Well hello again, and Happy Valentine’s Day!  Sorry for the long hiatus, but glad to be back with this piece from Nathan, who is too modest to call himself Mr. Crypto…but if the shoe fits….  Not saying I always understand what he says, but it’s nice to have him as an incredible resource for this important and growing aspect of our financial services world. – Alan


Over the years, this blog has not shied away from calling out FINRA or the SEC for regulating via enforcement actions rather than providing formal guidance.  Well, the SEC did it again last Thursday with a complaint filed against Kraken, a cryptocurrency exchange that offered staking-as-a-service. Under the terms of the settlement that was announced on the same day, the company agreed to pay a $30 million fine for failing to register its staking program as a security.

So, what is staking and why does the SEC have a problem with staking-as-a-service?

Staking is a process in which a cryptocurrency holder locks up (remember this part!), or “stakes,” its cryptocurrency tokens with a blockchain network to validate transactions and secure the network. In exchange for providing/locking up the tokens, the holder is rewarded with newly minted tokens and/or a percentage of transaction fees. Staking is one of several consensus mechanisms used to validate transactions and secure blockchain networks, and it is the main alternative to the proof-of-work consensus mechanism used by networks like Bitcoin.

Staking-as-a-service is a business model where a company pools funds from multiple stakers and uses them to participate in the validation of transactions on a blockchain network.  The service is marketed as a way for individuals to participate in blockchain networks and earn rewards without having to operate their own node or perform the technical tasks (or meet the financial minimums) required for staking. One reason for the creation of staking-as-a-service is that some protocols require a substantial amount of capital to participate in the validation process.  Ethereum, for example, requires each validator to have a minimum of 32 ETH (approximately $50,000).  This keeps smaller retail investors from participating in the validation process and earning yield from their Ethereum holdings.  Enter a company like Kraken.  By providing staking-as-a-service, smaller retail investors could pool their tokens together, satisfying the threshold for participation.

The SEC complaint took issue with Kraken for two principal reasons.  First, the SEC concluded that Kraken’s approach to staking-as-a-service operated as an unregistered security.  The interpretation of whether staking-as-a-service constitutes a security will often depend on the specifics of each staking service.  Here, Kraken’s service may have fallen under the SEC’s definition of a security under Howey[1] because Kraken smoothed out the returns promising a set rate of return rather than simply facilitating retail users participation as a validator.  If Kraken had simply passed through the reward provided by the protocol for validating transactions, it may not have drawn the same regulatory ire.

Second, the SEC focused on a lack of disclosure; a common refrain from the regulators regardless of whether they are focused on crypto, traditional securities or alternative investments.  SEC Chairman Gary Gensler said Thursday following the settlement announcement, “Today’s action should make clear to the marketplace that staking-as-a-service providers must register and provide full, fair, and truthful disclosure and investor protection.”  Given that securities laws in the U.S. are largely disclosure-focused, it’s no surprise that disclosure was a focus.

But what about the requirement to register?  Has the SEC outlined or described a way for crypto firms to properly register their tokens, products or services?  No, and this has been a source of frustration for the industry, which has been clamoring for clear regulations for years. Yet, despite repeated calls for guidelines, the SEC has remained stubbornly opaque, choosing instead to enforce its views through enforcement actions again and again.[2]

Following the settlement another SEC Commissioner, Hester Peirce, colloquially known as “Crypto Mom” for her vocal support for the nascent industry, dissented from the Kraken Complaint.  In that dissent, she highlighted the fact that there is no specific means to register this kind of service nor is there any guidance as to what disclosures are necessary to comply with the SEC’s interpretation of existing rules.  She also said:

Most concerning, though, is that our solution to a registration violation is to shut down entirely a program that has served people well. The program will no longer be available in the United States, and Kraken is enjoined from ever offering a staking service in the United States, registered or not. A paternalistic and lazy regulator settles on a solution like the one in this settlement: do not initiate a public process to develop a workable registration process that provides valuable information to investors, just shut it down.

On Friday, Gensler made the rounds on various cable business networks to discuss the Kraken settlement and made registration seems as simple as filing the right paperwork.  CEO of Kraken, Jesse Powell, did not hold back his frustration with this seemingly disingenuous framing.  Echoing Commission Peirce’s dissent, he tweeted:

To recap, the SEC fined Kraken for failing to properly register (without outlining the method for registration) and it criticized Kraken’s lack of disclosures (again without providing guidance on what those disclosures required).  Was there anything else the SEC did?

Remember I told you to remember how staking requires the tokens to be locked up?  Under the current Ethereum staking program, once the tokens are locked in, they cannot be withdrawn until some undetermined future time when Ethereum goes through another network upgrade.  Presently, that upgrade is not expected to occur for another year or two.  So, say you’re a user who deposited your Ethereum tokens with Kraken’s staking-as-a-service to earn yield.  The SEC just ordered that program be shut down.  Kraken can’t pay yield under the program. Kraken also can’t get the tokens back from the Ethereum protocol to return to the user.  How are those users made whole?  Will they still earn yield for their locked coins?  How will they get paid?  The SEC hasn’t addressed that but I’m sure they’ve got “investor protection” at the front of mind.  Right?



[1] SEC v. W.J. Howey Co., 328 U.S. 293 (1946).  Although the Supreme Court has outlined other test/standards for determining what constitutes a security (see e.g. Reves v. Ernst & Young, 494 U.S. 56 (1990)), the main test for crypto-projects remains the Howey test.


[2] See, e.g., Sec. & Exch. Comm’n v. LBRY, Inc., 21-cv-260-PB, (D.N.H. Nov. 7, 2022).


