Broker- Dealer Law Corner

Broker- Dealer Law Corner

The Financial Choice Act — Much Ado About Nothing

Posted in Dodd Frank

While most of DC was watching the Comey hearing, the House of Representatives passed the Financial CHOICE Act, which would significantly alter the 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act. Dodd-Frank created the Consumer Financial Protection Bureau (CFPB).

The Financial CHOICE Act passed the House with a vote of 233 to 186; a vote straight down party lines with the exception of one Republican who voted against the bill. However, there is little chance of the bill surviving a Democratic filibuster in the Senate. To survive a filibuster, it takes 60 votes to proceed to a vote on a bill. Currently, the GOP has 52 seats in the Senate, which would require 8 Democratic Senators to vote with the GOP. Rather than face these numbers, the Senate will likely draft a companion bill, with the same intent to reform Dodd-Frank.

As passed in the House, the CHOICE Act seeks to reform the Dodd-Frank Act, but does not completely change the consumer protection landscape. Instead, the Financial Choice Act seeks to limit regulations aimed at supervising financial institutions. Specifically the CHOICE Act looks to provide an alternative to banks who maintain higher levels of capital, thus avoiding additional regulations. The Dodd-Frank Act supervised financial institutions, with particular focus on banks deemed “Too Big to Fail” and non-bank financial institutions who were deemed as “systematically important.” Further, it would ease some of the regulations that currently apply to smaller financial institutions, such as credit unions and community banks. The CHOICE Act would also repeal the Volcker Rule and the Fiduciary Rule, which would require retirement advisors to put their clients’ interests before their own.

As passed by the House, the CHOICE Act also restructures the CFPB from a bureau to a consumer law enforcement agency, subject to the congressional appropriations process. This change would also permit the President to fire the head of the CFPB at any time and without reason. The constitutionality of a bureau with a director who can only be removed for cause was one of the key issues in the PHH Case, which was argued to the U.S. Court of Appeals for the D.C. Circuit on May 24th. If the director of the CFPB or a consumer law enforcement agency can be removed without cause, the director would follow the policies and priorities of the President, which could change every election cycle.

Until the Senate drafts and votes on a companion bill or votes on the CHOICE Act, Dodd-Frank and all its regulations remain. With the current makeup of the Senate, it remains risky to attempt to predict the outcome of reform efforts.

FINRA Provides The Blueprint For Monitoring Outside Business Activities

Posted in Disciplinary Process, Disclosure, Enforcement, FINRA, Outside business activities

Outside business activities are in the news. In Reg Notice 17-20, FINRA announced that it was seeking comments in an effort to learn whether or not the existing rules governing OBAs are effective.  (The comment period is open until late June, so if you have strong feelings on the subject, now is the time to speak up!)  It’s an interesting question, but, in my long experience, the effectiveness of the rules will always be dubious for the simple reason that it is impossible to prevent undisclosed outside business activities, or, worse, undisclosed private securities transactions.  It doesn’t matter how many times a firm asks its reps to make those disclosures, how dire the potential consequences for not making those disclosures, how many Enforcement cases FINRA brings, or how simple the rule is to understand, the fact is, reps have been failing to disclose OBAs since, well, forever.

I can understand why, however. In some (rare) instances, it is because somehow, despite being peppered with constant requests to disclose, beginning with the initial hiring process, a rep may fail to appreciate that something he is doing away from the firm actually constitutes an OBA.  In most cases, however, a failure to disclose is as result of the fact that the rep simply doesn’t want his firm to know what he’s doing.

Given that OBAs are impossible to prevent, it is especially frustrating when FINRA concludes – and it happens often enough – that not only did a rep violate the OBA rule, but the broker-dealer with which the rep is associated is also guilty, specifically for not having done enough to detect the undisclosed OBA. The operative question is, what is enough?

Today, in a FINRA Enforcement decision issued by a hearing panel against Jim Seol,[1] FINRA was kind enough to answer that question. While Mr. Seol was permanently barred for not disclosing his extensive outside business activities, his broker-dealer – Ameriprise Financial Services, Inc. – was not only not named as a co-respondent, but was essentially commended for the scope of the efforts it took to try to get Mr. Seol to disclose his OBAs.  The hearing panel concluded that because Mr. Seol failed to disclose his OBAs after being subjected to everything Ameriprise did, his failure had to be intentional, thus meriting the bar.

What did Ameriprise did here serves as excellent guidance to understanding just how far a broker-dealer needs to go to satisfy FINRA that its efforts to monitor OBAs are effective. Let’s look at them.

  • As one might expect, under Ameriprise policy, Mr. Seol was required to disclose and obtain prior approval from the firm before commencing any outside business activities, including any business ownership or business appointment, regardless of whether compensation was being received.
  • To that end, like most firms, Ameriprise had Mr. Seol execute an Annual Compliance Questionnaire asking about his OBA. Here, Mr. Seol failed to disclose his OBA in February 2012, February 2013, and February 2014.
  • Beginning in at least 2011, Mr. Seol’s supervisor at Ameriprise conducted annual site inspections of Mr. Seol’s office. These in-person site inspections included a detailed review of the operation, function, and management of Mr. Seol’s office.
  • During each site inspection, the supervisor conducted an extended interview with Mr. Seol to understand his business and any issues that may have impacted the operation of the branch.
  • During the interviews, the supervisor reviewed with Mr. Seol the annual attestations he
  • submitted to Ameriprise.
  • Among the attestations reviewed was Mr. Seol’s representation that he had no outside business activities.
  • The supervisor made sure Mr. Seol had “a good understanding” of what the question called for, and confirmed that the representation was accurate.
  • The supervisor “educate[d]” Mr. Seol, ensuring that he was “familiar with what needs to be disclosed – if you have any businesses, if you have any outside activities like being on a board.”
  • During the interview, the supervisor “would not only ask if he was involved in any kind of outside [activities],” he would also inquire as to “how [he] was making his money, what’s he doing, is he focusing in on his practice, has he been out of the office.
  • In addition to these annual visits by Mr. Seol’s supervisor, the firm’s compliance department also routinely inspected Mr. Seol’s branch office. In 2012, 2013, and again in 2014, a compliance inspector traveled to Mr. Seol’s office for an in-person review.
  • Importantly, some of these were unannounced, and included a detailed and careful review of all aspects of the operation and function of Mr. Seol’s office.
  • In her interviews with Mr. Seol, the compliance inspector confirmed that he had access to the firm’s compliance manual and was familiar with the firm’s policies.
  • The inspector confirmed that Mr. Seol understood that an outside business activity was required to be disclosed whether or not he was being compensated for that activity.
  • She explained that both Ameriprise policy and FINRA rules required him to disclose and obtain prior approval for all OBAs.
  • She also reminded Mr. Seol about his obligation to update his Form U4 to include any outside business activities.

