INFOGRAPHIC - A Comprehensive Guide To FINRA Compliance

FINRA can be a major stumbling block for some financial firms but having a trusted expert on your side provides a dependable path to compliance and confidence.

September 19, 2019Manhattan Tech Support

IT Consulting & StrategySecurityTech Support & Managed IT ServicesFinance

MSP Infographic (FINRA Compliance)_700px

A Manhattan Tech Support Guide to FINRA Compliance

FINRA can be a major stumbling block for some financial firms but having a trusted expert on your side provides a dependable path to compliance and confidence.

The Financial Industry Regulatory Authority (FINRA) is an independent, nongovernmental organization that writes and enforces rules that govern the securities industry. The three primary goals of FINRA are:

  • Foster transparency in the financial services marketplace
  • Enforce high ethical standards
  • Safeguards investors from malfeasance

For over 20 years, both Manhattan Tech Support — and its dedicated security division Kaytuso — have been helping financial firms gain visibility into their FINRA exposure and navigate the difficult road to FINRA compliance.

Over 100 billion financial transactions are processed by FINRA every day.[1]

A Brief History of FINRA

The history of FINRA extends almost 100 years back to the very earliest forms of financial regulation in the United States.

  • 1929 – The Wall St. Crash of 1929 leads to the creation of the Securities Exchange Act of 1934 and the Maloney Act.
  • 1939 – The National Association of Securities Dealers (NASD) is created to better implement those two acts, as well as other securities oversight provisions.
  • 1971 – NASD launches a computerized stock trading system called the National Association of Securities Dealers Automated Quotations (NASDAQ).
  • 2007 – Parts of NASDAQ and the New York Stock Exchange (NYSE) combined to create FINRA, streamlining the regulatory process and compliance standards.
  • 2019 – With headquarters in both Washington, D.C. and New York City — in addition to 20 regional offices throughout the country — FINRA now has approximately 3,000 employees.

What does FINRA Compliance Require?

At the highest level, FINRA technical requirements are focused on a few main objectives, each of which the Manhattan Tech Support team can help you achieve.

  • The implementation of risk management architecture
  • The protection of personal customer information
  • The deployment of supervisory controls

Each of these objectives is outlined in detail through FINRA’s many rules and guidelines, which include:

  • FINRA Rule 3110
    Standards for supervisory practices and documentation, branch office supervision, and human resource needs.
  • FINRA Rule 4530(b)
    Requirements for the reporting of financial irregularities and violations, including security self-assessments.
  • 17 CFR §248.201-202
    Policies and procedures to protect customer information from cyber-attacks.
  • 17 CFR §248.1-100
    Explains the firm’s responsibility in the detection and prevention of identity theft.

Strict Controls for Data Archiving

Another important part of FINRA is data archiving. SEC rule 17a-3, 17a-4, and FINRA Rule 4511 outline requirements for the archiving of communications, including email, text messages, team messages, and more.

Some of the specific rules include:

  • Archiving of records on non-renewable, non-erasable formats
  • Requirements for retention length, record format, record quality, and record availability
  • Ensure that archives are available for at least seven years

The Role of Cloud Computing in the Financial Services Industry

In 2019, FINRA announced a new set of standards to improve cloud security at financial firms. The new regulation will require that every firm have a plan to govern cloud applications and services with the same rigor that they manage traditional on-premise solutions.

Manhattan Tech Support guides financial firms through the FINRA cloud vendor management process

  • Onboard
    Establish a relevant set of controls based on a careful evaluation of cloud vendor service level agreements (SLAs)
  • Operation
    Ensure strong FINRA collaboration through vendor lifecycle, including security event notification, audits, testing, and more.
  • Termination
    Proper removal and destruction of protected data once your relationship with a cloud vendor has ended.

The NIST Cybersecurity Framework — An Indispensable Tool for Strong FINRA Compliance

FINRA’s regulations—especially those designed for small and midsized firms — are greatly informed by the National Institute for Standards and Technology (NIST) Cybersecurity & Risk Management Frameworks – federal resources originally designed to help protect national infrastructure from cyber threats.

