Top FINRA Enforcement Issues and Trends of 2018 with Eversheds Sutherland

On-Demand Webinar


While disciplinary actions may have declined, FINRA's fines per case have been increasing. By focusing on past regulatory actions such as anti-money laundering and suitability - problems which generated the greatest number of fines in 2018 - firms can learn to avoid the same pitfalls in the future.

In this recorded webinar, Eversheds Sutherland and Smarsh unpack the top enforcement issues of 2018 and dive into the key trends emerging in 2019. Watch to learn about:

  • The top regulatory enforcement issues and trends of 2018
  • Early indicators of what the regulators are focusing on in 2019
  • The trends and drivers behind FINRA enforcement actions

Transcription of Webinar Audio

Debbie: Hello everyone. Thank you for joining us for today's Top FINRA Enforcement Issues and Trends of 2018 webinar with Eversheds Sutherland. Please be aware that all participants will be muted for the duration of the call. Please submit any questions you may have via the On 24 Messaging app and we'll attempt to answer as many of them as possible.

Before we dive in, let me first provide our standard disclaimer. Smarsh provides this material for informational purposes only. Smarsh does not provide legal advice or opinions. You must consult your attorney regarding your compliance with applicable laws and regulations.

Here's a quick agenda. First we'll go over introductions, and then we'll jump into today's content led by Eversheds Sutherland and their overview of 2018 enforcement actions and the focus for 2019. We'll finish up with a brief overview of how Smarsh can help and then end with a Q&A.

Joining us today are presenters Brian Rubin, Adam Pollet, and Marianna Shafir, and, with that, I will hand it over to you, Marianna.

Marianna: Thanks Debbie. Hi everyone. Thanks for joining us. I'm Corporate Counsel Regulatory Advisor at Smarsh, responsible for legal and regulatory affairs worldwide in this role. I help companies navigate the compliance obligations, technology trends, and industry regulations through my vast knowledge of best practices related to electronic communications supervision.

And, in addition, I'm also a frequent speaker at industry conferences and a contributor to various online publications.

And, with that, I will pass it over to Brian.

Brian: Thank you Marianna. Adam's going to introduce himself, then I will introduce myself.

Adam: Good morning, good afternoon everyone. My name is Adam Pollet. I'm counsel at Eversheds Sutherland. I primarily represent broker dealers and investment advisors, and investigations and examinations with SEC, FINRA, other regulatory – regulators, and also represent those clients in various securities related litigation.

Brian: And this is Brian Rubin. I'm a partner in the D.C. office of Eversheds Sutherland. I also work with firms being examined and investigated by the SEC, FINRA, and the states, and I used to work in enforcement at the SEC and also as Deputy Chief Counsel at NASD.

So we are happy to be here, and we've been doing this kind of analysis for more than 10 years. What we do is we have a database of all of FINRA's enforcement actions and we categorize the information and we slice and dice it based on various criteria that we have and we come up with ways of analyzing what happened in the past, and also talk about what may have been in the future.

So we're gonna be looking at a lot of numbers and trends and also we'll focus on some of the bigger cases that were brought last year.

You won't leave here with nuts and bolts on how to run your firm better but you'll learn about certain issues that you should be focusing on. And the point of today's program is to sort of get a flavor as to what's going on to make sure you're focusing and thinking about the right types of issues when dealing with the regulators. It's kind of Moneyball meets Plays of the Day for sports fans, and for political fans someone said it's kind of like Tweets meets The Muller Report.

As I said, we have a database of FINRA's actions from its disciplinary and other FINRA actions publications. We also look at press releases, online statistics, online database. FINRA has its statistics webpage, and we also look at information – we slice and dice cases based on various categories and if clients, or friends, or family want to know about types of cases that FINRA brought, like how many email retention cases there were, or what they involve, we can easily pull those up.

To make today a little bit more entertaining, we are going to include trivia questions throughout. There are four trivia questions. And at the end of today's session you can send me an email of your answers, and if you are correct with your answers we will send you some nice gift that says Eversheds Sutherland on it that you can be proud to have on your desk or at home.

The trivia actually, today, deals with things that happened this day in history on April 25th, and we will start out with the first trivia question for today.

In 1792, April 25th, this device was first used in France to execute a highwayman named Nicholas Pelletier. This device was first used in France in 1792. What is the name of this device that was first used on April 25th? And that's the first trivia question. As I said, at the end of the session, once you get all the trivia questions, once we're done with the whole session, send me an email, and if you're right we will help you and give you a prize.

Adam's will kick us off.

Adam: Thanks Brian. And I'd like to think that there has been no use of that device, hopefully, with FINRA in 2018. Instead, it's more like fines, which we will talk about right now.

