Securities Industry Association
Self-Regulation and Supervisory Practices Committee

December 18, 2002

Jonathan G. Katz
U.S. Securities and Exchange Commission
450 Fifth Street, N.W.
Washington, D.C. 20549-0609

Re: File Nos. SR-NYSE-2002-36 and SR-NASD-2002-162

Dear Mr. Katz:

The Self-Regulation and Supervisory Practices Committee (the "Committee") of the Securities Industry Association ("SIA") appreciates the opportunity to comment on proposed rule changes submitted by the New York Stock Exchange, Inc. ("NYSE")1 and National Association of Securities Dealers, Inc. ("NASD")2 designed to enhance members' supervisory control procedures. As legal and compliance professionals, we appreciate the need for effective internal controls, and we are continually establishing and reviewing compliance policies and procedures and surveillance and monitoring systems to ensure appropriate supervision of firm activities by business management. The proposals developed by the NYSE and NASD generally are consistent with good business practices and, in many respects, mandate controls that firms already have in place. However, many firms with exemplary compliance records routinely meet or exceed their supervisory responsibilities without stringent requirements such as those proposed.

While the practices in the proposed rules may constitute "best practices," we believe the costs involved in implementing certain provisions will be considerable, particularly for firms with large branch networks, and we question the need for these provisions in light of the many tools currently employed by firms in addition to those available to regulators to address supervisory deficiencies. Accordingly, the Committee believes the proposed rule changes should be adopted in the form of principles for effective supervision that firms can apply as appropriate to their particular business models, rather than prescriptive rules that apply to firms across the board. In fact, there are a variety of supervisory structures that are as, or more, effective in particular situations than the uniform model contemplated in the proposed rule changes. Firms should be able to demonstrate, where they have not adopted the principles proposed, that there is another compensating procedure in place that is more appropriate to their size, structure or mix of business.

At a minimum, the Committee believes flexibility in certain areas is needed, particularly with respect to the requirements for independent reviews. As discussed in more detail below, if strictly construed, the proposals would establish new requirements that could be extremely burdensome for many firms to implement, particularly small firms and firms with large branch networks. The Committee also believes an exemption from certain provisions for institutional customer accounts is necessary and appropriate. Moreover, the proposed requirements regarding notations on order tickets are integrally related to new requirements under SEC Rules 17a-3 and 17a-4 (the "books and records rules"), which are scheduled to become effective in May 2003.3 Programming efforts currently are underway at most firms to meet those requirements. SIA respectfully requests that the effective date of any new requirements coincide with the effective date of the new books and records rules to enable firms to make the necessary systems changes in the most efficient way.

I. Summary of Proposed Rule Changes

The proposed rule changes are designed to bolster members' overall internal controls and procedures and to specifically require such controls and procedures in areas that have been identified as particularly problematic. The NYSE proposal includes additions to NYSE Rule 342 ("Offices-Approval, Supervision and Control") which addresses internal control requirements generally, as well as amendments to Rule 401 ("Business Conduct") which identify and require specific internal control safeguards related to the transmission of customer funds and securities, changes of customer address, and changes to customer investment objectives. The proposal would require systems and procedures to independently supervise sales managers who handle customer accounts; clarify time limits on time and price discretionary authority; expand the application of Rule 410 ("Discretionary Power in Customers' Accounts") and clarify its supervisory and recordkeeping provisions; and require persons who conduct branch office inspections to be independent of such office's ongoing supervision, control, or performance evaluation.

Proposed changes to NASD rules are substantially similar. New NASD Rule 3012 would require members to develop general and specific supervisory control procedures that independently test, verify and modify, where necessary, the members' supervisory procedures. In addition, proposed amendments to NASD Rule 3010(c) would require that office inspections be conducted by independent persons and include, at a minimum, the testing and verification of certain specific supervisory procedures including transmission of customer funds and securities, changes of customer address, and changes to customer investment objectives. Additionally, NASD Rule 3110 would expand upon a member's supervisory and recordkeeping requirements with respect to changes in customer account name or designation in connection with order executions; NASD IM-3110 would provide guidance as to when a member may hold mail for a customer who will be absent for a period of time; NASD Rule 2510(d) would clarify the time limit on time and price discretionary authority; and NASD Rule 9610 would incorporate into NASD Procedural Rules the ability of members to request an exemption from the independence requirement in amended Rule 3010(c).

