Thank you for inviting me to speak at this event. Your efforts to strengthen compliance and ethics throughout the private sector are profoundly important. Today I would like to address a topic of perpetual importance to all aspects of compliance and ethics programs, conflicts of interest. I will begin by explaining what I mean by a "conflict of interest," discuss why conflicts of interest are of particular interest to the Securities and Exchange Commission, and what the SEC and other regulators are currently focusing on regarding conflicts of interest. I will then turn to the role of risk management and risk controls within firms in identifying and managing conflicts of interest, especially the significance of managing conflicts of interest for the criteria laid out in SEC and FINRA compliance program rules and the U.S. Federal Sentencing Guidelines on effective compliance and ethics programs. Of course I begin by noting that views I express here today are my own and do not necessarily reflect the views of the Commission or of my colleagues on the staff of the Commission.
Why are conflicts of interest so important to the Commission's exam program? The National Exam Program ("NEP") has adopted a risk-based strategy, and we have identified conflicts of interest as a key area for our risk analysis. This is based on the long experience of our exam program that conflicts of interest, when not eliminated or properly mitigated, are a leading indicator of significant regulatory issues for individual firms, and sometimes even systemic risk for the entire financial system.
Accordingly, we focus on conflicts of interest as an integral part of our assessment of which firms to examine, what issues to focus on, and how closely to scrutinize. In addition, over the past two years we conducted a sweep on conflicts of interest around confidential information received through investment banking and other business operations, and have just issued a report on that sweep which I will discuss in a few minutes. We also try to flag conflicts of interest that we have identified in our National Examination Risk Alerts and other public statements. Other regulators have a similarly keen focus on conflicts of interest. For example, FINRA is currently conducting a sweep exam of its member firms concerning their efforts to identify and manage conflicts of interest.2
Last year at this event I spoke about the ways in which ethics underpinned the federal securities regulatory regime. So I should begin by tying ethics to conflicts of interest. If you will forgive me for a possible metaphorical overreach, one can think of ethical concepts as the white blood cells that make an organization's "immune system" – its compliance and risk management systems and culture – effective. Extending that same metaphor, conflicts of interest can be thought of as the viruses that threaten the organization's wellbeing. As in the microbial world, these viruses come in a vast array of constantly mutating formats, and if not eliminated or neutralized, even the simplest virus is a mortal threat to the body.
Especially when combined with the wrong culture and incentives, conflicts of interest can do great harm. This is why the Commission's National Exam Program ("NEP") has identified conflicts of interest as a key focus of its risk-based strategy the past few years. Accordingly, conflicts of interest are an integral part of our assessment of which firms to examine, what issues to focus on, and how to examine those issues.
What is a "conflict of interest"? It is hardly a term of art. A simple Google search shows that it is used in varying ways in different contexts. I prefer to think of a conflict of interest as a scenario where a person or firm has an incentive to serve one interest at the expense of another interest or obligation. This might mean serving the interest of the firm over that of a client, or serving the interest of one client over other clients, or an employee or group of employees serving their own interests over those of the firm or its clients. This way of thinking about conflicts takes the discussion to a broad consideration of what is the right thing to do as a matter of law and ethical decision-making. It also recognizes that there are reputational risks that can be damaging or even fatal to a business organization when people or firms make decisions that may be technically within the letter of the law, but are not in keeping with the spirit of the law and hard to explain to the constituencies with which they must keep faith, such as customers, creditors, investors, or employees.
This rubric is useful as far as it goes, but really just about any bad behavior can be explained in terms of conflicts of interest. The types of conflicts that I find most challenging are situations where people who profess to be ethical and clear-thinking are led astray by cultural pressure (poor tone at the top), misaligned financial incentives, herd behavior (everybody else is doing it), or just personal weaknesses –vanity, self-delusion or poor judgment. The best antidote for this type of conflict is a strong ethics program for the organization, as well as a strong internalized sense of ethics by everyone in an organization, manifested in their ability – especially executives, business managers, compliance officers and lawyers – to think independently, rigorously, and objectively.
Conflicts of interest exist throughout the commercial world. They are a particularly important challenge for large and complex financial institutions, which can have affiliations that lead to a host of potential conflicts of interest. If these are not carefully managed, this then leads to failure to protect the client's interests, with attendant regulatory and reputational risks that could be disastrous. Just as important, these businesses are highly dynamic, as new products, activities and trading strategies constantly evolve to meet changing client needs and market conditions. This means that new conflicts are constantly arising, and so these firms need to be very disciplined in continually searching for new conflicts and working through how to address them. In addition, approaches to remediating existing conflicts may also require regular reconsideration as circumstances change.