In 2018, FINRA fined firms $61,000,000.00. This number was just recently put out by FINRA on their statistics webpage. It represents a 6 percent decrease from 2017, where FINRA ordered $65,000,000.00 in fines. It's down quite significantly from the record setting fines of 2016, and down from '15 and '14. So continuing a trend downward of those, still, is more than FINRA fined in 2010, as you can see from the chart there.

Brian: And I don't think I mentioned it, if anybody has questions as we're going through please submit your questions to the chat box, and if they're easy question and we can answer them we'll be happy to answer them.

Adam: Now we'll talk about the number of cases. Again, this is a figure FINRA released fairly recently. They brought 921 cases in 2018, which was about a 33 percent decrease from 2017. So a fairly significant decrease in the number of cases. 2017, FINRA brought over 1,300 cases, and, as you can see, from the chart there, and the final bullet on the slide, it's the fewest number of cases since before 2008.

So, again, a fairly significant drop in the number of cases. What we'll talk about some later is "What does that mean?" and especially relevant to the amount of fines ordered – take a little bit of a deeper look into the number of cases.

Moving on now to restitution. In 2018 FINRA reported $26,000,000.00 in restitution, down, again, significantly from 2017 where FINRA ordered $67,000,000.00. For several years restitution hadn't been much of a focus for FINRA, then they said "Well, you know what? We're gonna focus on restitution more than fines and try to get money back in the hands of investors." At least what they're telling the industry, but based on what we saw last year, it's hard to tell how much of that is actually playing out.

When you look at the 2017 number it is significantly higher, although there was one restitution order in a litigated case of $24,000,000.00. So when you take that number out it's down to about $43,000,000.00. But in any event significantly higher than it was in 2018.

Brian: Then a few years ago we also started looking at total sanctions. So that's the total money that would be taken from the firms or individual respondents in cases, fines, and restitutions, and sometimes there's disgorgement which is different than the restitution. And last year it was $87,000,000.00, which was a 34 percent decrease compared to 2017.

And if you look at 2010, it's an 81 percent increase from 2010, and, as Adam said, the primary reason for that is because more recently FINRA has been focusing on restitution and not just fines, but if you look at overall you see some much bigger numbers in the past than in 2018. So, again there's a question as to what FINRA's focus is and what the message is. And it could be that we're looking at sort of a kinder and gentler FINRA.

Next category is what we call supersized fines. So when we started doing this my kids were little and McDonald's was important and "supersized” everything which was important to us, and the word supersized somehow ended up in our vocabulary, so we decided to call fines of $1,000,000.00 or more – supersized fines. We've been running these statistics to see how many large dollar fines there were.

So in 2018, there were 13 supersized fines, and that's dropped a bit compared to 2017, and significantly compared to 2016.

But we'll see different patterns with regard to these supersized fines in a second. Last year, or in 2017, I should say, a new word entered our vocabulary, the word being "yuuuge,” so we decided to create a new category, a separate category of fines, $5,000,000.00 or more, which we're calling yuuuge fines.

So, interestingly, last year there were five, even though the total fines decreased fairly significantly compared to the prior year. 2018, there were five big, big fines of $5,000,000.00 or more, compared with only two in 2017.

So that is a surprise, given the overall trend that we saw with regard to total fines and also with regard to the supersized fines that we have.

The next trivia question, trivia question no. 1, April 25th, 1953, before any of us were born – at least Adam and I, Francis Crick and James Watson discovered what? 1953, Francis Crick and James Watson discovered what on April 25th? That is trivia question no. 2.

All right. This is new chart, never before seen in the public. We decided to put together the top 10 list based on fines reported in 2018, and we'll cover a few of the more significant ones in the next few minutes, but, as you can see, AML is the top, and then it goes down to registration issues. And some cases end up falling in more than one category.

So, for example, suitability and variable annuities might overlap, or there might be books and record issue, issues, with regard to U4s and U5 registration issues.

But you can see what the bigger categories were in terms of fines, the number of cases, and then some other categories that we've picked up. So that kind of gives you an indication of what FINRA has considered to be more important.

And we'll focus on the top category. Adam will talk about AML issues.

Adam: So the top category in 2018, for the third year in a row, was AML. The fines were up big to $27.3 million compared to $14.6 for all of 2017, and there was only one additional case in 2018 as compared to 2017. So, again, the cases remained almost the same and yet the fines shot way up. It also produced the single largest fine in 2018, which was $10,000,000.00, and we'll go ahead and talk about that case now and give you a little bit of the flavor for what happened there and why that was the largest fine for 2018.

So, in that case, the firm was hit for definiteness in its AML program and its supervision relating to its AML program really based on three shortcomings. The first was that the firm didn't receive all of the necessary inputs into its AML surveillance. The second was that it didn't devote significant resources to its AML program, and the third was that its AML program wasn't reasonably tailored to its business.