SIA previously has urged the self-regulatory organizations ("SROs") to confer with each other on rule proposals relating to regulation of broker-dealers in order to identify and resolve inconsistencies before the proposals are submitted to the SEC pursuant to Securities Exchange Act Rule 19b-4,4 and we applaud the NYSE and NASD for their efforts in harmonizing their proposals. The provision in new NASD Rule 3012 that deems compliance with similar rules of the NYSE to be compliance with the NASD rule will be particularly helpful for dual members.

II. Background

The duty to supervise is a key aspect of the federal securities regulatory scheme and, as discussed below, has been implemented by different firms in various ways consistent with all relevant laws and regulations. Rules of the various SROs, as well as the federal securities laws, require firms to develop a system of supervision to promote effective compliance with federal laws and SRO rules based on the nature of the firm's business. NASD Rule 3010 and NYSE Rule 342 generally require member firms to establish, maintain, and enforce written procedures to supervise the activities of the firm and its registered representatives, and to prevent violations of the various securities laws and SRO rules. Broker-dealers are required to designate qualified personnel, including registered principals, to carry out the firm's supervisory obligations, to have adequate controls in place to identify potential problems and sales practice abuses, and to conduct a review of firm activities on a periodic basis through internal inspection of their various office locations. In addition, legal and compliance personnel assist firm management and designated supervisors in meeting their responsibilities by developing policies and procedures, providing regulatory advice and training, designing and producing exception reports, conducting surveillance, and investigating indications of irregular activity.

The SROs and SEC oversee firms' compliance efforts and supervisory structure through the examination process. Every broker-dealer is examined by an SRO on a periodic cycle, ranging from annually to once every four years, depending on the business of the firm. SROs address potential shortcomings in firms' supervisory systems through deficiency letters and, in appropriate cases, through disciplinary actions. Additionally, the Commission is authorized to sanction firms whose supervision falls below a minimum standard of reasonableness. Section 15(b)(4)(E) of the Securities Exchange Act provides for the imposition of a sanction against a broker-dealer who has failed reasonably to supervise another person who commits such a violation and is subject to the broker-dealer's supervision. Through the examination process and enforcement actions when warranted, firms are constantly reminded of the importance of comprehensive procedures to prevent and detect sales practice abuses. Our primary goal as legal and compliance professionals is to ensure that our firms have adequate supervisory procedures in place, and to constantly reassess those procedures and ensure that sufficient resources are devoted to their implementation. In those instances where the SEC or SROs find that a particular firm has deficient supervisory procedures, existing authority clearly empowers the SEC and SROs to require any and all of the proposed requirements to be implemented.

We understand that the proposed rule changes by the NASD and NYSE stem from a recent enforcement action that involved the misappropriation of millions of dollars of customer funds by registered representative Frank Gruttadauria over a 15-year period while he was employed by several broker-dealers. Naturally, given the dimension of the fraud, the Gruttadauria case attracted regulatory and Congressional attention by highlighting apparent supervisory failures at certain firms. The Committee firmly believes that such cases are quite rare and do not justify imposing this new, expensive, duplicative, and pervasive regulatory scheme on all broker-dealers. The Gruttaduaria case was not so much a failure of the current regulatory system, including member firms' internal controls and supervisory practices, as it was the result of a single individual intent on defrauding his customers.

Indeed, even the most sophisticated supervisory systems may not uncover all misdeeds. Notably, although the Commission and the SROs conducted several examinations during the time period in which Gruttadauria was misappropriating customer funds, including one relating specifically to Gruttadauria's activities, the examiners themselves were unable to establish any indication of sales practice abuse in connection with activity in his customers' accounts sufficient to warrant any disciplinary action at that time. There is no evidence that supervision of supervisors will be any more effective in detecting or preventing such malfeasance. Although supervisory controls such as those now proposed provide useful guidance to firms in designing a supervisory system, certain of the requirements would entail overhauling supervisory structures currently in place throughout the industry at significant cost to many firms and may be unnecessary in light of the extensive supervisory requirements already in place as outlined above.

III. Independent Office Inspections

Under SRO rules, firms must inspect their offices on a regular basis. Under NYSE rules, branch offices generally are required to be inspected at least annually. NASD rules require offices of supervisory jurisdiction ("OSJ") to be inspected annually and all others to be inspected according to a regular cycle, set out in the firm's written supervisory procedures, based on certain risk factors. The proposed rule changes amend these requirements by requiring that office inspections be conducted by a person who is independent of the ongoing supervision, control, or performance evaluation of the branch office. The NYSE's proposed rule change expressly states that the inspections cannot be performed by the Branch Office Manager, Sales Manager or District/Regional Manager assigned to the office, or by any other person performing a similar supervisory function.

