Skip to Content

Notice

Self-Regulatory Organizations; Notice of Filing of Proposed Rule Change by the National Association of Securities Dealers, Inc. Relating to Chief Executive Officer and Chief Compliance Officer Certification

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble December 23, 2003.

Pursuant to section 19(b)(1) of the Securities Exchange Act of 1934 (“Act”) [1] and Rule 19b-4 thereunder,[2] notice is hereby given that on November 28, 2003, the National Association of Securities Dealers, Inc. (“NASD”) filed with the Securities and Exchange Commission (“SEC” or “Commission”) the proposed rule change as described in Items I, II, and III below, which Items have been prepared by NASD. The Commission is publishing this notice to solicit comments on the proposed rule change from interested persons.

I. Self-Regulatory Organization's Statement of the Terms of Substance of the Proposed Rule Change

NASD is proposing to establish NASD Rule 3013 and accompanying Interpretive Material (“IM”) 3013 to require each member to designate a chief compliance officer (“CCO”) and further require the member's chief executive officer (“CEO”) and CCO to certify annually to having in place a process to establish, maintain, review, modify, and test policies and procedures reasonably designed to achieve compliance with applicable NASD rules, MSRB rules and the federal securities laws. Below is the text of the proposed rule change. Proposed new language is in italics.

* * * * *

3013. Annual Certification of Compliance and Supervisory Processes

(a) Designation of Chief Compliance Officer

Each member shall designate and specifically identify to NASD on Schedule A of Form BD a principal to serve as chief compliance officer.

(b) Annual Certification

Each member shall have its chief executive officer (or equivalent officer) and chief compliance officer jointly certify annually, as set forth in IM-3013, that the member has in place processes to establish, maintain, review, test and modify written compliance policies and written supervisory procedures reasonably designed to achieve compliance with applicable NASD rules, MSRB rules and federal securities laws and regulations.

IM-3013. Annual Compliance and Supervision Certification

The NASD Board of Governors is issuing this interpretation to the requirement under Rule 3013(b), which requires that the member's chief executive officer (or equivalent officer) and chief compliance officer execute annually [1] a certification that the member has in place processes to establish, maintain, review, test and modify written compliance policies and written supervisory procedures reasonably designed to achieve compliance with applicable NASD Start Printed Page 75705rules, MSRB rules and federal securities laws. The certification shall state the following:

Annual Compliance and Supervision Certification

The undersigned are respectively the chief executive officer (or equivalent officer) and chief compliance officer of [name of member corporation/partnership/sole proprietorship] (the “Member”). As required by NASD Rule 3013(b), the undersigned make the following certification:

1. The Member has in place processes to:

(a) establish and maintain policies and procedures reasonably designed to achieve compliance with applicable NASD rules, MSRB rules and federal securities laws;

(b) modify such policies and procedures as business, regulatory and legislative changes and events dictate; and

(c) test the effectiveness of such policies and procedures on a periodic basis, the timing and extent of which is reasonably designed to ensure continuing compliance with NASD rules, MSRB rules and federal securities laws;

2. The Member's processes, with respect to item 1 above, are evidenced in a report reviewed by the chief executive officer (or equivalent officer), chief compliance officer and such other officers as the Member may deem necessary to make this certification. These processes at a minimum must include: (a) one or more meetings between the chief executive officer (or equivalent officer) and the chief compliance officer to discuss and review the matters that are the subject of this certification and (b) review of the report by the Member's board of directors and audit committee; and

3. The undersigned chief executive officer (or equivalent officer), chief compliance officer and other officers as applicable (referenced in item 2 above) have consulted with or otherwise relied on those employees, officers, outside consultants, lawyers and accountants, to the extent they deem appropriate, in order to attest to the statements made in this certification.

It is critical that each NASD member understand the importance of employing comprehensive and effective compliance policies and written supervisory procedures. Compliance with applicable NASD rules, MSRB rules and federal securities laws and rules is the foundation of ensuring investor protection and market integrity and is essential to the efficacy of self-regulation. Consequently, the certification requirement is intended to require processes by each member to establish, maintain, review, test and modify its compliance policies and written supervisory procedures in light of the nature of its businesses and the laws and rules that are applicable thereto, and to evidence such processes in a report reviewed by those executing the certification.