That first point, the first automated AML surveillance system didn't receive critical data from several systems, which FINRA found undermined the firm's surveillance of tens of billions of dollars of wire and foreign currency transfers, which included transfers to and from countries known for having high money laundering risk.

The second issue – again, insufficient resources, was that the firm failed to devote the necessary resources to review the alerts that were generated by its automated surveillance system, and that, consequently, led the firm's analysts to close alerts without conducing or documenting sufficiently their investigations of potentially suspicious transfers.

Finally, the firm's AML department didn't reasonably monitor customers' deposits and trades in penny stocks for potentially suspicious activity, despite the fact that the firm's customers deposited approximately 2.7 billion shares of penny stocks, resulting in subsequent sales of almost $164,000,000.00 over the relevant period of time.

So that was a big part of the firm's business that FINRA found was not sufficiently monitored.

So, AML is on FINRA's radar, but it's also on some of the other regulators' radars as well. There was a joint AML matter where FINRA fined a firm $4.5 million, the SEC fined that firm $5,000,000.00, and even FINSIN got in on the action, fining the firm $5,000,000.00 as well.

So AML isn't just a FINRA issue, it is one the all of the financial regulators are very attuned to at this point.

So the takeaways from AML – again, it's the third year in a row, so we're trying to keep our takeaways fresh, so – the first year is "Make sure you're reviewing your AML policies and procedures. Make sure they're adequate and sufficiently monitoring your business." Well, we hope you're doing that since we've been telling you for at least the past couple years that AML is on their radar.

So some other items to consider "Are firms' AML systems and procedures operating as they're supposed to operate?" and making sure that the procedures are being followed as intended. Is the firm identifying appropriate red flags and escalating those red flags and addressing those red flags?

Is the firm's AML system adequately tailored to the firm's business, making sure that it's not just off the shelf AML program but that firms are looking at their business, identifying risks, and tailoring their program accordingly. Then, finally, are firms allocating sufficient resources, both in terms of personnel and technology to adequately supervise its AML issues? And we'll touch a little bit more on that resources point in a little bit.

Brian: The next category in terms of our selected top enforcement issues – we're not covering all of them, just a few, is suitability, and suitability there were 91 cases totaling fines of $11.8 million. This is the first time that suitability has been on our top enforcement issues since 2015.

The number of cases was around the same as 2017, 98 cases then, but the fines were much greater, $11.8 million versus $3.6 million.

FINRA also ordered $11.6 million in suitability related restitution. The biggest case this year was a case where a firm was fined $4,000,000.00 and ordered to pay $2,000,000.00 in restitution. This case dealt with the firm making negligent representations, misstatements, and omissions of facts about the costs and benefits of variable annuity exchanges.

FINRA also alleged that the firm failed to have a reasonable basis to recommend and approve variable annuity exchanges for the majority of the exchanges reviewed, and they also failed to supervise variable annuity exchanges.

Now what made this case particularly interesting from the – a fine perspective, and probably drove the fine a lot, is that the firm failed to comply with the terms of previous AWC where the firm had agreed to comply with certain undertakings to remediate customer harm and improve its supervision of its VA business. So it was a repeat offender, basically.

Besides paying the fines and restitutions, the firm was also required to make a certification regarding its supervision of VA exchanges. And then one other thing interesting with this case is that FINRA did a sampling of varying annuity exchanges to determine that a majority were unsuitable.

So rather than looking at every single transaction they did a sampling – and we've seen this technique used in a number of cases before.

The takeaways here are that firms should review their policies and procedures to ensure they're addressing the main issues that continue to result in significant sanctions. So for example, here:

No. 1– "Does the firm have systems and procedures in place to significant suitability type issues such as excessive trading, senior investing, variable annuity exchanges, or share class issues?" And we'll focus on share class issues in a minute.

No. 2 – now, so Adam, you changed – we're talking about the suitability even though it dealt with the VA case. So we're still on the suitability issue although we're focused on the $4,000,000.00 case here.

So the second issue is "Does the firm provide sufficient training to salespeople recommending securities and the salespeople and also the principles for reviewing the transactions?"

Third, "Does the firm provide principles with sufficient tools to supervise the transactions?" and then, fourth, "Has the firm addressed prior regulatory settlements?" And, as we saw before, they didn't, in that case.

The third area that we'll be talking about is variable annuities, and, again, there will be an overlap with what we just talked about.

So variable annuity cases resulted in the third most fines, significant fines that we're gonna be talking about in 2018, and this is the first time it's back on our list since 2016. There were 28 variable annuity cases totaling $8.1 million in fines. The number of VA cases increased by 21 percent from 2017, and the fines increased 305 percent to $8.1 from $2,000,000.00 in 2017.

