Firms can (and probably should) outsource their network and data storage to qualified vendors, but they cannot abdicate their responsibilities to ensure the data is protected from unauthorized intrusion. The compli-pros must work with the IT folks to assess the cloud provider’s ongoing compliance.
On the positive side, requiring what amounts to a net capital penalty should get the attention of senior leaders at these problem firms. On the other hand, FINRA needs to be careful that such a firm doesn’t make a cold calculation to hire a bad broker if the broker’s production offsets the additional financial obligation.
A broker-dealer was censured, fined, and ordered to retain an independent consultant in connection with failures to file Suspicious Activity Reports about pump-and-dump schemes. The SEC alleges that the firm neglected to file SARs even though it acknowledged several red flags including deposits of physical securities followed by rapid fund withdrawals, SEC investigations that led the firm to close accounts, trading away through other firms, questionable attorney opinions, and suspicious communications. The SEC acknowledges that the firm’s AML procedures identified certain red flags and how employees should report suspicious transactions, but the SEC faults the firm for failing to implement procedures, investigate red flags, and file SARs. The Bank Secrecy Act requires broker-dealers to file SARs when it suspects a transaction that has no business or apparent lawful purpose or is not the sort in which the particular customer would normally be expected to engage.
We think that FINRA and the SEC should take a hard look at the SAR filing regime. In this case, the broker-dealer appears to have facilitated several pump-and-dump schemes, and we don’t question that the SEC should have acted. What creates confusion is the leveraging of the Bank Secrecy Act and the SAR system, which was intended to combat anti-money laundering, as a catch-all reporting mechanism for any suspected regulatory violation whether or not it involved money laundering activity. Why should FinCen be involved in policing pump-and-dump schemes or other non-AML securities violations?
We are seeing a renewed SEC interest in how firms use soft dollar credits. Although the facts of this case date back several years, this action may portend future regulatory and enforcement initiatives.
Didn’t know that name-dropping could result in securities fraud? Any misstatement arguably relied upon by investors could give rise to Section 17(a)(2) charges of offering securities by means of an untrue statement of a material fact.
Form ADV, Item 18.B. specifically requires investment advisers to “disclose any financial condition that is reasonably likely to impair your ability to meet contractual commitments to clients.” Item 18.C. also requires the disclosure of any bankruptcy petition during the prior 10 years. As investment advisers struggle financially, compli-pros should assess whether the firm needs to enhance its financial condition disclosure.
We have observed OCIE staff specifically ask about compliance resources and spending during examinations. Based on various research studies and our own empirical experience, firms should benchmark to spend at least 5% of revenue on compliance resources including personnel and technology. Of course, the actual spending should vary depending on the complexity and size of the business.