When I am engaged to defend a case, whether it’s a customer arbitration or a regulatory complaint, my clients typically get to the point, sooner or later, where they ask me two questions: (1) what do I think about their chances of winning, and (2) what’s it gonna cost me.  In many matters, the answer to the second question renders the answer to the first irrelevant.  If to take a case to trial would take many multiples of what it would cost to settle, most clients will opt, albeit reluctantly, to settle.

A recent decision in an SEC case highlights this situation extremely well.  In 2020, the SEC filed a complaint in federal court in Tennessee against CapWealth Advisors, its founder, Timothy Pagliara, and the firm’s managing director of wealth management, Timothy Murphy.  The complaint included the same group of charges that the SEC has brought against a number of advisors, basically alleging that the advisor failed to adequately disclose the conflict of interest created as a result of the advisor’s receipt of 12b-1 fees from the sale of certain mutual fund share classes (when other share classes, without 12b-1 fees, were available).  According to the SEC, this caused CapWealth’s customers to pay approximately $430,000 more in fees than they otherwise would have had to pay.

Notably, the SEC always frames these charges as a fraud case.  While most advisors – including some of my own clients – have chosen to settle – without any admission of liability – when faced with this situation, it remains that the findings baked into the settlement include the fraud finding.  As you would expect, that aspect of the settlement can make the deal difficult to swallow.  I mean, who wants to have to explain to clients, and prospective clients, that your settlement with the SEC includes a violation of some antifraud statute?

But, the fact is that nearly all advisors do settle, notwithstanding this issue, for the simple reason that the answer to the second question I identified above – the cost of defense – trumps the answer to the first question, i.e., is the case winnable.

In a break from the pack, these defendants essentially said, screw the cost of defense, we are going to fight the SEC, and dare the government to prove its case in court.

Well, sure enough, they beat the SEC.  The result?  No findings of any rule violations, including any fraud findings.  That would seem like an ideal outcome.

Or was it?  The problem:  according to public reports, it cost CapWealth $1.5 million in legal fees to obtain this result.  I have no idea how much the SEC would have agreed to settle for, but, based on settlements in other cases involving similar allegations, I would expect that there would have been some civil monetary penalty imposed and an obligation to disgorge the (supposed) excess fees that the SEC identified.  Would that have amounted to $1.5 million?  Perhaps not.

But, let’s presume, for the sake of discussion, anyway, that the total price tag for the settlement would have been half of the $1.5 million that CapWealth paid.  Would it be worth settling, despite the finding of fraud, if it would save you $750,000?  I expect that a lot of firms, perhaps most, would say, 100%, yes, I would settle to save that much money.

The point is simple:  the decision to settle or to fight is an expensive one.  Few firms, and even fewer individuals, have the luxury of ignoring the cost of defending a case when deciding how to respond to a complaint.  And that is just the sad reality of things.  Certainly, claimants’ counsel know this when they file arbitrations against BDs.  They know that no matter how baseless a claim may be, there is no easy, cheap way out for the BD.  And, because of this, many BDs will elect to settle – so-called “nuisance” settlements – simply to avoid the expenses associated with a vigorous defense.

Ultimately, I am not sure what the lesson here is.  One the one hand, I applaud Mr. Pagliara, Mr. Murphy and CapWealth for having the backbone, and the wallet, to fight the SEC (and I applaud the great job their counsel did).  On the other hand, I can only wonder whether, even given the outcome of the trial, they question their decision to do so, given the cost.[1]

[1] It is worth pointing out the defendants here benefitted from the fact that the SEC filed its complaint in court, rather than initiating an administrative proceeding.  Had the Division of Enforcement filed the latter, then the Division would have had the opportunity to file an appeal from the adverse decision to the SEC itself (where, if history teaches, the rejection of the charges by the court would have been reversed).  And that, of course, would have added even more to the defense costs.


So, after all the hubbub about how Reg BI was going to turn the brokerage industry on its head, given the new standard of conduct – more like that of a fiduciary – that it was imposing on BDs and registered reps, I’m sure everyone was as super excited as I was the week before last to learn that FINRA had brought its first Enforcement action finding a violation of Reg BI!  It came in the form of this AWC against the new answer to a (really boring) trivia question, a guy named Charles Malico, a former RR with Network 1.

And, what did we learn?  Alas, not much.  Mr. Malico was found to have excessively traded the account of a single customer.  According to the AWC, this sort of trading “was excessive in light of the customer’s investment profile and therefore was not in that customer’s best interest.”

Well, duh.  This is the exact same case that FINRA has been bringing for decades. Except that up until Mr. Malico came along, they called it “churning,” and charged it as a violation of the suitability rule.  Under the Supplementary Material to FINRA Rule 2111, the suitability rule – which still exists, by the way, notwithstanding the promulgation of Reg BI, and which applies, I suppose to any trade not covered by Reg BI – FINRA defines “quantitative suitability” to require that

a member or associated person . . .  have a reasonable basis for believing that a series of recommended transactions, even if suitable when viewed in isolation, are not excessive and unsuitable for the customer when taken together in light of the customer’s investment profile.

Do me a favor and compare that specific language with this, from Mr. Malico’s AWC, where it recites that Reg BI

requires broker-dealers and their associated persons to . . . have a reasonable basis to believe that a series of recommended transactions, even if in the retail customer’s best interest when viewed in isolation, is not excessive and is in the retail customer’s best interest in light of the retail customer’s investment profile.

Notice anything?  Yup, FINRA simply lifted its old suitability analysis, almost verbatim, except for the fact that it changed “unsuitable for the customer” to “not in the customer’s best interest.”

