Regulatory Update

Powerhouse Banking Firm Fined for Supervision Deficiencies of Employee Communications

June 04, 2021Marianna Shafir Esq.

Subscribe to the Smarsh Blog Digest

Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

FINRA updates

The 2021 FINRA Industry Spotlight, published last month, provides a high-level overview of the industry including the number of FINRA-registered individuals, revenues of firms, trading activity, and marketing information about products and services.

FINRA's 2021 operating revenues are projected to be lower than 2020 due to a unique set of circumstances from the COVID-19 pandemic that contributed to increased revenues, including higher trading volumes and a large number of public offerings. Operating expenses are anticipated to increase, with headcount rising and in-person testing and travel expected to increase throughout the year.

FINRA reported that it spent $90.2 million for "fines-eligible" expenditures in 2020, including capital initiatives, strategic expenditures, and activities to educate investors and promote firm compliance. Because 2021 expenditures exceeded the amount issued in 2020, the balance of $33.2 million was funded from FINRA’s reserves and excess operating results.

Back to top

Supervisory failures

Failure to supervise employee communications

FINRA fined a NY powerhouse firm a total of $450,000, with $90,000 payable to FINRA. The firm failed to reasonably supervise certain types of public and private side employee communications under its policies and procedures. The findings stated that although the firm had electronic communication review procedures in place to detect the disclosure of potential material non-public information (MNPI), those procedures were not reasonably designed.

Although the firm reviewed emails through a “general lexicon search” and targeted communications about Watch List and Restricted List securities, it did not have a process for escalating review of private-public side communications containing potentially material information. Nor did it have a process for enforcing its procedures for physical separation of traders and marketers within its global wealth and global banking and markets divisions.

The firm also failed to reasonably enforce its procedures requiring functional and physical separation of public and private side personnel, to reasonably train private side personnel on how to identify and monitor communications containing potential MNPI, and to maintain reasonable procedures regarding monitoring and escalation.

These failures to establish, maintain and enforce such procedures and systems excluded from supervisory review certain categories of communications between public and private side employees and created the risk that potential MNPI could be impermissibly disclosed. These failures inhibited the firm’s ability to identify such potential disclosures and to take reasonable steps to mitigate or remediate any potential harm. The firm later enhanced its global wealth and investment management and global banking and markets/global commercial banking procedures to address the deficiencies.

Broker-dealer firm fined $400,000 

FINRA fined an Iowa-based independent broker-dealer firm $400,000 and ordered $3,134,354.82, plus interest, be paid in restitution to customers. The firm was required to establish and implement policies, procedures and internal controls reasonably designed to address and remediate the issues identified in the AWC.

The firm failed to reasonably supervise registered representatives’ recommendations of an alternative mutual fund and permitted the sale of the fund on its platform without conducting reasonable due diligence. The fund pursued a risky strategy that relied, in part, on purchasing uncovered options.

The firm also lacked a reasonable supervisory system to review representatives’ fund recommendations. The firm did not provide adequate guidance or training to representatives regarding the risks and features of alternative mutual funds and did not have reasonable WSPs advising firm principals how to supervise recommendations of alternative mutual funds.

In addition, the firm failed to consider whether the rules of its electronic trade review system were reasonable for reviewing alternative mutual funds that utilize a more complex strategy. Or whether it may be necessary to tailor the tool’s rules to address risks and characteristics of alternative mutual funds, including the fund.

As a result, the firm’s fund transactions were generally not identified for additional suitability review, even for customers with conservative and moderately conservative risk tolerances. Firm representatives sold more than $18 million in the alternative mutual fund to customers. The fund’s value dropped 80 percent during an extreme volatility event, and the fund ultimately liquidated and closed, resulting in millions of dollars in losses for the firm’s customers. The firm has already paid more than $740,000 in restitution to customers, on top of the restitution ordered as a part of the AWC.

Back to top

Unauthorized communication methods

A broker was assessed a deferred fine of $5,000 and suspended from association with any FINRA member for 45 days. The findings stated that the broker failed to safeguard customer confidential information. With customer consent, the broker used his personal cell phone to photograph confidential customer information such as driver’s licenses, account statements and numbers, signed account documents, social security cards, addresses, and telephone numbers. The broker then used his personal email address to transmit the images of confidential materials to his firm email account. The broker’s firm maintained specific policies prohibiting the use of personal email for business purposes and transmitting private client information via email.

