2016 FINRA Top Enforcement Issues
You can download a full copy of the slides from this webinar.
Full video transcript available below:
Welcome and thank you for joining today's webinar hosted by me Joe Boyhan of MCO and Brian Rubin and Adam Pollet of Eversheds Sutherland. With that I'll hand you over to my co-hosts.
|
So as we mentioned, we'll move on to the top enforcement issues from FINRA by fines in 2016 and here we go. The reason for the poll in question is the number one issue in 2016 was AML with 32 cases totaling just about $46 million in fines. As you can see AML has been working its way up the top enforcement list. It was fourth in 2014, second in 2015 and then last year finally landing in the top spot.
|
FINRA continues to emphasize that firms not only must have written supervisor procedures for AML but must regularly review them to devote adequate resources to implementing these programs.
|
Next slide please, and next slide please but there's a question and it sort of deals with the next slide as well. The question is does the increase in fines and decrease in restitution lead you to believe that there are a lot of instances where firms were fined despite the fact that no investors were harmed? The answer is yes and these AML cases probably show that. There are very large fine amounts, but there's question as to what extent investors were harmed with regards to AML issues and there are several other issues where there are large dollar fines like WORM which we'll talk about in a few minutes where also there's a question as to whether there is any harm to customers.
|
The first slide ... go back one slide please. There you go. Talk about these two cases. A $17 million fine involved two affiliated firms that were required to pay that fine for alleged widespread supervisory failures relating to their AML programs. The firms had more than doubled in size during an eight year period and FINRA noted that their AML compliance systems did not experience a similar growth and that their AML programs weren't tailored to their businesses.
|
This is actually even more of a concern because one of the firms had been previously sanctioned for this issue and had agreed to review its AML program. In addition, in this case a former compliance officer was fined $25,000 and suspended three months for allegedly failing to ensure that the AML reviews were conducted. We'll have a little bit more on that later on.
|
The take-away from this case is Brad Bennett the former Chief of Enforcement said, "Firms must allocate adequate resources to their AML compliance efforts." No surprise there. Number two, compliance systems have to keep up the business. [inaudible 00:20:59] this is a problem here and raised similar concerns in another case a few years ago. Finally, when you discover problems you need to fix them especially if you told a regulator you would as they had here.
|
Quickly we'll touch on this other fine of five and three-quarter million dollars for a firm again alleging to have failed to reasonably design an AML program because among other issues although it conducted a lot of business in high risk regions and handled high risk securities transactions, the firm primarily relied on a manual review of its transactions that wasn't sufficiently focused on AML risks. The take-away there the firm should make effective use of automated surveillance to identify potentially suspicious transactions where appropriate and escalate as well.
|
Finally the firm should not only ensure AML procedures are adequate and reasonably tailored so that they are consistently applied across the [inaudible 00:22:07]. Next slide please.
|
Before we get to that there's a question about whether RIA firms need to worry about AML. The short answer is yes. The longer answer is there was a proposal and I've lost track. FinCEN proposed a rule dealing with it and Treasury was also focusing on AML for RIAs and I'm not sure what the status is, but I think generally the sense is that it makes sense to do and we could follow up with whoever wants to on that issue if you are interested.
|
So the next issue is variable annuities and this is the second largest in terms of fine categories, 30 cases totaling 30 million dollars, but the primary driver was a 20 million dollar case and it's the first time that variable annuities made the list. Let's go to the next slide please.
|
The $20 million case also had a $5 million restitution component and in that case FINRA alleged the firm made negligent misreps and omissions to customers about costs and guarantees relating to variable annuity replacements. FINRA said the firm didn't reveal the true costs of the replacements. FINRA conducted a random sample and found that these issues impacted about 75% of variable annuity replacements. The firm sold a lot of variable annuity replacements, $3 billion worth.
|
The take-aways here are first variable annuities are complex. They have a lot of moving parts and that firms have to just generally consider their policies procedures with regards to replacements and as we'll see share classes and riders as well. Second, FINRA noted that the firms under [threats 00:23:56] were required to consider and compare material information for the existing and proposed variable annuities and the side-by-side comparisons had to be accurate.
|
The next one is there were eight firms fined $6.2 million and these cases primarily dealt with multi-share class variable annuities and in particular focused on L shares which also were sold with long-term riders and FINRA alleged the firms failed to identify red flags where L shares were sold with long-term riders.
|
The take-aways are first that L shares are typically only suitable for a narrow class of investors and in light of the DOL fiduciary rule a number of firms have stopped selling them. The second issue is that firms that sell multi-class shares of any products, variable annuities, or mutual funds, or mutual funds with waivers, need policies, procedures, disclosures around the issues and then third there will be more cases in this area so if you haven't focused on your various share classes already, it's something that you should be doing.
|
Next slide please. The number three issue in 2016 was trade reporting with 146 cases totaling $24.4 million in fines. Trade reporting was down from the top spot in 2015, but remains on this list as it usually does. Next slide please.
|
First case here, a firm was fined $6 million. FINRA found that for at least seven years the firm experienced significant failures with its systems used to compile and produce trade data or blue sheets including programming errors and failing to implement enhancements to meet certain regulatory reporting requirements. This caused the firm to submit thousands of blue sheets to regulators that misreported or omitted critical information on over a million trades. As part of the settlement here, the firm agreed to retain an independent consultant to improve its policies and procedures relating to blue sheet submission.
|
The second case, a firm was fined $2.8 million. FINRA alleged that for four years a system configuration error caused the firm to inaccurately report more than 20 million trades to FINRA and then further alleged that the firm's WSPs were not reasonably designed to achieve compliance with the relevant rules in particular because the sample sizes they were reviewing were insufficient.
|
The general take-aways here again FINRA is typically dealing with trade reporting types of cases and expects firms to stay on top of technical processes which may mean reviewing the system coding for automated processes. Next slide please.
|
So next number 4 on our list are books and records, 99 cases with more than $22 million in fines and this is the first time that books and records have been on our top enforcement issues list. They, it's primarily on the list because there is one set of cases brought in December where 12 firms were fined $14.4 million for WORM violations which is Write Once Read Many. FINRA found that in various times, often for extended periods of time, the firms failed to retain required books and records electronically the way they were supposed to in WORM format which prevents alteration or destruction and a number of firms didn't have procedures. A number of them didn't audit and didn't follow some of the other requirements.
|
The take-aways are first that FINRA is using rules that it and the firms have sometimes forgotten about. Everybody was aware of WORM issues with regard to email, but firms weren't necessarily focused on it with regard to other books and records.
|
Second, FINRA is taking cyber security seriously and in these cases linked the worm issue to cyber security by stating that sensitive financial information was stored electronically and there have been increasingly aggressive attempts to hack into a electronic data repository posing a threat to inadequately protected records.
|
The third take-away is that there's more WORM to come and there's probably some pun I could make there, but firms should focus on WORM issues. FINRA is routinely examining for it. They are going to be bringing a number of cases next month dealing with the same exact issues so they're continuing to dig around issues that weren't performing [inaudible 00:29:12].
|