So this is what Reg BI is all about?  A simple exercise in changing the vocabulary that FINRA is going to use when it brings the same old cases it’s always brought?  Maybe it’s too early, maybe waaaay too early, to reach any sort of overarching conclusions about the impact that Reg BI will have on FINRA’s Enforcement program.  But, based on this sample size of exactly one case, it is difficult to figure out what the fuss is all about.  At least when it comes to churning cases.

To be fair, however, after doing my digging around FINRA’s website, this is exactly the result we should have been expecting.  In a podcast from back in September 2020 called “Excessive Trading: When A Lot Becomes Too Much,” the Enforcement guy was asked whether “FINRA Enforcement’s expectations around excessive trading changed at all since the implementation of Reg BI in June of this year?”  In response, Chris Kelly stated,

[t]he short answer is no.  I don’t think you’ll see much of a difference in the excessive trading cases we traditionally brought under FINRA suitability rules and the cases that we are likely to bring under Reg BI with one important difference. Reg BI eliminated one of the key legal elements of an excessive trading case that we are required to prove and that is the element of control. So traditionally, in order to bring excessive trading case against the broker the enforcement action would have to establish that the broker controlled either in fact or had de facto control over the trading in the customer’s account. Reg BI explicitly eliminates that requirement of control and so we no longer need to prove that to bring an excessive trading case under Reg BI. Other than that, I think the cases are very much going to look the same.

Well, point to you, Mr. Kelly, you nailed it.

We will have to watch what other tricks FINRA may have up its sleeve if/when it starts using Reg BI to enforce things other than churning.  For now, however, apart from using slightly different vocabulary, the Malico AWC demonstrates that it’s “same as it ever was” when it comes to churning, Reg BI notwithstanding.


P.S.  After I posted this, I got a call from someone much smarter than me (which, of course, I acknowledge describes most humans).  He pointed out that while there may not be any impact on the nature of the case that FINRA brings, calling the misconduct a violation of Reg BI vs. a violation of the suitability rule can have a huge impact on the respondent…IF THE CONDUCT IS FOUND TO BE WILLFUL!  If someone is found to have violated Reg BI “willfully,” that results in the respondent being deemed to be STATUTORILY DISQUALIFIED.  That would NOT be true for any violation of the suitability rule, even a willful violation.  Indeed, as you can see from Mr. Malico’s AWC, he was, in fact, SD’d because his violation of Reg Bi was deemed to be willful.  This is not a happy development.

As the song goes, time keeps on slipping, slipping, slipping into the future.  While Steve Miller may not have had FINRA and the SEC in mind when he wrote that lyric, the shoe certainly fits.  Because here’s the thing about the passage of time, at least in FINRA/SEC world: typically, regulators pay it little attention.  They take forever to finish exams.  They take forever to figure out what to do once they’ve completed an exam.  They take forever to issue decisions.  I mean, who cares that a registered rep may have a “yes” answer for years on his U-4 reflecting an investigation that never ends, right?  Who cares if a fully litigated case has been awaiting a decision for years?  Certainly not regulators.  They blithely go about their business in plodding fashion, as the weeks, months, and (sometimes) years go by, indifferent to the consequences of their foot-dragging on the people and firms they regulate.

Just consider some examples.

My partner Heidi and I defended – and won – an SEC administrative proceeding in 2015.  When Obama was president.  After the ALJ issued his Initial Decision, the Division of Enforcement appealed to the Commission which, to exactly no one’s surprise, reversed the ALJ and found (at least some) liability.  We then appealed to the DC Circuit Court of Appeals.  In a decision issued in April 2019, the Court upheld some of the SEC’s findings, reversed others, and vacated the sanctions, pending a remand back to the SEC to reconsider the sanctions in light of the Court’s decision narrowing the liability findings.  Here we now are, three years and six months later, and still no decision from the SEC.  Comically (or not, if you’re my clients), this despite the fact that the SEC has granted itself 21 extensions of time within which to issue its decision.

And this is hardly an outlier.  I have a case on appeal to the SEC from a NAC decision that has been pending now for over three years.  The SEC has granted itself ten extensions since June 2020.  Still no sign of a decision.

I was involved in another case that is now on appeal to the SEC from an ALJ’s Initial Decision.  After 14 self-authorized extensions and over three years, still no decision.

It is well past the point where I can provide any sensible advice to my clients about when they should expect decisions.  All I can do is shrug.

FINRA is also guilty of ignoring the passage of time…except when it’s in FINRA’s best interest not to do so.  Anyone who defends regulatory matters can attest to the fact that FINRA will oftentimes sit on exams, for no apparent reason.  I love telling the story, from a decade ago, where I was defending an OTR.  We got to the end of the day, but hadn’t completed it.  The examiner asked about our availability the next day, but neither my client nor I could do it.  So, for a few weeks thereafter, I exchanged emails with the examiner about possible dates to resume the OTR; alas, we couldn’t find a date that worked for us both.  Jumping ahead to the punchline:  here we are ten or so years later, and I never heard from the examiner again.

I have had clients who have received a Wells letter – meaning it is a U-4 disclosure event for them, and not a great one – only to have FINRA do nothing for years (sometimes only then to mysteriously drop the case).  I have clients who have been told that a matter is being referred to Enforcement, only to have no follow-up from Enforcement.  Neither of these things is a rarity.