Failure to manage conflicts of interest has been a continuing theme of financial crises and scandals since before the inception of the federal securities laws. During the early 1930s, the Pecora hearings held by the Senate Committee on Banking and Currency revealed a vast array of self-dealing and other conflicts of interest throughout the financial markets, such as the use of bank loans to support bank affiliates and affiliate-underwritten securities, and incentives on the part of banks to give investment advice that supported affiliate-underwritten securities. As described by former SEC Chairman Arthur Levitt,
"Bank involvement in the securities markets came under close scrutiny after the 1929 market crash. The Pecora hearings of 1933, which focused on the causes of the crash and the subsequent banking crisis, uncovered a wide range of abusive practices on the part of banks and bank affiliates. These included a variety of conflicts of interest; the underwriting of unsound securities in order to pay off bad bank loans; and "pool operations" to support the price of bank stocks."3
Chairman Levitt went on to point out that these revelations of uncontrolled conflicts of interest provided much of the impetus for enactment of the Securities Act of 1933 and the Securities Exchange Act of 1934, and the Glass-Steagall Banking Act of 1933.4 Conflicts of interest were also a strong impetus for the Investment Company Act of 1940 and the Investment Advisor Act of 1940.
Recent decades have seen numerous examples of conflicts leading to crisis. The 1980s were marked by insider trading scandals such as the Ivan Boesky and Dennis Levine scandals, as well as the demise of the investment bank Drexel Burnham Lambert and the criminal conviction of its star employee Michael Milken following federal civil and criminal charges related largely to Milken's dealings with Boesky. The 1990s and early 2000s exposed yet more financial scandals. The bursting of the internet bubble in 2000 and 2001 exposed problems with conflicted research analysts who appeared to be influenced in their reports by their firms' investment banking interests, leading to new regulations of research by FINRA and to provisions in the Sarbanes-Oxley Act dealing with research analyst conflicts of interest. In 2003 the Commission staff "found that the use of brokerage commissions to facilitate the sales of fund shares [was] widespread among funds that rely on broker-dealers to sell fund shares, resulting in the adoption of new rules to prohibit funds from this practice."5
The financial crisis of 2008 could itself be the basis of a seminar on conflicts of interest. The crisis exposed apparent conflicts of interest in many areas, particularly in the production and sale of mortgage-backed securities, and among credit rating agencies that rated these instruments. For example, as the Financial Crisis Inquiry Commission ("FCIC") noted in its report, in 2007 the SEC investigated conflicts of interest among rating agencies in evaluating collateralized debt obligation ("CDO") deals, and issued a report in June 2008 citing conflicts at Moody's as a major concern. 6 The FCIC report cited many other purported conflicts underlying the crisis, including underwriters assisting CDO managers in selecting collateral,7 hedge fund managers selecting collateral from their funds to place in CDOs that they offered to other investors,8 and a conflict faced by Citigroup in offering "liquidity puts" that offered it significant fees in the short term but placed significant financial risk on it in the long term.9 Another prominent recent example is the settlement that the SEC reached with Goldman Sachs, in which that firm paid $550 million to settle charges filed by the Commission, and acknowledged that disclosures made in marketing a subprime mortgage product contained incomplete information as they did not disclose the role of a hedge fund client who was taking the opposite side of the trade in the selection of the CDO.10
Even since the financial crisis, another illustration of the problems that arise from poorly controlled conflicts of interest arose just this past summer, when Barclays Bank entered into civil and criminal settlements with U.S. and U.K. officials in which it admitted to misconduct related to possible collusion to fix the benchmark London Interbank Offered Rate ("LIBOR"). LIBOR is a critically important benchmark that is used to set short-term interest rates on many derivatives and other financial instruments.
The SEC and its staff have a long tradition of focusing on conflicts of interest. As one example, in 2003 then-SEC enforcement director Steven Cutler gave an important speech on the topic of conflicts of interest in 2003 that was a call to action for the financial services industry to institutionalize its controls around conflicts of interest and to monitor and control conflicts at a senior level. Since Cutler's speech, I believe that the disastrous events leading to the financial crisis of 2008 are further support for the SEC's concern about properly managing conflicts of interest.
