In April, FINRA continued to focus on firms’ recordkeeping and supervision. FINRA continues to focus on communications sent over channels which firms cannot or are not archiving. FINRA also continues to closely monitor and penalize high-risk firms and brokers.
Firms and Individuals Sanctioned
FINRA fined both a firm and the firm’s chief executive officer (CEO): the firm was fined $700,000 and the CEO was fined $100,000 and barred from FINRA association. The CEO failed to reasonably supervise the preparation of the firm’s books and records. Consequently, the firm did not supervise the review of electronic correspondence. The firm’s written supervisory procedures (WSPs) failed to address how supervisors were to review electronic correspondence. In addition, the firm also failed to document any reviews. Finally, the firm’s WSPs didn’t address how supervisors were to select electronic correspondence for review, how they were to review it, how often they needed to review it, or how they were to document their reviews.
Similarly, both a firm and an associated individual were fined for failure to conduct supervisory reviews. The firm was fined $70,000 and the general securities principal was fined $5,000 and suspended from FINRA association for 30 days. The firm’s WSPs stated the principal was responsible for conducting a supervisory review of representatives’ electronic correspondence. However, the principal did not conduct the reviews. The firm’s WSPs also provided that the principal was responsible for overseeing branch office activities, including branch inspections, but the firm and the principal did not conduct a branch inspection of the firm’s sole office from 2011 through 2014. The firm’s 2015 inspection didn’t address the office’s policies and procedures regarding the supervision of supervisory personnel or the maintenance of books and records. Further, an associated person assigned to the office of supervisory jurisdiction (OSJ) conducted the inspection of that OSJ, and the inspection report did not, as required, document why that arrangement was necessary, and why the inspection satisfied the standards for branch inspections. Also, occurring between 2011 and 2014, the firm and their principal didn’t prepare the annual report on the firm’s supervisory control system or complete the annual certification of compliance and supervisory processes. The supervising principal was responsible for ensuring that these documents were prepared. In 2013, the firm and the principal did not conduct independent testing of the firm’s anti-money laundering (AML) compliance program despite firm’s WSPs granting supervisory responsibility for the AML program to the principal.
FINRA sanctioned a firm and required the firm to engage an independent consultant to conduct a comprehensive review of the adequacy of the firm’s policies, systems and procedures (written and otherwise), and training relating to outside business activity and private security transaction supervision, variable annuity supervision, hiring practices, review of communications, and financial operations and record-keeping. FINRA stated that the firm’s WSPs failed to address who would conduct email reviews, what methods they would use, or how documentation of reviews would be maintained. The firm relied on sampling to satisfy its obligation to review email communications but did not maintain records to document the reviewing of a reasonable sample of emails.
A broker was barred from association with any FINRA member in all capacities for using personal email accounts to conduct business. The findings stated the broker caused the firm to fail to maintain and preserve business records by using his personal email accounts in connection with obtaining backdated outside business activity and private securities transaction compliance forms. The broker directed a registered representative of his member firm to solicit backdated outside business activity and private securities transaction forms, and the broker submitted the forms to FINRA examiners without disclosing the backdating of the forms. The use of personal email accounts, in violation of the firm’s WSPs, prevented the capturing of the emails by the firm’s email archive, causing the firm’s business records to be incomplete.
Another broker was barred from association with any FINRA member in all capacities for failure to supervise a floor clerk who was subject to a plan of heightened supervision because he was subject to statutory disqualification. This heightened supervision required the review of the floor clerk’s email correspondence, but the broker never informed the interim supervisor about his potential role in the clerk’s heightened supervision.
A broker was assessed a deferred fine of $15,000 and suspended from association with any FINRA member in all capacities for six months. The findings stated the broker made false, exaggerated, unwarranted, promissory or misleading statements or claims, and an unwarranted prediction of performance in email communications with customers.
Takeaway
Having a set of WSPs is not enough. Your firm’s WSPs must be tailored to the risks of the firm and reflect all the activity in which your firm engages. At a minimum, the firm’s WSPs should identify the designated responsible supervisor, describe the process the supervisor will follow to conduct each review, when (i.e., how frequently) such actions will be taken, and how the supervisor will document that the required supervisory steps were taken. WSPs should be updated to reflect changes to regulations, and also when changes are made to the supervisory process. The firm must ensure the policies are properly enforced and followed by the designated reviewers. And finally, the firm must ensure policy guidelines and permitted communication channels are clearly communicated to employees.
FINRA penalized firms for failing to adopt and implement tailored heightened supervisory procedures under FINRA Rule 3110 (Supervision) for high-risk individuals. In FINRA’s 2018 priority letter, FINRA said it would continue to closely monitor high-risk firms and individual brokers, noting they would focus on firms’ supervisory practices for high-risk brokers, including remote supervision arrangements and branch inspection programs. To address the new requirements, firms should adopt and implement heightened supervisory procedures which are tailored to the risk. Firms should periodically test the integrity of their systems to ensure compliance. Monitoring electronic communications is an incredibly effective way to find potential violations. Utilize your archiving platform to automatically flag messages that contain risk keywords or phrases likely to warrant review. You can create lexicons focusing on areas such as fraud, high-risk brokers, improper sales practices, and anti-money laundering issues. Lexicon policies greatly enhance your supervisory control policies and procedures, helping you meet FINRA requirements for risk-based review, as well as ensuring your reviewers only review high-risk messages.
Performing random searches of messages contributes to a well-rounded review strategy to detect potential violations and enhance your supervision process. For example, you can create queues and perform random searches to regularly monitor high-risk recidivist brokers. And don’t forget to document your hard work reviewing messages — it’s a great way to demonstrate to regulators that you are comprehensively supervising all activities of your associated persons. The Archiving Platform from Smarsh has built-in documentation and supervision features.
Firms should proactively review their practices and take all actions necessary to implement a heightened supervisory program.
- 2022 Regulatory Roundup: Record-Breaking Penalties Provide a Glimpse Into 2023 - December 28, 2022
- Smarsh Advance Recap: Voice – The Newest Frontier in Supervision - December 15, 2022
- CFTC's 2022 Enforcement Results Highlight Recordkeeping and Supervision - October 27, 2022