NASAA Announces Speakers and Agenda for November 3 “NASAA’S Senior Issues and Diminished Capacity Committee Presents” Webcast

NASAA Updates: Latest NewsNASAA Announces Speakers and Agenda for November 3 “NASAA’S Senior Issues and Diminished Capacity Committee Presents” Webcast Oct 03, 2022 12:13 pm | Karen Grajales WASHINGTON, D.C. – (October 3, 2022) – The North American Securities Administrators Association (NASAA) today announced the speakers and agenda for NASAA’s next “Senior Issues and Diminished Capacity Committee Presents” webcast. The webcast, scheduled for November 3, from 2:30 – 4:00 p.m. ET, is complimentary and open to the public. “This webcast continues the important discussion of strategies and tactics aimed at combatting the financial exploitation of older and at-risk investors. This is such an important topic for regulators and the securities industry. I want to thank Rich Szuch and the members of NASAA’s Senior Issues and Diminished Capacity Committee for organizing the program,” said NASAA President Andrew Hartnett. The webcast will address new scams and threats, how multidisciplinary teams work at the local, state, and federal levels to prevent fraud, and new training and education initiatives. There will be a detailed discussion about how the states, the SEC, FINRA, and APS agencies work together, and separately, to stop investor harm. The webcast will begin with opening remarks from President Hartnett. Richard Szuch, NASAA’s Senior Issues and Diminished Capacity Committee Chair and the New Jersey Bureau of Securities’ Enforcement Chief, will host the program. Webcast panelists are: Suzanne McGovern, Senior Advisor, Securities and Exchange Commission. Amanda Senn, NASAA Enforcement Section Co-Chair, Chief Deputy Director and General Counsel, Alabama Securities Commission .Joseph Snyder, former President, National Adult Protective Services Association (retired). Jennifer Spoeri, Executive Director, National Adult Protective Services Association. Jeanette Wingler, Associate General Counsel, FINRA, and Jim Wrona, Vice President and Associate General Counsel, FINRA. To register for the free webcast, visit the NASAA website. About NASAA:Organized in 1919, the North American Securities Administrators Association (NASAA) is the oldest international organization devoted to investor protection. NASAA is a voluntary association whose membership consists of securities regulators in the 50 states, the District of Columbia, Puerto Rico, the U.S. Virgin Islands, the 13 provincial and territorial securities regulators in Canada, and the securities regulator in México. For more information, visit www.nasaa.org. For More Information: Jeanne Hamrick | Director of Communications 202-737-0900 Karen Grajales | Communications & Investor Outreach Manager 202-737-0900 The post NASAA Announces Speakers and Agenda for November 3 “NASAA’S Senior Issues and Diminished Capacity Committee Presents” Webcast appeared first on NASAA.

NASAA Launches Exam Validity Extension Program for Investment Adviser Representatives

NASAA Updates: Latest News

NASAA Launches Exam Validity Extension Program for Investment Adviser Representatives

Oct 31, 2023 11:38 am | Karen Grajales

WASHINGTON, D.C. – (October 31, 2023) – The North American Securities Administrators Association (NASAA) today announced the launch of the Investment Adviser Representative Exam Validity Extension Program (IAR EVEP). The IAR EVEP provides eligible individuals with the opportunity to extend the validity of their Series 65 examination for up to five years while not registered with a jurisdiction that has adopted the program. Eligible individuals can now extend all NASAA examinations through both the Broker-Dealer Agents (AG) EVEP and the IAR EVEP in participating states.

“With the release of the IAR EVEP, individuals can now enroll all of their eligible NASAA exams into the applicable exam validity extension programs,” said Claire McHenry, NASAA President and Deputy Director of the Nebraska Department of Banking and Finance Bureau of Securities. “The IAR EVEP, specifically, will allow eligible individuals the opportunity to maintain the validity of their state qualification exams while staying relevant on industry practices and ethical responsibilities by completing the required IAR CE.”

Eligible individuals may enroll in the IAR EVEP through their Financial Professional Gateway (FinPro) account to extend their Series 65 examination validity, for up to five years by paying an annual fee of $35 and maintaining compliance with program requirements. Importantly, while all eligible individuals can enroll in the program, exam validity extensions will only be recognized when an individual reenters the industry and registers in states that have adopted the program.

Now that both programs are accepting enrollments, eligible individuals have the opportunity to enter the IAR EVEP and the AG EVEP to extend both parts of the Series 66 exam by enrolling their Series 63 and Series 65 Credits, if applicable.

More information, including updates on state adoption of these programs, can be found here.

– NASAAAbout NASAA:

Organized in 1919, the North American Securities Administrators Association (NASAA) is the oldest international organization devoted to investor protection. NASAA is a voluntary association whose membership consists of the securities regulators in the 50 states, the District of Columbia, Puerto Rico, Guam, the U.S. Virgin Islands, the 13 provincial and territorial securities regulators in Canada, and the securities regulator in México. For more information, visit www.nasaa.org.

