Last month, the SEC issued a sizable $1.25 million fine against a New York-based broker-dealer. According to the SEC Order, the brokerage firm failed to retain audio files requested by SEC staff and did not maintain adequate books and records related to

The SEC determined that the brokerage firm deleted the audio files despite receiving two requests from the regulator to preserve them. The deletion of the audio files reportedly occurred because the technicians responsible for the recordings were unaware of the litigation hold notice that pertained to the requests.

The SEC order also found that the brokerage firm failed to maintain accurate records of compensation, travel, entertainment, and gifts, as the firm provided a high-performing broker with $600,000 sports season tickets and $100,000 in expense reimbursements. The firm is accused of inaccurately recording these items in its general ledger. Additionally, the firm reimbursed a different broker for thousands of dollars of personal expenses spent on his birthday party, his bachelor party, and two separate trips to Las Vegas for his friends’ bachelor parties.

Email Fines

Earlier this year, FINRA fined a broker-dealer firm (as well as its brokers) $125,000 for violations of FINRA rules; Federal securities laws, rules and regulations; and the rules of the Municipal Securities Rulemaking Board (MSRB). The findings found the firm, two supervisors, and an underwriter failed to make timely MSRB Rule G-17 letter disclosures and were guilty of inaccurate recordkeeping. The findings also stated that the underwriter conducted his securities activities using an outside email account that was neither reviewed nor retained by the firm — a practice that was known to supervisors. Consequently, the underwriter’s business-related email communications for the review period were neither reviewed nor retained by the firm. The findings also included that the firm and the supervisors did not maintain and preserve records relating to the underwriter’s business expenses incurred in connection with his municipal securities activities, including gifts and entertainment expenses provided to employees or agents of municipal issuers. Both supervisors were fined $5,000 each, while the underwriter was fined $10,000.

FINRA fined another brokerage firm $5,000 for failing to maintain and preserve certain business-related emails in a Write Once, Read Many (WORM) format. A lower fine was imposed after considering, among other things, the firm’s revenue and financial resources. The findings stated that the firm allowed its registered representatives to use personal email accounts to conduct their securities business and preserved business-related emails using electronic storage media (ESM).

Until July 2013, the firm’s representatives were required to forward their business-related emails from their personal email accounts to the personal email address of the firm’s President/Chief Compliance Officer (CCO) for storage. These emails, along with any other business-related emails sent from or received by the CCO’s personal email address, were not stored in WORM format. Beginning in July 2013, the firm’s representatives were required to forward business-related emails conducted in their personal email accounts to firm email addresses for storage. The firm’s representatives did not always follow this requirement. As a result, some business-related emails were not maintained and preserved in WORM format.

The findings also stated that the firm did not use an automated system for the review and preservation of all business-related emails. Instead, it relied on an “honor system” for registered representatives to manually forward business-related emails, including those with customers, from their personal email accounts to the firm’s CCO (until July 2013) and to business email addresses assigned by the firm (beginning in July 2013). As a result, the firm’s compliance program depended on the participation of representatives. The firm, however, had no supervisory system or procedures to ensure that its representatives complied with this requirement. The findings also included that, because of this deficiency in the firm’s system, business-related emails sent from or received by the personal email accounts of the firm’s representatives that were not forwarded escaped supervisory review.

FINRA found that between January 2012 and July 2013, the firm did not require the review by another registered principal of emails sent or received by the firm’s CCO, and did not otherwise establish a reasonable system for the review of his emails. As a result, the CCO’s emails were not reviewed by another registered principal. FINRA also found that the firm failed to implement and maintain a reasonably designed system, including written supervisory procedures, for the maintenance and preservation of all business-related emails in WORM format. Due to this, the firm failed to establish, maintain and enforce a reasonable supervisory system and written supervisory procedures regarding the review and preservation of registered representatives’ business-related emails, and failed to review certain business-related emails.

Instant Messaging Fine

A brokerage firm was fined $100,000 and ordered to pay $44,740.33 (plus interest) in restitution to customers. The brokerage firm failed to establish, maintain, and enforce a supervisory system and WSPs reasonably designed to detect and prevent unsuitable short-term trading in Unit Investment Trusts (UITs). The findings also stated that the firm failed to retain instant messages from employees, including senior management and compliance staff.

Text Messaging Fine

FINRA fined a broker $5,000 for sending hundreds of text messages about securities to a statutorily disqualified person without seeking or receiving his firm’s prior written approval, preventing the firm from supervising those communications. The broker disclosed non-public information about approximately two dozen customers to a person who was statutorily disqualified from the brokerage industry and assisted that person’s efforts to act as an unregistered broker. The firm generally prohibited its registered persons from communicating about their securities business using text messages without prior written approval. The broker was aware of those policies, yet they shared non-public information with the statutorily disqualified person about their former customers, including information about their account balances, securities transactions and investment strategies.

Take Away

The above enforcement cases should remind firms of their obligation to capture and maintain accurate records, and to conduct annual reviews of and complete employee trainings for work supervisory policies for both allowed and prohibited communications channels used for firm business.

“The federal securities laws require broker-dealers to maintain accurate books and records and promptly provide records requested by SEC staff,” said Marc Berger, Director of the SEC’s New York Regional Office. “The failure to preserve and produce responsive documents undermines the Commission’s ability to provide effective oversight of registrants and to carry out its mission to protect investors.” Section 17(a)(1) of the Securities Exchange Act and rules thereunder require every registered broker-dealer to maintain current accurate books and records, including ledgers reflecting, among other things, all expenses. Under current FINRA Rule 3220, ordinary and usual business entertainment is not prohibited, provided that the entertainment is neither so frequent nor so extensive as to raise any question of propriety.

The Archiving Platform from Smarsh features capture, search, and supervision capabilities that enable firms to effectively manage electronic communications data to comply with recordkeeping requirements. The Archiving Platform is WORM compliant as records are preserved in a non-rewriteable and non-erasable format. A centralized platform, it provides a unified compliance and e-discovery workflow across the entire range of digital communications, including email, social media, websites, instant messaging, mobile text messaging, and voice, as well as supervisory capabilities that allow users to flag and review communications about specific concerns.

For example, if a supervisor emails an employee and offers them basketball tickets, the message would be flagged and moved to a review queue due to language indicating gifts and entertainment expenses. Lexicon policies can also help test and verify that your firm’s supervisory procedures are reasonably designed to achieve compliance with applicable regulations.