About 1500 broker dealers, financial services vendors and government regulators met in Washington DC on May 16-18 at the annual Financial Industry Regulatory Authority (FINRA) conference to discuss current trends, such as compliance and audit readiness, regulatory technology and cloud storage, and how social media is impacting how the industry communicates.
FINRA President and CEO Robert Cook acknowledged how much the broker dealer industry is changing during his keynote address and highlighted how FINRA, broker dealers and financial services vendors, such as Iron Mountain, must collaborate to ensure that investors are protected and the financial industry maintains its integrity.
Cook outlined FINRA’s innovation outreach strategy, which set the tone for many of the insights shared by others in the industry at the conference. “This initiative will help FINRA better understand these innovations and how we can foster a collaborative environment for productive interactions with firms operating in this space,” Cook said. “It may also allow us to identify areas where we may want to consider adapting our regulatory approach to take into account evolving business models and risks.”
Audit and Compliance Readiness
Over the course of conference, FINRA and several speakers continued to stress the importance of being proactive vs. reactive in the face of potential regulatory changes, noting that compliance readiness is always a necessity and it’s important to regularly assess risks and routinely fix any requirements gaps.
FINRA representatives highlighted some key regulations currently under consideration, such as the Department of Labor (DOL)’s ERISA Rule that goes into effect June 9, 2017. The rule provides guidance on how manage a broker dealer’s fiduciary role and defines how the broker dealer must act in the “best interest” of investors.
Several speakers remarked on how many broker dealers are using technology, including cloud storage providers and regulatory compliance software, to manage FINRA audit and compliance requirements.
A key benefit of regulatory technology is how it can help to monitor financial transactions and automatically and systematically flag potentially fraudulent behavior. However, with the increased use of technology also comes the risk of cyberattacks. FINRA and conference speakers recommended broker dealers mandate their technology partners have cybersecurity mechanisms in place to protect records and information at all times; use encryption where appropriate; and set up access rights and permissions in such a way to prevent rogue activity or human error.
FINRA stressed that the broker dealer, regardless of its financial services vendor relationships, is accountable to ensure information is stored properly and in accordance with FINRA regulations and requirements. FINRA recommended broker dealers routinely audit their financial services vendors and review their certifications, policies and procedures.
Cloud Information Management
FINRA, speakers and attendees commented that broker dealers, like many other companies, are moving to the cloud to save money on storage costs, infrastructure and IT resources. Still, FINRA cautioned that records and information stored in the cloud must be archived per FINRA regulation requirements.
These requirements include notifying FINRA at least 90 days prior to implementing a cloud solution; using WORM storage and providing FINRA a letter of representation for WORM storage; storing a duplicate copy of all records; being able to readily download indexes and records from the cloud provider; validating the quality and accuracy of the storage process using used by the cloud provider; and ensuring FINRA can access the information stored in the cloud at any time to meet audit and compliance requirements.
Cook noted that FINRA’s market regulation platform make use of the cloud and regulatory technology software and said FINRA is also investing in its technology and plans to move its remaining applications and infrastructure to the cloud over the next three years.
Social Media Communications Concerns
Many companies, including broker dealers, use social media to ensure their brand is known in the marketplace and to reach as many potential customers are possible. Speakers expressed concerns over Bring Your Own Device (BYOD) and the use of personal social media accounts by employees, especially since it’s difficult to determine what content needs to be archived and accessible to FINRA. Most attendees acknowledged that asking employees to share their usernames and passwords to their social media accounts is an ineffective way to manage compliance and privacy.
To learn more about the solutions Iron Mountain offers to support broker dealers and the financial services industry, go to: www.ironmountain.com/banking.