In a recent webinar, “2021 Regulatory Roundup and Year Ahead: Hybrid Work, DeFi and Crypto Compliance,” Robert Cruz (Smarsh) and Eversheds Sutherland’s Brian Rubin and Amanda Oliveira discussed regulatory lessons learned in 2021 and their outlook for 2022 and beyond. Below highlight some of the key insights from that session.
- 2021 enforcement actions and results
SEC enforcement results
While the total number of enforcement actions in 2021 only grew 7% from the prior year, the US Securities and Exchange Commission (SEC) reported a 33% increase in the penalties received. The SEC also reported that 2021 was a record year for whistleblowers. Since the program began in 2012, rewards have totaled over $1 billion, of which $500 million was paid to whistleblowers in 2021. They also noted several first-of-their-kind enforcements in areas such as decentralized finance, the dark web and Form CRS.
FINRA enforcement results
The total number of Financial Industry Regulatory Authority (FINRA) enforcement actions in 2021 remained static from the prior year. However, over the same period in 2020, FINRA reported an increase of 102% in the penalties received by financial services firms paid in 2021.
The SEC and FINRA enforcement results demonstrate that while the regulators may not have increased the number of enforcement actions, they did meaningfully increase the penalty amounts that firms paid in 2021. We can expect to see more cases with hefty fines in 2022. Already on January 6, 2022, the SEC announced a whistleblower award of more than $13 million for a fraud-related case.
- Enforcement key themes
A more aggressive regulatory landscape
The SEC has historically allowed firms to settle enforcements without admitting or denying guilt to the allegations. The SEC’s Director of the Division of Enforcement, Gurbir Grewal, announced that they expect a policy change requiring admission of wrongdoing to certain enforcement actions. He said, “In an era of diminished trust, we will, in appropriate circumstances, be requiring admissions in cases where heightened accountability and acceptance of responsibility are in the public interest.”
He further explained that “admissions, given their attention-getting nature, also serve as a clarion call to other market participants to stamp out and self-report the conduct to the extent it is occurring in their firm.”
The SEC staff later expanded on Grewal’s announcement, stating that “appropriate circumstances” may include:
- Egregious misconduct where the markets or a large number of investors were either harmed or placed at significant risk of harm
- Cases where bad actors engaged in behavior that obstructed the SEC’s processes
- Cases where admissions would greatly amplify the deterrence effect of the action
Firms should consider the implications of the SEC’s new approach and potential settlement options such as reputational risk, litigation risk, and other collateral risks if they admit to wrongdoing.
We also expect to see an increase in the number of cases the SEC must litigate if they require firms and individuals to admit to wrongdoing, which may constrain the SEC’s limited resources.
Emerging communications tools
Firms are using communications tools such as social media to engage investors, particularly retail investors. The SEC has stated that these new communication tools are breeding grounds for scams and other misbehavior. In Jan 2021, the SEC issued an alert to retail investors warning them of the risks of investing based on social media.
By using these new communication tools, individuals may be engaging in unsanctioned outside business activities (OBA). Under FINRA Rule 3270, proposed outside business activities should be reported to the individuals’ firm so that they can determine whether to limit or allow these activities.
Another issue is expect FINRA to focus on is the increased use of collaborative platforms for business purposes. Firms should identify
- Which collaborative platforms are being used
- If they’re adequately supervising and retaining those communications
- If they have the proper security controls placed on those communications.
Firms also need to evaluate if they have a reliable and secure way to capture these communications.
After the pandemic, there were concerns as to whether regulators would be able to effectively conduct remote exams. As individuals transitioned to work from home, they were more likely to use unapproved business communication tools like personal email, WhatsApp, text or personal devices. Remote inspections don’t grant you access to an individual’s personal devices.
To make sure firms are focused on the right issues and responding accurately to regulator questionnaires, we expect to see more robust attestations from regulators including probing questions like, “Have you ever used WhatsApp?”
Regulation Best Interest
Regulators have ramped up enforcement actions regarding Regulation Best Interest (Reg BI). Where previously firms were given a deficiency letter, we’re now seeing enforcement actions. Several firms were cited for failure to meet electronic delivery requirements for Reg BI disclosures.
A study conducted by NASA of over 2,000 firms found that Reg BI had a minimal impact on firm operations, with only slightly more firms engaging in pro-investor best practices. The NASA study found that most of the firms sampled did not provide fair and balanced point-of-sale disclosures regarding fees, costs and risks to retail investors.
Reg BI requirements to remain a focus for regulators in 2022, as well as how Reg BI applies to digital engagement, and what may constitute a recommendation.
- Regulatory outlook for 2022
What to expect from the regulators in the new year.
Supervisory and recordkeeping fines focused on collaboration tools
Firms should ensure they have adequate training, supervision and retention of all collaboration and conferencing technologies being used by the firm and individuals for business purposes.
Continued focus on outside business activities
Firms should evaluate if individuals are engaging in unreported outside business activities and how they can automate the way they supervise these communications with the extensive increase in digital engagement.
Additional guidance and rules for digital communications
As technologies outpace regulatory guidance, we would expect clarification on these rules. For example, do recorded Zoom meetings need to be captured and retained?
Clarity regarding cryptocurrency oversight
Cryptocurrencies continue to transform the financial services industry. As regulatory hearings continue to focus on cryptocurrencies, we anticipate more regulatory oversight.
Greater leveraging of analytical tools to facilitate compliance. Communications through social and collaborative technologies are multi-dimensional. An acceleration and interest around the use of natural language processing and machine learning to help decipher meaning across all these different sources of information.
How to prepare for the future of compliance
Given the regulatory actions of the past year, firms have an opportunity to start 2022 by considering how they can improve the readiness of existing policies, training and technologies to address areas of regulatory interest. To begin your analysis, consider the following questions:
- Do your policies and procedures adequately address newly adopted or amended rules that relate to your business?
- Do your current testing and auditing practices reflect the new work environment?
- Is your current technology effective in keeping up with the volume of information you must record, retain and supervise?
- Does your archiving platform incorporate adequate risk monitoring into your compliance program?
In response to a webinar poll, respondents stated their top regulatory priority for 2022 was “fine-tuning policies to address hybrid work environments and digital communications.” This will be crucial for firms to maintain effective supervisory programs.
Attendees also stated there is a need for advanced technologies to address the variety of data being generated. We found that secondary to adding these technologies, attendees were concerned with having sufficient compliance staff to supervise these activities and updating training to reflect the new hybrid work environment and use of digital communications. As new communication channels emerge, it is important that policies and training are kept up to date with the latest technology.
Watch the full webinar, here.
Featured Webinar: 2021 Regulatory Roundup and Year Ahead: Hybrid Work, DeFi and Crypto Compliance – Watch on-demand
Source: Smarsh – Author: Tiffany Magri
About the author
As a Regulatory Advisor at Smarsh, Tiffany Magri monitors, evaluates and consults on the financial services regulatory landscape. Tiffany has more than 10 years of experience facilitating compliance with laws and regulations, policies, and risk management. Prior to joining Smarsh, Tiffany was a Senior Associate at Benefit Street Partners and a Compliance Analyst at Broadstone and Manning & Napier Advisors.
At LS Consultancy, we provide a cost-effective and timely copy advice and copy development services to make sure all your advertising and campaigns are compliant, clear and suitable for their purpose.
Why Not Download our FREE Brochures! Click here.
Call Us Today on 020 8087 2377 or send us an email.
You can see our Google reviews here.
We’re looking for guest writers with business know-how and experience to create outstanding articles to feature on our website. Sound like you? Then find out more…