In order to provide effective IT support for many financial services clients, we are responsible for understanding FINRA and how companies can stay FINRA-compliant. In this blog post, we’ll summarize the important aspects of FINRA for your company. If your company is involved in any way with securities transactions or the investing public, you are required to follow stringent security guidelines to protect their personal financial information.
Background of FINRA
FINRA (Financial Industry Regulatory Authority) is the largest self-regulatory organization (SRO) in the securities industry. It is an independent, not-for-profit organization authorized by Congress to protect American investors by making sure the securities industry operates fairly and honestly.
FINRA is responsible for overseeing U.S. stockbrokers and brokerage firms and monitors billions of market transactions daily to detect potential abuses. All brokers in the United States must be licensed and registered by FINRA, pass qualification exams, and meet continuing education requirements.
FINRA’s Four Main Activities
- Formulating and enforcing rules that govern the activities of securities firms and brokers
- Examining firms to ensure compliance with those rules
- Fostering market transparency
- Educating investors about products, services, and their rights
FINRA’s Investor Services
FINRA monitors investment activity with powerful technology and active investigators in the field. Investigators respond to investor complaints and suspicious activities and conduct routine examinations to protect the investing public. FINRA investigators oversee activities to make sure brokers are handling sensitive client information properly through the use of secure technology and processes that meet FINRA requirements. In addition, FINRA routinely reviews broker advertisements and other communications to ensure that investment information is presented accurately.
FINRA provides valuable information for potential investors to learn about the public record of brokers and related firms through BrokerCheck. This database contains information on the disciplinary records of all brokers and is available to investors free of charge. Investors can also use FINRA’s resources to receive complete disclosure about any investment product before they make a purchase. In addition, FINRA provides a helpline for seniors to protect them from potential fraudulent brokers and other investment scams.
Cost of Non-Compliance
FINRA actively monitors millions of investment transactions daily and continuously reviews broker activities. They enforce their rules to protect investors from fraud, insider trading, and bad practices, such as insufficient protection of sensitive financial information.
Non-compliance with FINRA can result in costly fines and even imprisonment in some cases. In 2015 FINRA aggressively monitored financial company activities and brought 1,512 disciplinary actions against non-compliant firms and individuals. They issued fines totaling $95 million and ordered restitution of $96.6 million to wronged investors.
In addition to these harsh penalties, non-compliant companies will suffer from the damage to their brand and reputation, which will likely affect future sales and revenue, as well as the cost of legal fees and any remediation expenses.
Actions any FINRA-Compliant Company Should Take
- Assign an internal FINRA compliance officer at your company (or use an auditor or external expert such as Network Depot) responsible for understanding all aspects of FINRA. Under their guidance, perform a self-assessment to ensure your company is meeting all requirements. Your company should also create and follow a comprehensive plan to mitigate security and privacy risks in the future.
- Adopt and maintain the comprehensive business continuity and strict security requirements (requiring advanced technology management capabilities) demanded by FINRA rules. These rules ensure the protection and backup of personal financial information and allow investors access to their data at any time. FINRA rules also demand that all related emails and files must be protected and archived for various time periods by a DP3 (Designated Third Party who stores and archives data at an offsite location). In short, all sensitive financial data must be backed up and continuously accessible at a secure offsite location.
- Provide training along with written documented policies and procedures for all workers to follow when handling personal financial information. A reliable IT partner, such as Network Depot, can help you formulate these important policies and procedures.
Network Depot Can Help
Network Depot can assist you by performing a company assessment and advise on and implement any necessary changes to ensure you are FINRA-compliant.
For assistance with FINRA compliance and any other IT-related requirements, please contact us here at Network Depot.