Annual Certified Audit Information

1. Regulatory Notice 21-05: Certain broker/dealers who submit the annual certified audit through the EDGAR system may be eligible for a 30-day submission extension. More information regarding the Regulatory Notice 21-05 can be found at www.finra.org/rules-guidance/notices/21-05

2. Facing Page – Form X-17A-5: Only the PFO/FinOp or a registered principal are permitted to sign. More information regarding Form X-17A-5 can be found at https://www.sec.gov/files/formx-17a-5_3.pdf

3. Exemption Provision Assertion: AICPA exemption report examples can be found at AICPA.

4. Broker Dealer Annual Audited Financial Statement Compliance Checklist.

FINRA Shares Practices Firms Use to Protect Customers From Online Account Takeover Attempts

Regulatory Notice 21-18

Summary

FINRA has received an increasing number of reports regarding customer account takeover (ATO) incidents, which involve bad actors using compromised customer information, such as login credentials (i.e., username and password), to gain unauthorized entry to customers’ online brokerage accounts.

To help firms prevent, detect and respond to such attacks, FINRA recently organized roundtable discussions with representatives from 20 firms of various sizes and business models to discuss their approaches to mitigating the risks from ATO attacks.

This Notice outlines the recent increase in ATO incidents; reiterates firms’ regulatory obligations to protect customer information; and discusses common challenges firms identified in safeguarding customer accounts against ATO attacks, as well as practices they find effective in mitigating risks from ATOs—including recent innovations—which firms may consider for their cybersecurity programs.

This Notice does not create new legal or regulatory requirements, or new interpretations of existing requirements. A firm’s cybersecurity program should be reasonably designed and tailored to the firm’s risk profile, business model and scale of operations. There should be no inference that FINRA requires firms to implement any specific practices described in this Notice.

Questions regarding this Notice should be directed to:

  • David Kelley, Director, Member Supervision Specialist Programs, at (816) 802-4729 or by email; or
  • Greg Markovich, Senior Principal Risk Specialist, Member Supervision, at (312) 899-4604 or by email.

View Full FINRA Notice Here:

FINRA Updates Private Placement Filer Form Pursuant to FINRA Rules 5122 and 5123

Regulatory Notice 21-10

Summary

FINRA has updated the form that members must use to file offering documents and information pursuant to FINRA Rules 5122 (Private Placements of Securities Issued by Members) and 5123 (Private Placements of Securities) (Filer Form). The updated Filer Form will be accessible in the FINRA Gateway beginning  May 22, 2021, and includes new and updated questions that will facilitate review of the filed material.1 Beginning on May 22, 2021, members will be required to complete the updated Filer Form for all new filings, as well as for new amendments to filings.

See Attachment A for a copy of the updated Filer Form. In addition, this Notice informs members about the information that may be requested during a FINRA examination concerning the member’s private placement business. See Attachment B for a copy of the “Unregistered Offering List” template.

Questions regarding this Notice may be directed to:

  • Minh Le, Director, Corporate Financing, at (240) 386-4638 or by email;
  • Janet Boysen, Manager, Corporate Financing, at (240) 386-5101 or by email; or
  • Kathryn Moore, Associate General Counsel, Office of General Counsel, at (202) 728-8200 or by email

View Full Notice Here:

FINRA Seeks Comment on Lessons From the COVID-19 Pandemic

Regulatory Notice 20-42

Comment Period Expires: February 16, 2021

Summary:

In response to the coronavirus (COVID-19) pandemic, member firms have made rapid and unprecedented changes to their business operations in order to prioritize the health and safety of firm personnel and investors, while maintaining the public’s access to capital markets. These changes include widespread use of remote offices and alternative work arrangements and new and expanded methods of engaging with personnel and investors. Member firms have also used new methods of engaging with FINRA and other regulators and complying with regulatory requirements. For its part, FINRA has taken numerous steps to assist member firms, firm personnel and investors as they navigate the effects of the COVID-19 pandemic.  

FINRA welcomes feedback on lessons learned from stakeholders’ experiences during the pandemic, including the impact of changes made to member firms’ operations and business models, and the effectiveness of business continuity planning. FINRA further requests comment on whether it should consider changes to its rules, operations or administrative processes to address lessons learned during the pandemic or to address anticipated long-term impacts of the pandemic on member firms and investors.

Questions regarding this Notice should be directed to:

  • Jeanette Wingler, Associate General Counsel, Office of General Counsel (OGC), at (202) 728-8013;
  • Emily Goebel, Assistant General Counsel, OGC, at (202) 728-8235; or
  • Patricia Ledesma, Senior Economist, Office of the Chief Economist, at (202) 728-8461.

View Full Notice Here:

FINRA Alerts Firms to Phishing Email Requesting Them to Respond to Fraudulent FINRA Survey

Regulatory Notice 20-35

Summary:

FINRA warns member firms of a widespread, ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA asking member firms to complete a survey (see sample below). The email was sent from the domain “@regulation-finra.org” and was preceded by “info” followed by a number, e.g., info5@regulation-finra.org. FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident.

The domain of “regulation-finra.org” is not connected to FINRA and firms should delete all emails originating from this domain name.

FINRA has requested that the Internet domain registrar suspend services for “regulation-finra.org”.

FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links.

For more information, firms should review the resources provided on FINRA’s Cybersecurity Topic Page, including the Phishing section of our Report on Cybersecurity Practices -2018.

Questions regarding this Notice should be directed to Dave Kelley, Director, Member Supervision Specialist Programs, at (816) 802-4729 or by email.

View Full Notice Here:

FINRA Shares Practices Firms Implemented to Prepare for the LIBOR Phase-out

Regulatory Notice 20-26

Summary:

FINRA reminds firms to evaluate their exposure to LIBOR (formerly, the London Interbank Offered Rate), and review their preparedness to manage LIBOR’s phase-out. To understand how firms are preparing for that phase-out, FINRA surveyed a representative cross-section of member firms, including some firms with significant trading volume or positions in LIBOR-linked securities. This Notice provides a summary of the results of the survey.

Questions concerning this Notice should be directed to:

  • William Bidell, Director, Market Regulation, at (646) 315-8525 or by email;
  • Roberto Setola, Senior Director, Member Supervision, at (202) 728 8035 or by email;
  • Pat Tobin, Director, Member Supervision, at (212) 416-1505 or by email.

View Full Notice Here:

FINRA Encourages Firms to Notify FINRA if They Engage in Activities Related to Digital Assets

Regulatory Notice 20-23

Summary:

For the past two years, FINRA has encouraged firms to keep their Risk Monitoring Analyst (formerly known as a “Regulatory Coordinator”) informed if the firm, or its associated persons or affiliates, engaged, or intended to engage, in activities related to digital assets, including digital assets that are non-securities.1 FINRA appreciates members’ cooperation with this request and is encouraging firms to continue to keep their Risk Monitoring Analyst abreast of their activities related to digital assets until July 31, 2021.

Questions concerning this Notice may be directed to:

  • Kosha Dalal, Vice President & Associate General Counsel, Office of General Counsel (OGC), at (202) 728-6903 or by email;
  • Racquel Russell, Associate General Counsel, OGC, at (202) 728-8363 or by email; or
  • Cara Bain, Assistant General Counsel, OGC, at (202) 728-8852 or by email.

View Full Notice Here:

Cybersecurity Alert: Measures to Consider as Firms Respond to the Coronavirus Pandemic (COVID-19)

Information Notice FINRA – 3/26/20

Summary:

As work processes adjust in response to COVID-19, firms and their associated persons should take appropriate measures to address increased vulnerability to cybersecurity attacks and to protect customer and firm data on firm and home networks, as well as devices.

This alert provides firms and associated persons with measures they may use to help strengthen their cybersecurity controls in areas where risks may increase in the current environment. In particular, FINRA understands the resource challenges that small firms may face, but hopes that the information included below may help them address possible cybersecurity issues associated with remote work.

However, this alert does not provide an exhaustive list of steps that firms and associated persons should consider. Further, the alert is not intended to express any legal position, and does not create any new legal requirements or change any existing regulatory obligations.

FINRA is committed to providing guidance, updates and other information to help stakeholders stay informed about the latest developments on FINRA’s COVID-19/Coronavirus Topic Page. New information will be posted on that webpage as it becomes available.

Questions concerning this Notice should be directed to:

Dave Kelley, Director, Member Supervision Specialist Programs, at (816) 802-4729.

View Full Notice Here:

FINRA: Small Firms Will Be Permitted To Spread Out Payment of the Annual Assessment

FINRA announced the below information:

FINRA recognizes the current economic turbulence the spread of COVID-19 has caused small firms, in particular. With that in mind, we are providing temporary relief for small firms with respect to 2020 Gross Income Statements and Personal Assessments (Annual Assessments).

Generally, payment of Annual Assessments is due in full within 30 days of receipt or in four quarterly installments. In 2020, FINRA is permitting small firms—identified under the FINRA By-Laws as having no more than 150 registered persons—to treat 2020 Annual Assessments as billed as of August 1, 2020, rather than as due upon receipt in April. Further, small firms that choose to do so will be allowed to pay 50 percent of the amount due on September 1, 2020, and the remaining 50 percent on December 1, 2020. If a small firm does not submit payment within 30 days of receipt, FINRA will assume the firm has chosen to make payment to FINRA via the two September 1 and December 1 installments. In addition, small firms that exit FINRA membership before September 1, 2020, will not be expected to pay the Annual Assessment for this year.

Please review the related FAQ on FINRA’s COVID-19 page for more information, including guidance on how small firms should treat the deferred payments for net capital purposes.