The proposed rule changes present a heavy burden for independent contractor firms and firms with far-reaching branch networks. In such firms it is typical for compliance staff to inspect certain branches such as OSJs, while designated principals in the OSJs or larger branches are charged with conducting inspections of branches within their jurisdiction. Few firms have the resources in their Legal or Compliance Departments to conduct all branch inspections. Moreover, proposed amendments to the definition of branch office, which become effective in 2003, will increase substantially the number of offices that must be inspected.5 If no one in the supervisory chain has the requisite independence, the proposal will have the effect of altering the basic organizational and supervisory structure within a significant portion of the industry today. Firms may employ fewer supervisors because of the need for increasing numbers of "independent" professionals. Alternatively, firms may be forced to employ salaried individuals to supervise branch activities or to outsource the inspection function at significant cost to the firm.

The Committee does not agree that an objective perspective is necessarily best maintained by having no interest in a branch's "bottom line" and by being outside of the branch's supervisory structure. In fact, we believe so-called "independent" supervisors may actually be less apt to discover problems and the overall level and quality of supervision may decline. Managing supervisors, on the other hand, are familiar with the registered representatives and their activities at locations within their jurisdiction, and are therefore most qualified to perform the periodic inspection. To the extent that a supervisor's compensation is based to some extent, either through bonus or override, on the production of individuals he supervises, the supervisor should continue to have the responsibility for ensuring compliance by those individuals with all applicable laws and regulations. Conducting periodic inspections reinforces the supervisor's accountability for the actions of their registered representatives. Indeed, some firms include bonuses for good compliance records as a component of a supervisor's compensation, thus aligning the supervisor's interests even more closely with those of the firm. By appointing a so-called independent party to conduct the inspection, supervisors will have a decreased sense of responsibility with regard to the activities conducted at the offices. Moreover, certain firms due to their size or structure may be unable to demonstrate that any individual within the firm is completely "independent" and almost certainly will be forced to outsource this activity.

The Committee urges the Commission to confirm that firm policies and procedures must meet certain basic principles, i.e., supervisors may not inspect their own office or review their own activity, but that other scenarios involving inspections by supervisory personnel in a hierarchical supervisory system may be sufficiently outside the day-to-day chain of command to meet the independence requirements of the proposal. For example, if an inspection is conducted by the manager of another branch who reports to the same supervisor as the manager of the branch being inspected, this should be sufficiently independent to meet the requirements of the rule. The Committee believes such an interpretation is consistent with the intent of the proposed rules. Indeed, the NASD proposal notes that the independence requirements in connection with office inspections may be satisfied by reasonable means based on the size and resources of the firm and the scope and nature of its activities.

IV. Supervisory Controls and Independent Testing and Verification

The proposed rules would require members to establish and maintain a system of supervisory control policies and procedures that test and verify that the member's supervisory procedures are reasonably designed to achieve compliance with applicable securities laws and regulations. The persons performing the testing and verification must be independent from the activities being tested and verified and the persons who directly supervise those activities. Both proposed rule changes require written policies and procedures with respect to certain specific activities: transmittals of funds or securities, customer changes of address, and customer changes of investment objectives.6

As a threshold matter, we believe that the specific activities set out in proposed NYSE Rule 401(b) and NASD proposed Rule 3012(c) should apply only to retail customer activity, and not institutional customer activity. Over the last several years, the NASD has attempted to identify those rules for which an institutional exemption would be appropriate.7 The Committee believes this is a perfect example of such rules and urges the SROs to consider an institutional carve-out from the specific supervisory control procedures. Institutional trading, frequently done on a delivery-versus-payment or receipt-versus-payment basis or via prime brokerage arrangements, involves systems, processes, and controls that are markedly distinct from retail account servicing. The NYSE recognizes in its proposal that no single approach to internal controls can be appropriate for all business models given differences in organizational size, supervisory structure, scope of business activities, products offered, location of branch offices, etc. Rather, the controls established and implemented should reasonably conform to the nature of the business conducted. The Committee therefore believes the proposals anticipate that an institutional exception would be entirely appropriate.8

Additionally, the proposed rule changes appear to contemplate supervision of the firm's supervisors and, again, it is unclear which individuals within the firm would be deemed sufficiently "independent" to perform the verification and testing. As noted above, firms have long been required to have a supervisory system in place and have had flexibility in developing these systems. The Committee urges the Commission to maintain flexibility in this area by confirming that the intent of the proposed rules is to set out general principles to which firms should conform their policies and procedures. Specifically, a supervisor cannot supervise himself or verify and test policies that the supervisor is personally responsible for implementing. Additionally, results of the verification and testing must be reported to someone with the authority to create or amend relevant supervisory procedures as necessary.

