Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On May 6, the Financial Industry Regulatory Authority (FINRA) issued Regulatory Notice 19-18, which provides guidance to member firms regarding suspicious activity monitoring and reporting obligations under FINRA’s Anti-Money Laundering Compliance Program. Specifically, the Notice is intended to assist broker-dealers with their existing obligations under Bank Secrecy Act/Anti-Money Laundering (BSA/AML) requirements by providing a list of “money laundering red flags,” augmenting the red flags list from the 2002 Notice to Members 02-21 with additional red flags published by a number of U.S. government agencies and international organizations. The guidance lists potential red flags in a number of categories, including (i) customer due diligence and interactions with customers; (ii) deposits of securities; (iii) securities trading; (iv) money movements; and (v) insurance products. The Notice emphasizes that the list of 97 red flags “is not an exhaustive list and does not guarantee compliance with AML program requirements or provide a safe harbor from regulatory responsibility,” but rather provides examples for firms to consider incorporating into their AML programs, as may be appropriate in implementing a risk-based approach to BSA/AML compliance. The Notice also reminds firms to be aware of emerging areas of risk, such as those associated with activity in digital assets.
On April 24, the Financial Industry Regulatory Authority (FINRA) announced the formation of a new office, the Office of Financial Innovation, that will act as a central point of coordination for issues related to financial innovation by FINRA members. The new office, which is an outgrowth of FINRA’s Innovation Outreach Initiative (previously covered by InfoBytes here), will collaborate with various FINRA teams as well as regulators, investors, and other stakeholders to encourage the use of fintech in a way that strengthens market integrity and protects investors. The new office also will incorporate FINRA’s existing Office of Emerging Regulatory Issues, which focuses on analyzing new and emerging risks and trends related to the securities market.
On January 22, the Financial Industry Regulatory Authority (FINRA) issued new guidance on areas member firms should consider when seeking to improve their compliance, supervisory, and risk management programs. The 2019 FINRA Risk Monitoring and Examination Priorities Letter (2019 Priorities Letter) examines both new priorities as well as areas of ongoing concern, including the adequacy of firms’ cybersecurity programs. FINRA notes, however, that the 2019 Priorities Letter does not repeat topics previously addressed in prior letters, and advises member firms that it will continue to review ongoing obligations for compliance. Topics FINRA plans to focus on in the coming year include:
- Firms’ use of regulatory technology to help compliance efforts become “more efficient, effective, and risk-based.” FINRA will work with firms to understand risks and concerns related to supervision and governance systems, third party vendor management, and safeguarding customer data;
- Supervision of digital assets, including coordinating with the SEC to review how firms determine whether a given digital asset is a security and whether firms are implementing adequate controls and supervisions related to digital assets, such as complying with anti-money laundering and Bank Secrecy Act rules and regulations;
- Assessment of firms’ compliance with FinCEN’s Customer Due Diligence rule, which requires firms to identify beneficial owners of legal entity customers (as previously covered by InfoBytes here); and
- Financial risks, including credit risks, funding and liquidity planning.
On December 26, the Financial Industry Regulatory Authority (FINRA) entered into a Letter of Acceptance, Waiver, and Consent (AWC), fining a broker-dealer $10 million for failing to establish and enforce an anti-money laundering (AML) program that complies with Bank Secrecy Act and implementing regulation requirements. According to FINRA, alleged failures in the firm’s automated AML surveillance system allowed transactions from countries with “high money laundering risk” to flow through the financial system from January 2011 through at least April 2016. Furthermore, the firm allegedly failed to (i) devote sufficient resources to reviewing suspicious transactions; (ii) adequately monitor customers’ penny stock trades and deposits for suspicious activities; and (iii) adequately monitor and conduct risk-based reviews of correspondent accounts of certain foreign financial institutions.
The firm neither admitted nor denied the findings set forth in the AWC agreement, but agreed to address identified deficiencies in its programs. FINRA further noted that the firm “has taken extraordinary steps and devoted substantial resources since 2013 to expand and enhance its AML policies and procedures.”