Request

Hi all – I have a client that has transitioned from TD Ameritrade to Schwab. They are looking for someone that has used both custodians and has used TD and Schwab’s docusign or digital onboarding. They have some questions. If this is you, please let me know at cindi@hilladvisors.com and I can connect you. Thanks!

Scam email

The following email, supposedly from FINRA is making the rounds. It is a scam.

Submission of One or More Data Items Is Due

This request has been issued by Investment Adviser Registration Depository (IARD), (FINRA) and U.S SEC.

Following the U.S SEC. records, your firm meets the criteria of advisers who are required to complete the enclosed data request report on or before Friday, 7th of April.

Please note that your investment adviser registration will be considered inactive after the due date for submitting the required information.

The submission obligation is only satisfied once all of the items have been successfully submitted. We advise you to submit as soon as possible.

Sincerely,

Financial Industry Regulatory Authority (FINRA).

1735 K Street,

NW Washington,

DC 20006

DOL Prohibited Transaction Rule aka DOL Fiduciary Rule 3.0

The Department of Labor (DOL) Fiduciary Rule became effective February 16, 2021, with a compliance date of December 20, 2021.

Under 3.0, advice to rollover or transfer an account is fiduciary advice…even though the prospect is not yet a client.

ERISA fiduciaries are subject to the prohibited transaction rules, primarily 408(b) which prohibits self-dealing. This is all very similar to the DOL Fiduciary Rule from 2016, that was vacated by the U.S. Court of Appeals Fifth Circuit in May 2018.

The new 3.0 requires four elements of disclosure:

1. Affirmation of ERISA fiduciary duty
2. Description of services to be provided
3. Disclosure of material conflicts of interest
4. Explanation of the reasons for the recommendation and how it is in the Retirement Investor’s best interest

A firm’s Policies and Procedures must be updated to include the information required for 3.0.

All this said, it appears that ERISA may be changing the requirements by starting all over again. So It is suggested to have a plan to be ready to implement by December 20th, but to understand that the requirements and compliance date could change.

Another FINRA phishing scam

There is another FINRA phishing scam that has been going out. The email appears to be from Jeffrey Kalinowski at FINRA. He really works at FINRA, but the email is a scam. Don’t click on any links in the email.

Cybersecurity Guidance for Investment Advisers Managing ERISA plans

Jun 03, 2021 03:51 pm | by Jaqueline Hummel, Partner and Managing Director, Hardin Compliance

For Investment Advisers and Broker-Dealers

DOL issues Cybersecurity Guidance.  On April 14, 2021, the U.S. Department of Labor (“DOL”) Employee Benefits Security Administration (“EBSA”) issued cybersecurity guidance directed towards ERISA plan sponsors and ERISA fiduciary advisors.  While the guidance appears similar to SEC’s advice, there is one noticeable difference:  the DOL says firms “should” have a reliable annual third-party audit of security controls.  As part of this audit, EBSA expects to see audit reports, audit files, penetration test reports, and any other analyses or reviews of cybersecurity practices.  EBSA also wants documented corrections of any weaknesses identified in the independent third-party analyses.  What are the implications to firms subject to this guidance?  Will the DOL consider it a breach of fiduciary duty if a firm does not hire a third party to conduct an audit of its security controls?  Can a firm do this assessment internally?  Time will tell if this is a best practice or a requirement.

In addition to the third-party review, the DOL provided these best practices that ERISA plan service providers “should” follow:

1. Implement a well-documented cybersecurity program.
2. Conduct a prudent annual cybersecurity risk assessment.
3. Clearly define and assign informational security roles and responsibilities.
4. Establish robust access control procedures.
5. Ensure that any assets or data stored in a cloud or with a third party are subject to appropriate security assessments.
6. Conduct periodic cybersecurity awareness training.
7. Implement and manage a secure system development life cycle (SDLC) program.
8. Establish an effective business resiliency program addressing business continuity, disaster recovery, and incident response.
9. Encrypt sensitive data stored and in transit.
10. Implement strong technical controls that meet best security practices.
11. Respond to any past cybersecurity incidents.

The DOL guidance was published in three separate pieces: Tips for Hiring a Service Provider with Strong Cybersecurity Practices, Cybersecurity Program Best Practices, and Online Security Tips for Participants and Beneficiaries.  Contributed by Glenn R. Skreppen, Senior Compliance Consultant.

EMAIL SCAM

Many of you may have received the FINRA: New Request email below. It is a scam.

FINRA: New Request

View Request

Case 202106980000Request ID 3989971Date Requested 06/07/2021FINRA Requester Ta’She Spencer-Clifton                                                                                                                                            Dear Eileen,A Firm Compliance Request has been issued by FINRA for your firm.Follow the information in the letter above to complete the request. Late submission may attract penalties.Please respond to this email for additional information. Sincerely, Ta’she Spencer Clifton Principal Compliance Examiner Financial Industry Regulatory Authority (FINRA). 1735 K Street, NW Washington, DC 20006 347-201-4704

10 Remote Compliance Best Practices

from Cipperman Compliance Services

Today, we offer our “Friday List,” an occasional feature summarizing a topic significant to investment management professionals interested in regulatory issues. Our Friday Lists are an expanded “Our Take” on a particular subject, offering our unique (and sometimes controversial) perspective on an industry topic.

