Here are two very recent tales of unmanaged risk catching up with firms, and the response of regulators who are watching the way companies like these handle those risks very, very closely.

Last week, Platinum Partners executives were charged in a $1 billion, eight-count securities fraud indictment. According to Brooklyn U.S. Attorney Robert Casper, communications and other company documents revealed fraudulent and deceitful practices from the hedge-fund managers. As described by federal prosecutors and the Securities and Exchange Commission, communications also show a trend of “relentless” redemption requests from concerned investors who wanted their money back¹.

Over the years, Platinum Partners earned more than $100 million in fees during the conspiracy. However, hints of financial troubles began to arise in 2012, eventually leading the alleged conspirators to use loans and payments from new investors to pay existing investors, similar to the infamous Madoff Ponzi scheme.

In another case, the Financial Industry Regulatory Authority (FINRA) fined 12 firms a total of $14.4 million for “significant deficiencies” in the storage of electronic broker-dealer and customer records. More specifically, FINRA found that records were not stored in the required, “write once, read many,” or WORM, format. Federal securities law and FINRA require the WORM format to prevent electronic business-related communications from being altered. In this case, each of the fined firms demonstrated deficiencies that affected millions—to hundreds of millions—of records “pivotal to the firms’ brokerage businesses, spanning multiple systems, and categories of records.²”

Risk for firms comes in many forms—legal, regulatory, financial, and reputational—and these types of risk often travel together. Organizations need to take a proactive approach to finding and addressing risk as part of an overall, firm-wide culture of compliance. This includes, as in the FINRA WORM case, meeting specific regulatory obligations surrounding the immutable retention of electronic records.

A firm’s archive of electronic communications—unstructured electronic records that include email, social media, text messaging, instant messaging, and more—is a major repository for risk, and it requires proactive governance. These oversight efforts can help identify the (risk) needles in the haystacks (messages), and set in motion the actions necessary to safeguard a firm and its investors.

Firms that are proactive and automate their electronic communications supervision processes with documented policies and systems to help supervise and enforce them, also help protect their investors from the results of fraudulent behaviors. With the Smarsh comprehensive archiving solution, for instance, firms leverage specific and intelligent policies to proactively flag potential regulatory violations and risky behaviors (ex. fraud, money laundering) across every channel of their electronic communications. Beyond its ability to help strengthen a firm’s capacity to identify and mitigate risk, adoption of a solution set like this can be seen by regulators and investors alike as a huge selling point; investors will inherently feel more confident entrusting their assets with firms that regularly monitor communications and address risk this way.

 
¹ http://www.usatoday.com/story/money/2016/12/19/platinum-partners-execs-charged-1b-fraud/95605808/
² http://www.finra.org/newsroom/2016/finra-fines-12-firms-total-144-million-failing-protect-records-alteration