Despite all that, Mr. Seol nevertheless falsely represented to Ameriprise that he had no outside business activities, over and over again.

Ameriprise deserves commendation for the amount of effort it expended in reminding Mr. Seol of his obligations regarding OBAs, and working to ensure that it gave him every opportunity to meet them. That effort was neither cheap, quick, nor easy.  But, that is the kind of supervision that FINRA expects to see from member firms.  I’d say that Ameriprise has provided a blueprint for everyone to follow to avoid being ensnared in an Enforcement action when an RR conceals an OBA. Ignore this lesson at your own peril.


[1] The decision is subject to being appealed by Mr. Seol.

How The Fiduciary Rule May Impact Outside Business Activities

Posted in annuities, Fiduciary duty, Fiduciary Rule, Fiduciary Standard

Because fixed annuities and fixed life insurance are not securities, many broker-dealers treat the sales of these products by their registered reps as outside business activities. In that event, there is no obligation by the BD to supervise those sales, and they can be run directly with the issuing company and not through the broker-dealer.  While this may mean the firm loses out on some[1] or all of the commissions the RRs earn on those sales, that fact is tempered by the elimination of a whole host of oversight obligations by the BD which would be time-consuming and expensive.  Perhaps even more important, by not having any supervisory obligations — obligations which could, at least theoretically, subject the firm to potential liability in the event a customer claimed he or she was damaged as a result of a firm’s failure to meet them — the firm minimizes its risks on fixed annuity sales.

Well, this approach may not be viable much longer. Among the requirements of the DOL’s new fiduciary rule – effective on January 1, 2018, not this Friday, happily (and assuming that the President doesn’t do something to delay, or simply eliminate, the institution of the rule) – if a firm wants to charge commissions on the sale of these products is the execution of a contract between the customers and a “financial institution.”  In that agreement, the financial institution must represent that it is a fiduciary, and that it is acting in the customer’s best interest, among other things.

Going forward, then, broker-dealers which up to now have allowed sales of these fixed products to be handled as OBAs may be forced to sign off as the “financial institution” if they want to continue to offer these products. The bad news?  They won’t be able to treat them as OBAs anymore, and will have to take on the many supervisory obligations relating to these sales that they formerly disclaimed.  The good news?  The BDs will be able to get paid for that supervisory work through a split of the commissions paid to the selling rep.

So, the question for broker-dealers is whether this additional revenue will be worth (1) the costs associated with these new supervisory efforts, and (2) the risk (of potential liability for not supervising adequately) these sales present. Frankly, there may not be any choice involved, if BDs want to continue selling these popular products and charging commissions for doing so.

An additional concern, although it is difficult to gauge how big of a deal it might be, is how the sales force may react if, going forward, they will now have to split commissions with the BD, commissions that, in most cases, they presently keep entirely for themselves. I imagine that most reps will have no problem sharing commissions if it means that they can rely on their BD to backstop their sales efforts, but I cannot say for sure that this will be the universal reaction.

As the clock ticks down to the effective date of the fiduciary rule, firms large and small are going to have to take a very close look at their existing business model, including products that, like fixed annuities, aren’t even run through the firm. Regulators, historically, have been less than forgiving regarding compliance with new rules, no matter how significant a change they represent, when such rules have been the subject of intense public comment, as has clearly been the case with the fiduciary rule.  “I didn’t realize” simply won’t cut it as an excuse for failure to meet the new requirements.

[1] Even when these non-securities are sold as OBAs, BDs can still get paid for the efforts they make, even though those efforts are not, technically speaking, supervisory in nature.  But, the lion’s share of the sales commissions go to the selling reps.

Where’s The Beef? The SEC Complains That Filing A SAR Isn’t Enough If It Skimps On Details

Posted in AML, Compliance, Enforcement

Many of my clients chafe at the AML rule, given the cost of compliance and the even higher cost of defending an Enforcement action if the regulators conclude that red flags were somehow missed, or spotted but not dealt with adequately, or soon enough, or both, or spotting the red flags, responding to them, but not memorializing those efforts sufficiently.  In short, there are a lot of ways to trigger an AML problem.

A common source of annoyance is when firms find themselves having to defend a decision not to file a SAR, a Suspicious Activity Report. They insist that what FINRA, or the SEC, or FinCEN, deems to be a red flag consistent with money laundering is, in fact, something innocent, and not suspicious once you understand the underlying facts.  But, those can be difficult, and expensive, arguments to make, and even harder and more costly to win.  So, many firms simply say it’s easier not to fight City Hall, and just go ahead and file SARs even if they believe that nothing truly suspicious happened, with the thought being that you can’t get in trouble for filing a SAR, as opposed to what can happen if you don’t.

