On January 5, FINRA released its 2016 Regulatory and Examinations Priorities Letter. The Letter highlighted three broad areas of focus for the upcoming year: (1) Culture, Conflicts of Interest and Ethics, (2) Supervision, Risk Management and Controls, and (3) Liquidity. While Number 2 on this list is FINRA’s bread and butter and liquidity has been a major focus of regulators since the financial crisis, the reference to a focus on culture, while not necessarily surprising, is the most interesting of these areas.
The Letter notes that firm culture may mean different things at different places, but for purposes of its analysis, FINRA considers firm culture “explicit and implicit norms, practices, and expected behaviors that influence how firm executives, supervisors and employees make and implement decisions in the course of conducting a firm’s business.” It then states that in 2016, FINRA will “formalize our assessment of firm culture…” Which begs the question: what does that mean?
The Letter indicates that FINRA does not intend to base enforcement actions and investigations on culture (yet), but that it will gather information about individual firms’ culture through the course of its normal reviews and examinations of its member institutions. Specifically it will seek to “understand how “culture affects compliance and risk management practices at firms[,]” and such understanding “will inform our evaluation of individual firms and the regulatory resources we devote to them.” A not very subtle indication that if FINRA has a negative view of a firm’s culture, that institution can expect a substantial increase in the regulatory inquiries it receives.
Finally, the Letter notes how this focus on culture ties into FINRA’s standard review of supervisory and risk management systems, stating that culture is “both an input to and product of [a firm’s] supervisory system” and that “compliance functions should be equipped with necessary resources to help firms navigate a complex and changing regulatory and market environment.”
While the message that firms need to prioritize a culture of compliance and provide adequate resources to its compliance and risk management functions is not new, the fact that FINRA is stating that it is formalizing the process by which firms that it identifies has having substandard compliance cultures will face heightened scrutiny moving forward, even without committing any formal violations, is notable. Thus, firms that have not yet done so need to face the reality that devoting meaningful resources to their compliance and risk management functions, and prioritizing the significance of those functions, is part of the cost of doing business in the current regulatory environment and that will not change any time soon. Without doing so, firms will find themselves wrapped up in expensive, resource-draining inquiries and investigations with little sympathy from their regulators.
The FINRA 2016 Regulatory and Examinations Priorities Letter can be found here.