No less than once every four years, FINRA member firms are subject to comprehensive examinations, or cycle examinations. These exams determine compliance with applicable securities laws, rules and regulations of FINRA, the Securities Exchange Commission (“SEC”), and the Municipal Securities Rulemaking Board (“MSRB”). A combination of the departments of Sales Practice and of Risk Oversight and Operational Regulation known as “Member Regulation” oversees these cycle examinations.
FINRA assesses a firm’s business activities and associated risks to determine whether a firm’s cycle examination will be conducted every one, two, three, or four years. When it’s time for examination, a firm’s Regulatory Coordinator works with Member Regulation to build a risk-based execution strategy, focusing on the aspects of the firm’s business that present heightened regulatory risk as well as on the core regulatory areas.
Are These Cycle Exams Surprise Visits? I Hate Pop Quizzes.
No. Either your firm’s assigned Regulatory Coordinator or the Lead Examiner contacts your firm to notify it of the upcoming cycle examination. This notification is provided up to 60 days before the on-site portion of the exam begins. Your firm is provided with high-level details of the logistics of the exam, some idea of the risk areas most likely to be reviewed (if known), and an indication when the firm will receive the first document request. Throughout the examination process, FINRA requests documents via “Request Manager”. Request Manager is an application accessible via the FINRA Firm Gateway. It streamlines the document request and submission process, as well as creates an audit trail of documents, which can benefit both FINRA and your firm.
During this pre-examination period, FINRA reviews and analyzes your firm’s data to better understand your firm’s business, and to better focus on the priority areas to be examined. The staff remains in contact with you, but most of this work is conducted on FINRA premises, not onsite at your firm.
What Happens When FINRA Comes Onsite?
After all of this planning, your FINRA examiners have a good sense of their examination strategy, so they’re ready to make more specific and particular requests for information when they come on site. Your examiners typically ask for a tour of your firm’s offices and for meetings with the business and compliance leads at your firm. These meetings often provide insight that the earlier document exchange process cannot.
During the course of the cycle examination, one staff member serves as the primary point of contact for your firm. Your firm may request to speak with an Exam Manager or Exam Director as well. The onsite examiners serve as communicators between your firm and FINRA throughout the examination. FINRA recommends having regular status meetings to assess the progress of your cycle examination. Such meetings ensure that your firm is on the same page as FINRA regarding outstanding requests. They also provide opportunities for your firm to learn of possible exceptions and determine whether corrective action can be taken before the end of the examination period. In the case of certain exceptions, if your firm implements corrective action quickly enough, they may not appear on your final report.
Upon the completion of the onsite review, your firm and the examination team have one more meeting: The Exit Meeting. The examiners prepare an Exit Meeting Report for your firm beforehand, and the meeting is used to discuss your firm’s preliminary response to the potential exceptions. If there are any exceptions your firm wishes to provide documentation for, the firm can do so at the Exit Meeting. This will allow the staff to review and assess said documents before the exam is completed and closed.
Is That It? Are We Done?
Not quite. The cycle examination staff prepares an Examination Report summarizing the risk areas reviewed during the exam, as well as the detailed exceptions and recommendations (where applicable). The Examination Report is provided to FINRA management to be reviewed and approved. If no exceptions are found, the exam is complete. If exceptions are found, your firm must submit a formal, written response to FINRA. This response outlines the corrective action your firm is taking – or will take – to address these exceptions.
If FINRA finds the response adequate, the firm is sent a Disposition Letter, outlining the treatment of each exception in terms of No Further Action, Cautionary Action, or Referral to Enforcement. No Further Action and Cautionary Action are not reportable on Form U4 or Form BD as they are considered to be informal dispositions. If FINRA finds the response inadequate, FINRA continues to discuss the response with your firm, ultimately sending another Disposition Letter, outlining the findings and any outstanding areas for your firm to act on.
This Seems Like a Big Hassle with No Benefit for My Firm
FINRA cycle examinations are an opportunity for your firm to educate employees on compliance and supervision – and to clarify the difference between the two. Your firm can thoroughly look into the risks impacting your business and test the efficiency of the current controls in place to mitigate those risks. And, very importantly: a FINRA cycle examination allows your firm to improve procedures and internal controls and to address any problem areas without any disciplinary action or reportable event placed on your firm’s record. Repeat violations can result in formal disciplinary action, even for minor exceptions; the exam process aids your firm in updating your Written Supervisory Procedures to make sure problem areas are corrected and don’t recur.
The Member Regulation portion of the FINRA website contains more information about FINRA cycle examinations. Additionally, FINRA has made it clear that, among other things, cybersecurity is an area that is receiving heavy focus this exam cycle. Please keep track of our cybersecurity tag for more information on the subject.