Brokerage Firm and Principal Fined by FINRA for Supervision Violations
Table of Contents
1. Anti-money laundering (AML)
2. Private securities transactions
3. Unethical employee conduct
4. SEC Regulation S-P violation through personal email account
5. Outside business activities (OBA)
6. Tips for compliance with AML regulations
Anti-money laundering (AML)
FINRA fined a New York-based member firm $100,000 for allegedly failing to establish and implement an anti-money laundering (AML) compliance program reasonably designed to monitor for potentially suspicious transactions. FINRA fined the general securities principal $15,000 and a two-month suspension.
According to FINRA, the firm and its principal failed to 1) take reasonable steps to establish and implement an AML program tailored to the firm’s new business line (and particularly the deposit and liquidation of microcap stocks), resulting in the firm’s failure to identify or investigate potentially suspicious transactions; and 2) provide meaningful guidance regarding how the principal was to identify or review red flags specific to the customer account business.
Principal A, the firm’s anti-money laundering compliance officer (AMLCO), was responsible for the firm's AML program. The firm’s principal knew Principal A lacked AML oversight experience relevant to his duties and did not take corrective action after becoming aware that Principal A had not performed his AML duties in a reasonable manner.
One customer deposited over 14 million shares of a microcap stock on January 9, 2018 and January 18, 2018, and immediately began liquidating the stock. On January 18, 2018, the brokerage company clearing firm contacted the principal by email, copying Principal A, flagging the customer’s liquidation of the microcap stock, and then followed up again on February 13, 2018, asking if the principal or Principal A had any insight into the account’s activity in the microcap stock.
Despite the clearing firm’s email, the principal did not take any action to ensure that the firm had been monitoring these accounts more closely. In addition, FINRA allegedly found that the principal “repeatedly” permitted deposits and resales of microcap securities despite missing documentation. As a result, the firm and its principal violated 3110(a) (Supervision), FINRA Rules 3310(a) (Anti-Money Laundering Compliance Program), and 2010 (Standards of Commercial Honor and Principles of Trade).
Private securities transactions
A broker was barred from FINRA for participating in private securities transactions totaling at least $3.5 million without providing prior written notice to, or obtaining advanced approval from, his member firm.
The findings stated that the broker solicited individuals, including at least two firm customers, to invest in securities issued by a software and web development company. The broker participated in these investments away from the firm by providing written materials about the company to investors, and by communicating with them orally, by email and text message about the company and encouraging them to invest.
The broker also facilitated the transactions by helping investors send or receive transfers of funds. The broker received selling compensation of $191,340 from the company for his role in soliciting and facilitating the investments. The broker also personally invested over $200,000 in the company.
Unethical employee conduct
A broker was assessed a deferred fine of $7,500 and suspended from association with any FINRA member in all capacities for six months. The broker engaged in an unethical course of conduct and circumvented her member firm’s policies and procedures by assisting an elderly customer to designate her and a colleague as beneficiaries on the customer’s variable annuity policy, misrepresenting their relationship with the customer to the annuity company and attempting to conceal her conduct from her firm.
The findings stated that during a call with the annuity company, the broker, with her colleague present, claimed that she was calling for “grandma,” and requested that a change of beneficiary form be sent to the broker’s personal email address. Neither the broker nor her colleague identified themselves as registered representatives associated with the firm.
The broker and a colleague assisted the customer in completing a beneficiary change form, which falsely represented to the annuity company the broker and her colleague’s relationship to the customer. The broker participated in a follow-up call with the annuity company to confirm receipt of the beneficiary change form. During the call, the broker again falsely represented that she was the customer’s granddaughter.
On the same day, the annuity company confirmed the beneficiary change. The customer’s family members discovered the broker and her colleague were designated as the customer’s beneficiaries, and the designations were changed to remove them. The broker never disclosed to the firm that she was a named beneficiary on the customer’s variable annuity, including after the customer’s family members complained to the firm.
During an internal review, the broker denied being a beneficiary of the customer’s accounts or policies in response to an email from the firm. The broker continued to deny being the customer’s beneficiary in response to email inquiries about her beneficiary status and during an interview with firm compliance personnel.
SEC Regulation S-P violation through personal email account
FINRA fined a broker $5,000 because he caused his former member firm to violate the SEC’s Regulation S-P by taking customers’ non-public personal information from the firm and emailing it to another firm where he planned to work, without his former firm’s knowledge or consent.
