On February 4, the UK’s Joint Money Laundering Steering Group (JMLSG) announced proposed amendments to its anti-money laundering (AML) and counter-terrorist financing (CTF) guidance (the Guidance). The JMLSG is a UK-focused group of trade bodies which produces AML and CTF guidance to assist the financial services industry.
Continue Reading

On January 27, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission issued a statement summarizing its observations of cybersecurity and operational resiliency practices of broker-dealers, investment advisers, clearing agencies, national securities exchanges and other SEC registrants (the Observations). In its introduction to the Observations, the OCIE staff notes that cybersecurity is a key priority for OCIE. Therefore, although the OCIE staff acknowledges that there is not a “one-size fits all” approach to addressing cybersecurity, it recommends that SEC registrants assess their cybersecurity practices in light of the Observations.
Continue Reading

On January 28, the Commodity Futures Trading Commission (CFTC) announced that it will adopt the National Institute of Standards and Technology (NIST) Privacy Framework for data privacy protection. The NIST Privacy Framework is a voluntary tool developed in collaboration with stakeholders (e.g., service providers, customers, partners) intended to help organizations identify and manage privacy risk

On October 16, the Financial Industry Regulatory Authority (FINRA) published its 2019 Report on Examination Findings and Observations (Report). Unlike previous years, the Report delineates between examination “findings” and examination “observations.” “Findings” describe violations of a rule or regulation, whereas “observations” refer to suggestions regarding how firms can improve controls and mitigate risk. The annual Report summarizes various findings and observations from recent examinations of its member firms on a range of topics, including the following:
Continue Reading

The Financial Industry Regulatory Authority (FINRA) has issued a notice warning member firms that there appears to be an increase in imposter websites designed to mimic firms’ actual websites.

FINRA suggests that member firms take proactive steps to monitor for imposter websites, including registering URL name variations and using monitoring services to watch for imposter

On March 1, the National Futures Association (NFA) published Notice I-19-07 (Notice), alerting Members that April 1 will be the effective date for amendments to NFA’s Interpretive Notice entitled NFA Compliance Rules 2-9, 2-36 and 2-49: Information Systems Security Programs (Interpretive Notice). (For a discussion of such amendments, please refer to the January 11, 2019

On February 13, the Financial Industry Regulatory Authority (FINRA) published an information notice alerting member firms about a suspicious email received by compliance personnel at a number of member firms. The email, sent by a purported BSA-AML compliance officer at a credit union, describes an attempted transfer of money from a firm client that the

On January 22, the Financial Industry Regulatory Authority (FINRA) issued its annual Risk Monitoring and Examination Priorities Letter. This year’s letter includes a number of new areas for firms to consider in seeking to improve their compliance, supervisory and risk management programs.
Continue Reading