Potential Liability of Chief Compliance Officers

 Chief Compliance Officer

Chief Compliance Officers (CCOs) at member firms play a vital role. For example, CCOs and their compliance teams help design and implement compliance programs, help educate and train firm personnel, and work in tandem with senior business management and legal departments to foster compliance with regulatory requirements. In this way, CCOs help promote strong compliance practices that protect investors and market integrity, as well as the member firm itself.

Duties and Functions of Chief Compliance Officer

The CCO is not an industry-specific role. Rather, CCOs are a common and highly visible link between the firm’s compliance function and its business and legal functions. The CCO works closely with those groups to ensure that the firm’s policies and procedures are effective, efficient, and in line with regulatory requirements. CCOs also represent the interests of their firm before regulatory authorities and regulators. As such, they are a key contact for the firm’s investors and other stakeholders. CCOs typically report directly to the firm’s managing partners, general counsel, or chief compliance officer.

Rule 3110 and the CCO

Rule 3110 (Supervision) imposes specific supervisory obligations on member firms. The responsibility to meet these obligations rests with a firm’s business management, not its compliance officials. The CCO’s role, in and of itself, is advisory, not supervisory. Accordingly, FINRA will look first to a member firm’s senior business management and supervisors to determine responsibility for a failure to reasonably supervise. FINRA will not bring an action against a CCO under Rule 3110 for failure to supervise except when the firm conferred upon the CCO supervisory responsibilities and the CCO then failed to discharge those responsibilities in a reasonable manner.3 As a result, charges against CCOs for supervisory failures represent a small fraction of the enforcement actions involving supervision that FINRA brings each year.

Regulatory Notice 22-10

However, FINRA has released Regulatory Notice 22-10 – Reminding Member firms of the scope of Rule 3110 (Supervision) as it pertains to the potential liability of Chief Compliance Officers.

The Role of a Chief Compliance Officer

In Notice to Members 99-45, FINRA stated that it is “important to recognize the distinction between written compliance guidelines and written supervisory procedures.” A CCO and the compliance team is generally responsible for compliance guidelines, not written supervisory procedures. “Compliance guidelines generally set forth the applicable rules and policies that must be adhered to and describe specific practices that are prohibited.”

“Written supervisory procedures document the supervisory system to ensure that compliance guidelines are being followed.” By contrast, written supervisory procedures do not set forth the supervisory system, but document what the supervisory system should be

To fulfill the compliance function, FINRA requires firms to designate one or more appropriately registered principals as a CCO.1 As set forth in FINRA Rule 3130, Supplementary Material .05, “A [CCO] is a primary advisor to the member on its overall compliance scheme and the particularized rules, policies and procedures that the member adopts.” Neither Rule 3110 nor Rule 3130, by themselves, attach supervisory responsibilities to a CCO.

Chief Compliance Officer as a Supervisor

While a CCO does not have supervisory responsibility, a CCO can, and often does occupy another position at a firm, such as CEO. In such circumstances, CCOs likely would fall within the scope of Rule 3110 because of the supervisory authority designated to them based on another non-CCO position they hold within a firm’s business management.

Dual Roles

When an individual’s sole position at a firm is that of CCO, a more extensive assessment of liability under Rule 3110 may be needed, as outlined in the FINRA Notice.

Factors that might weigh in favor of charging a CCO are the same factors that could apply to any individual who has supervisory responsibility under Rule 3110 and include, but are not limited to, the following:

  1. the CCO was aware of multiple red flags or actual misconduct and failed to take steps to address them;
  2. the CCO failed to establish, maintain, or enforce a firm’s written procedures as they related to the firm’s line of business;
  3. the CCO’s supervisory failure resulted in violative conduct (e.g., a CCO who was designated with responsibility for conducting due diligence failed to do so reasonably on a private offering, resulting in the firm lacking a reasonable basis to recommend the offering to its customers); and
  4. whether that violative conduct caused or created a high likelihood of customer harm.
In light of this “reminder” from FINRA, firms should review their procedures and supervisory structure to insure that they are not creating supervisory liability for CCOs and others who are not intended to have such liability. 
Sallah Astarita & Cox represents CCOs, CEOs and other financial executives across the country, and its attorneys have been doing so for decades. For more information as to how they can help your firm, call 212-509-6544


Securities Attorney at Sallah Astarita & Cox | 212-509-6544 | mja@sallahlaw.com | Website | + posts

Mark Astarita is a nationally recognized securities attorney, who represents investors, financial professionals and firms in securities litigation, arbitration and regulatory matters, including SEC and FINRA investigations and enforcement proceedings.

He is a partner in the national securities law firm Sallah Astarita & Cox, LLC, and the founder of The Securities Law Home Page - SECLaw.com, which was one of the first legal topic sites on the Internet. It went online in 1995 and is updated daily with news, commentary and securities law related links.

The Securities Lawyer