Learn how to identify, manage and mitigate the risks and costs associated with FINRA 2210, 2010, 17a-4.
Are you subject to regulation by the Financial Industry Regulatory Authority (FINRA)? If so, you'd better be sure your record keeping is bullet-proof. But even if you and your associates go out of your way to follow the rules and always do right by the customer, FINRA Rule 2010 means you can never be too certain. When a regulation is vaguely defined, regulatory action or lawsuits are likely a loose interpretation away.
What Makes FINRA 2010 a "Catch-All" Regulation?
FINRA 2010 is a rather broad piece of regulatory script --- a "short rule with a long reach" if you will. The rule itself requires that FINRA-registered actors "shall observe high standards of commercial honor" along with "just and equitable principles of trade." But what this means is never specifically defined, and so is open to interpretation.
A major law firm writes that "FINRA Rule 2010 is a broad, sweeping rule that is utilized to address misconduct that is not directly addressed by another FINRA rule." But the firm goes a step further describing FINRA Rule 2010 as "the catch-all provision for broker misconduct."
Because the rule is so broad, firms should take care to document their interactions with clients and prospects. You must always be in a position to prove that you not only followed the explicit rules but also actively demonstrated "high standards, just and equitable principles."
Whose Documents can be Subpoenaed by FINRA?
Now that we have a better understanding of FINRA Rule 2010, let's move to FINRA Rule 8210. Here, the regulatory authority can compel "a member, person associated with a member, or any other person subject to FINRA's jurisdiction" to produce, upon demand within discovery and related proceedings, testimony (under oath) and documents --- the keyword here being documents. So if you become embroiled in a FINRA 2010 controversy, you need to be prepared for both physical and digital discovery.
But discovery is not limited to you alone. Digging still deeper in the regulatory language, FINRA Rule 1011 goes on to define "associated" --- in other words, who else might need to join you in responding to discovery requirements. Again FINRA casts a wide net, in that becoming the associate of a person of FINRA interest is very easy. All one needs to do is work at the same firm and be licensed under FINRA. This might be a partner in the firm, an officer, a director, or a branch manager. When all is said and done, just about the only people at your firm who are exempt from the need to present documents in a FINRA action --- physical or digital --- are those who are solely clerical.
What about FINRA 2210?
FINRA 2010 is the catch-all regulation, but there are plenty of additional FINRA rules with which broker-dealers and similar firms must contend. Another broad set of compliance challenges stems from FINRA Rule 2210: Communications with the Public. Here, principals and their associates are liable for, among other things, the content of any "advertisement, sales literature, correspondence, public appearance", or an "independently prepared report".
One of the most important takeaways from FINRA 2010, FINRA 2210, FINRA 1011, FINRA 8210, and similar regulations is that if you are subject to any of these rules, you are also subject to FINRA 17a-4. This is an overriding regulation defining the standards for digital record keeping under anything FINRA-related --- and it is rigorous.
What are the E-Discovery Rules for FINRA 17a-4?
FINRA 17a-4 requires that the digital actions of all principals and their associates --- practically speaking the entirety of your firm --- must be preserved for a period of six years. This includes everything mentioned in FINRA 2210. Recognize, though, broad definitions such as "communications" can also extend to external social media (e.g. LinkedIn, Facebook), internal communications (e.g. Yammer, Slack), internal productivity tools (e.g. Monday.com, Wrike), and, of course, the company website.
Moreover, FINRA 17a-4 stipulates that this digital footprint be stored in a non-rewritable, non-erasable, immutable format. Often referred to as a "write once, read many" (WORM) format, this prevents tampering and provides regulators access to metadata, yielding clear provenance for any data. An additional stipulation is that there must be multiple backup locations --- "the dog ate my homework" will be disallowed.
Be aware that the ambiguity of the rule's language could lead to FINRA 2010 plaintiffs viewing your conduct differently to how you do yourself. The safest route to avoiding fines, censure, decertification, and reputational damage is therefore to make certain you can produce any and all digital documents when demanded within e-discovery.
How Can I Attain and Maintain Compliance?
Companies can attempt to capture, back up, and preserve their digital data on their own. But what about storage and delivery --- are you equipped with the latest technologies for indexing, search, and retrieval?
At MirrorWeb, data preservation, e-discovery, FINRA compliance, and related essential digital due diligence are our primary focus. Our multiple web crawlers dutifully and relentlessly pore across your enterprise, its communications, email threads, websites, and social media postings to capture each and every digital entry.
We preserve your data backing up on redundant sites using WORM compliance. The data is yours whenever needed. Should a FINRA query arise, you can search and respond quickly, thoroughly, and precisely.
Of course, FINRA is not the only agency that may present you with demands for e-discovery. Recognize you and your firm could also be exposed to a wide range of regulatory bodies or even civil proceedings. It is for these reasons we would welcome the opportunity to discuss your needs and exposures and the services and peace of mind we have to offer.