The execution of the certification by the chief compliance officer (and other designated officers with primary compliance responsibility) is intended to ensure that the person(s) charged with managing the member's compliance program has regular and significant interaction with senior management concerning the subject matter of the certification. The rule permits co-certifications by other compliance officers that report to the chief compliance officer. However, the NASD Board of Governors expects that any such co-certifications will be executed only by senior compliance officers that have primary compliance responsibility over a segment of a member's business operations.

The NASD Board of Governors recognizes that supervisors with business line responsibility are accountable for the discharge of a member's compliance policies and written supervisory procedures. The signatories to the certification are certifying only as to having processes in place to establish, maintain, review, test and modify the member's written compliance and supervisory policies and procedures and the execution of this certification does not by itself establish business line responsibility.

The requirement to designate a chief compliance officer does not preclude such person from holding any other position within the member, including the position of chief executive officer, provided that such person can discharge the duties of a chief compliance officer in light of his or her other additional responsibilities. The requirement that a member's processes include a review of the report (required by item 2 of the certification) by the board of directors and audit committee does not apply to members that do not utilize these types of governing bodies and committees in the conduct of their business.[2]

The report required in item 2 of the certification must document the member's processes for establishing, maintaining, reviewing, testing and modifying compliance policies. The report must be produced prior to execution of the certification and be reviewed by the chief executive officer (or equivalent officer), chief compliance officer and any other officers the member deems necessary to make the certification. The report should include the manner and frequency in which the processes are administered, as well as the identification of officers and supervisors that have responsibility for such administration. The report need not contain any conclusions produced as a result of following the processes set forth therein. The report may be combined with any other compliance report or other similar report required by any other self-regulatory organization provided that (1) such report is clearly titled in a manner indicating that it is responsive to the requirements of the certification and this Interpretive Material; (2) a member that submits a report for review in response to an NASD request must submit the report in its entirety; and (3) the member makes such report in a timely manner, i.e., annually.

* * * * *

II. Self-Regulatory Organization's Statement of the Purpose of, and Statutory Basis for, the Proposed Rule Change

In its filing with the Commission, NASD included statements concerning the purpose of and basis for the proposed rule change and discussed any comments it received on the proposed rule change. The text of these statements may be examined at the places specified in Item IV below. NASD has prepared summaries, set forth in Sections A, B, and C below, of the most significant aspects of such statements.

A. Self-Regulatory Organization's Statement of the Purpose of, and Statutory Basis for, the Proposed Rule Change

1. Purpose

Comprehensive compliance and supervisory systems constitute the bedrock of effective securities industry self-regulation and the primary strata of investor protection. As such, NASD believes that a member's senior management should focus the same attention to a member's compliance and supervisory policies and procedures as is accorded to a member's revenue-producing businesses and such fundamental operational prerequisites as, for example, net capital requirements.

To that end, NASD is proposing a rule change that would bolster investor Start Printed Page 75706protection by promoting regular and meaningful interaction between senior management and compliance personnel to ensure that compliance is given the highest priority by a member's senior executive officers. Specifically, the proposed rule change would require (1) that each member designate a principal to serve as CCO and (2) the CEO and CCO to certify annually to having in place processes to establish, maintain, review, modify, and test policies and procedures reasonably designed to achieve compliance with applicable NASD rules, MSRB rules and federal securities laws.

As to the former, NASD Rule 1022 currently requires a person designated as a CCO on Schedule A of Form BD to be registered as a General Securities Principal unless certain exceptions apply.[3] However, the current rules do not require that a member so designate such a person. The proposed rule change would mandate that a member designate a CCO and identify that person on Schedule A of Form BD.

With respect to the certification, the proposed rule change also would require the CEO and CCO to certify annually that senior executive management has in place processes to (1) establish and maintain policies and procedures reasonably designed to achieve compliance with applicable NASD rules, MSRB rules and federal securities laws; (2) modify such policies and procedures as business, regulatory and legislative changes and events dictate; and (3) test the effectiveness of such policies and procedures on a periodic basis, the timing of which is reasonably designed to ensure continuing compliance with NASD rules, MSRB rules and the federal securities laws. The proposed rule change further would require the CEO and CCO to certify that those processes are evidenced in a report that has been reviewed by those executing the certification, as well as the member's board of directors and audit committee.[4] Notably, the processes, at a minimum, must include one or more meetings between the CEO and CCO to discuss and review the matters that are subject of the certification.