It is important to recognize that regulators also have an obligation to be diligent about identifying and addressing conflicts of interest as they emerge. When our examination program identifies conduct that may create new risks for the industry, we share our concerns so that senior management, compliance and risk managers are not taken by surprise. One important vehicle by which we communicate key risks, such as conflicts of interest, is through our Risk Alerts, which we began issuing last year. These documents are a window through which we want to offer the public and the financial services industry a view on key risks and to share effective risk management practices that we have observed. These include conflicts of interest that we want to highlight, as well as practices that we have observed to control or mitigate conflicts. I want to also stress that the effective practices that we describe in the risk alert are for informational purposes and do not represent new legal or regulatory requirements.
The Commission also recently released a public report of examinations conducted by the NEP, FINRA and the NYSE regarding large broker-dealers' compliance with the information barriers requirement of Exchange Act Section 15(g).11 The report illustrates the types of conflicts of interest between a broker-dealer's obligations toward clients and other business interests that need to be identified and effectively managed in order to satisfy its obligation under Section 15(g) to "establish, maintain and enforce written policies and procedures reasonably designed… to prevent the misuse … of material nonpublic information" by the firm or its associated persons.
For example, the report explains that certain groups within broker-dealers routinely engage in discussions with corporate insiders in order to provide advice on strategic activities and financial management issues: these groups include investment banking departments, capital markets or syndicate groups that facilitate capital raising; and derivative sales groups. Moreover, certain groups within broker-dealers, such as sales, trading, stock lending or prime brokerage, may obtain non-public information regarding their institutional clients, such as order and position information. Such information, provided on a confidential basis to facilitate services provided to customers, could be misused to further the interests of the broker-dealer, either by giving it an unfair advantage in trading or enabling it to issue research reports based on such information.
In addition to discussing possible conflicts of interest between different business units or activities, the report also discusses situations and activities that can give rise to conflicts of interest, such as when a broker-dealer gives an "above-the-wall" classification to certain individuals or groups with the ability to influence trading. The staff was concerned that despite the conflict between their business responsibilities and receipt of material non-public information, the broker-dealers did not impose mitigating controls such as physical barriers, documentation or monitoring on that individual or group.
Conflicts that are also an ongoing key focus of the Commission's National Exam Program as we plan our examinations. Some of the conflicts of interest that are currently a high priority for our examinations include:
In addition to the high-profile cases that I mentioned earlier, conflicts of interest are at the heart of many cases that the Commission brings on a routine basis. For example, just last month the Commission brought a settled administrative proceeding against Focus Point Solutions and the H Group, two Oregon-based investment advisory firms and their owner regarding their failure to disclose compensation through a revenue-sharing agreement and other potential conflicts of interest to clients. As the Commission stated in its press release:
"Most notably, Focus Point did not disclose to customers that it was receiving revenue-sharing payments from a brokerage firm that managed a particular category of mutual funds being recommended to Focus Point clients. Because Focus Point received a percentage of every dollar that its clients invested in these mutual funds, there was an incentive to recommend these funds over other investment opportunities in order to generate additional revenue for the firm."12
An even more current example came in the past week when, in a joint effort among the enforcement and examination staffs together with the Division of Risk, Strategy and Financial Innovation, the Commission charged a former $1 billion hedge fund advisory firm, Yorkville Advisors LLC, and two of its executives with "scheming to overvalue assets under management and exaggerate the reported returns of hedge funds they managed in order to hide losses and increase the fees collected from investors." The Commission alleged that the defendants "enticed pension funds and other investors to invest in their hedge funds by falsely portraying Yorkville as a firm that managed a highly-collateralized investment portfolio and employed a robust valuation procedure." This is the latest of seven cases that the Commission has brought from its Aberrational Performance Inquiry, an initiative in which the staff uses proprietary risk analytics to identify hedge funds with suspicious returns. This is proving to be a very effective tool for the staff to identify significant conflicts among private fund registrants, and to use that information to target both examination and enforcement resources.13
Of course the Commission is not the only financial regulator that is concerned about the management of conflicts of interest in the financial services industry. Other financial regulators also frequently focus on this issue. For example, the Financial Industry Regulatory Authority ("FINRA") recently announced that it is currently conducting a targeted sweep examination of a number of firms on their approach to identifying and mitigating conflicts of interest, including an identification by each firm of the most significant conflicts that it is currently managing and the processes that the firm has in place to identify and assess whether any of its business practices put the firm's or its employee's interests ahead of those of customers. FINRA has explained that the goal of the sweep is to better understand industry practices in this area, and that it will seek to develop potential guidance for the industry based on what it learns from the sweep.14
Another current initiative by a fellow regulator is the recent publication by the Municipal Securities Rulemaking Board ("MSRB") of a concept proposal for public disclosure on its Electronic Municipal Access ("EMMA") system of certain payments and receipts by brokers, dealers and municipal securities dealers, as well as municipal advisors, of certain financial incentives, such as third-party payments, that may create conflicts of interest. According to the MSRB, this proposal follows a number of civil and criminal prosecutions involving alleged fraudulent activities relating to municipal securities offerings in which undisclosed third-party payments played a role.15
Given the centrality that controlling conflicts of interest has to the integrity of our financial markets, it is not surprising that managing conflicts has been a key focus of both statutory changes and new rules by the Commission. The Dodd–Frank Act contains numerous provisions relating to conflicts of interest. For example, Title VII contains a number of provisions that explicitly address conflicts of interest in the derivatives market.16 Similarly, Title IX of the Act requires the Commission to write rules prohibiting or restricting sales practices, conflicts of interest, and compensation schemes for broker-dealers and investment advisers that the Commission deems contrary to the public interest and the protection of investors.17
Turning from how regulators approach conflicts to how firms can assess and mitigate conflicts, I believe that an effective conflicts risk governance framework includes three broad considerations.