The Committee believes that individuals within the firm would then be able to perform this function and their independence would not be jeopardized merely because of their peripheral involvement in the activity being reviewed or some indirect benefit from the activity of the supervisor under review, such as a commission override. For example, although many firms have Internal Audit departments, in many cases this department is focused more on financial or operational matters or the obligations of the firm as a public company or as an issuer of securities, and not necessarily on the broker-dealer regulatory obligations of the firm. Consequently, when Internal Audit conducts a review, it often reviews templates prepared by legal or compliance personnel. As noted in Section I above, legal or compliance staff may have drafted the policies and procedures under review. The Committee believes this relationship should not compromise the independence of the verification and testing function. Alternatively, if verification and testing is conducted by a more senior supervisor in a hierarchical supervisory structure, the fact that a component of the supervisor's compensation is based on the production of the supervisor below should not taint the more senior supervisor's independence for this purpose.

Moreover, the Committee urges the Commission to clarify that the proposed requirements do not create an obligation for firms to test and verify every aspect of their supervisory procedures annually, although retail firms, at a minimum, must test and verify procedures in certain enumerated areas. As a practical matter, firms take a risk-based approach to their inspections and may focus on different supervisory controls from year to year. For example, an investment banking firm may be more interested in testing controls related to initial public offering allocations, while a primarily retail firm may focus more on controls relating to account opening and customer account activity. Integrated full-service firms may review both areas. The Commission should confirm that the proposed rule changes are not intended to establish a template for internal inspections. Rather, firms may continue and should be encouraged to assess their risks annually and base their internal inspections and testing of supervisory procedures on those areas that the firm identifies as warranting review.

V. Independent Supervision of Managers' Activities

Both proposals provide that members whose branch office managers, sales managers, regional/district managers, or any person performing a similar supervisory function service customer accounts must develop and implement written policies and procedures reasonably designed to independently supervise each such person's customer account activity. As noted above, the Committee agrees that supervisors should never review activity in their own accounts. However, as also noted above, we believe individuals within the firm who may be at equal or higher organizational levels, or peripherally involved, or receive an indirect benefit from the activity being reviewed may, nevertheless, have sufficient independence to perform this function.

VI. Time/Price Discretion

The NYSE and NASD proposals contain virtually the same provision with respect to time and price discretion. Specifically, the proposed rule changes provide that the authority to exercise time and price discretion will be considered to be in effect only until the end of the business day on which the customer granted such discretion, absent a specific, written, contrary indication signed and dated by the customer. In addition, both provisions require any exercise of time and price discretion to be reflected on the order ticket for the transaction.

Once again, the Committee believes that an institutional exemption from this provision is warranted. For the most part, institutional investors trade on a not-held basis and virtually all institutional orders involve discretion on the part of the trader. The obligations of the firm are clear and written authorization from the institutional customer to exercise discretion beyond a single trading day would be redundant and inconvenient for the institutional customer. Although most institutional orders will be day orders, it is not uncommon for a trader to work a large order over the course of several days. Institutions are sophisticated investors who do not need the same level of protection as retail customers. Therefore, an institutional exemption from this provision would be appropriate.

With respect to customer orders, the proposal would require significant system changes, which already are underway to meet the new books and records requirements. When the firm is exercising time and price discretion, it must be indicated on the record of the order. All orders marked to show time and price discretion that are not executed in whole or in part on the day the order is entered must be canceled at the end of the day and purged from the firm's order-entry system. An order with time and price discretion can only be considered good until canceled ("GTC") if the customer has submitted dated instructions to the firm in writing. Presumably, this requirement contemplates written instructions on an order-by-order basis. Therefore, all orders marked time and price discretion effectively become day limit orders. In order to minimize the systems changes that will be required, the Committee urges the Commission to clarify that instead of written instructions on an order-by-order basis, standing instructions from the customer will suffice. Of course, designation of time and price discretion provides an exception to the general requirements for discretionary accounts in NYSE Rule 408 and NASD Rule 2510. Therefore, where the customer has authorized the exercise of time and price discretion beyond a single trading day by issuing standing instructions, firms should need only to document the written approval, and not meet requirements in other provisions of the Rule, when relying on the exception.

