Differences between NASD Rule 3010, 3012 and FINRA Rule 3130

Presented By: Greg Sylvain and Kristen Hargreaves

 

NASD Conduct Rules 3010 and 3012 and FINRA Rule 3130 form a complementary regulatory scheme for the supervision of member firms.

First, NASD 3010 requires the ESTABLISHMENT of a supervisory system and ADOPTION of adequate Written Supervisory Policies (WSP) and Procedures. Under Rule 3010(a) a firm must establish and maintain a system to supervise the activities of each registered representative and associated person and the system must be reasonably designed to achieve compliance with applicable securities laws, regulations and NASD Rules.

NASD Rule 3010(b) requires each member to establish, maintain, and enforce WRITTEN PROCEDURES, which have been tailored to the firm’s business and set forth policies relating to the supervision of the activities of its registered persons and the business in which the firm engages.

The WSP must be kept in each office of supervisory jurisdiction (OSJ) and location where supervisory activities are conducted, be amended as appropriate within a reasonable time after changes occur, be communicated throughout the organization, and must include steps to be taken when deficiencies are detected.

NASD 3010(c) states that each firm is required to conduct a review, at least annually, of the businesses in which it engages. A firm must conduct internal inspections and document those reviews of each office, including the periodic examination of customer accounts. Requirements of internal inspections are as follows:

  1. Have minimum inspection cycles
         a. OSJs and supervisory branch offices – annually
         b. Non-supervisory branch offices – at least every three years
         c. Non-branch offices – on a regular periodic schedule
  2. Report of inspections generally must kept on file for three years
  3. A branch office manager or any person within that office who has supervisory responsibilities may not conduct office inspections.
    1. There is a “limited size and resource exception” for a firm that cannot meet this requirement. In this case a firm may have a qualified principal conduct the inspections. The firm must document in the inspection report the factors used to determine why the firm needs to use the exception
  4. Impose heightened office inspection procedures if:
    1. The person conducting the inspection reports to the branch office manager’s supervisor or works in an office supervised by the branch manager’s supervisor and
    2. The branch office manager is responsible for 20% or more of the revenue of the business units his/her supervisor oversees, calculated on a rolling 12-month basis.
  5. Firms must designate a location as an OSJ if the following activity is occurring:
    1. Order execution and/or market making
    2. Structure of public offerings or private placements
    3. Maintaining custody of customers’ funds and/or securities
    4. Final acceptance (approval) by member of new accounts
    5. Review and endorsement of customer orders
    6. Final review of advertising or sales literature used by associated persons or
    7. Responsibility for supervision of the activities of registered persons at one or more other branches of the firm

NASD Rule 3010(g)(2)A) defines a branch office of a broker-dealer. A branch office is any location where one or more associated persons of a member regularly conducts the business of effecting any transactions in, or including or attempting to induce, the purchase or sale of any security, or that is held out as such. There is a very limited exclusion to the definition of a branch office such as a location that is utilized for back office functions only, temporary facilities implemented due to a significant business disruption.

Second, NASD 3012 requires firms to TEST and VERIFY supervisory procedures; and, if necessary AMEND policies and procedures.

The requirements of NASD Rule 3012 are as follows:

  1. Designate principal(s) who will establish, maintain, and enforce a supervisory control system that will:
    1. Test and verify that the member’s supervisory procedures are reasonably designed to comply with all applicable laws, rules, and regulations (this can be a risk-based analysis.).
    2. Create additional or amend supervisory procedures where the need is identified by such testing and verification
    3. Submit an annual report to senior management on the member’s supervisory controls system, the test results, and resulting changes.

  2. Identification of producing manager(s). A producing manager is defined as a branch office manager,  sales manager or any person who performs a similar supervisory function AND who services customer accounts in a capacity requiring registration. If a firm has producing managers, then the firm must have supervisory control policies and procedures to supervise, on a day-to-day basis, the customer account activity conducted by those managers.

  3. Conduct day-to-day supervisory reviews of the member’s producing managers.
    1. Must have someone who is either senior to or “otherwise independent” of the producing manager perform the supervisory reviews; or
    2. If a member is so limited in size and resources that there is no qualified person senior to or otherwise independent of the producing manager, have a principal who is knowledgeable of the member’s supervisory control procedures conduct the reviews.

  4. Impose heightened supervision over the activities of producing managers who are responsible for generating 20% or more of the revenue of the business units supervised by their supervisors over the course of a rolling 12-month period.
  5. Have procedures that are reasonably designed to review and monitor certain specific activities. Examples are transmittals of funds and securities from customers to third-party accounts or outside entities, customer changes of address, customer changes of investment objectives, etc.

Here is a sample grid format for analyzing/presenting supervisory controls as presented by FINRA:
 

Regulatory rule or firm compliance rule to be addressed

Direct Supervisor

Supervisory Control Principal (SCP)

Risk Assigned

Gap Analysis

Tactics

Each row addresses a rule contained in the firm’s compliance manual, in addition to regulatory rules that guide the operations of the firm.

The specific individual who supervises the area on a day-to-day basis.

Designate the person who will act as the SCP (per rule 3012, a firm may designate one or more principals who will be responsible for the firm’s supervisory control policies and procedures).

Low, Medium, or High: Base this analysis on the risk inherent in this particular business activity as it pertains to the firm. Identify risks that remain after existing controls are applied.  Describe the significance of the area within the firm and how the current internal controls protect the firm.

Address all deficiencies in the present system of internal controls. In certain areas there may be no perceived gaps.

What specific testing and verification of supervisory controls needs to be performed? What can be done to close the gap if there is one?

Helpful hints for using a grid format for analyzing/presenting supervisory controls:

  • Prepare a grid for each section of the firm’s compliance manual.
  • Gather input from the individuals most involved in day-to-day operations, as well as the Supervisory Control Principal (SCP).
  • Use the FINRA new member supervisory checklist on the FINRA web site as a tool to assess the completeness of the compliance manual. Make revisions and additions to the firm’s compliance manual as needed.
  • Create a living document. This is not a one-time exercise.

Third, FINRA Rule 3130 (f/k/a NASD Rule 3013) requires the CEO to CERTIFY that the firm has a PROCESS to adopt adequate Supervisory Policies and Procedures. The purpose of this rule is to promote regular and meaningful interaction between senior management and compliance personnel to ensure that compliance is given the highest priority by a member’s senior executive officers.

The requirements of FINRA Rule 3130 are as follows:

  1. Designate one or more CCOs and report these individuals on the firm’s Form BD and on the FINRA Firm Contact System. 

  2. A firm may designate a co-CEO.

  3. Have the CEO(s) complete an annual certification that the member has in place processes to establish, maintain, review, test and modify written compliance and supervisory policies and procedures that are reasonable designed to achieve compliance and that the CEO has conducted one or more meetings with the CCO in the preceding 12 months to discuss the processes
  4. Prepare a report evidencing the member’s processes and have it reviewed by the CEO(s), CCO(s), and any other officers the member deems necessary.

  5. Provide the report to the member’s board of directors and audit committee (or equivalent bodies), either prior to execution of the certification or at the earlier of the next scheduled meetings or within 45 days of execution of the certification.

These complementary rules, when incorporated regularly within your firm, provide good support in keeping your firm in compliance and avoiding supervisory findings on any FINRA examinations.

For more information about these rules or what your firm needs to do to remain compliant, please contact your Compliance Partners account manager.

 

 

Back to top

Back to Newsletter

 

 

Copyright ©2009 - Regulatory Compliance, LLC. All Rights reserved.