Historically, FINRA has focused on supervision issues, suitability issues, and then, for the past few years, share classes. Now we already talked about the $4,000,000.00 case. We'll also highlight an AWC where the fine was $1.7 million. And this AWC involved four affiliated firms. The total fines were $1.7 million, and the fines were also ordered to pay restitution of not less than $6,000,000.00. And the key issue, in this case, dealt with share classes, and, in particular, L shares for variable annuities.

And just as a highlight, FINRA is still looking at L shares. They are continuing to look at exchanges, and I anticipate that there's going to be another very big case dealing with these issues this year.

The takeaways here are that the firms should consider the focus on these significant issues. So, for example, No. 1, "Does the firm have systems and procedures in place to address variable annuity exchanges and share class issues?" And, in particular, FINRA was focused on L shares with riders.

No. 2, "Does the firm provide its principles with sufficient tools to supervise the transactions?" Then, no. 3, following along about what we just talked about in the prior slide, "Does the firm provide sufficient training?" in this case, "on share classes and exchange issues to both salespeople who are recommending the transactions and also to principles who are supervising the transactions?"

And if anybody is particularly focused on variable annuities, we just came out with a detailed report on variable annuity enforcement actions, and if you're interested in seeing that, please send me an email and I will send you that report.

And Adam will now talk about short selling.

Adam: So for the first time since 2013 cases related to short selling made our top enforcement issues list, and it resulted in $7.8 million in fines, which was up nearly 400 percent from the $1.6 million in 2017. But the number of cases was down 70 percent to seven in 2018, from 23 in 2017.

So the vast majority of the fines in this category, however was the result of one action that resulted in a $5.5 million fine. So if you take that out you're at $2.3 million. So I wanted to talk about the $5.5 million fine, where a firm was hit for failing to establish supervisory procedures that were reasonably designed to achieve compliance with the requirements of Regulation SHO.

Specifically, the firm failed to close out fails to deliver. It accepted short orders without first borrowing, or arranging to borrow, the security, and it failed to price short orders correctly. It permitted the execution or display of short sales at prices less than, or equal to, the current national best bid.

There was actually a case this year where a firm was fined for similar deficiencies. That firm was only fined, only, $2,000,000.00. And so it got us wondering "Well, why was that firm hit for $2,000,000.00 where the firm in 2018 was hit for $5.5 million?" Well, the $5.5 million case was really the perfect storm of cases. Not only did the firm have the underlying short selling violations as Brian had mentioned in one of the other cases, this firm had not just one prior –

Brian: – not just two, not just three.

Adam: Not just three. Four previous AWC for similar violations. So the firm was a repeat violator here, and so it's really not surprising that FINRA hit them so much harder.

Lastly, the firm also ignored multiple red flags that were raised. There were internal audit findings and recommendations regarding short selling, multiple internal warnings from members of the firm's clearing and compliance departments. Its own annual risk assessment identified this as an issue, and once hot firm learned of all of these deficiencies, FINRA found that they didn't act in a timely fashion to correct those deficiencies.

So the takeaways from this case, certainly firms should review their policies and procedures to ensure they're addressing in the main issues resulting in sanctions for short selling, which were primarily the ones that I just outlined.

Other things firms may want to do is review these policies, making sure that firms understand how they're addressing these fails to deliver, taking short orders, making sure that they are being borrowed, or arranging to borrow, those securities. Separately, does the firm have a process for escalating apparent red flags if deficiencies aren't corrected?

So, again, one of the issues here, red flags were raised, yet nothing was done about them, and that goes for not just short selling, but, really, for any issues that firms are internally identifying. Is there a mechanism in place to ensure that those are corrected?

Then, finally, firms should make sure that any internal audit findings are similar, internal findings, are they testing new procedures, making sure that any new procedures to address any issues are actually working as they're supposed to.

Brian: All right. We'll now do the next trivia question. So the first one dealt with history, the second one dealt with science, and now we're gonna deal with music. This famous singer was born on April 25th in 1917. She is known by many names. She is known as the First Lady of Song. She's known as the Queen of Jazz, and she was also known for her scat singing. So who was this person born in 1917 on April 25th, this singer? That is trivia question no. 3.

Adam: So what we did for last year's data is we were looking for a way to – a fresh way to slice and dice some of the data that we have.

One of the things that immediately jumped out at us, and we've hinted about this previously, is that while the number of cases was down significantly, and even though the number of fines was also down slightly, the amount of fines per case appears to be packing more of a punch.

