Industry Report: 2017 FINRA Examination Findings Report

FINRA has issued their annual Examination Findings Report.  This year’s report highlights a number of familiar regulatory concerns, such and Outside Business Activities, Private Securities Transactions and AML.  The Report also includes some relatively new examination findings, including those related to Cybersecurity as well as Alternative Investments Held in IRAs.  Here is an excerpt:

“Firms with effective cybersecurity programs typically established strong governance structures and processes (scaled to the firm) that addressed cybersecurity in a risk management context. Firms escalated risk acceptance decisions and problems to the appropriate levels for resolution, as well as to inform future program development. Measures firms implemented included regular risk assessments with detailed, time-bound follow-up action plans to resolve higher-risk concerns. Firms supported these assessments with regular vulnerability and penetration tests. Firms also required employees to participate in regular, role-specific and generic cybersecurity training and testing, for example, through phishing email exercises…”

(https://www.finra.org/industry/2017-report-exam-findings)