Predictably, however, but sadly, in many instances where FINRA has gone on extended radio silence, out of the blue they will suddenly reach out and say, I know that you haven’t heard from us in a year, but, hey, now I need your response to an 8210 request.  Like, in a week.  Because, you know, our investor protection concerns mandate that we cannot tolerate any delays in the prosecution of this matter, so you have to answer now, now, NOW.[1]

I am going to end with the most recent example I have encountered, and maybe the most remarkable.  I represent a client who is named as a respondent in a FINRA Enforcement action.  Sadly, he suffered a stroke.  Based on that, we sought and obtained a three-month continuance in the hearing date.  When it became evident, however – importantly here, not evident to me, but, rather, to his doctor, who wrote a note outlining his opinion – that he was still suffering the effects of the stroke, thereby making preparation for and attendance at the hearing impossible, we filed another motion to continue the hearing dates again.

Remarkably, and callously (if you ask me), Enforcement opposed the motion.  Even more remarkably, however, the Hearing Officer denied the motion (which was supported by the doctor’s note).  According the Order, the doctor’s note wasn’t good enough, not detailed enough.  But, putting that aside, and more to the point of this blog post, the Hearing Officer justified her Order in part by noting that “the requested continuance would be contrary to the primary purpose of Rule 9222, which is ‘to ensure prompt resolution of [FINRA’s] disciplinary proceedings, which is necessary to enable [FINRA] to carry out its regulatory mandate and fulfill its responsibilities in protecting the public interest.’”

Prompt resolution??  Consider that the complaint was filed in October 2021.  It deals with two offerings, one of which was conducted in 2013 and the other in 2015.  Do the math:  FINRA waited eight long years to file this complaint, but then refused to move the hearing back even a few months – to give a stroke victim time to recover, mind you – because of those pesky investor protection concerns.[2]

The double standard applied here is patent.  It is, simply, unfair for regulators to take all the time in the world when it suits them, despite the price firms, reps and advisors can pay for that dilly-dallying, but then turn around and insist on swift justice – at any cost – when they feel like it.



[1] A buddy of mine who practices in New York claims that it happens every August: in the two-week period before school starts and everyone is out of the office on vacation soaking up the last bit of summer sun, FINRA will suddenly reach out about a case that’s been quiet for a year and announce that a Wells letter is coming.  He insists that this cannot be coincidental, but I can’t say for sure one way or the other.

[2] In the interest of full disclosure, I must point out that after our motion was denied, the Hearing Officer later granted a motion by a co-respondent to continue the hearing in order for him to obtain a new lawyer.  So, the hearing did end up getting continued, but not out of concern for my client’s health.


It’s always exciting to watch something that you just know will be deemed by later generations to be an historic event.  I mean, I distinctly remember watching Neil Armstrong on TV taking his first steps on the moon, or the tragic Challenger disaster, or OJ demonstrating how the glove just didn’t fit, and thinking: this is history happening, right now.

Well, FINRA’s roll-out of Rule 4111 may not belong on this list, I admit.  But, it is kind of interesting to watch things happen for the first time, and to see just how much of this FINRA is simply making up as they go along.  A lot, it seems.

I outlined in my previous blog post about Rule 4111 the multi-stage process spelled out in the rule.  We are now at the stage where FINRA has finished its math, assigning points to all the pertinent firm and RR disclosures, tallying them up, and seeing whether the sum is high enough to trigger further scrutiny.  Sadly, I have some clients who have found themselves in this predicament, and I am confident they are not alone.

So, what do you do if you get a letter from FINRA informing you of this unfortunate fact?

Step 1 is easy: check FINRA’s math.  Remember: what FINRA is computing here is a fraction.  The numerator represents the number of bad disclosures, and the denominator is the total number of registered reps.  While I don’t expect any issues with the denominator, it is possible that FINRA has indeed miscomputed the numerator, so if you can get that number down, you may succeed in getting the total down below the trigger.  To do this, check the disclosures that FINRA has identified to confirm that they are accurate, and that they rightfully belong in the tally that constitutes the numerator.  As the rule itself acknowledges, FINRA is not supposed to include as separate disclosures events that “are duplicative,” or which “involve[e] the same customer and the same matter,” or which “are not sales practice related.”  If you can get enough disclosures off the list based on these criteria, it might reduce your fraction to the point that the 4111 game is over for you.

Step 2 is easy, too, at least in theory: figure out if you are able to fire enough RRs with disclosures to bring your total down below the trigger.  If you are able to do this, and can get it done within 30 business days of receiving the 4111 letter, then you are also done.  Not everyone can do this, of course.  Some RRs may have old disclosures, and today, contrary to their histories, they are trusted, valuable, contributing team players who you simply don’t want to terminate.  Sometimes the disclosures come from individuals in firm management, who simply can’t be fired without severely impacting the firm’s ability to continue as a viable entity.  This is particularly true with small firms, where firm principals and officers get named as respondents way more frequently than they do at large firms.

Note that the ability to fire people to drop your total below the trigger point is not something you can keep in your pocket to use another time.  It is a one-time card to play, and is only playable the first time you receive the 4111 letter from FINRA.  If you don’t use it this year, you cannot use it next year.

It is also worth noting that you can’t achieve the same result by hiring a bunch of clean RRs, even though, mathematically speaking, it would do the trick (since increasing the denominator of the fraction can achieve the same thing as decreasing the numerator).  The only way to reduce your total is to terminate enough people with disclosures to get your fraction smaller than the threshold for your size firm.

This is where we are right now.  Firms that have received 4111 letters are busy analyzing the disclosures to see if there’s an easy way out of this mess.  I expect that BDs that have the ability to fire RRs with a lot of disclosures will strongly consider terminating them.  And perhaps this is one of the principal things that FINRA really wanted to see happen when it passed this rule.  It wants to see RRs with disclosures out of the industry, with no clear path back in (for two reasons, first, because anyone terminated under this provision cannot associate with the firm in any capacity, not just a registered capacity, for a whole year, and, second, because going forward, undoubtedly, “clean” BDs are going to be paying a great deal of attention to their 4111 threshold, and not risk exceeding it by hiring RRs with a truckload of disclosures).