On December 17, the Financial Industry Regulatory Authority (FINRA), the Financial Crimes Enforcement Network (FinCEN), and the SEC announced separate settlements (see here, here, and here) with a global broker-dealer following investigations into the firm’s anti-money laundering (AML) programs. According to FINRA, the broker-dealer and its affiliated securities firm allegedly failed to establish and implement AML processes reasonably designed to detect and report potentially high-risk transactions, including foreign currency wire transfers to and from countries known to be at high risk for money laundering, as well as penny stock transactions processed through the use of an omnibus account on behalf of undisclosed customers. FINRA alleged that from January 2004 to April 2017, the broker-dealer “processed thousands of foreign currency wires for billions of dollars, without sufficient oversight.”
In a separate investigation conducted by FinCEN in conjunction with FINRA and the SEC, the broker-dealer reached a settlement over allegations that it failed to, among other things, (i) develop and implement a risk-based AML program that “adequately addressed the risks associated with accounts that included both traditional brokerage and banking-like services”; (ii) implement policies and procedures, which would ensure the detection and reporting of suspicious activity through all accounts, particularly for those accounts with little to no securities training; (iii) “implement an adequate due diligence program for foreign correspondent accounts”; and (iv) provide sufficient staffing, leading to a backlog of alerts and decreased ability to file suspicious activity reports (SARs).
According to the SEC's investigation, from at least 2011 to 2013, the broker-dealer allegedly failed to file SARs as required by the Bank Secrecy Act’s reporting requirements and Section 17(a) of the Securities Exchange Act of 1934. Among other things, the SEC also claimed that the broker-dealer (i) provided customers with other services, such as cross-border wires, internal transfers between accounts and check writing, which increased its susceptibility to risks of money laundering and other types of associated illicit financial activity; and (ii) “did not properly review suspicious transactions flagged by its internal monitoring systems and failed to detect suspicious transactions involving the movement of funds between certain accounts in suspicious long-term patterns.”
After factoring in remedial actions, the broker-dealer has been assessed total civil money penalties of $14.5 million, including a $500,000 fine against the securities firm.
On November 28, the Financial Industry Regulatory Authority (FINRA) filed a proposed rule change with the SEC to amend paragraph (a)(3) of FINRA Rule 4512(a)(3)—“Customer Account Information”—which will permit the use of electronic signatures consistent with the E-SIGN Act. Specifically, under the proposed rule, firms will be allowed to obtain electronic signatures of personnel exercising discretionary trading authority over customer accounts maintained by a member. FINRA acknowledges that “[g]iven technological advances relating to electronic signatures, including with respect to authentication and security” it now believes that the requirement for manual signatures is obsolete. If approved by the SEC, the proposed rule change will be published in a regulatory notice no later than 60 days following approval, and will take effect within 30 days following publication.
On October 29, the Financial Industry Regulatory Authority (FINRA) entered into a Letter of Acceptance, Waiver, and Consent (AWC), fining a broker-dealer $2.75 million for identified deficiencies in its anti-money laundering (AML) program. According to FINRA, design flaws in the firm’s AML program allegedly resulted in the firm’s failure to properly investigate (i) certain third-party attempts to gain unauthorized access to its electronic systems, and (ii) other potential illegal activity, which should have led to the filing of Suspicious Activity Reports (SARs). FINRA notes that this failure primarily stemmed from the firm's use of an inaccurate “fraud case chart,” which provided guidance to employees about investigating and reporting requirements related to suspicious activity where third parties use “electronic means to attempt to compromise a customer's email or brokerage account.” Consequently, FINRA alleges that the firm failed to file more than 400 SARs and did not investigate certain cyber-related events. Among other things, FINRA also asserts that the firm failed to file or amend forms U4 or U5, which are used to report certain customer complaints, due to an overly restrictive interpretation of a requirement that complaints contain a claim for compensatory damages exceeding $5,000.
The firm neither admitted nor denied the findings set forth in the AWC agreement, but agreed to address identified deficiencies in its programs.
