where the need is identified by such testing and verification. Of course,
NASD expects that the designated principals will test and
verify the adequacy of the supervisory control procedures in a manner that is independent of any business considerations
that are countervailing to full compliance
with applicable securities laws and regulations and FINRA rules.
Supervisory control policies and procedures must include procedures that are reasonably designed to review and supervise
on a day-to-day basis the customer account activity conducted by the members branch office managers, sales managers,regional
or district sales managers, or any person performing a similar supervisory function.A person who is senior to or otherwise
independent of the producing
manager must perform these day-to-day supervisory reviews. An associated person is considered a producing manager regardless
of the amount of customer account activity
the producing manager conducts. Accordingly, if the president of a member firm manages only a few accounts on behalf of
the presidents family and friends, that person is considered a producing manager for purposes of Rule 3012.
FINRA understands that the determination of seniority for the purpose of deciding who should conduct a producing managers
supervisory reviews is a facts and circumstances
test. A person who does not report to the producing manager, whose compensation is not determined in whole or part by
the producing manager, and who is not in the
same chain of authority may be considered senior to the producing manager if that person has the authority to oversee,
direct, and correct the activities of the producing manager and take all necessary remedial actions, including termination,
if and when necessary. Similarly, a member must consider certain factors in determining whether a person is an otherwise independent
person for purposes of conducting a producing managers day-to-day supervisory reviews. An otherwise independent person who
may conduct
supervisory reviews may not report either directly or indirectly to the producing manager under review. In addition, the
otherwise independent person must be situated
in an office other than the office of the producing manager, must not otherwise have supervisory responsibility over the
activity being reviewed (including not being directly compensated based in whole or in part on the revenues accruing from
those activities), and must alternate such review responsibility with another qualified person every two years or less.The
ability of member firms to use individuals who are either senior to or otherwise
independent of the producing manager to conduct the producing managers day-to-day supervisory reviews allows member firms
the flexibility to structure their supervisory review policies and procedures in a manner that both accords with their various
business models and achieves the best customer protection practices. For example, if a member firm has a person who is senior
to the producing manager assigned as the producing managers supervisor but determines that, for customer protection purposes,
the producing managers supervisor should not conduct the day-to-day supervisory reviews of the producing managers customer
account activity because the supervisor is located in the producing managers office, the member firm may have a person who
meets the definition of an otherwise independent person conduct the day-to-day supervisory reviews of the producing managers
customer account activity.
Supervisory control policies and procedures require a member to have procedures that are reasonably designed to provide
heightened supervision over the activities of the producing manager if the producing manager is responsible
for generating 20 percent or more of the revenue of the business units supervised by the producing managers supervisor
over the course of a rolling, twelve-month period.
FINRA views this 20 percent threshold as a trigger for determining when a member must put in place heightened supervisory
procedures. For purposes of determining
the 20 percent threshold, a member must look at all revenue generated by or credited to the producing manager or the producing
managers office, and that amount shall be included as part of the overall revenues of the business units supervised by the
producing managers supervisor irrespective of a members internal allocation of such
revenue. Rule 3012 requires the 20 percent threshold to be calculated on a rolling,twelve-month basis. The standard for
heightened supervision in Rule 3012 does not create a negative safe harbor, i.e., the inspection of offices falling below
the 20 percent threshold does not create a presumption that heightened supervision is not required. A member may need to employ
heightened supervision in connection with reviews based on other facts and circumstances.For purposes of Rule 3012, the term
heightened supervision means those supervisory procedures that are designed to avoid conflicts of interest that serve to undermine
complete and effective supervision because of the economic, commercial, or financial interests that the supervisor holds in
the associated persons and businesses being supervised. Heightened supervisory procedures may include such elements as unannounced
supervisory reviews, an increased number of supervisory reviews by different reviewers within a certain period, a broader
scope of activities reviewed,and/or having one or more principals approve the supervisory review of such producing managers.
Rule 3012 also requires that a firms supervisory control policies and procedures include procedures that are reasonably
designed to review and monitor the following activities: All transmittals of funds (e.g., wires or checks, etc.) or securities
From customers and third-party accounts (e.g., a transmittal that would result in a change of beneficial ownership);From customer
accounts to outside entities (e.g., banks, investment companies, etc.);From customer accounts to locations other than a customers
primary residence (e.g., post office box,in care of, alternate address,etc.); and Between customers and registered representatives,
including the handdelivery of checks. Customer changes of address and the validation of such changes of address; and Customer
changes of investment objectives and the validation of such changes of investment objectives.
Members should note that the policies and procedures for monitoring these activities must include a means or method of
customer confirmation, notification, or follow-up
that can be documented.The FINRA does not expect a member to have in place supervisory policies and procedures for activities
in which it does not engage. However,a member must identify those activities in which it does not engage in its written supervisory
control policies and procedures and document that additional supervisory policies and procedures for such activities must
be in place before a member can engage in them.
Amended Rule 3010(c)(1) details mandatory inspection cycles that each member must have in place for its supervisory branch
offices, non-supervisory branch offices, and
unregistered locations. NASD believes that codifying these mandatory inspection schedules will enhance oversight and supervision
of branch and non-branch locations. Specifically, Rule 3010(c)(1) requires each member to inspect, at least annually, each
supervisory branch office. Any location that is responsible for supervising the activities of persons associated with a member
at one or more of a members non-branch office locations is considered to be a branch office.
Also, Rule 3010(c)(1) requires a member to inspect all non-supervisory branch offices, at a minimum, every three years.When
establishing how often to inspect its non-supervisory branch offices, the member must consider whether the nature and complexity
of a branch offices, securities activities, the branch offices volume of
business, and the number of associated persons assigned to the branch office require inspections more frequently than
every three years. Also, a member must set forth in its written supervisory and inspection procedures the examination cycle
and an explanation of the factors the member used in determining the frequency of the cycle.
Additionally, Rule 3010(c)(1) requires a member to inspect every non-branch location on a regular periodic schedule. In
establishing the inspection schedule, a member must consider the nature and complexity of the locations securities activities
and the nature and extent of contact with customers and set forth in its written supervisory
and inspection procedures an explanation regarding how the member determined the frequency of the examination schedule.
These requirements are consistent with previous FINRA guidance stating that non-branch locations should be inspected according
to a regular schedule and that the frequency and scope of inspections should be determined based on factors such as the nature
and volume of business conducted at the office and the nature and extent of contact with customers. Members are advised to
look carefully at the activities of their non-branch locations
to ensure that they are not considered by Rule 3010 to be a branch office. As previously noted, Rule 3010 considers a
non-branch location to be a branch office if it is
responsible for supervising the activities of persons associated with a member at one or more of the members non-branch
locations. Rule 3010 requires that locations of convenience still be examined on a regular periodic schedule.
Rule 3010(c)(2) mandates that a member must reduce each office inspection to a written report and keep it on file for
a minimum of three years, unless the inspection is being conducted pursuant to a regular periodic cycle for non-branch office
locations and the regular periodic schedule is longer than a three-year cycle, in which case the member must keep the report
on file at least until the next inspection report has been written. The written inspection report must also include, without
limitation, the testing and verification of the members policies and procedures, including supervisory policies and procedures,
in the areas of:Safeguarding customer funds and securities;
Maintaining books and records;Supervising customer accounts serviced by branch office managers;Transmitting funds between
customers and registered representatives and between customers and third parties;Validating customer address changes; and
Validating changes in customer account information.
SEE NTM 04-71, FOR THE FULL TEXT
|