And over the past four years, what we have seen, is the number of cases are dropping. That drop in the number of cases appears to suggest a trend away from the broken window style of enforcement that was back in 2015 and 2016. The number of cases now decreasing, but the fines staying relatively the same just means that when FINRA is deciding to bring the case it is hitting those firms with a larger fine.

So, in 2017, FINRA brought, again, 1,369, fines totaling $65,000,000.00, which has an average fine of approximately $47,000.00 per case. In 2018, with the 921 cases totaling $61,000,000.00, the average fine per case was approximately $66,000.00 per case. So you see that that is a fairly large increase in the amount of fine per case.

We had some data on fines against firms where it's an even more pronounced increase in fines per case. So the numbers on the screen are fines against firms and individuals. Obviously fines against individuals are generally significantly less than fines against firms.

Brian: The next key issue that we'll be talking about is sales charge and share class cases. For the past several years FINRA has brought a number of enforcement actions dealing with mutual funds, sales charge waivers for retirement plans, and charitable organizations, and a few years ago they started the practice with regard to this issue that if firms self-reported on a timely basis the firms would be sanctioned, subject to an AWC, ordered to pay remediation, but they would not be subject to a fine. And there are still some of those cases going on, but some of the firms that didn't report timely are now being subject to a fine.

So in 2018 FINRA brought six enforcement actions against firms on this issue. They levied fines in only two of the matters, totaling $150,000.00, but ordering restitution of $3.1 million, and there was a case – I guess it was publicized yesterday, continuing the trend where this firm timely reported so it was not fined, but it was ordered to pay restitution.

And its practice is consistent with the continuing trend of FINRA, and also the SEC, trying to make harmed customers whole through restitution, and creating sometimes a carrot and stick approach to incentivize firms to self-report and then not fining the firms.

Continuing with the theme of sales charge and sales class cases, we talked about the variable annuity share classes before where L shares had been a focus of FINRA.

And, more recently, FINRA stole a page from the SEC's playbook and they're looking at share classes for 529s, and as part of this initiative they are using this carrot and stick approach. So they are telling firms "Report, if there are violations, if there's inadequate supervision with regard to share classes for 529s," and firms will likely be subject to an AWC but there won't be a fine attached.

So they're trying to create an incentive for firms to self-report. They're saving their own resources by not having to investigate this issue, and presumably, they are saving firms resources because they don't have to go through the full blown investigation.

Firms are grappling with regard to whether they should self-report or shouldn't self-report, what the implications of not self-reporting is – and we'll talk about more of that in a minute, but, right now, the issue that we want to highlight is share classes. They were not an emphasis for a number of years. They are an emphasis now. So to the extent you are sharing sale classes you should really focus on them.

And although we're talking about FINRA here, this was obviously an important issue with regard to the SEC and its share class initiative with 12B1s. The SEC has brought a number of full blown enforcement actions. There were 78 or 79 firms that self-reported for $125,000,000.00 in restitution on that issue, and the SEC is doing investigations of those firms that did not self-reporting and we're working a number of those cases.

The next issue deals with inadequate resources which has been highlighted by FINRA in a few cases.

Adam: There are a couple of notable cases in 2018 FINRA found that firms had failed to commit sufficient resources to their regulatory obligations, both from a personnel perspective, and also technologically. One was the AML case that we talked about earlier. The other dealt with suitability. And I wanted to read to you a couple of quotes from the AWCs in those cases that are – relate to these issues that FINRA found.

So in one of the AWCs FINRA said "In large part, the firm's supervisory deficiencies stem from its failure to devote sufficient resources for the supervision of the firm's personnel."

Another quote is "The firm employed just three individuals to review, for suitability, the security's transactions of more than 676 representatives working for more 250 branch locations."

So you can see FINRA is focusing very closely on what firms are doing in order to comply with their regulatory obligations in terms of whether they're devoting sufficient personnel to those obligations.

FINRA also identified the lack of technological resources. So, a quote from another AWC, "With respect to the firm's system, the firm's AML department did not use automated surveillance tools to monitor for potentially suspicious trading in penny stock. Instead, the firm relied, in part, on its branch management, to conduct manual reviews of daily trade blotters."

So, the takeaway here is that firms really ought to be reviewing their systems and controls and make sure that they're devoting sufficient resources to those regulatory obligations, and that comes, really, in two buckets. Are you devoting sufficient personnel to those obligations, and, also, is the firm devoting sufficient technology?

Because, frankly, technology is not just a best practice at this point, but, really, is becoming required by firms to meet their regulatory obligations. And this is something that FINRA really focused in 2018 and something we continue – they will focus on in 2019 as well.

Brian: All right. Next we will talk about regulatory focus for 2019. So we've looked at our crystal ball to figure out what's going on, and we have a few issues that we know are going on and we'll talk about how they will likely continue.

