FINRA Enforcement: New Direction for the Regulator

April 16, 2018

With new leadership at the helm of the Financial Industry Regulatory Authority (FINRA), the broker-dealer industry’s primary self-regulator, and the FINRA Enforcement Department, there is an opportunity for real and productive change. FINRA CEO Robert Cook has engaged in an extensive listening tour since he came on board, has launched an inward-looking review (named FINRA360) and, importantly, promoted Susan Schroeder to executive vice president, head of enforcement. Cook also made Schroeder a direct report.

In addition to the organizational changes occurring in the Enforcement Department, discussed below, perhaps the most significant action by Schroeder has been developing and announcing principles or goals that will guide Enforcement’s decision-making on matters. Schroeder delivered her remarks outlining the principles in a Feb. 12 speech at SIFMA’s Anti-Money Laundering Conference. Those firms and individuals and their counsel and consultants dealing with FINRA enforcement matters should be aware of her remarks and, more importantly, apply the principles in addressing identified issues. The importance of Schroeder’s remarks was reinforced at the recent SIFMA 2018 Annual Compliance & Legal Conference, where the speech and the information imparted about the new direction of the Enforcement Department were mentioned on several occasions, including by Cook.

Schroeder’s remarks covered the considerations of FINRA’s Enforcement Department when it evaluates: (1) whether to bring an action, (2) what sanctions to seek and (3) how to describe the department’s actions to make it apparent why the action was filed and why the sanctions are what they are.

In addition to the specific counsel Schroeder provides, there are two other points critical to understanding the current state of FINRA. First, this new way of “doing business” comes out of the FINRA360 review, an enterprise-wide, ongoing assessment to review, question its ongoing processes, rethink how it regulates, and ultimately, change to make FINRA a more efficient and effective regulator. What this tells the industry is that these changes on the enforcement side are real, not just talk. It is a long time in coming and never more critical to operationalize for FINRA than right now. Second, Schroeder’s vision for the enforcement program is not just a product of her own musings. She is a direct report of the CEO. The details of the new enforcement program, as described in her speech, clearly have Robert Cook’s support and mandate.

The guidance Schroeder conveyed, if acted on, can potentially save firms and individuals a lot of stress, anxiety, money (especially in fines) and reputational damage. Does that mean there will be no more enforcement actions? Of course not. What it does mean is that the leaders of this enforcement program and of FINRA have staked out what matters to them and the conduct and actions they want to incentivize.


1. What Is the New FINRA Enforcement Department — Getting Back to Basics?

It is now a single, unified enforcement program. The overarching goal with merging the “old” Market Regulation program into the Enforcement Department is to create one consistent program where everybody is headed in the same direction. The next phase — back to basics — identifies common goals for the department and “define[s] what an effective Enforcement action looks like.” 

The Enforcement Department will consist of three components with three deputies reporting to Schroeder — Main Enforcement (f/k/a Home Office Enforcement), Member Regulation Enforcement (f/k/a Regional Enforcement) and Market Regulation Enforcement (f/k/a Market Reg. Legal). The latter two positions are open and in the process of being filled.  Jessica Hopper, until recently the head of the Regional Enforcement Program, has assumed the position of senior vice president, head of the Main Enforcement Program. There is also a fourth deputy position, held by Lara Thyagarajan, who is now counsel to Schroeder. This newly created role is expected to be similar to the policy role of the Securities & Exchange Commission’s chief counsel of the Division of Enforcement.

2. When Is an Enforcement Action Appropriate?

Schroeder identified three primary considerations for assessing when an enforcement action is appropriate:

  1. Was there financial harm to customers? If so, FINRA expects customers to be made whole. 
  2. Was there a significant impact to market integrity? If so, FINRA wants to know if the issue has been fixed and if steps were taken to prevent a reoccurrence. 
  3. Did the misconduct cause significant risk? Most of the cases fall into this category and involve those situations where actual, measurable harm is not there, but there is significant risk of harm — to customers, the firm or the industry.

3. Risk Broken Down, According to FINRA Enforcement

In assessing the third consideration — what constitutes “significant risk of harm” — Enforcement will consider the following factors:

  1. High likelihood of harm. For example, a lot of high-risk brokers are at the firm and a reasonable, tailored supervision program is not in place.
  2. Low probability of occurrence, but high impact. For example, wholesale violations of the customer protection rules, designed to safeguard customer funds and securities, do not occur frequently, but upon occurrence can seriously harm customers. This is especially true when violations occur at financially compromised firms.
  3. Intentional or reckless misconduct. The counterpoint, which Schroeder uses to illustrate this issue, is if a firm misunderstands the rule but is trying to comply, it will be handled differently than the firm that chooses to ignore the same rule.
  4. Recidivism. No further explanation is needed.
  5. Pattern of disregarding regulatory requirements. Viewing paying a fine as the cost of doing business — rather than focusing on an adequate system of controls, compliance and supervision — will not go over well with Enforcement.
  6. Supervision. Supervisors failing to carry out their responsibilities in a reasonable manner creates significant risk. Schroeder acknowledges the issue of CCO liability, saying that this is “not a declaration of war on CCOs: [we will] focus on actual supervisory roles, and [not] reactively blame compliance for the failure of the actual supervisors.”

