Summary of FINRA Regulatory Actions 2017

March 2, 2018

The Financial Industry Regulatory Authority’s (“FINRA”) Enforcement Division brought 318 disciplinary actions against registered broker-dealers in 2017. The total number of disciplinary actions and dollar amount of fines decreased significantly from 2016. In addition, FINRA member firms paid over $34 million in restitution to customers as a result of alleged failures in the supervision of mutual funds, exchange-traded funds, and unit investment trusts. This amount nearly doubled from 2016. FINRA levied 18 fines of $1 million or more in 2017, down from 29 in 2016 and 21 in 2015. Most disciplinary actions levied by FINRA during the calendar year stemmed from trade-reporting violations. There were 11 disciplinary actions totaling over $4 million for violations of anti-money laundering (“AML”) rules in 2017. Other primary causes of disciplinary actions resulting in the highest number of fines were alleged failures in supervision and in books and records deficiencies.

FINRA Actions Q4 Report Chart

During the fourth quarter of 2017, FINRA levied 67 disciplinary actions on members. The fines amounted to $17.9 million, which was significantly lower than the same period one year ago and the second lowest amount for the fourth quarter since 2013. The primary causes of fourth-quarter 2017 disciplinary actions that resulted in the largest fines were trade reporting, electronic records storage, and associated person background checks. Details on some of the largest fines in these categories appear below, followed by a summary of other significant events.

Trade Reporting

FINRA fined 17 members nearly $1.5 million for alleged violations of trade-reporting rules during the fourth quarter. The fines ranged between $10,000 and $400,000. FINRA alleged that one firm failed to transmit over 548 million reportable order events (“ROEs”) to the Order Audit Trail System (‘OATS”) during the review period for its examination. ROEs record events in an order’s lifecycle, such as an order receipt, order cancellation, or order execution that must be reported to OATS. Failure to report this information violates FINRA Rule 7450.

The ROEs not transmitted to OATS constituted nearly eight percent of all ROEs the member was required to report. The unreported ROEs cited by FINRA also represented 99 percent of the number the firm was required to submit on behalf of a sponsored-access client using its market participant identifier (MPID). The firm failed to detect a technology issue in its reporting system that caused the sponsored-access client’s ROEs to go unreported to OATS. The firm subsequently terminated that sponsored-access business.

A reporting member, as defined in FINRA Rule 7410, is one that receives or originates an order and is obligated to record and report order information under Rules 7440 and 7450. Firms that meet this definition should review their reporting systems to ensure they work properly and that all ROEs are being submitted to OATS on time. This review could include a model validation and should also be detailed in the firm’s written supervisory procedures. In the case described here, FINRA found that the member’s supervisory system did not have adequate controls in place to prevent ROE reporting failures. Members should conduct these reviews regularly to ensure compliance with trade-reporting requirements.

Electronic Storage Media

FINRA censured and fined two broker-dealers in the fourth quarter for their alleged failure to maintain electronic records in a non-erasable, non-rewriteable format, as required by Rule 17a-4(f) under the Exchange Act of 1934. According to the Acceptance, Waiver, and Consent (“AWC”) letters, the members each agreed to pay $175,000 to FINRA. The first AWC letter stated that one member did not maintain over 730,000 order tickets and over 2,000 financial records, including general ledgers and Financial and Operational Combined Uniform Single (FOCUS) reports, in a write-once, read-many (“WORM”) format.

The other member allegedly transitioned from a WORM-compliant recordkeeping system to a new electronic storage system for its brokerage records. FINRA discovered that the member experienced difficulties during the transition that resulted in approximately 46 million market-making transactions not being maintained in WORM format. FINRA also found that the firm violated Exchange Act Rule 17a-4(f)(2)(ii), which requires a broker-dealer to notify its designated examining authority at least 90 days prior to employing electronic storage media. The member allegedly did not notify FINRA prior to the transition to the new system. In addition, FINRA found that the firm violated Exchange Act Rule 17a-4(f)(3)(vii), which requires a broker-dealer to have in place an audit system providing for accountability regarding inputting of records required to be maintained and preserved pursuant to SEC rules and inputting of changes made to every original and duplicate record maintained and preserved thereby. During the review period, the member did not have an audit system in place for the brokerage records. The firm also allegedly violated Exchange Act Rule 17a-4(f)(3)(vii). This part of the rule requires a broker-dealer to retain a third-party vendor that has access to the records and can provide these records to regulators in the event the firm cannot. The firm did not have an unaffiliated third party that could access its records.

Brokers-dealers should take several steps before electing to store business-related records solely in electronic format. Specifically, firms should affirm that they maintain the records in WORM format as required by Rule 17a-4(f)(2)(ii) and that they retain at least one independent third party that can access and download information from their electronic storage media. In its reviews, ACA has seen information technology or disaster recovery departments check for compliance with WORM format while onboarding new vendors and then notify their compliance department of the results. Members must also notify their designated examining authority through FINRA’s Gateway systems at least 90 days prior to employing electronic storage media. (The 90-day requirement does not apply if optical disk technology is being used.) The electronic storage notification requires two attachments with the filing: 1) a representation letter (often called an “undertaking letter”) from the vendor that has agreed to access and download information from the firm’s electronic storage media and 2) a representation from the vendor, the member, or a qualified third party that the electronic storage media is WORM compliant. Lastly, firms should revisit Question 8A of Form BD to ensure they have properly disclosed any recordkeeping arrangements.

