The Financial Industry Regulatory Authority published its Annual Risk Monitoring and Examination Priorities Letter to highlight issues of importance to FINRA’s regulatory programs. Highlighted items include online distribution platforms, regtech and digital assets.
Firms increasingly are involved in the distribution of securities through online platforms in reliance on Rule 506(c) of Regulation D and Regulation A under the Securities Act of 1933 (Securities Act). While some online distribution platforms are owned and operated by broker-dealers, others are operated by unregistered entities, which may use member firms as selling agents or brokers of record, or to perform activities such as custodial, escrow, back-office and financial technology (fintech)-related functions.
FINRA is concerned that some member firms assert they are not selling or recommending securities when involved with online distribution platforms despite evidence to the contrary, including handling customer accounts and funds, or receiving transaction-based compensation. We will evaluate how firms conduct their reasonable basis and customer-specific suitability analyses, supervise communications with the public and meet AML requirements. Further, given the broad visibility of offerings distributed through online platforms, FINRA will evaluate how firms are addressing the risk of offering documents or communications with the public that omit material information or may contain false or misleading statements, or promissory claims of high targeted returns. For offerings subject to Regulation D, we will also evaluate how firms address the risk of sales to non-accredited investors and non-compliant escrow arrangements. For offerings subject to Regulation A, FINRA will also assess the risk of excessive or undisclosed compensation arrangements between firms and the issuers.
In addition, firms are using a variety of innovative regulatory technology (regtech) tools to make their compliance efforts more efficient, effective and risk-based. FINRA will engage with firms to understand how they are using such tools and addressing related risks, challenges or regulatory concerns, including those relating to supervision and governance systems, third-party vendor management, safeguarding customer data and cybersecurity.
Some firms have demonstrated significant interest in participating in activities related to digital assets and FINRA encourages firms to notify FINRA if they plan to engage in such activities, even where a membership application is not required. This year, FINRA will review firms’ activities through its membership and examination processes related to digital assets and assess firms’ compliance with applicable securities laws and regulations and related supervisory, compliance and operational controls to mitigate the risks associated with such activities. Coordinating closely with the US Securities and Exchange Commission, FINRA will consider how firms determine whether a particular digital asset is a security and whether firms have implemented adequate controls and supervision over compliance with rules related to the marketing, sale, execution, control, clearance, recordkeeping and valuation of digital assets, as well as AML/Bank Secrecy Act rules and regulations.