1. The first is that there needs to be an effective process, led by a cross-functional leadership team, to identify and understand all conflicts in the business model. These conflicts need to be understood both in terms of their practical business implications as wells as in relation to relevant legal standards. This includes a recognition that conflicts are dynamic, and that in addition to continually scanning for new conflicts, each and every conflict that has been identified and addressed needs to be revisited periodically to determine if it is still being appropriately controlled in light of new business circumstances, changing customer profiles, new regulatory obligations, etc. For instance, in our exams of how firms protect material non-public information (MNPI) from inappropriate uses, such as insider trading, we have observed instances where firm programs lagged behind new business strategies that created new sources of MNPI. While the business model evolved, the control framework did not and that exposed these firms to significant risks. It is also important to risk-assess and prioritize which conflicts of interest present the greatest risk to the organization so that resources can be allocated accordingly to mitigate and manage those conflicts effectively both from a compliance risk and reputation risk perspective.
2. The second broad consideration, I believe, is to have a good compliance and ethics program tailored to address the conflicts of interest the firm has identified and prioritized. This is a topic of concern to every broker-dealer and investment adviser, given their supervisory obligations under the federal securities laws.18 Under the securities laws, registrants are expected to have effective written policies and procedures to prevent violations of the securities laws, and to periodically review the adequacy and effectiveness of those policies and procedures. For instance Rule 206(4)-7 under the Investment Advisors Act and Rule 38a-1 under the Investment Company Act establish such requirements for investment advisors and investment companies. Similar requirements also exist for broker-dealers under FINRA rules.19 In my view in order to be adequate and effective these compliance and supervisory policies and procedures must include processes to identify, assess, mitigate and manage conflicts of interest.
In addition, for reference purposes the U.S. Federal Sentencing Guidelines ("Guidelines") since 2004 have provided helpful guidance on many of the key elements of an effective compliance program. The 2004 and 2010 amendments to the Guidelines, as you know, explicitly require an effective compliance and ethics program as a mitigating factor in determining criminal sentences for corporations. The Guidelines list seven factors that are minimally required. I would like to examine each of these factors in turn, and explain how I believe it relates to effectively managing conflicts of interest. I believe that this analysis is also very germane to whether broker-dealers and investment advisers have met their supervisory obligations under the federal securities laws.
Standards and procedures. The Guidelines look to companies to "establish standards and procedures to prevent and detect criminal conduct." The scope of what this may require depends on the size of the organization, as the commentary to the Guidelines suggests, with larger organizations expected to have more formal operations and resources than smaller ones. However, I believe that for any organization, developing a strong process for identifying and managing conflicts of interest is a key means of preventing and detecting not just criminal conduct, but other behavior that may create regulatory or reputational risks for the business.
Since new conflicts of interest can arise rapidly as a business grows and evolves, and may become apparent to front-line employees before they come to the attention of more senior managers or control functions, communications about these standards and procedures are also an opportunity to emphasize to all employees the importance of their role in recognizing new conflicts of interest, and their responsibility to elevate such conflicts to appropriate control functions. Some firms enhance this process by including conflicts assessment within other processes, such as new product or business approval, conduct customer surveys for potential conflicts, or conduct periodic or ad hoc self-assessments of their business practices.