4. What Sanctions Are Appropriate?

First and foremost, FINRA Enforcement will seek restitution if necessary and appropriate to make harmed investors/customers whole. After that, Enforcement’s assessment of a “fair and effective sanction” is one that is “tailored to most effectively address the root of the problem.”

As anyone can discern from reviewing FINRA’s Sanction Guidelines and prior enforcement actions, FINRA has a number of different sanctions it may seek. Schroeder has “gone on record” that Enforcement “want[s] to choose the tool that most precisely effects the needed change.” One important takeaway for industry from this new mandate is to understand and bring to its discussions with FINRA Enforcement what happened, including any root causes; what needs to change or has changed; and what sanctions are available. In the future, so as to avoid this issue, firms should be prepared to discuss why certain sanctions are or are not appropriate in light of the root cause of the issue and steps taken by the firm to remediate.

Second, if there are systemic or firm-wide issues, the firm should make its best effort to get in front of each issue and remediate as soon as possible. This will go a long way with FINRA in terms of establishing that the firm and its management are committed to doing the right thing. Schroeder noted that FINRA’s goal is to incentivize compliance.

Third, firms earn credit for cooperation. Acting quickly, proactively and comprehensively to address issues is the core goal of FINRA’s credit-for-cooperation policy. Schroeder noted that FINRA currently is reviewing the 10-year-old policy and expects to issue updated guidance this year.

Fourth, actions by other regulators will be considered. In the securities regulatory space, there often is regulatory duplication. Schroeder notes that, with limited resources, there is often little need to duplicate the actions taken by other regulators. Notably, Schroeder also references sanctions imposed internally by the firm. If the regulatory actions and/or internal firm sanctions effectively address the issues, then FINRA should not have to bring an action. While these concepts are included in FINRA’s Sanction Guidelines, historically they have not always been evaluated appropriately. The hope and expectation is that, with the new commitment to be more effective and efficient, FINRA will appropriately defer to other regulators or the firm’s own sanctions if either addresses the conduct.

Schroeder explained that, in determining sanctions to recommend, her department will abide by the following core principles:  

  • Tailor to address the root cause more effectively.
  • Observe proportionality.
  • Incentivize remediation of systemic issues.
  • Reflect credit for cooperation.
  • Reflect action by other regulators or firms.

5. Transparency

The last guiding principle enunciated in Schroeder’s remarks is a goal to ensure that the documents issued in disciplinary actions clearly spell out the legal framework underlying the action. Many in the industry review disciplinary actions to inform and guide their own conduct. No one benefits if all are left scratching their heads as to why a case was brought, an individual sued or a sanction imposed.

The challenge is that firms and individuals on the other side of the negotiating table have an important interest in how the settlement document is worded. Among other things, there are often disagreements on the facts underlying the action and on whether certain facts are relevant and should be included. In her remarks, Schroeder recognized the difficulty, noting that the negotiation process often challenges FINRA in terms of spelling out all of the details. She committed the Enforcement Department to working to find the right balance to ensure that the information explaining the “why” is included in the documents. Proposed respondents and their counsel in negotiations will need to be vigilant when negotiating language in settlement documents regarding this changed approach.

Finally, Schroeder discussed the need to avoid “rule-making by enforcement.”  Both Schroeder and Cook, in his remarks at SIFMA, distinguish “regulation by enforcement,” which is an effective tool to appropriately address deficient conduct, from “rulemaking by enforcement,” which both leaders noted was not an acceptable regulatory response. Enforcement leadership is committed to identifying them early and will seek input from experts outside the department to ensure that the right regulatory response is achieved. Firms will need to be vigilant as well and ensure such issues are appropriately identified and raised within FINRA.

6. What Should Firms/Individuals Do to Meet the New Expectations?

One, if customers/investors were harmed, provide restitution. Second, fix what is broken — the sooner the better. The longer deficiencies continue, the more likely an enforcement action. Third, review compliance, controls and supervision programs to ensure they have sufficient resources, focus, commitments, escalations and follow-up. FINRA’s goal, as stated, is to incentivize compliance — to ensure that paying a fine is not just the cost of doing business and cheaper than having the right systems and processes in place to comply. Fourth, review the guidelines Schroeder spells out in her speech and, if the situation arises, go into discussions with FINRA staff armed with information supporting your position on the issues that organization officials have publicly stated matter to them.

McGuireWoods’ experienced broker-dealer / investment adviser team will continue to monitor and report on important regulatory compliance updates.  For more information, contact the authors of this article or any member of the team.