VII. Effective Date

The securities industry is facing huge demands in costs and technological resources to implement many new rules at a time when firms are experiencing declining revenues and increasing cutbacks. We ask the Commission, the NYSE and the NASD to reconsider these proposed rule changes in light of other regulatory initiatives currently underway including the new books and records requirements, anti-money laundering regulations, and business continuity issues, as well as the new supervisory controls associated with implementation of the Gramm-Leach-Bliley Title II push outs. The Committee urges the regulators to consider the more measured approach discussed above and to provide ample time for implementation of any new requirements that are imposed.

Currently, efforts are underway in the industry to implement new broker-dealer books and records requirements by May 2003. Recognizing the extensive changes that would be required to firms' automated systems, the SEC granted an extended effective date for those rules. Certain requirements in the instant proposal involve changes to those same systems. The Committee respectfully requests that the effective date of any new requirements at a minimum coincide with the effective date of the new books and records rules in order to enable firms to make the necessary system changes in an efficient and cost-effective manner.

VIII. Conclusion

The Committee supports the objectives of the NYSE and NASD to have internal control requirements that are as effective as possible in making firms' supervisory systems a meaningful protection against fraud and abuse. Without more flexibility, however, the rules as proposed will require major changes in supervisory structures across the industry or costly alternatives that would be a burden on competition for firms with extensive branch networks. The Committee urges the Commission to consider the alternative approaches proposed above so that firms can continue to meet their obligations with internal resources and minimal disruptions to existing supervisory structures.

If you have any questions, or would like to discuss our comments further, please contact the undersigned or Amal Aly, Vice President and Associate General Counsel, at 212-608-1500.


Christopher R. Franke
Self-Regulation and
Supervisory Practices Committee

CC: Annette Nazareth, Director, Division of Market Regulation, SEC
Robert L.D. Colby, Deputy Director, Division of Market Regulation, SEC
Edward A. Kwalwasser, Group Executive Vice President, NYSE
Salvatore Pallante, Senior Vice President, NYSE
Mary L. Schapiro, President, NASD
Elisse B. Walter, Chief Operating Officer and Executive Vice President, NASD

1 Securities Exchange Act Release No. 46858 (November 20, 2002), 67 FR 70994.
2 Securities Exchange Act Release No. 46859 (November 20, 2002), 67 FR 70990.
3 See Securities Exchange Act Release No. 44992 (October 26, 2001), 66 FR 55818, adopting new rules under Securities Exchange Act Rules 17a-3 and 17a-4 relating to books and records requirements for broker-dealers.
4 See Letter to Barbara Z. Sweeney, Office of the Corporate Secretary, NASD, and Donald Van Weezel, Vice President, Regulatory Affairs, NYSE, from Christopher Franke, Chairman, SIA Self-Regulation and Supervisory Practices Committee, and Michael H. Stone, President, SIA Legal and Compliance Division, dated August 19, 2002.
5 The NYSE recently proposed a rule change amending the definition of "branch office" to include, with certain limited exceptions, any location, other than a main office, where one or more associated persons of a member or member organization regularly conduct the business of effecting any transactions in, or inducing or attempting to induce the purchase or sale of any security, or is held out as such. Securities Exchange Act Release No. 46888 (November 22, 2002), 67 FR 72257. The NASD has proposed a similar definition. See NASD Notice To Members 02-52. See also Securities Exchange Act Rule 17a-3(g)(1), 17 CFR 240.17a-3(g)(1). Given the increasing number of offices required to be inspected under the NYSE proposal, the Committee intends to urge the NYSE to consider a cycle approach to inspections such as that employed by the NASD.
6 In recognition of the fact that the independent verification and testing requirement may not be practical or reasonable for certain business models, an exemption from this requirement is available to members that do not conduct a public business, or have a capital requirement of $5,000 or less, or employ ten or fewer registered representatives.
7 See, e.g., Notice To Members 98-81.
8 In addition, the requirements of NASD proposed Rule 3110(d) regarding pre-execution designation of the account name are inconsistent with the nature of institutional trading. In the institutional context, it is customary for an investment adviser or other fiduciary to give an order to a trading desk for a quantity of stock or bonds, with the allocation of the order between its managed accounts to follow later in the day. This is the very reason the NYSE has had a long-standing interpretation excepting such trades from the requirements of Rule 410. The NASD should adopt conforming amendments to Rule 3110.