The findings stated that after resigning from his former firm and in anticipation of joining a new firm, the broker improperly removed the non-public personal information for customers by downloading it from his former firm’s computer network and using a personal email account to email it to a second personal email account belonging to another registered representative. The information provided included customers who had opted out of the former firm’s privacy policy regarding the disclosure of limited customer information when a representative moves to another firm.
The broker also used a personal email account to send sensitive non-public personal information, including account numbers and balances, for the customers to the other representative, without the former firm’s or customers’ knowledge or consent.
Outside business activities (OBA)
A broker was given a deferred fine of $7,500 and suspended from association with any FINRA member in all capacities for four months. The broker engaged in an outside business activity without providing prior written notice to his member firm. The findings stated that the broker engaged in an outside business activity for the purpose of purchasing, renovating and reselling real estate properties for profit, through multiple limited liability companies (LLCs) that were focused on a particular real estate opportunity.
The broker was involved in the management of the outside business activity, including maintaining the books and records of the different LLCs. The broker had a reasonable expectation of compensation resulting from this business activity, which was outside the scope of his relationship with his firm. In addition, the broker did not list this business activity on an annual compliance questionnaire that he submitted to his firm. However, the broker self-reported the activity to the firm later.
The broker and a business partner formed an LLC and participated in private securities transactions by soliciting individuals, comprising his friends and family, some of whom were firm customers, to invest $485,000 in this LLC. The broker did not receive any compensation for soliciting investments, nor did he represent or otherwise suggest that the investment had been approved by his firm.
Tips for compliance with AML regulations
The size of the fines illustrates how seriously regulators take lapses in a firm’s widespread system failures. Firms must tailor their AML programs to the firm's business model and customer base. They should dedicate resources to programs that correspond with their growth and business lines. In addition to regulatory risks, legal consequences can arise from unethical employee misconduct.
In FINRA’s 2021 Exam Priorities Letter, anti-money laundering was highlighted as an area of concern. The regulator noted it will assess firms’ compliance with FINRA Rule 3310. An effective AML compliance program under FINRA 3310 should include the following:
AML compliance tests
Confirming annual AML independent tests evaluate the adequacy of firms’ AML compliance programs. Review firms’ SAR reporting processes and include sampling and transaction testing of firms’ monitoring programs.
Risk assessments
Updating risk assessments based on the results of AML independent tests, audits, and changes in size or risk profile of the firms, including their businesses, registered representatives and customer account types; and using AML risk assessments to inform the focus of firms' independent AML tests.
Collaboration with AML department
Increasing the likelihood that all potentially reportable events are referred to the AML department by establishing a line of communication (such as reporting and escalation processes, awareness and educational programs, regular meetings, policies and procedures, or exception reports) between the AML department and other departments that may observe potentially reportable events (such as registered representatives and client-facing teams, technology, cybersecurity, compliance, operations, trading desks and fraud departments).
Updated archiving and supervision technology
The retention and supervision of electronic communications, while required, serve the purpose of providing evidence of violations such as AML and proactively surfacing warning signs of AML violations. Compliance teams must be able to monitor employee communications from all channels (email, text message, social media, collaboration and conferencing platforms, etc.), and rely on a supervision solution that will surface only the most relevant content for review.
Training programs
Designing training programs for each of the roles and responsibilities of the AML department (as well as departments that regularly work with AML) and addressing all AML regulatory and industry developments.
Firms must develop and maintain policies and procedures reasonably designed to prevent and detect violations. They must also have systems to implement their supervisory procedures that would reasonably be expected to prevent and detect red flags. By widening the scope of supervision, firms can also address potential employee misconduct that may cause legal issues.
With the appropriate supervision technology solutions, regulated organizations can keep pace with evolving industry changes and stay vigilant about regulatory and compliance risk.
Share this post!
Marianna Shafir Esq.
Latest posts by Marianna Shafir Esq. (see all)
- 2022 Regulatory Roundup: Record-Breaking Penalties Provide a Glimpse Into 2023 - December 28, 2022
- Smarsh Advance Recap: Voice – The Newest Frontier in Supervision - December 15, 2022
- CFTC’s 2022 Enforcement Results Highlight Recordkeeping and Supervision - October 27, 2022
Smarsh Blog
Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.
Watch it Work
Contact Us
Chat
Subscribe to the Smarsh Blog Digest
Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.
Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.
FOLLOW US