Several C-suite investment management executives have asked for our advice on how to ensure an effective compliance program with everybody, including the Chief Compliance Officer, working from remote locations. We’re glad they asked. Over the last 17 years, we have developed a very effective remote chief compliance services offering that has withstood SEC scrutiny through market highs, market lows, a variety of business models, multiple locations, and, now, a pandemic. Whether you are the CEO worried about what you don’t know or a CCO who is overly reliant on “water cooler compliance,” we offer 10 best practices that we follow to implement an effective remote compliance.

10 Remote Compliance Best Practices:

1.	Scheduled and consistent communication. The CCO must ensure a consistent flow of information. We formalize this process by conducting weekly compliance meetings that include detailed pre-meeting agendas and followed with written minutes.

2.

Multiple touch points. Accessibility is crucial to an effective compliance program. Many in-house CCOs may now be distracted with home responsibilities and distractions. Our firm deploys a 2+ person team for every client so that somebody is always available to respond to compliance questions or issues. Our clients also can access other members of the team for support.

3.

Online tools. Compliance officers can use key on-line technologies for effecting the compliance program. For example, we utilize BasisCode to vet employee trading and ensure Code of Ethics compliance. Other tools that are available in the industry include portfolio monitoring, trading compliance, and email reviews.

4.	File sharing. All employees should have immediate access to compliance documents. We utilize Box, an online file sharing tool, so that our clients can review policies, testing, approved marketing materials and disclosure documents.

5.	Responsiveness. The CCO should respond immediately to all requests on a 24/7/365 basis. Our firm policy is to respond within 120 minutes and provide an answer within 24 hours. This policy includes reviewing and revising marketing materials within 24 hours.

6.	Testing. Much compliance testing can be done remotely. We have developed several compliance tests that involve transaction sampling, document reviews and interviews. We plan to use future on-site visits to confirm our findings.

7.

Workload. Many firms have failed to devote sufficient resources to the CCO, who juggle many balls and roles during their workdays. The remote working environment throws the under-resourcing into relief as the remote CCO struggles to answer all the calls. Our firm, by monitoring workloads, hours and fees, makes certain that nobody is so overwhelmed that we can’t meet our service and quality standards.

8.

Management involvement. Too many CCOs fail to include senior management in ongoing compliance matters, thereby becoming the proverbial tree that falls in the empty forest. We recommend that every client creates a compliance committee of senior leaders that meets quarterly to address compliance issues.

9.

Accountability. What happens if the remote CCO fails to adequately perform his/her function because of other distractions? Is somebody adequately managing the CCO? Can you terminate without another option? By contrast, our firm assumes the CCO liability and executes a service level agreement that holds us accountable for our promises.

10.

On-Site visits. Meeting in person helps to verify testing and complete due diligence. We commit to no less than 6 on-site visits per year for every client for whom we serve as CCO. During the pandemic, we will conduct on-site visits via videoconference but plan to go on-site to confirm testing and complete due diligence.

Update on PPP disclosure

FA Advisor magazine

UPDATE TO THIS ARTICLE – THE DEADLINE TO RETURN HAS BEEN EXTENDED TO 5/14/20

Also, if you need to disclose the PPP loan on your ADV Part 2, it must be done within 30 days.  I believe that if the PPP is not disclosed, the SEC may be calling you to discuss why you haven’t disclosed.

Disclosure Of The PPP Loan On Form ADVs
On April 27, 2020, the Securities and Exchange Commission issued FAQs specific to advisors experiencing Covid-19 issues. In these FAQs, the SEC addressed whether an advisor who has received a PPP loan has to disclose the loan to its clients through an ADV filing. While the SEC does not directly answer this question in the affirmative, its guidance indicates that advisors are strongly urged to make the disclosure, and we agree. First, the SEC points out that advisors have a fiduciary duty requiring them to “make full and fair disclosure” to clients of “all material facts.” The SEC further states that “if the circumstances leading [the advisor] to seek a PPP loan or other type of financial assistance constitute material facts relating to [the advisor’s] advisory relationship with clients, it is the staff’s view that [the advisor] should provide disclosure of, for example, the nature, amount and effects of such assistance.” While the SEC lists two specific examples of situations requiring ADV disclosures (paying advisory personnel salaries and meeting contractual commitments to clients), we believe there are very few scenarios, if any, in which the acceptance of the PPP loan would be immaterial and not disclosable in an advisor’s ADV. Given that the PPP loan requires certification that the loan is necessary to support ongoing operations and can only be used for limited crucial expenses associated with the advisor, such as rent payments and utilities, the SEC would likely deem the acceptance of PPP funds as a material fact for purposes of the ADV. The reason why is because acceptance of the PPP funds is relevant to the financial condition of the advisor. If an advisor returns the PPP loan by the May 7 deadline, ADV reporting would likely be unnecessary.