Ah, Spring. A time of contrasts, for sure. To add to the already long list of flip-flops you'll encounter this printemps, here's a summary of my recent attempt to clarify something I thought I'd been quite clear on.
Back in February 2006, NASD put out two IM's on Rule 3011, the AML rule for BD's. One of these IM's finally spelled out the independent testing expectations under the Rule. Prior to that, we all made the assumption that testing had to be annual, although it wasn't required in writing at the time. IM-3011-1 explained what 'independent' meant and that testing for most firms was an every-calendar-year requirement. "Most firms" excluded those that didn't execute transactions, hold customer accounts or introduce customers to a clearing firm (act as introducing broker). Well, if you're a prop trading firm with no customers, that's Clariton-clear. If you're a private placement/M&A shop, it's not.
After the Notice came out in 2006, I called and spoke with its author at NASD. My question related to these types of firms--the ones that didn't seem to fit into either category--the poor PP firms that always seem to be denied the benefit of succinct rule interpretation. He explained that PP firms would indeed fall into the 'every year' category. I took him on his word and went ahead and spread that word. My PP clients lived according to this guidance and I saw repeated evidence of District examiners living by this interp, too, since they tested firms for compliance with an annual testing requirement. In conferences, when the subject came up, panelists confirmed it: PP firms were expected to have annual AML testing.
Last week a thick layer of Northeastern pollen settled on this issue. It seems there's dissension in the ranks, that certain examiners are of the opinion that a registered broker-dealer who offers investments in, say, hedge funds, should not be held to the annual testing requirement. General terms, like 'no retail customers,' and 'no brokerage accounts' are being tossed about like old, wet leaves. The well-worn "every firm is different" flag is brought out of winter storage and the conversation is over. My attempt to get into specifics fails. Specifics like: what, exactly, does "execute transactions" mean in this context? What about the apparent contradiction of requiring PP firms to do CIP work while putting them in the category of two-year cycle firms like prop traders, who don't have to do CIP work? How about the fact that FinCEN recently withdrew its proposed AML rules for both IA's and unregistered investment companies? Why? Partly because the financial transactions conducted with these firms have to go through registered BD's--and are thus subject to existing BSA AML requirements. (Doesn't this imply that BD's offering investments in HF's--unregistered investment firms--are presumed to be the front line of AML defense and can be considered to 'execute transactions'?) And lastly, what about the fact that 'corporate' has, seemingly, been clear this subject (Office of General Counsel verbally confirmed last week the continued validity of the annual testing requirement for PP firms). Last week on one call, there was some mention of my profit motive: you know, I stand to make a fortune if my PP firm clients have to have annual instead of bi-annual AML audits. ...aha! now you (and I) know: my passion for regulatory consistency is simply a thinly-veiled construct known as greed. (Note to self: stop spending so much time on this blog entry and get back to the business of manipulating your clients' understanding of their responsibilities.)
Other industry consultants are hip to this muddy subject, too. NRS years ago attempted to have NASD spell it out (they didn't). A savvy consultant in lower Manhattan feels strongly that PP firms don't have to have annual reviews, but suggests that they do, given the ambiguity on the subject. Without specific written guidance on this--or better yet, specific Rule language--different firms will live by different opinions. It seems to me that what is expected is this: you, the small PP/HF offeror firm, have to call your Coordinator and ask him or her which AML exam cycle applies to your particular firm. You may not rely on a generally-accepted, age-old definition of your business activities in order to make a determination using IM-3011-1. Nope. Assume ambiguity and call your District. Without a bright line drawn for all firms, we'll have to find out what FINRA wants, one firm at a time. I, for one, would prefer a different approach.
Yesterday snow flurries blew about the crocus buds. Nature is full of beautiful contradictions. Should securities regulation be so? I'll leave that to the Chauncey Gardeners of the world to contemplate.
[Very important explanatory babble: I really appreciate the dialogue I have with certain FINRA representatives and I don't want that dialogue to end. I believe in their motives and I hope they believe in mine. When I write entries like this, my goal is to assist firms understand misunderstood things and also to promote change to the extent possible. I do not write simply for the sake of complaining or criticizing: for me, it's about making things better. Thanks to those at FINRA who help me do that. --shi]
Monday, March 23, 2009
Friday, March 6, 2009
Sharing SAR's: Some Proposed Changes
FinCEN has announced proposed changes to BSA's regulations on SAR sharing and confidentiality rules. Since they're now just proposals subject to comment, I won't detail every change, but here's my summary:
The guidance on sharing with parent entities will remain intact--it will be built into the regulation so as to be all the more official. Here is the original guidance from January 2006: http://www.fincen.gov/statutes_regs/guidance/html/sarsharingguidance01202006.html You remember that it allowed BD's to share a SAR or the existence of a SAR with a holding or parent company, but not with affiliates. The guidance required that a confidentiality agreement be place with the holding co/parent entity.
BD's will now be allowed to share a SAR or the existence of a SAR with affiliate entities--that is, only if those entities are subject to SAR rules (i.e., banks, BD's, mutual funds, thrifts, insurance co's, casinos, money service business--not IA's or unregistered investment companies). BD's can only share this stuff if they filed the SAR and the affiliates can't go on to share the information with others (it's not like Facebook: 'friends of friends' don't get to see stuff...). Like with parent entities, confidentiality agreements should be in place when sharing with affiliates.
Other changes clarify some things that you might have otherwise assumed, like: the sharing prohibition applies to all employees, directors, agents, etc. (not just the firm); BD's can share SAR's or the existence of SAR's with their examining authorities; and BD's and their employees can share the information, facts, and documents underlying a SAR a) with financial institutions for the sake of filing a joint SAR and b) in connection with certain employment references or termination notices.
I would think FINRA would provide an announcement when these changes go into effect, so look for a Notice in the coming months. For the proposals and guidance, go to: http://www.fincen.gov/statutes_regs/frn/pdf/frnSAR_Confidentiality.pdf and http://www.fincen.gov/statutes_regs/frn/pdf/frnSF_SAR_Sharing.pdf .
The guidance on sharing with parent entities will remain intact--it will be built into the regulation so as to be all the more official. Here is the original guidance from January 2006: http://www.fincen.gov/statutes_regs/guidance/html/sarsharingguidance01202006.html You remember that it allowed BD's to share a SAR or the existence of a SAR with a holding or parent company, but not with affiliates. The guidance required that a confidentiality agreement be place with the holding co/parent entity.
BD's will now be allowed to share a SAR or the existence of a SAR with affiliate entities--that is, only if those entities are subject to SAR rules (i.e., banks, BD's, mutual funds, thrifts, insurance co's, casinos, money service business--not IA's or unregistered investment companies). BD's can only share this stuff if they filed the SAR and the affiliates can't go on to share the information with others (it's not like Facebook: 'friends of friends' don't get to see stuff...). Like with parent entities, confidentiality agreements should be in place when sharing with affiliates.
Other changes clarify some things that you might have otherwise assumed, like: the sharing prohibition applies to all employees, directors, agents, etc. (not just the firm); BD's can share SAR's or the existence of SAR's with their examining authorities; and BD's and their employees can share the information, facts, and documents underlying a SAR a) with financial institutions for the sake of filing a joint SAR and b) in connection with certain employment references or termination notices.
I would think FINRA would provide an announcement when these changes go into effect, so look for a Notice in the coming months. For the proposals and guidance, go to: http://www.fincen.gov/statutes_regs/frn/pdf/frnSAR_Confidentiality.pdf and http://www.fincen.gov/statutes_regs/frn/pdf/frnSF_SAR_Sharing.pdf .
Subscribe to:
Posts (Atom)