Well, not so fast. Today, the SEC filed an AML complaint in federal court against Alpine Securities Corp., and the problem is not that Alpine failed to file SARs in the face of suspicious activity, but that it did file SARs – hundreds of them – and left out the juicy parts.  According to the complaint,

Alpine filed hundreds of SARs that omitted material information that was in Alpine’s possession and was required to be reported pursuant to Alpine’s BSA Compliance Program, which incorporated FinCEN guidance, the SAR Form instructions, and the regulations implementing the BSA. Many SARs identified no suspicious activity at all.  Even when Alpine reported some suspicious activity in some of its SARs, it systematically omitted other known material information in such a way that the SARs deprived law enforcement, regulatory, and intelligence consumers, including the Commission, of valuable and timely intelligence and undermined the very purpose for which BSA obligations are imposed on financial institutions.

What did Alpine omit? According to the complaint,

  • Hundreds of instances in which its customer had prior or ongoing financial fraud charges;
  • Approximately 100 instances in which the issuer was previously a shell company, or had filed for bankruptcy, or frequently changed its business;
  • Approximately 100 instances in which the ticker being deposited was the subject on an ongoing promotional campaign;
  • Approximately 100 instances in which its customer was a foreign financial institution; and
  • Dozens of instances in which its customer was depositing millions or billions of shares of a security that had little or no previous trading activity, and dozens more instances in which the issuer could not be verified as an operating entity.

The lesson here is clear and unmistakable: it is not enough merely to file a SAR because it’s easier than not filing and then having to justify your decision not to file.  Rather, if you do file a SAR, you have to provide enough detail to make clear what, exactly, was suspicious.  In the complaint, the SEC was kind enough to cite to guidance that FinCEN has provided regarding the content of SARs:

FinCEN’s guidance to broker-dealers instructs SAR filers to “identify the five essential elements of information—who? what? when? where? and why?—of the suspicious activity being reported” and to include “a summary of the ‘red flags’ and suspicious patterns of activity that initiated the SAR.”  See FinCEN, Guidance on Preparing A Complete & Sufficient Suspicious Activity Report Narrative (November 2003) at pp. 3, 7.  FinCEN guidance also states that “SAR narratives should describe, as fully as possible, why the activity or transaction is unusual for the customer, taking into consideration the types of products and services offered by your industry and the nature and typical activities of similar customers. Explaining why the transaction is suspicious is critical.”  See FinCEN, Suggestions for Addressing Common Errors Noted in Suspicious Activity Reporting (October 10, 2007) at p. 2 (emphasis added).  FinCEN guidance regarding SARs further states: “In answering this question, a filer should describe why the transaction is unusual for the customer or why the activity created a red flag for the filer or triggered an alert within their system.” See FinCEN, The SAR Activity Review, Trends Tips & Issues, Issue 22 (October 2012) at p. 40 (emphasis added).

Thus, if you really believe that it’s easier to file a SAR than not doing so and risking having your decision-making process subjected to close scrutiny, then be sure your SARs contain the necessary information to make them meaningful. Otherwise, you may be worse off than if you hadn’t filed in the first place.

Does FINRA Give Credit For Self-Reporting Problems? It Says It Does, But….

Posted in Disciplinary Process, Enforcement, FINRA, Reg Notice 08-70, Sanctions, Settlements

I read a fascinating piece the other day in BankInvestmentConsultant about FINRA’s Enforcement program, specifically about the notion of broker-dealers self-reporting problems, and whether that was a smart thing to do.  Some of the quotes attributed to FINRA senior Enforcement management are really interesting, so I wanted to share them with you in the event you missed this article.

In January 2010, the SEC launched a formal program that outlined specific benefits available to individuals and firms who self-report, and self-remedy, problems.  Done correctly, such cooperation can result in fewer charges and lesser sanctions, sometimes dramatically less.  There are plenty of examples of cases where the respondent’s cooperation was explicitly cited – favorably cited – as the reason that sanctions were mitigated.

By comparison, FINRA has no such formal program. Instead, it issued fairly vague guidance, back in Regulatory Notice 08-70, that suggested “extraordinary cooperation,” examples of which were provided, could possibly influence “the sanctions [FINRA] will seek in the context of settlement discussions that precede the filing of a formal disciplinary action.”  Perhaps the vagueness is a function of the fact that FINRA Rule 4530 requires that firms promptly report when they have a problem, at least serious problems.[1]  Thus, there really is no question whether or not a firm should self-report, because there is no option not to do so.

But, clearly, there is a difference between, on the one hand, simply making a 4530 report and, on the other hand, going beyond that and doing the sorts of things that would get you cooperation credit from the SEC, or which FINRA has identified as being “extraordinary.” So, the real question is, is it in a firm’s best interest to exceed the simple 4530 requirements in an attempt to get some credit from FINRA?

According to the article in question, the answer is yes. The reporter there wrote, “FINRA’s enforcement officials are willing to cut a break for firms that demonstrate ‘extraordinary cooperation,’” citing comments from Jessica Hopper, a senior vice president with FINRA Enforcement. The reporter continued, saying FINRA “is urging firms to take the difficult but important step of informing the regulator when they detect serious compliance failures.”  Here is where it gets good.  “Doing so, [Ms. Hopper] said, not only fulfills a firm’s regulatory responsibilities, but it can also mean the difference between a slap on the wrist and a steep fine, should the infraction elevate to an enforcement case.”

This sounds amazing, admittedly. I just wish it was true.  But, the notion that FINRA would choose to slap a firm on the wrist rather than crush a firm with sanctions simply because the firm self-reports a “serious compliance failure” is incredible, i.e., not credible.  Granted, there have been a number of cases since 08-70 in which FINRA acknowledged that the respondent demonstrated “extraordinary cooperation,” resulting in some diminution of the sanction.  Indeed, in July and October 2015, FINRA historically imposed no fines on several firms in two very large group settlements involving mutual fund overcharges because the firms “were proactive in identifying and remediating instances where their customers did not receive applicable discounts.”  But, in those cases, the firms voluntarily paid their customers almost $50 million in restitution.  How many broker-dealers have the ability to do that, if that’s what’s considered “extraordinary cooperation?”  And, if that’s what it takes to get some serious cooperation credit, maybe it would be better simply to get fined.

Back to reality. My clients report to me an extreme reluctance to volunteer to FINRA any discovery of a problem, for fear that FINRA will reward them not with a slap on the wrist but, rather, a full-blown investigation, complete with serial 8210 letters and OTRs, culminating in an Enforcement action and big fines.  To the extent FINRA does give cooperation credit, no one actually expects to get it.  If FINRA truly wants its members to provide extraordinary cooperation, then it needs to do more than talk the talk; it has to do a much better job of making clear that cooperation will materially reduce the scope of an exam, and thus the time and expense of dealing with the exam; increase the likelihood that the exam will not get referred to Enforcement; and significantly reduce any sanctions that may be meted out should the exam go to Enforcement.  If FINRA cannot or will not do that, then it should not be surprised how few firms actually attempt to take advantage of cooperation credit.

The good news, perhaps, is that FINRA appears to have recognized this. The article again quotes Ms. Hopper: “”We’re taking a fresh look at credit for cooperation and how we are going to be handling it.  I don’t think there’s as much clarity as people would like on the credit for cooperation.”  No kidding.




[1] Subsection (b) of the Rule provides that “Each member shall promptly report to FINRA, but in any event not later than 30 calendar days, after the member has concluded or reasonably should have concluded that an associated person of the member or the member itself has violated any securities-, insurance-, commodities-, financial- or investment-related laws, rules, regulations or standards of conduct of any domestic or foreign regulatory body or self-regulatory organization.”  In the Supplementary Material, FINRA explains that it “expects a member to report only conduct that has widespread or potential widespread impact to the member, its customers or the markets, or conduct that arises from a material failure of the member’s systems, policies or practices involving numerous customers, multiple errors or significant dollar amounts. With respect to violative conduct by an associated person, FINRA expects a member to report only conduct that has widespread or potential widespread impact to the member, its customers or the markets, conduct that has a significant monetary result with respect to a member(s), customer(s) or market(s), or multiple instances of any violative conduct.”

Body-Slammed By FINRA, Twice In A Week

Posted in Arbitration, Disciplinary Process, Enforcement, FINRA, PIABA, Rule 9555, Statutory Disqualification

I sometimes (well, perhaps frequently) use this blog as a vehicle to complain about certain things that FINRA does, or about certain of its rules, that I feel are just unfair, plain and simple. To show you that I am not simply making this up, I experienced two such events this past week, which I will share with you, and I dare you to reach a contrary conclusion.

The first arose in connection with a customer arbitration. As every reader here likely knows, broker-dealers are compelled to arbitrate customer disputes.  This is both a matter of rule, but, more importantly, a matter of contract, as an arbitration clause is baked into the customer agreement.  Because arbitration is a matter of the parties’ mutual agreement, for the most part, the Code of Arbitration Procedure provides that as long as the claimant and the respondent agree on something, even if it is contrary to the rules, the panel is compelled to follow suit.  For instance, if the parties both want to extend the cut-off date for serving discovery, or move the 20-day exchange deadline to ten days, then the hearing panel has no choice and must accept these modifications.

The selection of the arbitrators is also a matter of agreement between the parties. FINRA supplies a list of names of potential arbitrators, and the parties each strike those who they simply won’t accept, and rank the remaining names in order of preference.  FINRA then compares the two lists and creates the panel from the three remaining names with the highest rankings.  Thus, the parties dictate who hears their case.

Unless, as happened to me, one of the arbitrators decides to withdraw on the eve of the hearing. Then, FINRA can cram down on the parties anyone it wants to serve as replacement.

To be fair, that doesn’t always happen. Before FINRA picks the replacement, it gives the parties the ability to agree either to (1) proceed with only two arbitrators, or (2) delay the hearing, in which case FINRA will supply the parties a short list of names – three people – from which the parties will select the replacement through the strike-and-rank method.  But, if the parties cannot agree on either of these options, what happens is this: FINRA goes back to the original rankings that the parties submitted at the outset of the case, and starts calling those people, to see if anyone is willing, at the last minute, to jump on a plane.  In my case, the hearing was scheduled to start the Tuesday after Memorial Day, which would have required the substitute to fly out on Memorial Day, so, not surprisingly, FINRA struck out.  Most of the time, no one is available, or willing.

At that point, FINRA simply goes into its giant database of arbitrators, and starts calling anyone who might have nothing on their to-do list for the following week and is actually willing to go hear a case. When FINRA finds someone – and assuming there is no conflict – then, BOOM, that person is appointed to your case.  And the parties have nothing to say about it.  It doesn’t matter how horrible that person may be, you’re stuck with him, or her.

My case was a good one, and we felt we had a good chance of prevailing at the hearing, based on the facts, on the law, and, of course, on the three panelists sitting on the case. When we analyzed the case to calculate the likelihood of winning, and what that meant in terms of a reasonable settlement value, we carefully considered the quality of the arbitrators.  And they were good.  But, when one dropped out five days before the hearing, FINRA ended up appointing as substitute an attorney, who just happened to be a PIABA member, and who just happened to have an award history that was full of big awards for claimants, sometimes with punitive damages included.  He was the type of arbitrator that I would have stricken immediately…had I been given the chance.  But, FINRA gave me no such chance.  As a result, we ended up paying to settle, because we concluded that there was simply no way we could get a fair hearing from this substitute arbitrator that FINRA stuck me with.

It is not easy to explain to a client that this case we were all prepared to try – plane tickets purchased, hotel rooms rented, boxes of documents shipped – had changed dramatically for the worse, at the 11th hour, because of a FINRA procedure over which we had zero control.  THAT is not fair.

