KPMG Insights. Reg BI and Form CRS are key areas of supervisory focus for both the SEC and FINRA. The SEC’s Risk Alert, and FINRA’s recent 2023 Report on Examination and Risk Monitoring (see KPMG Regulatory Alert here) each highlight findings from examinations that are intended to help industry participants strengthen their compliance with Reg BI obligations. Notably, SEC and FINRA each initiated their first Reg BI-related enforcement actions during 2022. Broker-dealers are encouraged to review their policies, procedures, and practices under each of the Reg BI obligations (disclosure, care, conflicts of interest, and compliance) and consider updates in light of the SEC and FINRA findings and identified effective practices.
The SEC’s Division of Examinations (Exams) issued a risk alert that is intended to assist broker-dealers in reviewing and enhancing their compliance programs relating to Regulation Best Interest (Reg BI). The risk alert highlights observed compliance deficiencies noted during examinations conducted after Reg BI’s June 30, 2020, compliance date, as well as weak practices Exams staff believes could lead to deficiencies. The Exams Division indicates that, going forward, it will incorporate compliance with Reg BI into “retail-focused” examinations of broker-dealers, with particular focus on “those that include sales practices within the scope of the examination.”
The risk alert covers findings in each of the four component obligations of Reg BI:
- Disclosure Obligation
- Care Obligation
- Conflict of Interest Obligation
- Compliance Obligation
The Disclosure Obligation requires broker-dealers to provide certain prescribed disclosures, before or at the time of the recommendation, about the recommendation and the relationship between the retail customer and the broker-dealer. Examples of observed deficiencies include:
- Implementing policies and procedures that do not specify when required disclosures should be created or updated or how and by whom the disclosures should be delivered to retail customers.
- Failing to provide required disclosures to retail customers in writing and relying instead on Reg BI disclosures posted to websites or referenced in other documents.
- Failing to establish policies and procedures addressing disclosures for registered representatives acting in multiple roles, such as:
- Requiring disclosure of the capacity in which the representative is acting prior to or at the time of recommendation.
- Identifying the conflicts that are specific to financial professionals that function in multiple capacities when interacting with retail customers as well as when and how to make and document such disclosures.
Under Reg BI, broker-dealers are required to exercise “reasonable diligence, care, and skill in making recommendations to, among other things, understand the potential risks, rewards, and costs associated with a recommendation,” and to have “a reasonable basis to believe that the recommendation is in the best interest of a retail customer.” Exams staff noted that weak or deficient policies and procedures did not:
- Provide guidance to financial professionals on how to consider reasonable alternatives and costs when formulating a recommendation.
- Mandate the use of systems that allow financial professionals to evaluate costs or “reasonably available” alternatives.
- Provide instructions as to when documentation of recommendations is necessary or appropriate, and the specific information required to be gathered.
Conflict of Interest Obligation
Broker-dealers’ have an obligation to establish written policies and procedures that are “reasonably” designed to identify and address conflicts of interest associated with recommendations provided to retail customers. Examples of observed deficiencies include:
- A lack of written policies and procedures “reasonably” designed to specify how to identify or address conflicts.
- Failure to identify all conflicts of interest associated with recommendations made by the firm such as by limiting identified conflicts to those associated with prohibited activities or using generic language that does not identify an actual conflict.
- Failure to establish mitigation measures and inappropriately relying on disclosures to “mitigate” conflicts that appear to create an incentive for the broker-dealer to place their interest ahead of the interests of the retail customer.
The Compliance Obligation requires broker-dealers to establish, maintain, and enforce written policies and procedures that are designed to achieve compliance with Reg BI. Observed deficiencies or weaknesses include:
- Inadequate policies and procedures that are not tailored to the firm’s business model or are not reasonably designed to achieve compliance with the individual obligations under Reg BI.
- Reliance on surveillance systems that have not been updated/modified to effectively monitor for compliance with Reg BI, or that capture only executed transactions rather than also capturing hold recommendations and recommendations that were not accepted by the retail customer.
- Use of locally vs central stored documentation resulting in limited review opportunities.
- Ineffective employee training that does not identify the firm’s processes for complying with Reg BI.
Relevant KPMG Thought Leadership:
KPMG Regulatory Alert| Examinations: SEC 2022 Priorities
KPMG Regulatory Alert| Examination and Risk Monitoring: FINRA 2023 Report