The first one is the reorganization of FINRA enforcement. The enforcement department has restructure in a number of ways. The Office of the Counsel to the Head of Enforcement was recently created, and the goal of that office is to try to get consistency across the various districts and among cases themselves.

In the past, at the back end, there has been the Office of Disciplinary Affairs which reviews settlements and authorizes settlements and also authorizes complaints, but that's really a back end process. So FINRA's trying to deal with it more at the front end, and a number of cases will go through this new office to make sure there's consistency.

And then the other issue I wanted to highlight is, in the past, market reg has brought its own enforcement actions separately from the enforcement department, and now market reg enforcement, the cases, the disciplinary cases, now flow through enforcement. So, again, there's some goal to have consistency with regard to these types of cases.

The second issue is self-reporting initiatives. We've already talked about this. The mutual funds sales charge waiver was an attempt to do that. More recently, the 529 initiative was a more robust attempt to do that, where they issued a regulatory notice, and subsequently, they issued FAQs and they've had some videos on the issues.

We expect that for industry wide issues, both the SEC and FINRA will be using this tool a lot more in the future. And, again, it makes sense from the regulator's perspective, because rather than them having to investigate dozens of firms on the same exact issue, meaning document requests, email, review and request, testimony, they can key an issue up and say "We have concerns about this issue. If you self-report you'll still be sanctioned but there won't be a fine or penalty assessed."

A lot of people in the industry have concerns about this approach for two reasons. First, if the regulators have a concern about an industry practice, another way to go about it, rather than through enforcement actions, is to post that they have a regulatory concern, and that if the firms don't adjust within a period of time, six months or a year, then the regulators will bring enforcement actions. So that's another way to do it. And sometimes the regulators have done that.

The other concern is that it's putting firms in somewhat of an awkward potion, making them self-assess, making them self- report, and having to figure out "Well, if we do self-report this is gonna happen. If we do self-report, this may or may not happen." And some people have said that that puts them in an awkward position with regard to their self-regulatory organization.

Nonetheless, I think we will see this trend continuing in other areas.

Adam: Moving onto suitability, really three specific areas here that FINRA's identified. The first is deficient quantitative suitability determinations, or whether firms have reasonable basis for believing that a series of recommended transactions, even if suitable when viewed in isolation, is suitable when viewed in that context.

No. 2, overconcentration in a liquid securities, such as variable annuities, non-traded alternative investments, and other private placements, three, unsuitable share class recommendations, which we've talked about a number of times here today. Another issue is seniors. It's been on FINRA's exam priorities for the past couple years.

Given that these new rules have been in effect, firms are likely to see FINRA – seeing how firms are implementing them in exams, and then, possibly, from there, we would see enforcement actions based on that. Of course, the rules I'm talking about, rule 4512, the trusted contacts rule, and rule 2165, the financial exploitation rule. So firms need to make sure that they have procedures and controls in place relating to those new rules and can feel pretty confident that the FINRA examiners will be asking questions about that in 2019 if they haven't already.

Brian: And the next article is – the next article, the next issue is cyber security. FINRA put out a notice in December of 2018 that goes through a lot of their findings, and it's a good reading if anybody's interested.

So so far we've see a lot of exams, we haven't seen a lot of enforcement actions but expect we will. The SEC also has been starting to examine firms again for cyber security, and if anybody's interested I have the request items that they've sent to firms, and if anybody wants to see that list of items I can send that to them.

With regard to the cyber security guidance that FINRA pointed out, as I mentioned before, I have kids, I helped them study, I'd create mnemonic devices for them. So I decided to create a mnemonic device dealing with the FINRA guidance. The mnemonic device is Batman plays marbles in the playground.

So there's a B – the first B, Adam, stands for –

Adam: Branch control.

Brian: Branch control. So the issues there are the that home office often has a lot of controls in place, branches often have less controls in place, and they'll lag behind in terms of updating hardware and software.

There's some background – if anybody's not on mute – somebody may be at an airport or a school or something. Don't know. Batman plays marbles on the playground, plays – P is for –

Adam: Phishing.

Brian: Phishing with a P, that -ph phishing. A very common issue. A lot of firms deal with this issue, put out their own sort of phishing training, and they may or may not initiate disciplinary action for reps who click on the wrong link.

Adam: Mobile devices.

Brian: Mobile devices. You're really good at this. Mobile devices, there's risk of theft, of cloning, of infection. So FINRA's report deals with a lot of issues that firms may want to focus on with regard to training and software and procedures, wiping things clean with regard to mobile devices. Batman plays marbles in the – in the –

Adam: Insider threat.

Brian: Insider threat. So this deals with insiders, whether they have legitimate needs for certain information, whether the firms adequately control them, and it also deal with bad leavers, unhappy employees, unhappy insiders, and whether they may deal with information data in ways that they shouldn't because they are not happy.