On July 30, the Financial Industry Regulatory Authority (FINRA) issued a Special Notice seeking comment on how it can support fintech innovation consistent with its mission of investor protection and market integrity. According to FINRA, the comment request builds on its Innovation Outreach Initiative, which launched last year to assist FINRA in understanding fintech innovations and how those innovations affect the securities industry (previously covered by InfoBytes here). The Special Notice seeks general comments on FINRA’s rules or processes that could be “modified to better support fintech innovation without adversely affecting investor protection or market integrity,” and comments pointing to specific areas of fintech innovation that may need a greater focus by the organization. In addition to those comments, the notice also raises three specific topics for comment that have previously been flagged as potential areas of engagement through the Innovation Outreach Initiative: (i) data aggregation services; (ii) supervision as it relates to artificial intelligence; and (iii) the development of a taxonomy-based machine-readable rulebook. Comments are due by October 12.
On May 18, the Financial Industry Regulatory Authority (FINRA) issued a notice covering enhancements to its disclosure review process. According to the notice, the enhancements will allow firms, for purposes of compliance with public record search requirements, to rely on FINRA’s verification process. Specifically, beginning on July 9, FINRA will conduct a public records search for bankruptcies, judgements, and liens within fifteen calendar days of receiving a firm’s Uniform Application for Securities Industry Registration or Transfer (Form U4). FINRA will provide any information to the firm that is different from what was provided on the Form U4. FINRA expects these enhancements to (i) reduce the cost associated with public records searches for firms; (ii) result in timelier reporting of disclosure information; and (iii) significantly reduce late disclosure fees.
On May 16, the Financial Industry Regulatory Authority (FINRA) and the SEC reached settlements (here and here) with a Chinese-based broker-dealer following an inquiry and investigation into the firm’s anti-money laundering (AML) programs. According to FINRA, the broker-dealer allegedly failed to implement reasonable processes to ensure that its AML programs were able to detect and report potentially suspicious transactions, particularly those concerning penny stocks. In addition, FINRA claimed the broker-dealer’s AML program compliance testing was “inadequate and failed to uncover any of the deficiencies in the firm’s trade monitoring.” In a separate investigation conducted by the SEC in conjunction with FINRA’s inquiry, the broker-dealer reached a settlement over allegations that it failed to, among other things, file suspicious activity reports as required under the Bank Secrecy Act or comply in a timely fashion with SEC record requests. Under the terms of the settlements, the broker-dealer agreed to pay $5.3 million to FINRA for systemic anti-money laundering compliance failures and $860,000 to the SEC. In agreeing to the settlements, the broker-dealer neither admitted nor denied the charges, but consented to the entry of the findings.
The SEC’s investigation also resulted in settlements with a second broker-dealer and its AML officer for allegedly violating the Exchange Act and SEC financial recordkeeping and reporting requirements for not reporting the suspicious sales of billions of penny stock shares. The broker dealer agreed to pay a civil money penalty of $1,000,000 to the SEC, was censured, and was ordered to cease and desist from causing or committing any violations or future violations of the SEC’s suspicious activity reporting requirements. The AML officer was assessed a $15,000 civil money penalty and barred from association with any broker, dealer, investment advisor, municipal securities dealer, municipal advisor, transfer agency, or national recognized statistical rating organization for a period of three years, among other things.
- Buckley Webcast: Hot topics in debt collection — An analysis of recent federal FDCPA litigation
- Jonice Gray Tucker to discuss "How to succeed in law school" at the SEO Law DC Panel Discussions
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Sasha Leonhardt and John B. Williams to discuss "Privacy" at the National Association of Federally-Insured Credit Unions Summer Regulatory Compliance School
- Warren W. Traiger to discuss "CRA modernization" at the National Association of Industrial Bankers and the Utah Association of Financial Services Annual Convention
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Henry Asbill to discuss "Ethical guidance in conducting internal investigations – The intersection of Yates an Upjohn" at the American Bar Association Southeastern White Collar Crime Institute
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference