Cybersecurity programs remain a significant priority for financial services industry regulators, including the SEC, FINRA, and state securities regulatory agencies. As mentioned in FINRA’s 2018 Annual Regulatory and Examination Priorities Letter, member firms need to have cybersecurity programs in place and such programs must capable of protecting sensitive information, including personally identifiable information of clients, from both internal and external threats. Over the past couple of years, awareness of cybersecurity risk has increased dramatically. However, as awareness increases, so does the sophistication of cybersecurity threats. And even a robust cybersecurity program can be compromised by something as simple as an employee opening an email attachment that contains malware. So, what can a firm do to combat phishing and spearphishing attacks, ransomware attacks, fraudulent third-party wires, etc.?
In our previous blog on Registered Investment Advisors (RIAs), “How to Register as an RIA: What is a Registered Investment Advisor?”, we discussed some important basics of RIAs – how does one define an RIA, what is Fiduciary Duty, why do RIAs need to register, what is the difference between state registration and SEC registration, etc. Today, we will return to the topic of state registration vs. SEC registration in order to provide a more thorough examination of the issue.
[Continued from Crowdfunding: Funding Portal Registration – Part I]
Funding Portal Registration Process
Firms seeking to register as funding portals must do so via completion of an application process with FINRA. The registration process for a funding portal is similar to, but much less comprehensive and exhaustive, the New Member Registration process completed by applicants wishing to become broker-dealers.
Title III of the Jumpstart Our Business Startups (JOBS) Act, enacted in 2012, provides guidance and regulation relating to securities offered or sold through crowdfunding activities. In 2015, the Securities and Exchange Commission (SEC) added onto this initial act by creating a new ruleset that implemented a regulatory framework for intermediaries that facilitate such crowdfunding transactions. This includes regulations for a relatively new intermediary: the funding portal. Securities Act Section 4(a)(6) (otherwise known as “Regulation CF”) requires that intermediaries in crowdfunding transactions be registered with the SEC as either a broker-dealer or a funding portal.
A Registered Investment Advisor, or “RIA” as it is commonly abbreviated, is a person or company engaged in the investment advisory business. That means that they engage in the regular business of providing, for compensation, either directly or through publication, advice on the value of securities or on the advisability of investing in, buying, or selling securities; or, they engage in the regular business of providing, for compensation, either directly or through publication, analyses or reports covering securities.
Per the Bank Secrecy Act (BSA) and FINRA Rule 3310, FINRA member firms are required to establish Anti-Money Laundering (AML) compliance programs. To assist its smaller member firms with fulfilling these responsibilities, FINRA publishes the “Anti-Money Laundering Template for Small Firms”, which provides instructions, relevant rules, text examples, relevant websites, and other resources that can be used to develop an AML plan for a small firm.
Last spring, FINRA began a review of its rules regarding Outside Business Activities (OBAs) and Private Securities Transactions (PSTs). The review was meant to evaluate the efficiency and efficacy of FINRA Rule 3270 (Outside Business Activities of Registered Persons) and FINRA Rule 3280 (Private Securities Transactions of an Associated Person). FINRA concluded that while Rules 3270 and 3280 are fulfilling their intended purposes, they could benefit from changes to make the rules more contemporary and present-day and to better align the goal of protecting investors with the reality of the current regulatory landscape and business practices. Based on its findings, FINRA has proposed a new rule governing OBAs and PSTs, meant to replace the current rules and reduce unnecessary burdens on member firms.