The proposed rule change also would create IM-3013, which sets forth the language of the certification and gives further guidance as to the requirements and limitations of the rule. For example, the interpretive material clarifies that the person designated as CCO also may hold other positions within the member, including CEO, provided that individual can effectively discharge the CCO responsibilities while maintaining another position. Thus, resource-constrained members are not required to hire or designate a dedicated CCO. The proposed interpretive material also explains that the rule permits co-certifications by other compliance officers that report to the CCO, provided those individuals are senior compliance officers who have primary responsibility over a segment of the member's business operations.

The proposed interpretive material further recognizes that responsibility for discharging compliance policies and written supervisory procedures rests with business line supervisors. The proposed interpretive material clarifies that execution of the certification does not by itself establish a signatory as having such line supervisory responsibility.

The proposed interpretive material also sets forth the particulars regarding the report that must evidence a member's compliance processes. It states that the report must be produced prior to execution of the certification and reviewed by the CEO, CCO and such other officers as the member deems necessary. The report also must include the manner and frequency in which the processes are administered and identify those officers and supervisors with responsibility for such administration. The proposed interpretive material further explains that the report need not contain conclusions that result from following the specified processes, such as compliance deficiencies. Additionally, the proposed interpretive material states that the report may be combined with other reports required by a self-regulatory organization, provided the report is made annually, clearly indicates in the title that it contains the information required by Rule 3013, and that the entire report is provided in response to any regulatory request for all or part of the combined report.

Finally, with respect to review of the report, the proposed interpretive material clarifies that review by a member's board of directors and audit committee only applies to those members whose corporate governance structure have such or similar governing bodies and committees—it does not impose a requirement that members create them if they do not currently exist.

The proposal would complement and underscore the closely related obligations that currently exist under NASD rules that require each member to designate principals who must review the member's supervisory systems and procedures and recommend to senior management appropriate action to ensure the systems are reasonably designed to achieve compliance with applicable rules and regulations.[5] NASD believes the proposal provides an effective mechanism to compel substantial and purposeful interaction between senior management and compliance personnel, thereby enhancing the quality of members' supervisory and compliance systems. NASD further believes the rule change imposes the minimal additional burden on members that is necessary to achieve the proposal's purpose.

2. Statutory Basis

NASD believes that the proposed rule change is consistent with the provisions of Section 15A(b)(6) of the Act, which requires, among other things, that NASD's rules must be designed to prevent fraudulent and manipulative acts and practices, to promote just and equitable principles of trade, and, in general, to protect investors and the public interest. NASD believes that that the proposed rule change is consistent with the provisions of the Act noted above in that it will enhance focus on members' compliance and supervision systems, thereby decreasing the likelihood of fraud and manipulative acts and increasing investor protection.

B. Self-Regulatory Organization's Statement on Burden on Competition

NASD does not believe that the proposed rule change will result in any burden on competition that is not necessary or appropriate in furtherance of the purposes of the Act.

C. Self-Regulatory Organization's Statement on Comments on the Proposed Rule Change Received from Members, Participants, or Others

In June 2003, NASD issued Notice to Members 03-29, seeking comment on a different proposal with similar objectives. That proposal would have required each member to designate a CCO and further required that the CCO and CEO certify annually to the Start Printed Page 75707adequacy of the member's compliance and supervisory systems. A proposed interpretive material clarified that the signatories to the certification would incur no additional liability as a consequence of the certification, provided there was a reasonable basis to certify at the time of execution. The previous proposal differed from the current proposal in that it would have required, among other things, that the CCO and CEO have a reasonable basis to certify that a member was in compliance with all applicable laws, rules and regulations at a fixed moment in time. By contrast, the current proposal requires certification to having processes in place to establish, maintain, review, modify and test policies and procedures reasonably designed to achieve compliance with those laws, rules and regulations.

NASD received 166 comments to the proposal, including submissions on behalf of members from 65 CCOs and 34 CEOs, as well as nine comments from various trade organizations. The overwhelming majority of commenters disfavored the proposal. Only six commenters favored the proposal.

Broadly, commenters questioned the value of the proposal, whether it was duplicative of existing requirements, the scope of the certification, and the potential liability of the signatories. CCOs expressed concern that the proposal could lead to retaliation by CEOs if a CCO refused to certify. Additionally, questions arose as to whether the goal of better compliance could be achieved only at the expense of increased potential liability on the part of members. Commenters also noted that the dynamic nature of compliance and the need to allocate finite compliance resources on a risk assessment basis did not lend itself to a certification of compliance certainty at any fixed moment. Commenters further expressed concern that the proposal would spawn baseless litigation by opportunistic plaintiffs' attorneys. Small firms also commented that the cost of compliance would outweigh the benefits for their firms and would divert resources from more substantive compliance matters.

