censured and fined a broker-dealer for inadequate email reviews. Although the firm, through its President/CCO,
conducted weekly reviews, FINRA charges that the firm’s random sampling and
lexicon-based reviews were not sufficient given the firm’s size and risk
areas. The firm used 24 search terms
provided by its email provider, but FINRA asserts that the search terms did not
reflect a meaningful assessment of risk areas and resulted in a large number of
false positives. FINRA faults the firm
for failing to change the email reviews “[d]espite the obvious indications that
the firm’s lexicon system was not reasonably designed.” FINRA also criticizes the firm’s Written Supervisory
Procedures for omitting specific email review procedures.
Just doing email reviews isn’t enough. A firm must conduct effective email reviews that can statistically assess whether supervised persons are complying with the securities laws. We call this “compliance alchemy” i.e. the appearance of compliance without the implementation of adequate procedures and testing.
fined a large broker-dealer $2 Million for under-resourcing its compliance
function, thereby allowing unlawful short-selling. As the firm’s trading activity increased, the
firm continued to rely on a primarily manual system to monitor compliance with
Regulation SHO’s requirements. The
handful of employees tasked with monitoring trading requested more resources as
their 12-hour workdays could not adequately surveil the activity of 700 registered
representatives. FINRA alleges that the
firm routinely violated Regulation SHO by failing to timely close-out
positions, illegally routing orders, and failing to issue required
notices. As part of the settlement, the broker-dealer
also agreed to hire an independent compliance consultant.
TAKE: Firms need to track business activity to ensure that compliance and operations
infrastructure keep up with the business.
A good metric is whether the firm spends at least 5% of revenues on compliance
infrastructure including people and technology.
Broker-Dealers and advisers must abandon the dual-hat compliance model, the practice of naming a non-regulatory professional with multiple executive roles. Firms must retain a competent and dedicated Chief Compliance Officer either by hiring a full-time employee or by retaining the services of an industry-recognized outsourcing firm.
OUR TAKE: Failure to prevent wrongdoing creates a burden and inference that your compliance policies and procedures do not measure up. In this case, the SEC did not offer insight into how the firm should conduct allocation testing or whether such testing would have stopped the misconduct. Instead, the SEC argues that the cherry-picking itself proves that the firm failed to implement reasonable policies and procedures. This is why firms need to implement testing and monitoring and not just write a nice policy.
OUR TAKE: Having a valuation control function is not the same as having an effective valuation control function. Global firms must consider metrics before gutting compliance and supervisory functions that could ultimately allow bad actors to put the firm at risk. Firm leaders should think of compliance and supervision as the defense to protect assets and the firm’s reputation. And, defense wins championships.
OUR TAKE: Having policies and procedures, but taking no significant action against those who violate them, eviscerates their purpose. This compliance voodoo – the mere appearance of a compliance program – will draw the ire of the regulators.
A portfolio manager of an activist investment firm failed to disclose a $3 Million personal loan to the CEO of a company in which he invested. The portfolio manager made the loan, according to the SEC, to secure the CEO’s support for his election to the Board as part of a broader initiative to exert control over the company. The SEC asserts that the portfolio manager violated his fiduciary duty to his clients by concealing his personal interest and that the investment manager failed to file a Schedule 13D (indicating more than passive investment). Also, the SEC faults the adviser for failing to implement a reasonable compliance program because the policies and procedures “did not discuss conflicts of interest more broadly in sufficient depth so as to capture and train employees to recognize other violative conduct not specifically identified.”
OUR TAKE: Because portfolio managers are often treated like the rock stars of investment management, compli-pros must implement heightened supervision to protect against reckless actions that will ultimately hurt the firm. Procedures should include reviews of investment decisions, due diligence about personal dealings, reviews of transactions outside the ordinary course, and training all employees how to identify unlawful activity.
FINRA has outlined recommended heightened supervisory procedures for brokers with a history of past misconduct. FINRA suggests that firms should (i) designate a principal with supervision responsibility; (ii) provide specific training to the bad broker; (iii) require written acknowledgements; and (iv) conduct periodic reviews of the plan’s effectiveness. FINRA also describes certain characteristics of an effective heightened supervisory plan: physical proximity of the supervisor to the broker, ongoing contacts and reviews, frequent monitoring, and expediting customer complaints. FINRA has also proposed rules that would subject member firms that hire bad brokers to additional FINRA monitoring and reporting.
OUR TAKE: FINRA wants to make it difficult on firms that hire brokers with a disciplinary record by imposing additional regulatory, monitoring and reporting requirements.