Monthly Archives: May 2021

FINRA Shares Practices Firms Use to Protect Customers From Online Account Takeover Attempts

Regulatory Notice 21-18

Summary

FINRA has received an increasing number of reports regarding customer account takeover (ATO) incidents, which involve bad actors using compromised customer information, such as login credentials (i.e., username and password), to gain unauthorized entry to customers’ online brokerage accounts.

To help firms prevent, detect and respond to such attacks, FINRA recently organized roundtable discussions with representatives from 20 firms of various sizes and business models to discuss their approaches to mitigating the risks from ATO attacks.

This Notice outlines the recent increase in ATO incidents; reiterates firms’ regulatory obligations to protect customer information; and discusses common challenges firms identified in safeguarding customer accounts against ATO attacks, as well as practices they find effective in mitigating risks from ATOs—including recent innovations—which firms may consider for their cybersecurity programs.

This Notice does not create new legal or regulatory requirements, or new interpretations of existing requirements. A firm’s cybersecurity program should be reasonably designed and tailored to the firm’s risk profile, business model and scale of operations. There should be no inference that FINRA requires firms to implement any specific practices described in this Notice.

Questions regarding this Notice should be directed to:

  • David Kelley, Director, Member Supervision Specialist Programs, at (816) 802-4729 or by email; or
  • Greg Markovich, Senior Principal Risk Specialist, Member Supervision, at (312) 899-4604 or by email.

View Full FINRA Notice Here:

FINRA Updates Private Placement Filer Form Pursuant to FINRA Rules 5122 and 5123

Regulatory Notice 21-10

Summary

FINRA has updated the form that members must use to file offering documents and information pursuant to FINRA Rules 5122 (Private Placements of Securities Issued by Members) and 5123 (Private Placements of Securities) (Filer Form). The updated Filer Form will be accessible in the FINRA Gateway beginning  May 22, 2021, and includes new and updated questions that will facilitate review of the filed material.1 Beginning on May 22, 2021, members will be required to complete the updated Filer Form for all new filings, as well as for new amendments to filings.

See Attachment A for a copy of the updated Filer Form. In addition, this Notice informs members about the information that may be requested during a FINRA examination concerning the member’s private placement business. See Attachment B for a copy of the “Unregistered Offering List” template.

Questions regarding this Notice may be directed to:

  • Minh Le, Director, Corporate Financing, at (240) 386-4638 or by email;
  • Janet Boysen, Manager, Corporate Financing, at (240) 386-5101 or by email; or
  • Kathryn Moore, Associate General Counsel, Office of General Counsel, at (202) 728-8200 or by email

View Full Notice Here: