The SEC will offer no quarter to RIAs who ignore their basic compliance responsibilities. At a bare minimum, firms must appoint a dedicated and qualified CCO, adopt tailored policies and procedures, annually test the program, and generally attempt to comply with the Advisers Act. The initiation of proceedings, rather than a settled order, suggests that the SEC intends to pursue aggressive penalties.
“We’ve always done it this way” is not a legitimate excuse for failing to comply with regulatory requirements. The firm engaged in the undisclosed revenue sharing for nearly 20 years before the SEC uncovered the conflict of interest. Perhaps, the firm never considered that its longstanding practice violated the securities laws. This is why we recommend retaining a fully-dedicated and experienced chief compliance officer either as a full-time employee or through a compliance services firm.
OUR TAKE: Compliance officers should avoid signing certifications that facilitate securities transactions. If the situation requires a certification, a CCO must conduct adequate due diligence to ensure the accuracy of all statements made. Also, we would recommend that a CCO obtains back-up certifications from others in the organization.
The SEC fined and barred a CCO/AML Officer from the industry for failing to file Suspicious Activity Reports and otherwise ignoring his AML due diligence responsibilities. The SEC accuses the CCO/AML Officer and his firm with ignoring clear red flags that suggested significant churning of penny stocks. Red flags included questionable customer backgrounds, absence of a business purpose, multiple accounts with the same beneficial owners, rapid transactions, and law enforcement inquiries. The firm sold over 12.5 billion shares of penny stocks over a 9-month period. The SEC also charged the firm and its clearing firm.
OUR TAKE: This is what we call “voodoo compliance” i.e. using purported compliance as a tool to further securities law violations. The SEC has become wise to firms that implement sham compliance programs.
The President of a broker-dealer was fined and barred for failing to supervise an inexperienced and ineffective Chief Compliance Officer. The CCO failed to properly monitor and halt excessive mutual fund trading by a registered rep. The CCO had difficulty analyzing the firm’s trade blotter and mutual fund reports even after a compliance consulting firm was hired to assist. FINRA faults the President for failing to recognize the CCO’s failures and take the necessary action to implement an adequate supervisory system. FINRA blames the President because he “was ultimately responsible for supervision.”
OUR TAKE: Do you know if your CCO is competent? Firm leaders do not satisfy their obligations to implement a compliance and supervisory system by merely calling somebody the Chief Compliance Officer. A CCO must be competent, have the necessary resources, effectively implement policies and procedures and test them. Then, firm management must monitor the CCO to ensure that the CCO adequately performs the role.
OUR TAKE: The SEC doesn’t often prosecute standalone (i.e. not dual hat) CCOs without an underlying client loss, but it will if the CCO ignores obvious compliance deficiencies of which he has notice. This is what we call “compliance voodoo” i.e. an appearance of compliance infrastructure without an effective program. This CCO had a compliance manual, did some quarterly testing, and hired a third party consultant. But, neither the CCO nor the firm took any action to actually implement relevant procedures to address cited compliance deficiencies.
OUR TAKE: Compliance officers that assume anti-money laundering duties are subject to prosecution and significant fines by both FinCEN and the DoJ (in addition to FINRA and other financial regulators). Nobody condones the CCO’s conduct in this case, but one question many compli-pros have asked is why has the CCO been singled out for personal liability? Why didn’t the feds pursue the operations folks that vet clients or the senior executives in charge? And, why does the CCO pay a fine when he did not financially benefit from the misconduct?
The Chief Compliance Officer of a broker-dealer was barred from the industry for mis-using his position to assist his brothers’ securities fraud scheme. According to the SEC, the brothers engaged in a long-running securities fraud to fleece foreign investors with phony offerings, fake names and bogus fees. The SEC charges that the respondent used his privileged position as a broker-dealer’s chief compliance officer to create accounts and move funds without supervision. The SEC asserts that he created “house” accounts and mis-labeled wires to hide the scheme. The SEC charges that the CCO thereby aided and abetted violations of the anti-fraud, reporting, and books and records rules. The SEC waived the disgorgement order but ordered a permanent bar based on his conduct and his incarceration on related criminal charges.
OUR TAKE: It is the CCO’s job to monitor others to prevent misconduct, but who watches the CCO? With unfettered access and knowledge, a CCO has a higher duty to follow and enforce the securities laws. Firms should also ensure that somebody reviews the CCOs personal dealings.