By One can argue that there is no single component more important to a firm’s overall culture of compliance than the firm’s system of supervision, and no single document more essential to such supervisory system than the firm’s Written Supervisory Procedures. All FINRA-member broker-dealer firms, regardless of size or lines of business, must adopt and implement a supervisory system that is specifically tailored to each firm. Once this system has been established, the firm must document this supervisory system in a comprehensive set of Written Supervisory Procedures, must enforce and test these procedures, and must maintain detailed documentary evidence of any and all activities done in relation to these procedures.
This system of self-supervision required of FINRA-member broker-dealers is the linchpin to the overall self-regulatory scheme of regulation that has been established for broker-dealers. Establishing, maintaining and enforcing a good set of Written Supervisory Procedures is the most essential aspect of a firm’s ability to promptly detect and/or deter violations of securities laws and, accordingly, help avoid disciplinary actions by the regulators. Periodic evaluation, detailed documentation of efforts, and remediation of procedures (where necessary) help a firm demonstrate to regulators that it takes very seriously the requirements of compliance.
In order to implement an effective supervisory system, a firm must first understand the regulatory framework comprising the requirement, which can be found in NASD Rules 3010, NASD Rule 3012 and prior NASD Rule 3013 (which is now FINRA Rule 3130).
NASD Rule 3010 requires that each FINRA-member firm “establish and maintain a system to supervise the activities of each registered representative, registered principal, and other associated person that is reasonably designed to achieve compliance with applicable securities laws and regulations, and with applicable NASD Rules.” (Rule 3010(a)) This “system” must be comprised of, at a minimum, (i) written procedures, (ii) proper supervision by qualified registered principals (which includes reviews of business activity as well as training of, and regular meetings with, supervised persons) and (iii) internal examinations of the firm’s policies and procedures.
The Written Supervisory Procedures required by Rule 3010 (“WPS’s”) must be “reasonably designed” to achieve compliance with applicable securities laws. The WSP’s must describe the “supervisory system” that the member firm has established, including the names, titles, locations and responsibilities of all supervisory personnel, and designation of the supervised persons for which each supervisor is responsible. The WSP’s must be tailored to fit a firm’s business, taking into consideration factors such as customer base, lines of business, number of offices and personnel of the firm, and experience of personnel (including whether any personnel should be subject to heightened supervision). These procedures must be amended on a periodic basis, as appropriate, to reflect changes in the law or in the firm’s business. They also must be amended if internal inspections demonstrate that the current internal policies and procedures are not effective.
There is often a great deal of confusion regarding the preparation and purpose of Written Supervisory Procedures. It is important to realize the distinction between Written Supervisory Procedures and compliance guidelines, which may often be compiled into a “compliance manual.” Written guidelines on compliance (or a compliance manual) generally provide a firm’s employees with a description of applicable laws and prohibited practices, and serve as an instruction manual for the daily operation of a firm’s business. Written Supervisory Procedures, however, provide a framework for supervisors to follow to ensure that the firm is conducting business in accordance with the firm’s internal policies and procedures (or written compliance manual, if they have one). A written compliance manual can be a valuable complement to a firm’s written supervisory procedures, although it is not technically required by FINRA rules. A compliance manual alone would not be considered sufficient to adequately establish a firm’s supervisory system, and would not satisfy regulatory requirements. Too often, a firm does not realize that their compliance manual is not a sufficient evidence of establishment of their supervisory system until the firm is in the midst of an examination.
A firm’s Written Supervisory Procedures also should not be confused with a firm’s “supervisory control procedures” (as required by NASD Rule 3012), which serve another complementary purpose. While Rule 3010 requires the establishment of a supervisory system and the adoption of written supervisory procedures, Rule 3012 requires the designation of one or more principals who will establish, maintain and enforce a system of “supervisory controls”, and another set of written procedures (“Supervisory Control Procedures”) that test and verify that a firm’s supervisory system is reasonably designed to achieve compliance with applicable laws-essentially constituting supervision of the supervisors.
Rule 3012 requires each broker-dealer to establish Supervisory Control Procedures to support the WSP’s established pursuant to Rule 3010, to establish a control process to insure that the WSP’s are serving their purpose. According to FINRA Senior Staff, “[Rule 3012] is really a reflection and a writing down of a common-sense conclusion that you can’t have effective procedures internally governing what you do at your firm unless you take a step back and take a look at them, and determine whether they’re effective and whether there are holes.” (FINRA Senior Staff Response, 2007 Spring Securities Conference “Ask Senior Staff” Session, May 23, 2007, as quoted in ACA Compliance Group’s BD Quarterly, 4th Quarter 2008.)
A further layer to this comprehensive regulatory scheme is found in prior NASD Rule 3013 (now FINRA Rule 3130). The supervisory system established and implemented pursuant to Rules 3010 and 3012 combine to provide the basis for an annual CEO certification attesting that the firm “has in place processes to establish, maintain, review, test and modify written compliance policies and written supervisory procedures reasonably designed to achieve compliance with applicable [securities laws].”
While the various components of this regulatory scheme involving NASD Rules 3010 and 3012 and FINRA Rule 3130 may be complicated, the overarching relationship of this regulatory scheme is complementary, not duplicative, in nature, and thus it is essential that all components of this scheme be followed.
A firm’s managers should pay careful attention to understanding the components of this “self-regulatory” scheme. “Compliance with applicable…rules…and…laws…is the foundation of ensuring investor protection and market integrity and is essential to the efficacy of self-regulation.” (See supplementary material .03 to FINRA Rule 3130.) Regulators consider it to be the responsibility of firms themselves to promote a strong internal culture of compliance, and require the firms to function as their own regulators.
The adequacy of written procedures is designated as an area of examination priorities, and member firms are frequently cited for violations of these rules, whether by failure to have appropriate written procedures, failure to periodically test such procedures, failure to document the testing and evaluation of such procedures, or in some cases, a failure to, in a sense, bring life to the supervisory system. SEC enforcement chief Linda Chatman Thomsen, in a June 2008 speech, in explaining a recent sanction for deficient policies and procedures, shed some light on what an SEC examiner looks for in an examination of a firm’s supervisory regime-“As imposing as these procedures were on paper, something was missing: the human element, the hand that collected the signed acknowledgement paper, the eye that met the employee’s gaze and saw that he understood and accepted the responsibilities enumerated in that paper. And without that person ensuring that those policies were a living breathing trust between employer and employee, well, the law was not being upheld.”
The preceding column was contributed by Beth N. Lowson of The Nelson Law Firm, LLC. She can be reached at bnlowson@nelsonlf.com.
