Know Your Customer and Suitability
Quick Answer
The know-your-customer rule requires reasonable diligence to know the essential facts about every customer at account opening and during maintenance. The suitability rule then requires the firm to use those facts to make recommendations supported by three obligations: reasonable-basis (the product is suitable for at least some investors), customer-specific (suitable for this particular customer's profile), and quantitative (a series of recommended trades is not excessive). For retail customers, Reg BI (next section) is the operative standard; suitability governs institutional and other non-retail recommendations.
Know-your-customer and suitability form a two-step framework: first the firm gathers the customer's profile, then it uses that profile to evaluate every recommendation. A firm that fails to gather the profile violates know-your-customer; a firm that gathers it but recommends an unsuitable trade violates suitability. The two rules are tested as a pair because the violation usually points to one or the other.
Know Your Customer
A broker-dealer (BD) must use reasonable diligence in regard to the opening and maintenance of every account, to know (and retain) the essential facts concerning every customer.
"Essential facts" are those required to:
- Effectively service the customer's account
- Act in accordance with any special handling instructions for the account
- Understand the authority of each person acting on behalf of the customer
- Comply with applicable laws, regulations, and rules
Know-your-customer is the foundation for the suitability obligation. The identity and profile data gathered at account opening flows into the suitability analysis. Without proper KYC, suitability cannot be assessed.
Think of it this way: Know-your-customer says "Know who you're dealing with." It is broader than suitability because it covers servicing and authority questions that arise even when no recommendation is being made. A rep who accepts trade instructions from a person not authorized on the account violates KYC even if the trade itself is suitable.
Exam Tip: Gotchas
- Know-your-customer is fact-gathering; suitability is using the facts. A rep who accepts an account application without verifying the customer's authority over the assets violates KYC. A rep who has the facts but recommends a high-risk trade to a low-risk customer violates suitability.
- KYC covers maintenance, not just opening. If the customer's address, employment, or risk tolerance changes during the relationship, the firm must update its records. Failing to update is itself a violation.
Suitability
When Reg BI does not apply (institutional customers and other non-retail recommendations), the suitability rule requires a reasonable basis to believe that a recommended transaction or investment strategy is suitable for the customer, based on information obtained through reasonable diligence to ascertain the customer's investment profile.
The investment profile includes (but is not limited to):
- Age
- Other investments
- Financial situation and needs
- Tax status
- Investment objectives
- Investment experience
- Investment time horizon
- Liquidity needs
- Risk tolerance
The suitability rule applies primarily to non-retail (e.g., institutional) customers and any retail recommendation not covered by Reg BI. For retail customers, Reg BI is the operative best-interest standard (covered in the next section).
The Three Suitability Obligations
The suitability rule has three layers that all must be satisfied. A recommendation can be suitable on one layer and unsuitable on another.
| Obligation | Standard |
|---|---|
| Reasonable-Basis | Member must have a reasonable basis, based on reasonable diligence, to believe the recommendation is suitable for at least some investors. The firm must understand the potential risks and rewards of the product. |
| Customer-Specific | Based on the specific customer's investment profile, the member must have a reasonable basis to believe the recommendation is suitable for that customer. |
| Quantitative | A member with actual or de facto control over the account must have a reasonable basis to believe a series of recommended transactions (even if individually suitable) is not excessive in light of the customer's profile. Measured by turnover rate, cost-equity ratio, and in-and-out trading. |
Think of it this way: The three layers stack. Reasonable-basis asks: does the firm understand this product? Customer-specific asks: is this product right for this customer? Quantitative asks: even if each trade is right, is the overall pattern excessive? A firm can pass the first two and still violate the third by churning the account.
Exam Tip: Gotchas
- Quantitative suitability requires control over the account (formal discretion or de facto control where the customer routinely accepts the rep's recommendations without independent evaluation). Without control, churning under the suitability framework is harder to charge, though Reg BI's care obligation can still apply for retail customers.
- Reasonable-basis suitability applies even when no actual customer is in mind. A firm that adds a complex product to its shelf without understanding it violates the reasonable-basis obligation before any recommendation is even made.
Quantitative Suitability Metrics
Quantitative suitability is measured using objective metrics that describe the pattern of trading in the account:
- Turnover rate: total purchases (or sales) over a period divided by the average account equity. A turnover rate above 2 to 4 in a non-speculative account is a presumptive red flag for excessive trading.
- Cost-equity ratio: total commissions and costs as a percentage of average equity. A cost-equity ratio above 15% to 20% annualized is a presumptive red flag because the customer would have to earn at least that much just to break even.
- In-and-out trading: rapid buying and selling of the same security or similar securities, especially when generating commissions on each leg.
These thresholds are not bright lines. They are factors that, combined with the customer's profile and trading history, support an inference of churning. The principal's job is to identify the pattern, document the inquiry, and escalate.
Exam Tip: Gotchas
- Turnover and cost-equity ratios are presumptive, not dispositive. A 3.0 turnover in a sophisticated active-trading account run by a rep with proper authorization may be acceptable. A 1.5 turnover in a retired customer's IRA may be excessive.
- The principal's failure to detect excessive trading is a supervisory-system violation independent of the underlying quantitative-suitability violation by the rep. Both can be charged simultaneously.
Institutional-Customer Exemption
Customer-specific suitability does NOT apply to institutional customers if:
- The member has a reasonable basis to believe the institutional customer is capable of evaluating investment risks independently
- The institutional customer affirmatively indicates in writing that it is exercising independent judgment in evaluating the member's recommendations
When both conditions are met, the firm is excused from the customer-specific layer. The other two layers still apply: reasonable-basis suitability still applies (the firm must still understand the product), and quantitative suitability still applies if the firm has control over the institutional account.
An "institutional customer" under FINRA rules generally means a bank, savings and loan, insurance company, registered investment company, registered investment adviser, or any other entity (including natural persons) with at least $50 million in total assets.
Think of it this way: The exemption assumes a sophisticated counterparty. A pension plan with $500 million in assets and a professional investment staff does not need the same hand-holding as a retail customer; the customer is the gatekeeper for its own suitability decisions, not the broker-dealer. The written affirmation is the firm's audit trail.
Exam Tip: Gotchas
- The institutional exemption requires both a written affirmation AND the firm's reasonable belief in the customer's capability. A signed waiver is not enough if the firm knows the customer is not actually evaluating risks independently.
- Reasonable-basis suitability still applies to institutional accounts. The firm must still understand the product before recommending it, even if the institutional customer waives customer-specific suitability.
How KYC and Suitability Interact
The two rules sit at different points in the recommendation lifecycle:
- KYC violation example: A new account is opened without verifying the trustee's authority over a trust account. Trades are placed and settled. No recommendation is unsuitable, but the firm violated KYC by failing to know who could act on the account.
- Suitability violation example: An account is opened with a complete profile (low risk tolerance, fixed income, age 70). The rep recommends a complex structured note. The recommendation violates customer-specific suitability even though the firm knows the customer's profile.
- Both rules violated: A new account is opened for an elderly customer. The rep records the customer's risk tolerance as "aggressive growth" without any inquiry. The rep then recommends speculative options trades. The firm violated KYC by not gathering accurate facts and suitability by recommending unsuitable trades based on the inaccurate profile.
Exam Tip: Gotchas
- A KYC violation does not require any unsuitable trade. Failing to gather or update profile information is the violation in itself, even if no recommendations are ever made.
- A suitability violation can occur even with perfect KYC records if the firm uses the records to make an unsuitable recommendation. The rules cover different stages of the relationship.