FINRA Rule 3110: 4 Ways to Simplify Compliance
A large part of running a compliant broker-dealer means understanding and adhering to the supervisory requirements set forth in FINRA Rule 3110.
This regulation requires that all member firms set up a formal supervisory system to internally review the operations and activities of local personnel for compliance with applicable securities laws and regulations.
While it seems as though supervisory requirements have always been in place, FINRA Rule 3110 was adopted in 2014 to merge existing requirements with new supplemental material. 6 years later, many firms are still looking for ways to ensure their supervisory systems are adequate, especially considering the ever-changing technological landscape.
How to Develop a Supervisory Framework?
For many firms, developing and maintaining a supervisory framework that is both fully compliant yet not overly burdensome can be challenging. However, by keeping in mind a few key concepts, firms can streamline their supervisory programs in order to shift management’s focus back to core business functions as needed.
1 - Identifying Risk Areas
When it comes to supervisory systems, the biggest key to reducing regulatory burden is to use a risk-based approach. When developing supervisory programs, management should tailor the scope, schedule and processes to fit the company’s risk exposure.
Firms need to consider business lines, products offered, customer base, and branch locations when assessing risk.
After risks have been fully identified, the ways in which transactions and customer correspondence are reviewed can be designed to include all relevant regulatory requirements, while excluding those topics that may not apply to the various branch locations or business lines. By using a risk-based approach, inspections can ensure a more economical use of management’s time and resources.
2 - Establishing the Inspection Frequency
How often do inspections need to occur? This question can be answered by first developing a risk-based supervision program, as discussed above. After the major risks are identified and red flags are documented, firms can determine the frequency of inspections and what type of reviews need to be completed on and off-site.
While Rule 3110 states that most branches are to be inspected annually, while non-branches should be every 3 years, exceptions can be made if risks are low enough to warrant a less frequent schedule.
By only completing inspections as needed and based on the level of risk exposure, companies can increase efficiency in their supervisory structures.
3 - Finding the Right Controls
A big piece of establishing an adequate supervisory system is setting measures to prevent and detect conflicts of interest or conduct risk. By establishing appropriate internal controls on the outset, the time and resources needed for inspections in these areas can be minimized.
Internal controls also play a large part in the supervisory process itself. By segregating supervisory duties, the integrity of the entire program is preserved. In larger firms, supervisory personnel should be completely independent and are prohibited to supervise their own activities or those who may determine their employment status or compensation.
In smaller firms or single person branches this is not possible, and exceptions can be made. Just like the supervisory process is risk-based, internal controls should similarly be customized based on the size and complexity of operations.
4 - Document & Document Some More
Although it may seem oxymoronic, firms should increase documentation to minimize regulatory burden. By maintaining appropriate record keeping, reporting and document maintenance standards from beginning to end, companies will set themselves up for success over the long run.
Written policies and procedures (WSPs) should be maintained for the entire supervisory system, and for individual steps along the way. Once the blueprints are in place, updates and changes can easily be made as changes in regulations or business decisions affect the operations of the firm.
FINRA Rule 3110 Compliance in Summary
It can be a challenge for many companies to maintain a robust supervisory framework while also ensuring that time and resources are used effectively.
But if firms can adequately tailor their supervision procedures while maintaining an appropriate frequency of inspections, a tight internal control structure, a vigorous documentation, and appropriate recordkeeping standards, they will find that compliance with FINRA Rule 3110 ultimately easily falls in line.