Financial Regulatory Compliance

Financial Regulatory Compliance

Financial Regulatory Compliance is a topic that is of particular concern to the cannabis industry due to concerns over Title 31 money laundering rules. 


FINRA regulation plays a critical role in America’s financial system—by enforcing high ethical standards, bringing the necessary resources and expertise to regulation and enhancing investor safeguards and market integrity—all at no cost to taxpayers.

Every investor in America relies on one thing: fair financial markets. That’s why FINRA works every day to ensure that:

every investor receives the basic protections they deserve;

anyone who sells a securities product has been tested, qualified and licensed;

every securities product advertisement used is truthful, and not misleading;

any securities product sold to an investor is suitable for that investor’s needs; and

investors receive complete disclosure about the investment product before purchase.


FINRA Oversight

Deter Misconduct By Enforcing The Rules – FINRA’s mission is to safeguard the investing public against fraud and bad practices. They pursue that mission by writing and enforcing rules and regulations for every single brokerage firm and broker in the United States, and by examining broker-dealers for compliance with our own rules, federal securities laws, and rules of the Municipal Securities Rulemaking Board. All brokers must be licensed and registered by FINRA, pass our qualification exams and satisfy continuing education requirements.

Discipline those who break the rules – they have the experts, technology, and authority to respond quickly to wrongdoing. If brokers break the rules, we can find, suspend or bar them from the industry.

Detect and prevent wrongdoing in the U.S. markets – FINRA uses technology powerful enough to look across markets and detect potential abuses. Using a variety of data gathering techniques, we work to detect insider trading and any strategies firms or individuals use to gain an unfair advantage.

Educate and Inform Investors – FINRA believes an essential component of investor protection is investor education. We provide investors with tools and resources that can help them make wise financial decisions.

Resolve Securities Disputes -When problems between brokers and investors occur, we administer the largest forum specifically designed to resolve securities-related disputes between and among investors, securities firms, and individual brokers.

FINRA Rule 3120

FINRA Rule 3120 outlines the requirement for broker/dealers to, ‘establish, maintain and enforce a system of supervisory control policies and procedures that (1) test and verify that the firm’s supervisory procedures are reasonably designed with respect to the firm’s and its associated persons’ activities to achieve compliance with applicable securities laws and regulations and FINRA rules, and (2) where necessary, create additional or amended supervisory procedures.

A large financial institution needs to develop policies and procedures for Rule 3120 compliance but also  incorporate appropriate policies regarding conduct (i.e. rules regarding profanity), intellectual property (i.e. proprietary software code and algorithms), material non-public information (“MNPI”) (i.e. M&A discussions, financial reports) and, lastly, financial and personal identifiable information (“PII”) (i.e. credit card or SSN# information).

The primary value of this third generation supervision system is that all the compliance platforms are integrated.  Rather than communicate one policy (“DLP”) to IT to build a script and another (messaging analytics) to export to a third party, all may be created and managed within a single set of administrative compliance controls.

As these systems emerge, financial institutions have commenced developing more complex Rule 3120 policies and procedures in parallel.  Using system integrating DLP, word/phrase monitoring and deep analytics, financial institutions can confidently represent to senior management not only effective supervisory procedures and training initiatives, but also disclose recommended changes that indicate proactive compliance monitoring of risk in business areas such as trading, investment banking, anti-fraud and non-compliant sales practices, and anti-money laundering.

Reviewing and adopting these policies and systems conforms with FINRA’s continued emphasis on creating a ‘culture of compliance’ and combining all three types of supervision builds the ‘policies and procedures activities to achieve compliance with applicable securities laws and regulations and FINRA rules’


Family Education and Rights and Privacy Act -FERPA gives parents access to their child’s education records, an opportunity to seek to have the records amended, and some control over the disclosure of information from the records. With several exceptions, schools must have a student’s consent prior to the disclosure of education records after that student is 18 years old. The law applies only to educational agencies and institutions that receive funding under a program administered by the U.S. Department of Education.

SEC Rules 17(a)(3) and 17(a)(4)

SEC Rule 17(a)(3) -is a regulation issued by the U.S Securities and Exchange Commission (SEC), in line with the bodies’ regulatory authority, generally outlines requirements and standards of retention, management, and making available of data pursuant to transactions and trading in the Financial and Exchange sector – with special provisions for business-related electronic correspondence. It is a well-known industry and federal fact that investors have a duty and obligation to conduct strict record management standards in their transactions of securities, including copies of blotters, account statements, trade confirmations, canceled checks and more.