But, what’s next?  What happens if you can’t reduce the fraction, or reduce it enough to fall below the trigger point?  You need to request that FINRA conduct a “Consultation,” a chance for you, basically, to somehow convince FINRA that despite the fact your number is high relative to your peer firms, you should be taken off the naughty list.  According to the rule, however, a Consultation is not something that happens automatically, or even something you can request.[1]  Certainly it’s not something that you will necessarily get even if you ask for one.  According to the rule, the Department of Member Regulation “shall conduct the Consultation to allow the member to demonstrate why it does not meet the Preliminary Criteria for Identification and should not be designated as a Restricted Firm” “[i]f the Department determines that the member meets the Preliminary Criteria for Identification and should proceed to a Consultation.”

I have to concede that I have no idea what criteria FINRA may employ to determine whether a firm “should proceed to a Consultation;” it’s not even addressed in the 4111 FAQs.  With that said, I find it difficult to believe that if a firm requests a Consultation that FINRA would deny such a request.  But, read strictly, that is certainly a possibility.  Regardless, given that the alternative – actually being branded a Restricted Firm – is so nasty, I cannot imagine a scenario in which I would not request, even demand, a Consultation.

As to what happens at the Consultation itself, at this point (since, to my knowledge, no Consultations have happened yet), all I know is what the rule itself spells out.  The good news is that if you are successful in getting a Consultation, FINRA has to listen you, given that the rule explicitly states that “[i]n conducting its evaluation of whether a member should be designated as a Restricted Firm and subject to a Restricted Deposit Requirement, the Department shall consider” the materials you provide.  Now, that doesn’t mean that FINRA will put any real stock in what you say, but at least they can’t tell you that they’re uninterested.  Still, and typically, however, there’s a caveat, maybe several.

First, the rule requires FINRA to “consider” “relevant information or documents” you supply. That means, of course, that FINRA may deem what you supply to be irrelevant, and discount it, perhaps entirely.

Second, the rule gives FINRA the right to “prescribe” the “manner and form” of the information it will consider.  So, that means that FINRA could, at least theoretically, decline to consider something you submit if it doesn’t like your chosen format.

Third, while the rule does use the phrase “shall consider” in describing what information FINRA reviews at the Consultation, it also states that such information must be “deem[ed] necessary or appropriate” by FINRA “to evaluate the matter.”  Thus, there looms the possibility that FINRA will deem your information to be unnecessary and/or inappropriate.

How this will all actually play out remains to be seen.  But, as they say, “history teaches.”  Anyone entering the Consultation process who simply presumes that FINRA will act reasonably and allow you to do whatever you want hasn’t been paying attention.  Given the gravity of being branded a Restricted Firm, it behooves you to dot every “i” and cross every “t,” make as professional and convincing a presentation as the facts allow, and be the best advocate you can be.  To half-ass the Consultation would be to invite the very outcome you’re hoping to avoid.


[1] Oddly, according to the rule, if you get the same letter next year, after next year’s annual computation by FINRA, then you can get a Consultation simply by requesting one.  But, as I said, the rule does not include similar language for the first time you are on the list.

About a month ago, the SEC announced a settlement in a modest little case that has, nevertheless, managed to garner a lot of attention.  This is a result of the fact that one of the respondents was the CCO, i.e., the Chief Compliance Officer, of the co-respondent RIA.  Determining the particular circumstances under which CCOs can be found individually liable is an extremely important analysis, but has been described as challenging, at a minimum.  Especially since, as some have argued,[1] the scope of those circumstances, as evidenced by enforcement actions brought by regulators, is slowly broadening.  Maybe I am in the minority here, but I am unsure, really, what the fuss is about.

Let’s start with some basic propositions that everyone – regulators and industry alike – agree with.  As FINRA[2] recently put it bluntly in Reg Notice 22-10, “[t]he CCO’s role, in and of itself, is advisory, not supervisory.”  As a result, to bring a case against a CCO for any sort of supervisory failure requires that the CCO actually have supervisory responsibility, which does not happen automatically simply by virtue of bearing the CCO title.  That responsibility has to be bestowed upon the CCO, either directly and explicitly, by firm management, or impliedly, as evidenced by ad hoc behavior.  Absent such supervisory responsibility, a CCO cannot be held responsible for even the worst supervisory failure.

Along that same line, as SEC Commissioner Hester Peirce recently stated, “the compliance obligation belongs to the firm, not to the CCO.”  Thus, in most instances, even egregious supervisory cases are brought against the firm only, not the president – who “bears ultimate responsibility for compliance with all applicable requirements unless and until he [or she] reasonably delegates particular functions to another person in that firm, and neither knows nor has reason to know that such person’s performance is deficient” – and not the CCO.  See, for instance, this SEC settlement from last week against Aegis Capital, which imposed a $2.3 million civil penalty, among other things, against the firm only stemming from a number of particular failures “to develop reasonable systems to implement [the firm’s] policies and procedures.”  While some human being was undoubtedly responsible for this, whether Aegis’s president or his designee(s), it remains that the SEC was content only to name the firm.  In my experience, and despite the SEC settlement that I mentioned in the first sentence of this post, this is the norm (particularly for big firms).

These are not particularly controversial pronouncements.  Seems to me that, as a default position, the regulators are hardly looking for ever more opportunities to name CCOs as respondents.  To the contrary, as long as CCOs abide by existing guidance, guidance which I think is pretty clear, and remain on the advisory – not supervisory – side of the line, then they are more or less safe.

