Home » technology

Category: technology

Flaws in Share Class Selection Technology Costs Large Firm Nearly $14 Million


The dually-registered IA/BD affiliate of a large investment bank agreed to reimburse clients over $12 Million and agreed to pay a $1.5 Million fine because its advertised system failed to recommend the most economical fund share classes.  The respondent marketed an automated mutual fund share class selection system that purported to pick the least expensive share classes for certain retirement plan and charitable organization customers.  The SEC asserts that the system had programming and design flaws and that the respondent failed to adequately test and validate whether the system worked as advertised.  Over the course of a 7-year period, the respondent overcharged over 18,000 clients.

Automated compliance systems are helpful, but they are not a cure-all.  Like any tool, a compliance technology is only as good as the people using it.  Bad inputs cause bad outputs.  Also, firms can’t just “set it and forget it,” hoping that the system works. 

Marketplace Lender Fined $3 Million for Overstating Returns Due to Coding Errors

A marketplace lender agreed to pay a $3 Million fine for overstating returns because of coding errors.  The SEC asserts that the firm’s legacy coding omitted charged-off loans from historical performance calculations once the charged-off loans were sold to a third party.  According to the SEC, the firm knew as far back as 2014 that its legacy code had significant issues but failed to fix the code affecting the return calculations.  The firm used the inflated returns in client reporting and marketing. 

As firms implement FinTech and RegTech, they cannot simply set it and forget it.  Compliance, operations, and IT personnel must work together in real time to ensure that systems reflect current regulatory requirements.  Technology is a great tool, but it is not the complete answer to regulatory compliance. 

Three Firms Fined $6 Million for IT Breakdowns that Caused Inaccurate Reporting


The SEC fined three broker-dealers more than $6 Million for providing inaccurate securities trading information to the regulator over several years.  The SEC asserts that coding errors caused the firms to provide inaccurate blue sheets for millions of trades.  The SEC faults the BDs for failing to implement a supervisory and control structure to ensure that they provided accurate information.  Two of the firms hired regulatory professionals to oversee the re-vamping of the underlying reporting systems.

Most larger firms rely on fintech for a variety of heavy-lifting tasks including collecting data for the regulators.   Management must integrate the compliance and regulatory professionals with the IT folks to ensure that the systems match the legal requirements.   Compli-pros must learn to “speak tech” to properly advise their employers and clients. 

FBI Takes Down Unregulated Non-U.S. Swaps Dealer


An FBI sting operation ensnared an unlawful non-U.S. based securities dealer that offered securities-based swaps without registering.  The Austrian-based defendant operated an internet-based platform that offered contracts for difference, which operated as securities-based swaps based on publicly-traded U.S. equity and indexes.   An undercover FBI agent opened an account with nothing more than a username and a password and traded CFDs with bitcoin.  The platform served as the counterparty and collected the bid-ask spreads.  The SEC charges the platform with failing to register the securities offering and the platform as a broker dealer.  The SEC also asserts that the CFDs were required to be traded on a registered securities exchange.

OUR TAKE:  We love innovation and technology.  However, when you apply new technologies to a highly regulated industry, you must follow the same rules as everybody else.  Trading in securities with U.S. persons implicates the whole panoply of U.S. securities regulation including the regulation of the offering, the parties, and the venue.  Also, never assume that law enforcement or the regulators won’t find you.  Your competitors and clients have an interest in helping the investigators find those who are cutting regulatory corners.

Over-Reliance on Automated Surveillance Tools Costs IA/BD $4.5 Million

The SEC fined a large BD/IA $4.5 Million for overly relying on flawed compliance technologies that failed to prevent 5 registered representatives from stealing over $1 Million from clients over a 4-year period.  One of the systems, which was designed to compare disbursement addresses against controlled addresses, contained a technical error that resulted in a failure to generate the necessary red flags for further investigation.  The other system, a transaction-monitoring tool, had a design limitation that required an exact word-for-word address match, thereby failing to identify suspicious addresses.  Complementary manual supervision and monitoring also failed to uncover the conduct.  The SEC charges the firm with failures to supervise and to implement reasonable policies and procedures.