The second episode concerns statutory disqualification, one of my favorite subjects for this blog. When an individual becomes statutorily disqualified, the broker-dealer with which he is registered receives a letter from RAD, Registration and Disclosure, advising the firm of the fact that the person is SD’d.  Because associating with an SD’d individual would, in turn, also render the firm SD’d, the firm is given a couple of weeks to make one of three choices: it can terminate the SD’d person, it can file a Form BDW (and withdraw from membership), or, alternatively, it can file an MC-400.  An MC-400 is the application that the firm files seeking permission to remain a member of FINRA notwithstanding the fact that is associating with an SD’d person.  Importantly, while the MC-400 application process is pending, the SD’d person is free to continue to work at the BD.[1]  If the MC-400 is ultimately denied, then, at that point, the firm has to terminate the SD’d person or BDW.

Got it? So, I had a client that had one of its partial owners become SD’d as a result of the fact he got barred, through an AWC.  We knew when he signed the AWC he would become SD’d, but we also knew we could file an MC-400, which would allow him to remain associated with the firm, as a partial owner, while he worked to sell his ownership interest.

So we filed the MC-400. But then, things went weird.  Even though filing the MC-400 allows the SD’d person to remain associated with the broker-dealer, FINRA initiated an “Expedited Proceeding” under Rule 9555.  In short, what that rule says is that FINRA can summarily revoke a firm’s registration within 14 days if it does something which renders it unqualified to be a member.  Here, FINRA alleged that my client was unqualified because it was associating with an SD’d person.


The firm dutifully filed the MC-400, right? So, the SD’d person could continue to associate with the firm while the MC-400 application was pending, right?  Apparently, FINRA decided that is not the case.  Despite the fact that my client did exactly what RAD said it could do to remain a member when it was apprised that the partial owner was SD’d, another arm of FINRA, specifically, Member Reg at the District level, has apparently concluded that it was somehow not enough for my client to rely on that instruction it received from RAD.

Heads, FINRA wins; tails, my client loses. Even when you follow FINRA’s instructions, you can find yourself booted from the industry.  That seems fair…where?  Not in this country.

In politics now, we are at the point where it is impossible to shock people anymore. Insult women with a graphic reference on Entertainment Tonight?  No problem.  Mock a reporter with a disability.  No problem.  Body slam a reporter on the eve of the election?  No problem.  Sadly, I am at the same point with FINRA.  Its actions are past the point of being able to shock or surprise me anymore.  But, as I said at the outset, tell me if you think I am overreacting.

[1] How do we know, apart from experience?  FINRA tells us on its website: “If a person is currently associated with a FINRA member at the time the disqualifying event occurs, the person may be permitted to continue to work in certain circumstances, provided the employer member promptly files a written application with FINRA seeking permission to continue that person’s employment with the member firm.”

WannaCry Virus Triggers SEC Security Alert To BDs And Investment Management Firms

Posted in Cybersecurity, FINRA, Investment Management firm

Readers of this blog know that sales practice issues represent my sweet-spot.  Today, in what is probably a welcome departure from my rants, my partner (and co-chair of Ulmer’s Financial Services & Securities Litigation Group) Fran Goins, who knows all things about data privacy and cybersecurity, offers some helpful advice on dealing with the WannaCry virus, as it relates to the financial services world. – Alan

We are now one week into the worldwide cyberattack known as the WannaCry virus, which targets computers running Microsoft Windows operating systems, encrypts their data, and demands ransom payments in Bitcoin currency.  Many of the attacks were perpetrated through phishing emails and malicious websites.  In response, the SEC Office of Compliance Inspections and Examinations issued an alert on May 15 to broker-dealers and investment management firms, admonishing them to update their security protocols and assessments, and to conduct regular penetration testing and system maintenance.

The alert notes that the SEC’s recent examinations of 75 registered BDs and investment firms revealed a number of issues.  More than a quarter of advisers and funds fail to conduct periodic risk assessments; over half of such firms do not conduct penetration testing or vulnerability scans; and some firms failed to implement critical security patches on a regular basis.  BDs scored significantly better.  The SEC staff noted that correcting such failures would be particularly relevant to smaller registrants in connection with the recent attacks, as would enhanced employee training on spotting phishing emails and malicious websites.  The alert also referred registrants to FINRA’s webpage created before these attacks, with links to cybersecurity resources including a checklist for smaller firms

Many of the entities affected by the attacks had not implemented a Microsoft security update issued two months ago on March 14, 2017.  In response to WannaCry virus, Microsoft took the unusual step of releasing patches for other operating systems on May 13, including some they no longer support.  Reportedly, ransom payments have been largely ineffective to restore the encrypted data, although a 22-year old web security researcher discovered an effective kill switch for the virus shortly after the attacks began.  Today, a group of French researchers reported that they had found a way to save at least some encrypted Windows files, and published a blog with technical details of the fix titled “wanakiwi.”

Globally, the WannaCry virus is believed to have infected more than 300,000 computers in 150 nations, with the vast majority in China and Russia.  Reportedly, only 7% of the infections occurred within the United States.  Nonetheless, the attacks disrupted major businesses, including FedEx and Hitachi, as well as UK hospitals.  Although the disruptions associated with this particular virus appear to have passed,  the attacks should be a wake-up call for US financial firms and businesses to make cybersecurity a critical component of their enterprise risk management.