So, what is this guidance?  I would say it starts with this nugget from a footnote buried in Notice to Members 01-51:  “NASD Regulation will continue to determine whether a chief compliance officer is acting in a supervisory capacity based on the actual responsibilities and functions that the chief compliance officer performs for the firm.”  Emphasis on the word “actual.”

Next, go to Reg Notice 22-10.  It conveniently outlines the different ways that a CCO may acquire “actual” supervisory responsibilities:

  • The WSPs “assign to the CCO the responsibility to establish, maintain and update written supervisory procedures, both generally as well as in specific areas (e.g., electronic communications)”
  • The WSPs “assign to the CCO responsibility for enforcing the member’s written supervisory procedures or other specific oversight duties usually reserved for line supervisors”
  • “apart from the written procedures, a member firm, through its president or some other senior business manager . . . expressly or impliedly designate[s] the CCO as having specific supervisory responsibilities on an ad hoc basis”
  • “the CCO may be asked to take on specific supervisory responsibilities as exigencies demand.”

Thus, only when there exist circumstances that demonstrate that a firm has expressly or impliedly designated its CCO as having supervisory responsibility will FINRA bring an enforcement action against a CCO for supervisory deficiencies.  The SEC has acted similarly.  Indeed, the Hamilton settlement that prompted this post was predicated on the finding by the SEC that the CCO “was responsible for administering [the RIA’s] compliance program and, as provided in [the RIA’s] compliance manual, for implementing the firm’s compliance policies and procedures.”  (While the SEC used the term “compliance policies and procedures” rather than “supervisory procedures,” that is a function of the fact that Rule 275.206(4)-7 does not use the word “supervisory,” and simply requires RIAs to “[a]dopt and implement written policies and procedures reasonably designed to prevent violation . . . of the Act and the rules that the Commission has adopted under the Act.”)

Again, I don’t see this as being a particularly complicated analysis.  If I was a CCO, and I was looking to avoid becoming a respondent, I would do everything possible to firmly and clearly remain in my “advisory” lane, even if that meant pushing back at efforts from firm management to saddle me with supervisory responsibilities on a short-term basis, or with respect to some discrete area of the firm’s business.

I get that this may be difficult at a small firm, where principals wear many hats, and CCOs may find themselves called on to jump into the supervisory fray.  In that case, the CCO is fair game to be named individually for his or her supervisory lapses.  But, that’s a choice the CCO gets to make: either stay there and accept the supervisory obligations that the job entails, or find another firm that won’t make such demands.  Jobs for CCOs abound.

I also get the disincentive that this provides to CCOs to help their firms with their compliance efforts.  As former SEC Commissioner Daniel Gallagher observed in 2015 (regarding Investment Advisors, not BDs), actions naming CCOs individually “are undoubtedly sending a troubling message that CCOs should not take ownership of their firm’s compliance policies and procedures, lest they be held accountable for conduct that . . . is the responsibility of the adviser itself.”  Again, agreed, dealing with this issue can put a CCO into an awkward position of balancing what’s best for him or her vs. what’s best for his or firm.  But that’s not the issue at hand, which remains: what are the circumstances that permit CCOs to be named.  In short, I think they are clearer than many commentators suggest.

It is worth mentioning that this inquiry – determining whether a CCO had “actual” supervisory responsibilities – is still just step one.  Reg Notice 22-10 makes clear that even if the answer to the threshold inquiry is “yes,” that does not necessarily mean an enforcement action will ensue, as there remain more questions to be answered.

The first is whether the CCO has met the “reasonableness standard.”  This means that “[e]ven when a CCO has been designated as having supervisory responsibilities, FINRA will bring an action under Rule 3110 against the CCO only if the CCO has failed to discharge those responsibilities in a reasonable manner—as it would with any individual who has supervisory responsibility.”  Yes, determining what is and is not reasonable can be a difficult analysis (given that what is “reasonable depends upon the facts and circumstances of a particular situation”), and a difficult argument to win with FINRA, but, importantly, it is no different for CCOs than it is for any supervisor.

The second is whether the case against the CCO should be brought even when his/her conduct is unreasonable.  Again, per Reg Notice 22-10, “not every violation of a FINRA rule results in a formal disciplinary action, so even when FINRA finds that a CCO failed to reasonably perform a designated supervisory responsibility, FINRA will consider whether charging the CCO under Rule 3110 in a formal disciplinary action is the appropriate regulatory response to address the violation.”  And, again, this is true of anyone facing regulatory action for a supervisory failure, not just CCOs.

Helpfully, Reg Notice 22-10 details the factors weighing both in favor of and against charging a CCO (or anyone, really).  I will list them here, for the sake of completeness, but, more importantly, to demonstrate that there is, in fact, a whole bunch of pretty specific guidance in this area, contrary to the arguments made in some of the frantic articles and blog posts I have read on the subject of CCO liability.

Factors that suggest a CCO should be charged:

  • the CCO was aware of multiple red flags or actual misconduct and failed to take steps to address them;
  • the CCO failed to establish, maintain, or enforce a firm’s written procedures as they related to the firm’s line of business;
  • the CCO’s supervisory failure resulted in violative conduct (e.g., a CCO who was designated with responsibility for conducting due diligence failed to do so reasonably on a private offering, resulting in the firm lacking a reasonable basis to recommend the offering to its customers); and
  • whether that violative conduct caused or created a high likelihood of customer harm.