This heavily regulated area covers the archiving and records management of not only every securities transaction made by exchange members, brokers, and dealers – but also down to the requirement of archiving communications with the public by SEC members.

SEC Rule 17(a)(4) -is a regulation issued by the U.S. Securities and Exchange Commission pursuant to its regulatory authority under the US Securities Exchange Act of 1934 (Known simply as the “Exchange Act”) which outlines requirements for data retention, indexing, and accessibility for companies which deal in the trade or brokering of financial securities such as stocks, bonds, and futures. According to the rule, records of numerous types of transactions must be retained and indexed on indelible media with immediate accessibility for a period of two years, and with non-immediate access for a period of at least six years. Duplicate records must also be kept within the same time frame at an off-site location.

PCI Compliance

The Payment Card Industry (PCI) Data Security Standard is an information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards. The Payment Card Industry Security Standards Council, which created the PCI standard, did so to increase controls around cardholder data to reduce credit card fraud via its exposure. Increasingly, merchants, financial institutions, and service providers are finding they need to be PCI compliant. SSAE 16 Professionals provides the solutions to your PCI compliance needs.

FINCEN, Aggressive Tax Reporting  FATCA Withholding under Title 31 USC creates a myriad of regulatory compliance obligations.


FinCEN is a bureau of the U.S. Department of the Treasury. The Director of FinCEN Secretary of the Treasury and reports to the Treasury Under Secretary for Terrorism and Financial Intelligence. FinCEN’s mission is to safeguard the financial system from illicit use and combat money laundering and promote national security through the collection, analysis, and dissemination of financial intelligence and strategic use of financial authorities. 

Financial Compliance - FINCEN, FATCA
Financial Compliance – FINCEN, FATCA

FinCEN carries out its mission by receiving and maintaining financial transactions data; analyzing and disseminating that data for law enforcement purposes and building global cooperation with counterpart organizations in other countries and with international bodies.

FinCEN exercises regulatory functions primarily under the Currency and Financial Transactions Reporting Act of 1970, as amended by Title III of the USA PATRIOT Act of 2001 and other legislation, which legislative framework is commonly referred to as the “Bank Secrecy Act” (BSA). The BSA is the nation’s first and most comprehensive Federal anti-money laundering and counter-terrorism financing (AML/CFT) statute. In brief, the BSA authorizes the Secretary of the Treasury to issue regulations requiring banks and other financial institutions to take a number of precautions against financial crime, including the establishment of AML programs and the filing of reports that to have a high degree of usefulness in criminal, tax, and regulatory investigations and proceedings, and certain intelligence and counter-terrorism matters. The Secretary of the Treasury has delegated to the Director of FinCEN the authority to start, administer, and enforce compliance with the BSA and associated regulations.

BSA eFile System

The BSA E-Filing System supports electronic filing of Bank Secrecy Act

FINCEN, Aggressive Tax Reporting  FATCA Withholding
BSA Filing Center

(BSA) forms (either individually or in batches) through a FinCEN secure network. BSA E-Filing provides a faster, more convenient, more secure, and more cost-effective method for submitting BSA forms. Additional benefits are listed under Using BSA E-Filing.

How does BSA E-Filing work?

The BSA E-Filing System is hosted on a secure website accessible on the Internet. Organizations that file BSA forms with FinCEN can securely access the system after they apply for and receive a user ID and password from FinCEN.

Financial Compliance - FINCEN, FATCA
Financial Compliance – FINCEN, FATCA

This section addresses many of the more commonly asked questions regarding the use of the BSA E-Filing System. For additional information, contact the BSA E-Filing Help Desk via telephone at 1-866-346-9478 or e-mail at [email protected].

Report a Cash Payment of  $10,000 to IRS

Foreign Account Tax Compliance Act [“FATCA”]

The Foreign Account Tax Compliance Act (FATCA), which was passed as part of the HIRE Act, generally requires that foreign financial Institutions and certain other non-financial foreign entities report on the foreign assets held by their U.S. account holders or be subject to withholding on eligible payments.  The HIRE Act also contained legislation requiring U.S. persons to report, depending on the value, their foreign financial accounts and foreign assets.

FATCA for Individuals
FATCA for Institutions