Oversight. The second factor is that the organization's "governing authority" – typically a board of directors and senior management — is knowledgeable about the content and operation of the compliance and ethics program and exercises reasonable oversight with respect to its implementation and effectiveness. In order to complement this oversight, some firms establish standing committees, composed of senior executives and senior control personnel, with focused responsibility on conflicts assessment. I believe that, in the financial services world, unremediated conflicts of interest are a leading indicator of the types of problems that a compliance and ethics program is intended to root out. Therefore, I find it difficult to see how the governance structure of a financial services firm can satisfy this factor unless its oversight includes consideration of the effectiveness of the compliance and ethics program in addressing conflicts of interest.
Leadership consistent with effective ethics and compliance program. The third factor is that the organization use reasonable efforts to exclude from any position of leadership any individual who has engaged in conduct inconsistent with an effective compliance and ethics program – in other words, that the fox is not guarding the henhouse. Again, in my view it would be difficult for a financial services firm could satisfy this standard if any of its business unit heads or senior managers has not shown a commitment to proactively identifying and remediating conflicts of interest in the business model of the organization.
Education and Training. The fourth factor is that the organization take reasonable steps to periodically train and otherwise communicate with its leadership, employees and agents about its compliance and ethics program, including its standards and procedures for implementing the program. It follows from what I have already said that, in my view, this training and other communication should include communication about the responsibilities of everyone in the organization regarding identifying, escalating and remediating conflicts of interest. It should be tailored to specific conflicts in the business model and clearly set forth the governance, risk management and compliance procedures to mitigate and manage these conflicts.
Auditing and Monitoring. The fifth factor is to take reasonable steps to ensure that the compliance and ethics program is followed, including monitoring and auditing, as well as periodic testing of the effectiveness of the program, and to have and publicize a system by which employees and agents of the organization can report or seek guidance regarding potential criminal conduct without fear of retaliation. Some firms will discuss with legal and compliance issues prior to a review and then report on issues discovered to any designated conflicts review authority. For financial service firms, this auditing, monitoring and testing should, in my view, encompass testing of the effectiveness of the organization's policies and procedures regarding management of conflicts of interest.
Incentives and discipline. The sixth factor is whether the organization has appropriate incentives to support the compliance and ethics program, and appropriate disciplinary measures for failing to take reasonable steps to prevent or detect criminal conduct. I believe that this factor, especially as it relates to incentives, goes to the heart of many problematic conflicts, since these often may involve incentives that an individual has that are inconsistent with duties that he or she owes to the organization, its clients or his or her customers.
Response and prevention. The final factor is whether the organization takes reasonable steps to respond to any criminal conduct and to prevent its recurrence, including making any necessary modifications to its compliance and ethics program. In the case of a financial institution, I would think that this response would include a consideration of any conflicts of interest that may have incentivized or otherwise facilitated the bad conduct, and consideration of how any such conflicts can more effectively be barred or remediated. Some firms go further, not only analyzing their weaknesses, but also issues identified at other firms so that the same problems do not happen at their establishment.
3. The third consideration, in my view, is that this process for addressing conflicts of interest is fully integrated in the firm's overall risk governance structure. The business is the first line of defense responsible for taking, managing and supervising conflicts of interest, like other risks, effectively and in accordance with laws, regulations and the risk appetite set by the board and senior management of the whole organization. Key risk and control functions, such as compliance, ethics and risk management, are the second line of defense. They need to have adequate resources, independence, standing and authority to implement effective programs and objectively monitor and escalate conflicts of interest and other risk issues. Internal Audit is the third line of defense and is responsible for providing independent verification and assurance that controls are in place and operating effectively to address conflicts of interest. Finally, senior management and the board of directors need to be engaged. This includes considering the risk that conflicts of interest present throughout key business processes, including strategic planning, capital allocation, performance monitoring and evaluation of business units and individual business leaders. Some of the more effective practices I have observed include having key risk and control functions involved in each of these key processes with senior management and the board so they can provide their independent view on how business units and individual business leaders are doing at managing conflicts and promoting a culture of compliance and ethics.
