The SEC fined a large BD/IA $4.5 Million for overly relying on flawed compliance technologies that failed to prevent 5 registered representatives from stealing over $1 Million from clients over a 4-year period. One of the systems, which was designed to compare disbursement addresses against controlled addresses, contained a technical error that resulted in a failure to generate the necessary red flags for further investigation. The other system, a transaction-monitoring tool, had a design limitation that required an exact word-for-word address match, thereby failing to identify suspicious addresses. Complementary manual supervision and monitoring also failed to uncover the conduct. The SEC charges the firm with failures to supervise and to implement reasonable policies and procedures.
OUR TAKE: We love compliance regtech as a tool to leverage compli-pros’ efforts to uncover wrongdoing. However, over-reliance on technology without professional judgment and intervention will lead to a false sense of compliance security. An automatic hammer will not build a house without the architects and the builders.