The findings also stated the broker exercised discretion in customer accounts without prior written authorization from the customers or approval from his member firm. The findings stated that the customers had verbally authorized the broker to exercise discretion in their accounts.

Back to top

Recordkeeping violations

A broker was fined $5,000 and suspended from association with any FINRA member for 15 business days. The broker consented to the sanctions and to the findings that prior to his departure from his member firm, he removed and retained non-public personal information of firm customers without the firm’s or customers’ knowledge or consent. This included social security numbers, account numbers and dates of birth. The broker retained the information in hard copy format and did not store it electronically, including on a third-party server or personal email account. The broker returned the information after the firm determined that the broker had removed it. The broker did not use the information or disclose it to others.

Back to top

Outside business activities (OBA)

A broker was named a respondent in a FINRA complaint alleging that he engaged in an OBA without providing prior written notice to his member firm. The complaint alleges that the broker created a corporate entity to produce and market a film. The broker paid over $8,000 for camera equipment, actors’ fees, and rent for a cabin to film the movie. The firm learned about the OBA when the broker was sued in connection with his activities with the entity, and it promptly terminated the broker.

The complaint also alleges that throughout that investigation, the broker repeatedly provided false or misleading information to FINRA to conceal his involvement in his OBA. The broker provided false or misleading information in response to a written request for information and false or misleading sworn testimony to FINRA during an on-the-record interview. Among other things, the broker falsely told FINRA that the entity was formed without his knowledge or consent, that he was not involved in producing a movie, that he had not exchanged emails with a third party about producing the movie, and that he had not spent money in furtherance of the movie’s activities.

Back to top

Takeaway for firms

Firms must maintain specific policies prohibiting the use of personal email for business purposes and transmitting confidential client information.

Be explicit and list permissible vs. prohibited communication channels in WSPs. We recommend firms update their policies to include often overlooked (but extremely popular) forms of electronic communications, including collaboration platform content, instant messages, text messaging, social media posts, email marketing, and more. Simply forbidding these communication channels in a policy isn’t sufficient to protect against recordkeeping rules violations. As we have seen, regulators may fine or suspend a firm and/or broker if they discover a broker uses a communication channel that isn’t archived by their firm.

Supervision is critical. Firms need to demonstrate to regulators that they are supervising the activities of their representatives. It’s important to establish a reasonable supervisory system that flags, escalates, and enables actions to address potential fraud and violations.

Firms should have a reasonable system to monitor for compliance with social media policies and monitor and preapprove business-related social media sites. We recommend regularly reviewing popular social media sites to see if employees are using the media in a way not permitted by the WSP’s. Run regular internet searches or set up automated alerts to notify the firm when an employee’s or broker’s name appears on a website to identify potentially unauthorized business activities online.

Another suggestion is to create lexicons of search terms that are appropriate for your business. Lexicon policies may even be used to test for situations where advisors provide their personal email addresses, phone numbers, or social media handles. Lexicons can be keyed to identify such phrases as “DM me,” “let’s take this offline, “send to my Gmail,” etc. FINRA recommends a combination of random sampling and lexicon searches. Random sampling can help find potential violations such as brokers using personal email, undisclosed outside business activities, fraud, etc.

Back to top

Employee training

Firms should require employees to complete training on the firm’s policies and procedures regarding prohibitions and limitations placed on the use of electronic messaging and electronic apps and the adviser’s disciplinary consequences of violating these procedures. Obtain attestations from personnel at the commencement of employment with the adviser and regularly thereafter that employees (a) have completed all the required training on electronic messaging, (ii) have complied with all such requirements, and (iii) commit to do so in the future. Firms should provide regular reminders to employees of what is permitted and prohibited under the adviser’s policies and procedures for electronic messaging.

Stay abreast of evolving technology and how to meet regulatory requirements to avoid hefty fines and penalties.

Back to top

Share this post!

Marianna Shafir Esq.
Smarsh Blog

Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.

Get a Quote

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Contact Us

Tell us about yourself, and we’ll be in touch right away.