Associated Person Background Checks

In the fourth quarter, FINRA censured a broker-dealer, fined it $1,250,000, and ordered it to review its systems and procedures for identifying, fingerprinting, and screening nonregistered associated persons. The firm allegedly did not follow its own internal written policies and procedures, which require all employees, including nonregistered personnel, to be fingerprinted prior to employment. The firm self-reported the matter to FINRA when it discovered the deficiency.

According to the AWC letter, the member violated Exchange Act Rule 17f-2 by allegedly failing to fingerprint the aforementioned associated persons prior to employment. It was also in violation of FINRA Rule 3110 (e), which requires broker-dealers to ascertain by investigation the good character, business reputation, qualifications, and experience of an applicant before applying to register the individual with FINRA and before making a representation that it has completed such an investigation on the registration application. During the review period, the firm employed four associated persons subject to statutory disqualification. Its screening of these new employees was found to be insufficient. Background investigations on new employees were limited to checking for criminal convictions specified in federal banking laws. The Firm’s background checks did not allegedly screen for “disqualifying events” listed under Exchange Act Rule 3(a)(39) or for other felony convictions. Members are required to gather these records for each associated person. Firms then check the information from the background investigation to check if any events need to be disclosed on the individual’s Form U4.

Member firms should make sure that they complete background checks for all registered and nonregistered fingerprinted persons as part of their onboarding process. In this respect, members can retain a third party to conduct the background check or search publicly available records themselves. If an affiliate completes the onboarding process, members should ensure that the affiliate’s background checks meet FINRA and SEC requirements. FINRA also requires members to verify the accuracy of the information provided by an associated person within 30 days of filing that individual’s Form U4 or Form NRF in CRD. Evidence of these verifications should be maintained in the member’s employee files. In addition to screening associated persons, all members must submit fingerprint cards for their associated persons to FINRA. As a best practice, firms should keep the FBI fingerprint card results in the employee file together with the background checks to evidence adequate screening.

Other Significant Events

FINRA cited two of its member firms during the fourth quarter for failure to supervise their associated persons’ outside business activities (“OBAs”). The total fines paid to FINRA were $265,000. One firm allegedly did not have procedures for requesting reviews and evaluations of OBAs.

The other disciplined firm failed to adequately review a registered representative’s OBAs to determine if any private securities transactions (“PSTs”) had occurred. This representative had helped foreign citizens obtain United States visas through the EB-5 program, which requires them to invest in commercial enterprises to qualify. The representative assisted several persons in the program with purchasing limited partnership interests in a trucking business and received equity in the trucking company as a result of his sales efforts. He also received annual management fees based on the trucking company’s assets. The representative disclosed his role in the transactions and his compensation to the firm, but the firm did not determine whether to treat the activity as a prohibited or limited PST.

Firms can prevent noncompliance with FINRA’s OBA and PST rules by having all associated persons disclose their OBAs when hired. OBAs are any activity conducted outside the scope of the associated person’s relationship with the member. Some examples include performing tax preparation, operating as an investment adviser, conducting fixed insurance sales, and providing accounting support. ACA has noted that FINRA specifically reviews firms’ processes for determining whether an OBA presents a conflict of interest to the member. In this respect, firms should gather essential information on OBAs such as type of compensation, nature of the business, and whether their customers are involved. Once an OBA request is received, the firm should consider whether to permit it. If deemed not to interfere with the associated person’s job functions, the Firm should approve it subject to any appropriate conditions. Otherwise, the request should be rejected. The representative should be notified of the decision by a registered principal in writing and the written notification kept on file. As a best practice, firms should have their associated persons attest at least annually to the OBAs they have disclosed. Firms should also consider performing follow-up checks on OBA requests that have been denied. Monitoring for such denied OBAs can be done via Google searches, email reviews, and branch office inspections.

ACA notes that the following key securities laws and FINRA rules were referenced in actions during the fourth quarter of 2017:

  • FINRA Rule 7450
  • FINRA Rule 7440
  • Exchange Act Rule 17a-4(f)
  • Exchange Act Rule 17f-2
  • FINRA Rule 3110

ACA Compliance Group’s Broker-Dealer Services Division helps firms ensure their compliance with regulatory requirements. Our services include compliance program development, trading reviews, conflicts management analysis, corrective action assessments, supervisory control and AML testing, written supervisory procedure assistance, initial and ongoing membership application help, and customized regulatory and compliance consulting.

For more information, please contact Dee Stafford.

CORRECTION: The Summary of FINRA Q4 Regulatory Actions 2017 alert sent on March 2, 2018, stated incorrectly that firms should use storage media from an independent third party vendor. Instead, firms should retain at least one independent third party that can access and download information from their electronic storage media. Corrections have been made above.