Broker-Dealer Compliance

Oversight

• Supervision: FINRA-registered supervisors that typically sit on a trading desk or within close proximity of associated person should determine if the required level of oversight can be maintained electronically while working from an alternative location.  Supervisors may consider increased monitoring of group chats or video conferences conducted by associated persons.

Communications

• Customers: Verify that supervisory control policies and procedures are able to mitigate risks that may arise due to the inability to communicate with customers.
• Internal: Confirm that front, middle, and back-office communication channels are established to effectively escalate compliance issues to the compliance team. Supervisors may consider defining and distributing phone trees to ensure proper coverage and communications.
• FINRA: Update contact information. Member firms are encouraged to review their emergency contacts to ensure that FINRA has a reliable means of contacting each member.
• Regulatory Filings: Determine if the firm can continue FOCUS filings, Supplemental FOCUS Information, Form Custody filings, etc.

Recordkeeping

• Personal and Private Data: Determine if client and employee PII is secure. Supervisors may consider protecting client data by prohibiting remote printing or storing.
• Client Statements: Confirm that the custodian has the required information/is able to provide customer statements.

Cybersecurity

• New Cyber Threats: Identify new vulnerabilities based upon remote working environments and provide training to encourage heightened awareness of possible threats during remote working.
• Technology Controls: Verify that (1) virtual private networks (VPN) and other remote access systems are properly patched with available security updates; (2) system entitlements are current; (3) multi-factor authentication is in use for associated persons who access systems remotely; and (4) associated persons are aware of best practices to protect the firm.