Adam: Penetration testing.

Brian: The last P is penetration testing. Okay. And the report recommends regular penetration testing, a risk based approach to that, and retraining third parties to do that, probably, because they have the best expertise on that issue, which leads us, not yet to Marianna, but to the last trivia question. And, again, don't send your answers until we're completely finished. We want you to focus on the rest of the presentation.

So trivia question one dealt with history. Then we did science. Then we did music, and now we're going to do acting.

This actor is 78 years old today, and I'll have a couple of quotes that he gave in movies – and I won't attempt to imitate him because I haven't practiced. One quote is "You're out of order. You're out of order. This whole trial is out of order." Another quote is "Just when I thought that I was out they pulled me back in."

So who is this actor who was born 78 years ago today? And now, Marianna, I think.

Marianna: Thanks Brian. I'm going to take us through this year's recent record keeping and supervision fines, focusing on electronic communications. A big one I've seen in the past year is not treating mobile as a first class target.

At the beginning of the year, an advisor get fined $20,000.00 for using text messaging and his personal email account to engage in business related communications with a customer. They were fined by FINRA.

Last year, we saw FINRA really getting down on this and fining brokers individually for texting. Last year's fines were between $5,000.00 and $7,500.00, so this recent $20,000.00 fine, personal fine, is really – it shows that they're really starting to increase the fines on text messaging, specifically –

And then last year's $5,000.00 fine, the broker used unapproved personal email accounts and text messages to communicate with an unregistered administrative assistant about the firm customers.

And I like to note that particular case because some firms are under the impression that internal communications don't apply to the rule, and that's not true. It is not about the device, it is about the actual communication.

This is really important. As long as it's a business communication, you do need to capture and archive, whether it's email and text messaging, social media, etc.

Also – not embracing advances in technologies. I recently saw the SEC fine robo advisors for social media violation. In a regulatory first, the SEC fined a pair of robo advisors over their social media sharing. The SEC fined the second biggest robo advisor, a firm – a New York based firm $250,000.00 for not preserving copies of their tweets related to recommendations.

Another robo advisor was fined $80,000.00 for social media and website record keeping failures.

Also, hot off the press, the SEC last week, fined Prosper Funding LLC a $3,000,000.00 penalty for miscalculating and materially overstating annualized net returns to retail and other investors. According to the SEC order from approximately July 2015 until May 2016 Prosper excluded certain nonperforming [inaudible] [00:53:15] of loans from a calculation of annualized net returns that were reported to investors.

And the order finds that, as a result, Prosper reported overstated annualized net returns to more than 30,000 investors on individual account agents on Prosper's website and an email solicitation additional investments from investors.

Many investors decided to make additional investments based on the overstated annualized net return. Daniel Michaels, the Chief of the SEC Enforcement Division's Complex Financial Instruments Unit said "As this case shows, we are committed to holding sim tech companies to the same standards applicable to other participants in the securities market."

So I just noted that robo advisors, and tech companies, they are also on the regulatory radar.

Also recently, about – I think, two weeks ago, FINRA fined brokerage firm Wilson Davis and Co. $32,500.00 for failure to review emails for potential violations. From January 2013 through August 2013 Wilson Davis failed to establish, maintain, and enforce a supervisory system, including the WSPs, the written supervisor procedures, recently redesigned to review email correspondence for indications of potential violations of federal securities laws or FINRA rules.

And, in particular, Wilson Davis lacked any current written WSPs, and its method for reviewing the emails, which was ineffective, and unreasonable, given to its business, size, structure, and customers, and through this conduct, the firm violated the NASC conduct rule 3010ABND and FINRA rule 2010.

So I just looked at a few of the recent electronic communication fines, and they all include – they're still, of course, looking at emails, but they are looking at social media, text messaging, your tweets, IMs, and – and the regulatory landscape had really increased. You need to embrace technology.

Debbie: Thank you Marianna. I just want to thank all of our panelists for that awesome presentation, and before we jump into the Q&A I'm gonna leave you with a brief look of how Smarsh can help. So the solutions that we bought to market hold firmness with these regulatory themes. They're all part of our connected suite.

We have there – you can see the connected capture – these capabilities allow firms to capture over 80 different communication sources. Leveraging native messages and API to ensure that you have a complete defensible record of each of these communication sources, ranging from email, to social media, to IM, and collaborative platforms, including mobile content.

Each source is captured with respect to the native properties of each, and then delivered to your archive to meet your books and records requirements.

You can also see we have the Connected Archive. These products enable firms to search, review, and store information for regulatory and discovery purposes. The Connected Archive Professional is for small and medium sized firms, while the Enterprise Archive is designed for larger and multi-national financial services firms.