FINRA’s AML Fines: Murky (And Expensive) Waters

Posted in AML, Disciplinary Process, Enforcement, FINRA, Rule 3011, Rule 3310, Sanctions, Supervision

In this post, Michael Gross complains — and rightly so — about the lack of any definitive guidance from FINRA regarding the appropriate range of fines to be imposed for AML violations.  The bigger issue, however, at least in my view, is not necessarily the lack of guidance, but the fact that the fines FINRA metes out in AML cases are, simply, ridiculously high, as Michael notes.  In my recent experience, it seems that the absolute minimum that FINRA will even consider discussing is $100,000.  Why?  Because in FINRA’s eyes, every AML case is “serious.”  Even in the absence, of course, of any actual money laundering or any actual terrorist financing.  This one-size-fits-all approach to AML cases is maddeningly oversimplistic, and fails to take into consideration that, at the heart of the AML rule, is a “reasonableness” standard, same as in supervision cases.  – Alan 

While at FINRA, I litigated and settled multiple anti-money laundering (AML) cases. I now find myself defending them. Despite my familiarity in these waters, I find the guidance provided on fines for AML violations to be unnecessarily murky.

The Commonplace Nature of AML Violations

Over 15 years ago, FINRA issued the first version of its AML rule: NASD Rule 3011 (n/k/a FINRA Rule 3310). Since that time, FINRA has:

  • Created a “Topic Page” on its website dedicated to AML matters;
  • Issued 13 notices regarding AML matters;
  • Issued 25 AML-related press releases;
  • Created a dedicated AML Investigative Unit (which has grown in number); and
  • Brought countless disciplinary actions for AML violations, including two AWCs in 2016 where the fines exceeded $16 million.

One commentator estimated that FINRA doled out over $43 million in fines in 29 AML cases in 2016. These fines account for nearly a third of the $137 million in fines that FINRA levied in 2016.

No Sanction Guidelines for AML Violations

FINRA publishes Sanction Guidelines (Guidelines) in order to “provide direction for Adjudicators in imposing sanctions consistently and fairly.” The Guidelines “address some typical securities-industry violations,” such as unsuitable recommendations, selling away, and supervision violations. The Guidelines identify principal considerations in determining sanctions for these typical violations, and they also set forth a recommended range of sanctions for the violations. For example, the Guidelines recommend a range of fines for firms for various supervision violations: “Systemic Supervisory Failures” ($10,000 to $292,000), “Failure to Supervise” ($5,000 to $73,000), and “Deficient Written Supervisory Procedures” ($1,000 to $37,000.”[1] The Guidelines provide a level of clarity to firms, registered reps, and their attorneys in determining whether to settle or litigate alleged violations.

Since the 2002 enactment of its AML rule, FINRA has revamped its Guidelines on multiple occasions. In May 2015, FINRA made wholesale revisions to the Guidelines. In April 2017, FINRA again made multiple revisions to the Guidelines, including the addition of three new guidelines for systemic supervisory failures, short interest reporting, and borrowing from/lending to customers. Despite the commonplace nature of actions for AML violations, FINRA did not add a specific guideline to address such violations. This is peculiar. FINRA is well aware that AML violations have been “typical securities-industry violations” for quite some time now.

It is no secret that AWCs for AML violations have resulted in higher fines than fines for most other violations, and it likewise is no secret that FINRA has been imposing increasing fines for AML violations. Given the significant amount of revenue that FINRA has generated from fines for settling AML cases, it seems that FINRA has chosen not to publish a guideline that puts a range (and constraint of sorts) on fines for AML violations.

FINRA Tribunals’ Decisions to Use the Supervision Guidelines for AML Violations

Although the Guidelines do not contain a specific section addressing AML violations, the Guidelines do provide that: “For violations that are not addressed specifically, Adjudicators are encouraged to look to the guidelines for analogous violations.”[2] Until recently, FINRA tribunals have considered supervision violations to be analogous to AML violations, and thus looked to the specific guidelines for supervision violations in assessing sanctions for AML violations. For example, in Lek Securities, an OHO Panel concluded that:

There are no specific Sanction Guidelines applicable to the violation here, the failure to establish and implement an adequate AML program. The National Adjudicatory Council (“NAC”) has treated deficient written supervisory procedures as an analogous violation and applied the Sanction Guidelines for that type of violation to a case of deficient AML procedures. Other Hearing Panels have done likewise. The Hearing Panel in this case also looks to the Sanction Guidelines for deficient written supervisory procedures as an analogous violation.[3]

This makes sense. AML compliance, like supervision, requires establishing and implementing written procedures, monitoring transactions for suspicious activity, and taking appropriate action, when necessary.

In a July 2016 Decision, the NAC affirmed the use of the supervision guidelines in assessing AML sanctions. In North Woodward, the NAC batched supervision and AML violations (i.e., imposed a unitary sanction for both sets of violations), and looked to the supervision guidelines to assess sanctions, citing multiple decisions in which other FINRA tribunals had done the same.

These holdings are good for firms. They provide guidance on AML sanctions, and they place a reasonable range on AML sanctions.

The NAC’s Decision Not to Use the Supervision Guidelines for AML Violations

Unfortunately, in October 2016 – less than three months after the NAC issued the North Woodward Decision that affirmed the use of the supervision guidelines for AML violations – the NAC did a complete about-face. In the appeal of the aforementioned Lek Securities case, the NAC rejected the notion of using the supervision guidelines for AML violations:

That guideline, however, was not crafted to address the violations here, a deficient AML program, including deficient policies and procedures. In fact, deficiencies in AML policies and procedures are far more serious than most deficiencies in written supervisory procedures.

This holding, in essence, means that there is no supervision or other section in the Guidelines that address violations analogous to AML violations, and consequently, no recommended range of fines for AML violations.

An OHO Panel’s Subsequent Decision to Use the Supervision Guidelines for AML Violations

Despite the NAC’s holding in Lek Securities, an OHO Panel recently aggregated fines for a firm’s AML and supervision violations in its March 2017 Decision in Spencer Edwards.[4] In assessing the fine, the Panel used the guidelines for supervision violations because the supervision and AML violations “stemmed from a common problem at the firm.”  That failure was assembling a checklist of materials to be reviewed that no one at the firm critically reviewed. More specifically, the Panel found that the firm failed to implement its supervision procedures on Section 5 and its related AML procedures.