NASD disagrees with a number of the comments, including that the previous proposal duplicated existing requirements and added no value to the quality of compliance. On the contrary, both the previous and present proposals would place focus on the obligations of the compliance function in an unprecedented manner by giving an elevated voice to compliance personnel and forcing regular and productive interaction with the CCO by the CEO. NASD also disagrees that the proposal would have created new liability on CEOs and CCOs who otherwise have no supervisory responsibility—a fact expressly stated in the previously proposed interpretive material. Moreover, NASD does not believe the possibility of meritless litigation should dictate its regulatory actions—abusive litigation should be dealt with by sanctions, not abandoned policy.

Nonetheless, NASD agrees with many of the commenters' other concerns. In particular, NASD recognizes the difficulty in certifying to absolute compliance at any given moment in the face of dynamic regulatory and business environments. At the same time, NASD is committed to the initial proposal's intent: to promote investor protection through improved compliance and supervisory systems and the promotion of regular and meaningful interaction between senior management and compliance personnel. Thus, NASD now is submitting to the Commission a modified proposal that takes a different approach to the issue, one that NASD believes more efficiently and pragmatically achieves the same goal of enhanced compliance. In addition, NASD believes the new proposal effectively focuses senior management attention on compliance matters in a way that allays CCO concerns about incurring additional personal liability and fear of retaliation.

III. Date of Effectiveness of the Proposed Rule Change and Timing for Commission Action

Within 35 days of the date of publication of this notice in the Federal Register or within such longer period (i) as the Commission may designate up to 90 days of such date if it finds such longer period to be appropriate and publishes its reasons for so finding or (ii) as to which the self-regulatory organization consents, the Commission will:

(A) by order approve such proposed rule change, or

(B) institute proceedings to determine whether the proposed rule change should be disapproved.

IV. Solicitation of Comments

Interested persons are invited to submit written data, views, and arguments concerning the foregoing, including whether the proposed rule change is consistent with the Act. Persons making written submissions should file six copies thereof with the Secretary, Securities and Exchange Commission, 450 Fifth Street, NW, Washington, DC 20549-0609. Comments may also be submitted electronically at the following e-mail address: rule-comments@sec.gov. All comment letters should refer to File No. SR-NASD-2003-176. This file number should be included on the subject line if e-mail is used. To help the Commission process and review comments more efficiently, comments should be sent in hardcopy or by e-mail but not by both methods. Copies of the submission, all subsequent amendments, all written statements with respect to the proposed rule change that are filed with the Commission, and all written communications relating to the proposed rule change between the Commission and any person, other than those that may be withheld from the public in accordance with the provisions of 5 U.S.C. 552, will be available for inspection and copying in the Commission's Public Reference Room. Copies of such filing will also be available for inspection and copying at the principal office of the NASD. All submissions should refer to File No. SR-NASD-2003-176 and should be submitted by January 21, 2004.

Start Signature

For the Commission, by the Division of Market Regulation, pursuant to delegated authority.[6]

Jill M. Peterson,

Assistant Secretary.

End Signature End Preamble

Footnotes

1.  Members must ensure that each ensuing annual certification is effected no later than on the anniversary date of the previous year's certification.

Back to Citation

2.  Members, as a part of their process, must have the report reviewed by their governing bodies and committees that serve similar functions in lieu of a board of directors and audit committee.

Back to Citation

3.  See Notice to Members 01-51 (August 2001).

Back to Citation

4.  Members that do not employ a board of directors or audit committee or other similar bodies in their governance and management would not be subject to this requirement.

Back to Citation

5.  See 3010(a)(8). NASD has filed with the Commission a proposed rule change that would incorporate the requirements of Rule 3010(a)(8) into new Rule 3012 and eliminate Rule 3010(a)(8) altogether. If the proposed rule change is approved, Rule 3012 would require members to designate one or more principals who will establish, maintain, and enforce a system of supervisory control policies and procedures that test and verify that the member's supervisory procedures are reasonably designed to achieve compliance with applicable securities laws and NASD rules and amend supervisory procedures where the need is identified. See SR-NASD-2002-162.

Back to Citation

[FR Doc. 03-32131 Filed 12-30-03; 8:45 am]

BILLING CODE 8010-01-P