On top of our archives are our apps, which include supervision for FINRA regulated firms and e-discovery for organizations to manage their early stages of e-discovery.

We also provide an open, extensible platform that allows organizations to integrate with third party applications and send data to systems, such as legal review tools and content surveillance applications as well as business intelligence products.

So, with that, let's go ahead and jump into the Q&A here. We have many questions, so thank you all for the questions. The first one here is "How can firms comply with record keeping obligations today?" Marianna, did you want to start with that one?

Marianna: It is really important to be capturing and archiving all of your records. You want to make sure that you partner, if you haven't already done so, with a trustworthy archiving solution that is able to comply with the regulations, of course the WORM regulations, and able to capture an archive, not just email, of course, your tweets, LinkedIn, the Facebook chats, those communications that the firms are using.

There are so many more channels today and they're all changing. Different platforms. You don't want to lose chain of custody, so that's really important that you are complying with those regulations. And, as you saw, even this year, both the SEC and FINRA are focusing on compliance with record keeping.

Debbie: Great. Next question here, "Does the 2019 focus on suitability include regulations' best interests?"

Brian: That's a good question. Reg DI has yet to be adopted, so we don't know what's going to happen with that. FINRA anticipates that if it is adopted they will change, or do away with suitability rule and just focus on the new standard, but we don't know what that's going to be yet.

Debbie: Great. I think we have time for one more question here. "What are firms doing abut encrypted apps, such as Snapchat and WhatsApp?"

Marianna: Firms should have a proposition policy for that. You should not allow your firm to be using any type of encrypted app that cannot be captured and archived. That is the main thing. You should prohibit use of it. You should give training to your employees. You should also supervise and look for ways, if they are using, those types of applications, and make sure that they are aware they cannot use it.

Debbie: Great. Thank you. So to quickly wrap up here we have our last slide that goes over the details of our Smarsh Connect Annual Conference happening June 5th through 6th in New York. Our featured keynote speaker is Preet Bharara, former U.S. Attorney, Southern District of New York. If you're interested, please email us at

With that, we'd like to thank everyone, including the panelists and the participants for participating in this webinar. Please note that the webinar has been recorded and a link to the recoding will be sent out via email.

You're welcome to send any additional questions or comments to us at, and if you did ask questions that we weren't able to get to we will absolutely have somebody follow up after the webinar to make sure those questions get answered.

So thank you again and have a great rest of your day.

Brian: Thank you.

Marianna: Thank you.

Duration: 61 minutes


Marianna Shafir

Corporate Counsel, Smarsh
Marianna Shafir headshot

Marianna Shafir

Corporate Counsel, Smarsh

Marianna Shafir is Corporate Counsel and Regulatory Advisor at Smarsh, where she’s responsible for legal and regulatory affairs worldwide. With her expertise in financial services industry, compliance and eDiscovery, Marianna counsels Smarsh clients on meeting regulatory obligations, leveraging technology and guidance on best practices related to electronic communications supervision. Prior to joining Smarsh, Marianna worked for BNY Mellon and Invesco where she was an instrumental member on compliance teams.Marianna has also served as an adjunct professor at New York Career Institute where she taught Law Office Management and Real Estate Law. She earned her Juris Doctorate from Nova Southeastern University. She is a frequent speaker at industry conferences and a contributor to various online publications.

Adam Pollet

Counsel, Eversheds Sutherland
Adam Pollet headshot

Adam Pollet

Counsel, Eversheds Sutherland

Adam Pollet defends corporations, broker-dealers, investment advisers, and individuals in enforcement and litigation matters involving the U.S. Securities and Exchange Commission (SEC), the Financial Industry Regulatory Authority (FINRA), state regulatory agencies, and numerous federal and state courts. He also represents clients in internal investigations and regulatory examinations and counsels them on various regulatory and compliance matters.

Brian Rubin

Partner, Eversheds Sutherland
Brian rubin panelist 400x400

Brian Rubin

Partner, Eversheds Sutherland

Brian Rubin is the Washington office leader of the Eversheds Sutherland (US) Litigation group and the head of the firm’s Securities and Exchange Commission (SEC), Financial Industry Regulatory Authority (FINRA) and state securities enforcement practice. With more than 20 years of experience in federal securities law, first prosecuting and now defending, Brian represents clients being examined, investigated and prosecuted by the SEC, FINRA, other self-regulatory organizations and states. As former NASD (now FINRA) Deputy Chief Counsel of Enforcement and Senior Enforcement Counsel at the SEC, he brings an insider’s perspective to defending broker-dealers, investment advisers, investment companies, public companies and individuals in examinations, investigations, enforcement proceedings, litigation, arbitrations and in counseling.