It is time for FINRA to issue a sanction guideline on AML violations.

[1] The odd top-end sanction ranges (i.e., $73,000, instead of $75,000) are the product of the Guidelines being adjusted in accordance with the Consumer Price Index. Regulatory Notice 15-15.

[2] The Office of Hearing Officers (OHO) is, in effect, FINRA’s trial court, and the National Adjudicatory Council (NAC) is, in effect, its appellate court.

[3] Lek Securities is on appeal to the SEC.

[4] Spencer Edwards is on appeal to the NAC.

FINRA’s Board Continues To Bend In the Wind Of Criticisim

Posted in Arbitration, Board of Governors, Enforcement, FINRA, PIABA, Registered Representative, Rogue rep, Rule 2010, Sanctions

On Wednesday, the FINRA Board met and discussed two topics that I recently blogged about: recidivist brokers and unpaid arbitration awards.  In predictable fashion, FINRA withered in the face of criticism that its existing rules and policies are somehow not tough enough on its member firms, and embarked on a proposed series of steps that, if ultimately approved, will further establish FINRA’s continuing refusal to stand behind its member firms.

Recidivist Brokers

The Board authorized several steps to address what it called “high-risk” brokers. It is notable at the outset, however, that, in addition, the Board also seeks to address “the firms that employ them,” thereby making this a firm issue, not just an individual issue. The specific proposals include:

  1. amendments to the Sanction Guidelines. According to the separate press release that FINRA issued, these amendments will make sanctions harsher “when an individual’s disciplinary history includes additional types of past misconduct.” This is hardly newsworthy, as the existing Sanction Guidelines already expressly encourage harsher sanctions when a respondent has a disciplinary history, so it is unclear exactly how this proposal means anything (apart from FINRA’s continuing trend of ratcheting up the sanctions, something it routinely does anyway from time-to-time, and as recently as earlier this year);
  2. amendments to the Rules governing FINRA Enforcement cases, to permit the activities of recidivist brokers to be restricted while an appeal is pending in “appropriate” – but undefined – “circumstances”;
  3. amendments to the “summary revocation” Rules, although no details were provided here;
  4. publication of a Regulatory Notice “rearticulating heightened supervision obligations under FINRA Rule 3110.” This is a particularly interesting proposal, given that under Rule 3110, there presently exist no obligations, ever, under any circumstances, to impose heightened supervision on a broker. Accordingly, this proposal, which “would specifically require firms to adopt heightened supervisory procedures for brokers while a statutory disqualification request is under FINRA’s review, or the broker is appealing a hearing panel decision,” represents a significant departure from existing rules;
  5. amendments to Schedule A of the FINRA By-Laws that will jack up the already sizable fees FINRA imposes for statutory disqualification eligibility applications;
  6. amendments to FINRA Rule 8312 that would require it to be disclosed on BrokerCheck when a firm is a “taping firm” under FINRA Rule 3170. No big deal, as FINRA already publishes on its website the up-to-date list of such firms.
  7. clarifications to FINRA’s examination waiver guidelines. Specifically, “the proposals would revise the guidelines for reviewing requests for a waiver from FINRA exam requirements to more broadly consider the past misconduct of an individual, including arbitration awards and settlements.” Given that FINRA supposedly already takes these things into consideration when it receives exam waiver requests – see this Guidelines to Exam Waivers that exist on FINRA’s website – this proposal is also just noise.

As you can see, many of these proposals simply restate existing positions that FINRA already takes, and, moreover, none reflects any inclination by FINRA to align itself with its members, most of whom would argue that nothing in particular needs to be done about recidivist brokers beyond the current Enforcement program. Even more disturbing, and as I noted in my recent blog, whatever one thinks about recidivist brokers, the proposals continue to reflect FINRA’s odd slant on the facts that it was surprised and dismayed to learn of the existence of recidivists in the industry, as if FINRA – the owner and operator of CRD and BrokerCheck – was somehow unaware of RRs’ disciplinary histories.

Unpaid Arbitration Awards

The Board also addressed PIABA’s sad complaint that too many arbitration awards go unpaid. To address this supposed problem – a problem that exactly zero members are complaining about – the Board is going to consider several proposals:

  1. “expand a customer’s option to withdraw an arbitration claim and file in court, even if a mandatory arbitration agreement applies to the claim,” when a member firm or an RR “becomes inactive” during a pending arbitration, or where an RR becomes inactive before a claim is filed. This is a fascinating proposal, given FINRA’s acknowledgement that firms and RRs arbitrate customer complaints not only because FINRA rules require them to do so, but also as a matter of contract. If a customer signs an agreement compelling him to arbitrate his disputes with FINRA, I can only wonder how FINRA proposed to trump that binding contractual obligation;
  2. allow customers to amend pleadings, postpone hearings, request default proceedings and receive a refund of filing fees under such situations when a firm or an RR becomes inactive. Like most, if not all, respondents’ counsel, I already am firmly of the view that the Code of Arbitration Procedure exists to benefit customers, at the expense of my clients. This proposal would simply continue the trend of providing customers protections unavailable to firms and RRs; and
  3. amend Form U-4 to “elicit information from registered representatives that do not pay arbitration awards, settlements and judgments in full in accordance with their terms.” Look: failure to pay an arbitration award, or honor a settlement agreement, absent a recognized reason,[1] can already result in summary revocation under 9554. Failure to honor an arbitration award or a settlement agreement is already deemed in IM-12000 to be a violation of Rule 2010. I simply do not believe that adding the requirement to disclose on Form U-4 an unpaid arbitration award or settlement to the existing list of horrible consequences really provides any additional incentive for a respondent to pay an adverse arbitration award or a settlement. Thus, this is really just more smoke than fire.

