A new risk alert from the Securities and Exchange Commission (SEC) warns that some firms are still not meeting their obligations under Regulation Best Interest (Reg BI) and encourages broker-dealers (BDs) to review their practices and procedures to address the issues raised.
The SEC’s Division of Examinations issued the risk alert to highlight deficiencies observed during examinations conducted, as well as examples of weak practices that could result in deficiencies.
The SEC explains that, following Reg BI’s June 30, 2020 compliance date, initial examinations focused on whether firms established written policies and procedures designed to comply with Reg BI and whether firms made reasonable progress in implementing those policies and procedures. Subsequent examinations focused on the specific requirements of the rule and included enhanced transaction testing to examine whether BDs implemented effectively their written policies and procedures. Moving forward, the division intends to incorporate compliance with Reg BI into retail-focused examinations of BDs, particularly those that include sales practices within the scope of the examination, the alert explains.
Care Obligation. As to current observations, the SEC notes, for example, that some BDs did not have written policies and procedures designed to achieve compliance by their financial professionals with the Care Obligation, which serves as one of the four component obligations.
Instances of policies and procedures that may contain deficiencies or weaknesses include those that:
- Directed financial professionals to consider reasonably available alternatives without providing any guidance as to how to do so.
- Directed financial professionals to consider costs without providing any guidance as to how to do so (e.g., how to consider costs when making a recommendation, what types of costs to consider—including direct and indirect costs, or what systems to use to analyze costs in formulating a recommendation).
- Created systems that allowed financial professionals to evaluate costs or reasonably available alternatives but did not mandate their use. In some instances, firms could not determine whether or not financial professionals used the systems because they lacked supervisory review documentation.
- Directed financial professionals to document the basis for their recommendations but did not give instructions as to when documentation is necessary or appropriate or the specific information to be gathered, which may make it difficult for the firm to review for compliance with Reg BI.
In addition to these observations, the staff also observed instances in which BDs were not in compliance with the Care Obligation itself. In general, the staff observed instances where BDs or financial professionals “failed to understand the recommended product, failed to obtain or consider the customer’s investment profile, and failed to understand the potential risks and costs associated with the recommendation.”
Conflict of Interest Obligation. The staff also observed several deficiencies related to the requirement that BDs have written policies and procedures to address conflicts associated with their recommendations to retail customers. For instance:
- Some firms may have a procedure that a BD will identify and address conflicts, but they did not provide details to establish a structure to identify and address conflicts, such as assigning responsibility to a specific position or unit. In addition, some written policies and procedures did not prohibit sales contests, quotas, bonuses, and non-cash compensation that were based on the sales of specific securities or types of securities within a limited period.
- Some BDs limited the identified conflicts to those associated with prohibited activities (e.g., churning) or used generic language that did not identify the actual conflict and did not reflect all conflicts associated with the recommendations made by the firm.
- Moreover, some BDs inappropriately relied on disclosure to “mitigate” conflicts that appeared to create an incentive for the professional to place their interest ahead of the customer, and did not establish any mitigation measures. The SEC notes that disclosure alone does not satisfy the Conflict-of-Interest Obligation for these kinds of conflicts.
Disclosure Obligation. Some BDs also did not have written policies and procedures designed to achieve compliance with the Disclosure Obligation. In this case, the SEC’s alert observes that some firms:
- Did not specify when disclosures should be created or updated when the disclosures contain outdated, incomplete or inaccurate information. For example, some policies and procedures did not identify the parties responsible for creating or updating disclosures, how to identify that material changes have occurred, or when material changes should result in new or updated disclosures.
- Did not have a process to demonstrate that disclosures had been provided to retail customers, making it difficult for the firm to have effective controls to review whether disclosures had been provided prior to or at the time of the recommendation.
The SEC’s risk alert also outlines several deficiencies related to policies and procedures concerning training and periodic reviews and testing. When adopting Reg BI, the Commission noted that, depending on the size and complexity of the firm, a reasonably designed compliance program generally would include a training program and periodic review and testing.
Some firms, however, have relied heavily on surveillance systems that existed before the effective date of Reg BI without considering whether those systems needed modification in order to effectively monitor for compliance.
In addition, other firms relied on documentation maintained locally, rather than in a central location, so that the reviews designed to achieve compliance could only occur during branch examinations. As a result, an extended period could occur before recommendations were reviewed for compliance with the Care Obligation.