NIST is a comprehensive system for managing cybersecurity risk, which outlines five distinct phases for effective risk management.

  • Identify
    Find the vulnerabilities of your physical and digital assets
  • Protect
    Control access to those assets with appropriate safeguards
  • Detect
    Maximize visibility over your network and identify threats quickly
  • Respond
    Contain cybersecurity events with a response plan
  • Recover
    Restore damaged services with a clearly defined action plan and set of tools

The Manhattan Tech Support team has been using the NIST framework for over 20 years to improve the cybersecurity at firms in the financial services sector. If you’d like to learn more about how we use the NIST framework, check out our blogs and infographics.

The High Cost OF FINRA Non-Compliance

FINRA compliance isn’t a hurdle that securities firms should take lightly. Compliance violations often come with stiff penalties, which can do irreparable damage to a small or midsized firm.

In 2016, FINRA distributed a record-setting $173.8 million in fines.[i]

In 2018, FINRA initiated 921 disciplinary actions, levied fines totaling $61 million, and ordered restitution of $25.5 million to investors.[ii] It also suspended 472 brokers.[iii]

While the total number of fines experienced a brief lull last year, FINRA regulators have indicated those numbers will likely climb again as they adopt new technologies, like artificial intelligence (AI), to detect compliance issues with greater efficiency.[iv]

Manhattan Tech Support Makes FINRA Compliance Easy

Don’t let FINRA compliance become a liability for your business. The experts at Manhattan Tech Support have been providing the financial services industry with comprehensive FINRA compliance solutions for two decades, and we’re eager to help more firms discover the deep sense of confidence and preparedness our FINRA service provides.

Do you have a question for our FINRA experts? Contact us anytime at 212-299-7673 or

 

1 https://www.finra.org/newsroom/2019/market-volatility-drives-finras-volume-new-record-2018

2 https://www.nist.gov/cyberframework

[i] https://www.thinkadvisor.com/2017/03/03/finras-5-biggest-fine-categories-in-2016/?slreturn=20190727113623

[ii] https://www.investopedia.com/terms/f/finra.asp

[iii] https://www.finra.org/sites/default/files/2018_Annual_Financial_Report.pdf

[iv] https://www.wealthmanagement.com/regulation-compliance/why-decline-fines-doesn-t-mean-relaxed-enforcement

SEE MORE

Kaytuso – the cybersecurity & regulatory compliance division of ManhattanTechSupport.com LLC.

Exceed Digital – the custom software development and business intelligence solutions division of ManhattanTechSupport.com LLC

Related Articles

Why Outsourced IT Help Desk is NOT a Risky Strategy

calendar October 31, 2019

author Manhattan Tech Support

Cloud Services IT Consulting & Strategy Tech Support & Managed IT Services Construction Education Finance Healthcare Legal Real Estate

Why Outsourced IT Help Desk is NOT a Risky Strategy

An IT help desk can boost productivity and ensure that your technology infrastructure stays functioning optimally. But, building an internal IT help desk team is an expensive, resource-intensive project that involves finding and hiring qualified desktop support technicians, training them

Read More
How Elite Managed IT Service Providers Price Their Offerings

calendar October 15, 2019

author Manhattan Tech Support

IT Consulting & Strategy Tech Support & Managed IT Services Construction Education Finance Healthcare Legal Real Estate

How Elite Managed IT Service Providers Price Their Offerings

There are several factors that separate elite IT managed service providers (MSPs) from average ones, like technical ability and a deep dedication to customer service. With its team of NYC-based engineers certified by leading technology vendors — as well as

Read More
5 Common Cybersecurity Myths That Endanger Small Businesses

calendar October 4, 2019

author Manhattan Tech Support

IT Consulting & Strategy Security Construction Education Finance Healthcare Legal Real Estate

5 Common Cybersecurity Myths That Endanger Small Businesses

Because it’s so complicated, cybersecurity is a difficult topic for small and midsized businesses to engage in. There are many things that go into good cybersecurity, like malware protection, network, and server security, application security, and the management of mobile

Read More