Let me close with a few brief observations for senior managers and independent directors. I believe that your role in conflicts management and ensuring a culture of compliance and ethics is critically important. At the end of the day, managing conflicts is much more than just having a strong compliance program, although that is obviously critical. It also requires establishing a culture that, regardless of regulatory requirements, does not tolerate conduct that casts doubt on the organization's commitment to high ethical standards, and that values the firm's long-term reputation over any possible short-term benefit from exploiting its clients or customers. Former SEC Chairman Richard Breeden said it best when he stated that "[i]t is not an adequate ethical standard to aspire to get through the day without being indicted."20
In addition, while it is undoubtedly helpful to have certain individuals or groups who are tasked with specific roles regarding mitigating conflicts, the responsibility of everyone in the organization to identify conflicts and see that they are managed appropriately should always be emphasized. As leaders in your organizations, that responsibility starts with you.
Finally, it is important to think proactively when it comes to conflicts of interest. As I mentioned earlier, in the financial services industry, and likely in other types of organizations as well, conflicts of interest are continually arising in new forms that need to be addressed aggressively and with vision and foresight. Where conflicts of interest are concerned, eternal vigilance and independent oversight are warranted in order to protect an institution's reputation and brand.
Thank you for your attention. I am now happy to answer any questions you may have on this topic.
1 The Securities and Exchange Commission, as a matter of policy, disclaims responsibility for any private statements by its employees.
2 FINRA Targeted Examination Letter, July 2012, available at http://www.sec.gov/cgi-bin/goodbye.cgi?www.finra.org/Industry/Regulation/Guidance/TargetedExaminationLetters/P141240.
3 Testimony of Arthur Levitt, Chairman, U.S. Securities and Exchange Commission, Concerning the 'Financial Services Competitiveness Act of 1995" and related issues (March 15, 1995), at 3, available at http://www.sec.gov/news/testimony/testarchive/1995/spch029.txt.
4 Id.
5 Prohibition on the Use of Brokerage Commissions to Finance Distribution, Investment Company Act Release 26591 (Sept. 2, 2004), 69 Fed. Register 54728, 54728 (Sept. 9, 2004).
6 FCIC Report at 211-12.
7 Id. at 131.
8 Id. at 136.
9 Id. at 139.
10 Consent of Defendant Goldman, Sachs & Co., SEC v. Goldman, Sachs & Co. et al., 10-CV-3229 (BSJ), United States District Court, Southern District of New York, at 2 (July 14, 2010), available at http://www.sec.gov/litigation/litreleases/2010/consent-pr2010-123.pdf.
11 Staff Summary Report on Examinations of Information Barriers: Broker-Dealer Practices Under Section 15(g) of the Securities Exchange Act of 1934, available at http://www.sec.gov/about/offices/ocie/informationbarriers.pdf.
12 SEC Press Release 2012-180 (Sept. 6, 2012). See also In the Matter of Focus Point Solutions, Inc., et al., Investment Advisers Release No. 3458 (Sept. 6, 2012).
13 SEC Press Release, 2012-209 (Oct. 17, 2012).
14 See footnote 2, supra.
15 Request for Comment on Concept Proposal to Provide for Public Disclosure of Financial Incentives Paid or Received by Dealers and Municipal Advisors Representing Potential Conflicts of Interest, MSRB Notice 2012-28 (May 31, 2012, available at http://www.msrb.org/Rules-and-Interpretations/Regulatory-Notices/2012/2012-28.aspx?n=1.
16 Dodd-Frank Act Section 765.
17 Dodd-Frank Act Section 913.
18 Sections 15(b)(4)(E) and 15(b)(6)(A) of the Securities Exchange Act authorize the Commission to impose sanctions on a broker-dealer or any person that fails to reasonably supervise someone that is subject to the supervision of such firm or person who violates the federal securities laws. Section 203(e)(6) of the Advisers Act has a similar provision for investment advisers. "Under the Investment Advisers Act an investment adviser is subject to liability for failure reasonably to supervise persons subject to its supervision, with a view to preventing violations of the federal securities laws." Study on Investment Advisers and Broker-Dealers as Required by Section 913 of the Dodd-Frank Wall Street Reform and Consumer Protection Act, at 35, available at http://www.sec.gov/news/studies/2011/913studyfinal.pdf.
19 NASD Rules 3010 and 3012, which are incorporated into FINRA's rulebook, contain comparable requirements. In addition, FINRA Rule 3130 requires the CEO of a member firm to certify annually, inter alia, that the member has established, reviewed and tested written compliance policies and supervisory procedures reasonably designed to achieve compliance with the federal securities laws.
20 Quoted in Business & Professional Ethics for Directors, Executives and Accountants (2009)at 50, available at Google Books .
<