Skip to main content

Securities and Exchange Commission: Opportunities Exist to Improve Oversight of Self-Regulatory Organizations

GAO-08-33 Published: Nov 15, 2007. Publicly Released: Dec 17, 2007.
Jump To:
Skip to Highlights

Highlights

Self-regulatory organizations (SRO) are exchanges and associations that operate and govern the markets, and that are subject to oversight by the Securities and Exchange Commission (SEC). Among other things, SROs monitor the markets, investigate and discipline members involved in improper trading, and make referrals to SEC regarding suspicious trades by nonmembers. For industry self-regulation to function effectively, SEC must ensure that SROs are fulfilling their regulatory responsibilities. This report (1) discusses the structure of SEC's inspection program for SROs, (2) evaluates certain aspects of SEC's inspection program, and (3) describes the SRO referral process and evaluates SEC's information system for receiving SRO referrals. To address these objectives, GAO reviewed SEC inspection workpapers, analyzed SEC data on SRO referrals and related investigations, and interviewed SEC and SRO officials.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
United States Securities and Exchange Commission To enhance SEC oversight of SROs, the SEC Chairman should establish a written framework for conducting inspections of SRO enforcement programs to help ensure a reliable and consistent source of information on SRO inspection processes, minimum standards, and quality controls; and, as part of this framework, broaden current guidance to SRO inspection staff on the use of SRO internal audit reports to direct examiners to consider the extent to which they will rely on reports and reviews of internal and external audit and other risk-management systems when planning SRO inspections.
Closed – Implemented
This recommendation has been implemented. In August 2008, the Securities and Exchange Commission's Office of Compliance Inspections and Examinations issued written guidance for those examiners that conduct inspections of self-regulatory organization (SRO) operations, including the enforcement programs of the SROs. This examination guidance outlines inspection processes, minimum standards, and quality controls. It also broadens current guidance to SRO inspection staff on the use of SRO internal audit reports by directing examiners to consider the extent to which they will rely on reports and reviews of internal and external audit and other risk-management systems when planning SRO inspections.
United States Securities and Exchange Commission To enhance SEC oversight of SROs, the SEC Chairman should ensure that Market Regulation makes certain that SROs include in their periodic risk assessment of their IT systems a review of the security of their enforcement-related databases, and that Market Regulation reviews the comprehensiveness and completeness of the related SRO-sponsored audits of their enforcement-related databases.
Closed – Implemented
SEC's Division of Trading and Markets (formerly Market Regulation) has implemented this recommendation by incorporating a review of the efforts by the SRO audit function, including their periodic risk assessments, over enforcement-related databases into its regular Automation Review Policy (ARP) inspection process.
United States Securities and Exchange Commission To enhance SEC oversight of SROs, the SEC Chairman should as part of the agency's ongoing efforts to improve information technology capabilities, ensure that any software developed for tracking SRO inspections includes the ability to track and report SRO responses to and implementation status of OCIE inspections recommendations.
Closed – Implemented
SEC's Office of Inspections and Examinations has developed an electronic examination workbook, the Tracking and Reporting Examinations National Documentation System ("TRENDS"), for all staff to use when conducting examinations. TRENDS is a web-based program that creates a uniform examination process and record-retention function for the National Examination Program. TRENDS captures each examination's purpose, scope, risk assessment, findings, and appropriate statistical data, as well as responses to deficiency letters and corrective actions taken. The Office of Market Oversight, which supervises self regulatory organizations, implemented TRENDS on or about July 9, 2012.
United States Securities and Exchange Commission To enhance SEC oversight of SROs, the SEC Chairman should as part of the agency's ongoing efforts to improve information technology capabilities, consider system improvements that would allow Enforcement staff to electronically access and search all information in advisories and referrals submitted by SROs and generate reports that would facilitate monitoring and analysis of trend information and case activities.
Closed – Implemented
On August 27,2008 staff from the Securities and Exchange Commission's Division of Enforcement confirmed that they implemented the recommendation by asking the Office of Information Technology to make system improvements that would allow enforcement staff to electronically access and search all information in advisories and referrals submitted by self-regulatory organizations. These system improvements will also allow the Enforcement managers to generate management reports.

Full Report

Office of Public Affairs

Topics

AuditsBanking regulationFederal regulationsFinancial analysisFinancial managementInspectionInternal auditsInternal controlsProgram evaluationRegulatory agenciesRisk assessmentSecurities regulationSecurity regulationsStocks (securities)Trade regulation