Factors that suggest the CCO should not be charged:

  • the CCO was given insufficient support in terms of staffing, budget, training, or otherwise to reasonably fulfill his or her designated supervisory responsibilities;
  • the CCO was unduly burdened in light of competing functions and responsibilities;
  • the CCO’s supervisory responsibilities, once designated, were poorly defined, or shared by others in a confusing or overlapping way;
  • the firm joined with a new company, adopted a new business line, or made new hires, such that it would be appropriate to allow the CCO a reasonable time to update the firm’s systems and procedures; and
  • the CCO attempted in good faith to reasonably discharge his or her designated supervisory responsibilities by, among other things, escalating to firm leadership when any of (1)–(4) were occurring.

In addition to these factors, the Reg Notice states that FINRA will also consider in determining whether to charge the CCO if there is “another individual at the firm, such as an executive manager or a business line supervisor, who had more direct responsibility for the supervisory task at issue, or who was more directly involved in the supervisory deficiency.”[3]

It should be evident even to casual readers that I do not agree with many of the charging decisions that FINRA makes.  I have lamented many times in these posts the fact that, in my experience, contrary to guidance I have just quoted at length, FINRA basically demonstrates zero flexibility when it comes to meeting the reasonableness standard that governs supervision: that is, any conduct that is not exactly what FINRA expects is deemed unreasonable, which is silly, since the use of such an imprecise standard of conduct essentially invites multiple solutions.  But with that said, there is ample guidance available to help CCOs safely navigate their way through the jungle of rules, regulations and policies and avoid personal liability.

[1] According to “multiple industry-wide surveys focusing on ‘CCO Liability’ and ‘CCO Empowerment’” conducted by the NSCP “with its 2000+ membership of CCOs and other compliance professionals,” “72% of compliance professionals are concerned that regulators have expanded the role of compliance officers and the scope of their responsibilities in imposing personal liability.”  The results of those surveys are discussed here.

[2]  I am well aware that FINRA’s guidance regarding broker-dealers may vary, at least in its specifics, from the SEC’s guidance regarding advisors.  But at the conceptual level, both regulators have said the same basic things about the circumstances under which they will deign to charge a CCO.

[3] FINRA also states that it considers whether “based on the facts and circumstances of a particular case, it is more appropriate to bring informal, as opposed to formal, action against the CCO for failure to supervise.”  But, again, this statement is hardly unique to CCOs.  Theoretically, FINRA undertakes this consideration every time it makes charging decisions.

Last week I posted a blog about the dangers of not heeding findings made during a regulatory exam, at least findings of clear, undisputable compliance issues that cannot be meaningfully defended. Today I am writing to highlight a corollary rule: if one customer points out the existence of a real problem, again, a clear problem with significant financial ramifications, any remedy that is implemented to address that problem needs to be applied to all similarly situated customers, regardless of the fact that such customers may not have been aware of the problem and did not complain.

This time, it was Equitable Financial Life Insurance Company that paid the price for breaking this rule – and a pretty hefty price it was: a $50 million civil penalty.

It came in this settlement with the SEC.  The facts are pretty straightforward.  In short, “[s]ince at least 2016, Equitable provided quarterly account statements to approximately 1.4 million investors that included materially misleading statements and omissions concerning significant fees paid in connection with” particular variable annuity investments that were sold principally to educators.  Specifically, while Equitable did disclose fees in several sections of its variable annuity account statements, they created “the false impression that all fees investors paid during the period were being detailed in the account statements.”  In fact, however, “Equitable’s account statements . . . excluded the most significant fees that investors paid from the fees listed on the account statements.  Instead, the account statements listed as fees only certain types of administrative, transaction and plan operating fees – most often amounting to zero or a very small number – which were in fact only a slight fraction of the overall fees paid by the investor.”

As well, “[t]he account statements contained no clarifying language or reference to the prospectus to explain to investors what these different categories of fees represented or to put the investor on notice of the fact that they instead had paid significant Separate Account Expenses and Portfolio Operating Expenses that could amount to thousands of dollars each year.  Though affirmatively presenting an apparently all-inclusive picture of fees and expenses to investors, Equitable’s quarterly account statements actually detailed less than three percent of the revenue that Equitable received from the EQUI-VEST variable annuities.”

This was important because, as the SEC found, investors “reviewed their Equitable account statements in order to assess the impact that fees were having on their investment and to make decisions concerning their ongoing investments, including whether to make additional investments in” their variable annuities.  Compounding this problem, in some of the quarterly account statements, Equitable affirmatively encouraged investors to increase their investments in the variable annuity, knowing that a consideration of the fees paid was an important component of the investors’ analyses.

Anyways…turns out that Equitable was aware of the problem with its account statements for years.  The SEC found that back in May 2017, Equitable learned that “its account statements may have confused investors on fees paid” from one of its customers, a big customer, mind you, namely, “an advisory committee to the school district with which Equitable did the most business in terms of both assets invested and number of investors.  Apparently, that school district, which “was determining whether to renew contracts” with its vendors, including Equitable, told Equitable “that the account statements were unclear on the amount of fees investors paid.”  Two years after that, in May 2019, the same advisory committee “specifically asked if Equitable could list annuity fees on the front page of its account statements going forward,” and Equitable agreed.

That’s the good news.  The bad news, however, is that with respect to all other investors in the same annuity, “including hundreds of thousands of K-12 teachers and administrators employed by hundreds of other school districts located across the nation, Equitable made no changes to the . . . account statements that those investors received and instead continued providing them with account statements that reported fees and expenses in the same manner that Equitable had been employing since at least 2016.”

Not really sure it’s necessary for me to add very much here.  As was the case last week with Barclays, which learned from FINRA during an exam that it had a problem, here, Equitable learned about its own problem, albeit from a customer.  In both cases, the problem was serious and indefensible, and fixable.  Yet, in neither situation did the firm do anything to address the problem immediately and on a company-wide basis.  Not surprisingly, for both firms, their respective failures to have acted sooner and more systematically ended up being cited by the regulator as an aggravating circumstance justifying the imposition of hefty sanctions.