These proposals, plus, likely, whatever new ones the Board conjures up (as FINRA expressly said that the Board discussed “additional steps” that it will consider at subsequent meetings), typify FINRA’s keen interest in taking prompt action to address any suggestion in the media that it is failing at its job. Ironically, it seems that groups like PIABA has a much more direct pipeline to the FINRA Board than its own member firms do, given the speed and public showiness with which FINRA responds to PIABA’s complaints.  I can attest firsthand that this is galling to most broker-dealers, who are still waiting, perhaps with less and less patience, for some sign that FINRA head guy Robert Cook harbors any real desire to mend the relationship with the firms he regulates.


[1] According to Reg Notice 10-31, there are only four recognized defenses.  (There used to be a fifth – the inability to pay – but FINRA eliminated it.)  They are (1) paying the award in full or fully complying with the settlement agreement; (2) the claimant agreed to accept installment or otherwise agrees to settle the matter; (3) the respondent filed a timely motion to modify or vacate the arbitration award, and the motion has not been denied; and (4) the respondent filed for bankruptcy, and the bankruptcy petition is still pending or the bankruptcy court has discharged the award or the settlement payment obligation.


Sticks And Stones May Break Your Bones, But Words Will Get You Barred

Posted in Enforcement, FINRA, Registered Representative, Rule 2010, Sanctions

I have been meaning to write something about this recent NAC decision for a while now, but I am still not really sure what to make of it.  I suppose it stands for two propositions.  First, there is almost nothing that a registered rep can do without FINRA sticking its nose in, regardless of whether it is securities related. Second, FINRA is willing to bring its hammer down – in the form of a permanent bar – simply for boorish behavior, something that is, sadly, hardly unusual in the broker-dealer world.

Ahmed Gadelkareem is a former registered rep. According to the decision, he worked for 19 firms over a 19-year period.  For less than a year, he was registered with Blackbook Capital, LLC.  Unfortunately, it appears that Ahmed didn’t necessarily work and play well with others, so Blackbook terminated him.  His U-5 reads that he “was terminated for repeatedly engaging in unprofessional conduct in the workplace, including without limitation, threatening and abusive interaction with female employees.” But, that is not what got him into trouble with FINRA.

After he was let go, Ahmed “embarked on a campaign of abusive, harassing, and threatening communications directed to Blackbook employees,” including “numerous telephone calls, emails, and texts, many of which contained vulgar language and threats.” More specifically,

  • Ahmed left a voicemail message “in which he made a number of vulgar remarks” about the recipient’s mother.
  • He left three more voicemail messages for the same person mentioning the recipient’s mother in a suggestive manner and taunting him.
  • He sent “numerous emails” to an owner of Blackbook, accusing the owner of “unauthorized trading, drug use, and fraternizing with a female employee.”
  • He accused a Blackbook registered rep of “stealing” another registered representative’s paycheck.
  • He sent a bogus letter from a fictitious FINRA examiner to Blackbook identifying supposed conduct issues.
  • He filed police reports and a number of lawsuits against Blackbook, and a bar complaint against Blackbook’s lawyer.

So, FINRA brought an Enforcement case against Ahmed “for sending multiple abusive, harassing, and threatening communications to persons associated with his former member firm, . . . in retaliation for his termination by Blackbook and to force Blackbook to settle his claims with respect to commissions the firm withheld.”

Ahmed lost. It seems that he did nothing to help himself at the hearing, as the decision recites that his “harassing conduct continued during the proceedings below,” including making “a throat cutting motion” to one witness as he sat down to testify at the hearing, filing “numerous unfounded complaints against Enforcement” and serving “fabricated subpoenas on witnesses after being instructed repeatedly by Enforcement and the Hearing Officer that such subpoenas were not permitted in FINRA proceedings.”

I am hardly condoning Ahmed’s behavior. He was rude to people, especially women, and there is no room for that in the workplace, or any place, for that matter.  He was mean; he threatened people and tried to intimidate them.  He was deceptive, and lied repeatedly.  But…it just seems odd that FINRA decided to bring an Enforcement case against Ahmed for being, essentially, a douchebag.  The securities industry is full of them.  (So is the legal industry.)  I can’t figure out what this case has to do with “investor protection, market integrity,” FINRA’s corporate tagline and its supposed principal motivators.

What is also noteworthy is that FINRA only cared because Ahmed’s terrible behavior was directed at his former BD. If he had done the same things to, say, his landlord, or the cable company, or his next door neighbor, FINRA wouldn’t have bothered to do anything.  The decision includes this display of logic: “FINRA Rule 2010 encompasses all unethical, business-related conduct, even if that conduct is not in connection with a securities transaction. . . .  Misconduct in connection with an associated person’s relationship with his employer constitutes business-related conduct to which the rule applies.”  You can see the issue, one I have written about before:  if you elect to work in this regulated industry, you must do so with the keen awareness that Big Brother, in the form of FINRA, is watching everything you do and say, as long as it is even only arguably job related.  Even after you’re fired, apparently.

This sort of arrangement exists nowhere else, except, perhaps, the military. Teachers who bad-mouth the principal don’t get permanently barred.  Ballplayers who talk back to the coach can still find work on other teams.  Temperamental actors who abuse their directors continue to command enormous paychecks.  But, registered reps who act badly – even absent any demonstration of customer harm – can find themselves not only out of a job, but out of the industry.  The lesson this case provides is clear:  As a registered rep, treat your co-workers and your boss with respect, even after you are fired.  If you don’t, you run the risk that the price you pay will be more than acquiring a reputation for being “that guy” at the office who everyone hates; indeed, you run the risk that every crappy and petty thing you ever said will come back to haunt you.  Crime may sometimes pay, but being douchy does not.