OUR TAKE: We love compliance regtech as a tool to leverage compli-pros’ efforts to uncover wrongdoing.  However, over-reliance on technology without professional judgment and intervention will lead to a false sense of compliance security.  An automatic hammer will not build a house without the architects and the builders.


The Friday List: Top 10 Compliance Technology Tools

Today, we offer our “Friday List,” an occasional feature summarizing a topic significant to investment management professionals interested in regulatory issues.  Our Friday Lists are an expanded “Our Take” on a particular subject, offering our unique (and sometimes controversial) perspective on an industry topic.

As the compliance profession has matured since adoption of the compliance rule in 2004, many innovative firms have developed technologies to help chief compliance officers and their organizations more effectively manage regulatory risk.  Under pressure to do more with less, almost all compli-pros utilize one or more of these tools to ensure an effective program.  Below, we list the top 10 areas where technology tools can help CCOs adopt a reasonably designed compliance program in an environment of expanding obligations and responsibilities.

Top 10 Compliance Technology Tools

  1. Personal Trading:  Probably the most-used compliance technology, several firms offer excellent products to collect and manage personal trading monitoring and pre-clearance as required by the Code of Ethics.
  2. Email Review:  Just the sheer number of emails transmitted, even in the smallest firms, begs for the implementation of an automated email review system.
  3. Cybersecurity:  There is an entire industry of technologies employed for threat assessment and penetration testing as well as remediation and protection.
  4. Portfolio Management:  One of the biggest risk areas involves portfolio dispersion and failures to invest in accordance with client mandates.  Several technologies can monitor for non-compliant trading.
  5. Anti-Money Laundering: A developing area, we have seen some excellent tools to help comply with AML and KYC requirements.
  6. Performance Reporting:  Performance reporting (and related recordkeeping) can be better managed by software tools that avoid human intervention, thereby ensuring accurate calculations and ease of presentation.
  7. Marketing Review:  We like several tools that manage the workflow and document management requirements of the marketing review process.  Such tools maintain a library of drafts for regulatory inspection.
  8. Best Execution:  All money management firms must ensure best execution.  Several technologies are available to measure and demonstrate how a firm selects and executes trades.
  9. Regulatory Reporting:  If your firm still does Form PF or 13F manually, consider a software tool that can help you pull data and populate the forms.
  10. Financial Reporting:  First adopted for mutual fund financial statements, larger firms should consider some of the financial reporting tools that create financial statements, thereby reducing outside fees and human error.

BD Fined for Hack of Third Party Cloud Provider


A broker-dealer agreed to pay a $650,000 fine because an OSJ’s cloud server vendor  failed to protect customer information.  FINRA asserts that foreign hackers penetrated the cloud-based servers and had access to customers’ nonpublic personal information.  FINRA faults the firm for failing to monitor or test the third party vendor’s information security.  FINRA also alleges that the BD failed to adopt reasonable data security policies that included specific firewall policies and related testing.  FINRA cites violations of Rule 30 of Regulation S-P, which requires the protection of customer records and information.

OUR TAKE: Firms must go the extra mile to protect customer information and not just rely on hiring a third party.  FINRA will hold BDs strictly liable for data breaches, even those occurring at the vendor.


Hedge Fund Managers Plan Significant Compliance Technology Spending


A KPMG study reports that the overwhelming majority (94%) of hedge fund managers recognize the importance of investing in technology to compete and that compliance is a top reason (90%) to invest in technology.  The report explains: “Given that — in 2013 — we estimated that compliance was costing the industry upwards of US$3 billion per year (and that number has likely risen much higher since), it is not surprising that compliance ranked as a top objective among our respondents.”  The report also explains the importance of technology in the back office where improved data management allows firms “to meet the increased regulatory and investor reporting demands being placed on them.”

OUR TAKE: Technology that organizes and presents data has become a critical element to meet ever-increasing regulatory requirements especially in areas such as personal trading, email review, and investor reporting.  Technology alone, however, is not a regulatory silver bullet.  Firms must still retain top compliance talent who can assess, interpret, and react to the data and then advise senior management on how to proceed.