FINRA recently sanctioned a broker-dealer (the “Firm”) for failure to deliver prospectuses in connection with its sale of ETFs. FINRA also found that the Firm failed to implement a supervisory system reasonably designed to achieve compliance with securities laws and regulations governing ETF prospectus delivery. The Firm was censured and agreed to a fine of $3 million. This fine is a significant increase in the amounts imposed by FINRA since 2011 in its disciplinary proceedings against member firms for their failures to meet their prospectus delivery obligations (see our related blog post).
FINRA found that the Firm failed to deliver prospectuses for approximately 255,000 purchases of 160 ETFs during the period from September 2010 to November 2010. The Firm self-reported the delivery failures to FINRA.
According to FINRA, the Firm used manual reviews of three stock exchange websites to identify newly-listed ETFs. If a new ETF was identified, the reviewer manually entered a code in the Firm’s automated system to trigger prospectus delivery when it sold an ETF. FINRA found that the procedures did not require quality checks and that supervisors in fact did not perform such checks. FINRA said that it was “reasonably foreseeable that the manual process could result in human errors, [but] the Firm’s supervisory system did not provide a sufficient process through which the Firm could detect and prevent these errors.”
FINRA also found that the Firm’s decentralized supervisory system was not reasonably designed to ensure compliance with ETF prospectus delivery obligations. As a result of a previous FINRA matter, the Firm was required to certify that its policies and procedures regarding delivery of ETF prospectuses were reasonably designed to ensure compliance with the federal securities laws and NYSE rules. However, when the individual who signed the 2007 certification departed the Firm, there was no longer clear ownership of ETF prospectus delivery. FINRA said that the decentralized supervisory system contributed to the Firm’s failure to identify deficiencies in its ETF prospectus delivery process and to timely remedy the inadequacies in its manual process. Moreover, FINRA said that the Firm did not timely respond to red flags indicating that it had experienced failures to deliver.
According to FINRA, the firm’s testing of ETF prospectus delivery that was conducted by internal audit, compliance, and operations control was conducted on a limited sample of trades. FINRA said that the small sample size was inadequate to ensure verification of the Firm’s procedures, and internal audit did not assign an appropriate risk level to testing the ETF delivery procedures.
Prospectus delivery continues to be an important issue for FINRA, and against the backdrop of FINRA’s generally increasing monetary penalties, the regulator could impose substantial fines for prospectus delivery failures if it finds a systemic pattern of delivery failures. To put it another way, delivery failures resulting from gaps in procedures can add up in a hurry, and fines are often proportional to the number of failures.
Firms that sell ETFs, mutual funds, and other such products should consider reviewing their policies and procedures for prospectus delivery, with a view to addressing the deficiencies found by FINRA in this and other actions.
- Responsibility for these procedures should be clearly assigned, with the line of governance clearly traceable to the top of the compliance structure.
- Testing procedures should be evaluated for the scope and frequency of the tests and a clear understanding of prospectus delivery obligations.
- Seemingly isolated instances of delivery failures should be examined, with the root cause analyzed to ensure that it is not emblematic of a larger problem.
That said, FINRA’s findings related to the failure of the Firm to ensure that the lessons of past regulatory deficiencies were not lost over time, and FINRA stressed that changes of personnel are at least as significant as the failure to meet prospectus delivery requirements. Broker-dealers should ensure that compliance policies are not only reasonably designed to comply with the federal securities laws but that procedures are implemented to review and consider past regulatory deficiencies on a regular basis, and ensure that compliance policies and related testing protocols, adequately address such matters.