Regulation is Still Shifting as Fast as the Markets and Macroeconomic Forces Around Them – Stay Alert!

The US Financial Industry Regulatory Authority, like many other regulators right now, is considering a change to its rulebook to adapt to the likelihood of more telework after the pandemic. Robert Cook, FINRA’s CEO, said that this will have an impact on the way the regulator goes about its role and its supervisory oversight. FINRA is applying to the SEC to limit onsite exams to the larger BDs so that small firms with limited securities activity can be supervised digitally.

FINRA recently filed a rule proposal with the Securities and Exchange Commission to give broker-dealers until March 31, 2021, to complete their office inspections under Rule 3110. FINRA has a suspicion this extension may not be enough for many firms and is encouraging them to lobby the SEC if this is the case. The comments reflect how regulators and regulated are adapting to a sizeable shift initiated by this pandemic and underlines how important it is to be communicating proactively with the regulators now to shape these changes.

Across the pond, Nikhil Rathi will start as the new chief executive of the UK Financial Conduct Authority in October. He recently appeared before Members of Parliament on the Treasury Select Committee, and said he wants to encourage diversity in all its dimensions as a key cultural change at the regulator. He said that the Black Lives Matter movement had “touched a nerve” in organizations and was elevating the discussion of diversity among employees. He added, “There are deep issues in the financial services industry and I’m sure they are challenging the FCA as well.”

He sent a distinct message on what those regulated by the FCA can expect under his stewardship — he does not want to be feared but he has not applied for the job to be liked. He signaled the road ahead for firms under his supervision: “I would like the FCA to be defined as tough, as assertive, as thoughtful, as decisive and working with pace and agility.” 

The regulator is at a fascinating juncture in its evolution – a new CEO, the uncertainty of what Brexit means for the UK financial services community, an ongoing pandemic, and potential significant economic disruption. Good luck to Mr. Rathi and all those he regulates.

Finally to Europe where last week its highest court, the European Court of Justice, rescinded an agreement, the Privacy Shield, that allows EU companies to move data from the EU to the U.S. It was created in 2016 and the court ruled that it does not comply with European privacy rights. It was a recent victory in the ongoing battle waged by privacy activists who object to personal data being shipped to jurisdictions where data protection is not equivalent. It creates more uncertainty for the 5000+ companies that have relied on the shield. A workaround is the goal for European and U.S. authorities, and appropriate data-transfer contracts are still acceptable but the cost of compliance just went up a notch or two. This decision highlights the increasing gap between the U.S. and Europe in terms of data handling and storage. The higher regulatory standard will be felt at the grassroots level by enterprises that are less flexible in their approach to data management. This impedes their ability to properly optimize their systems by using cloud applications and SaaS — this has started to separate the U.S. from the EU in terms of performance and cost control.