Firm management should be attentive to input from all sources, both internal and external, when it comes to spotting issues.  Not every potential problem is serious, of course, not every potential problem will impact thousands of customers, and not every potential problem will, in fact, turn out to be a real problem after all.  But ignoring potential problems and simply hoping that the regulator will not be clever enough to figure out for itself that there is something going on is a poor strategy to adopt.  Not saying it doesn’t work; to the contrary, to this day, with all their fancy algorithms and computer programs designed to ferret out firms’ most vulnerable risk exposures, regulators still whiff all the time when it comes to finding even big issues.  Thus, many broker-dealers still successfully employ the cross-your-fingers-and-hope-no-one-notices approach to compliance failures.  But that is not something I advise, principally because it is not something I can defend when it doesn’t work.

So, on balance, unless you are prepared to be embarrassed, not to mention prepared to break out your checkbook, the better course of action is to actually fix problems – real problems, anyway – whenever and however they are brought to your attention.



There is no question in my mind that the quality of FINRA examiners is a bit uneven.  Some are smart and insightful and helpful; others are, well, not.  Most of the time, they do know what they’re talking about.  That means the opportunity to make legitimate arguments against exam findings can, at least sometimes, be limited.  Often, firms find themselves in the position of acknowledging the issue, outlining the steps already taken (or that will be taken) to address the problem, and pointing out whatever mitigating circumstances may exist.  What a firm cannot do, however, is what Barclays apparently did, as described in this recent AWC, which was to simply ignore concerns raised by FINRA examiners.  Bad idea.

Apparently, Barclays – which seems to have a sketchy disciplinary history when it comes to systemic supervisory lapses, as evidenced by, among things, this 2013 AWC with a $3.75 million fine for “systemic failures to preserve electronic records and certain emails and instant messages in the manner required for a period of at least 10 years,” or this 2015 AWC with a $3.75 million fine for having “supervisory systems [that] were not sufficient to prevent unsuitable switching or to meet certain of the firm’s obligations regarding the sale of mutual funds to retail brokerage customers,” which, remarkably, are just two of 41 AWCs dating back to 2007 – had yet another issue, this time relating to its trade confirmations.  According to the AWC, starting in 2008 and continuing “through the present, Barclays sent its customers approximately 270 million confirmations that inaccurately disclosed the firm’s execution capacity, the customer’s price, the market center of execution, or whether the trade was executed at an average price.”

Let’s put aside the opportunity to criticize FINRA staff for the fact that it appears, somehow, to have taken them 15 years to address this particular misconduct, even though from the sheer number of AWCs that the firm entered into with FINRA over essentially that same time period it necessarily means that Barclays was on the receiving end of considerable regulatory scrutiny.  Instead, let’s focus on Barclays, and on what it knew about its supervisory issues and when, and how it came to know about them.

The AWC recites that “[b]eginning in at least November 2008, Barclays also had no supervisory system to review whether its confirmations complied with applicable SEC and FINRA requirements.”  Well, that’s bad, but it gets worse – and this is the point of this post:  “By mid-2017, because of two FINRA examinations, Barclays knew about several of the systemic confirmation accuracy issues described above and that it had no written supervisory procedures related to confirmations. The firm failed, however, to implement a reasonable supervisory system.”

There you go.  You can take this lesson to the bank:  it is NEVER good to learn for the first time about a supervisory issue, particularly a longstanding, systemic supervisory issue, from the examiner who is conducting a routine exam.  Doesn’t matter how many exams preceded this one, or how many FINRA examiners had, during those exams, looked at your confirms and said nothing.  You get no credit for that, partial or otherwise.  That will always be your problem, not the examiners’, and whining about the fact that you were operating under the misapprehension that you were doing things correctly is a waste of energy.

Lesson two is equally ironclad:  when an examiner points out a longstanding, systemic supervisory issue, address it, like, NOW.  Barclays did not do that.  Instead, according to the findings in the AWC, it waited “almost a full year later” before it did something.  And, even then, its remedial efforts fell woefully short, as it “established a system and procedures to monitor only whether confirmations were delivered but not whether they were accurate.”

So, Lesson three:  if you are going to do address a serious exam finding, not only do it NOW, but do it RIGHT.

Finally, it is also worth noting that even after all this, Barclays still failed to get it.  The AWC states that “[i]n May 2019, FINRA, following another examination, notified Barclays that its written supervisory procedures failed to include a review of the accuracy of its confirmations.  Nonetheless, it took until April 2020 for the firm to establish a supervisory system and written supervisory procedures to review the accuracy of its confirmations.”  And even then, FINRA points out that this “system, which remains in place at Barclays today, . . . does not reasonably assess its compliance with confirmation requirements.”  In other words, even after FINRA informed Barclays of its problems for a SECOND time, the firm still failed to act NOW and still failed to do it RIGHT.

And that’s why Barclays agreed to pay another hefty fine, this time, $2.8 million.  I am happy for Barclays that it can afford to keep writing these big checks to FINRA, and that it continues to manage to avoid having its principals named in any of these Enforcement actions.  But not every firm has the financial luxury that Barclays does to submit AWC after AWC after AWC.  (Only two so far this year, which may seem like a lot, given that we’re only half way done with 2022, but, to keep it in perspective, it’s way off the pace the firm established in 2015, when it submitted a total of 11 AWCs.)

Most firms cannot afford to do this.  Certainly small firms can’t.  What small firms generally do is grit their teeth, muster up a smile for the examiner who delivers the findings, thank them for having done such a thorough exam, promise to address the problems, and then scramble to do just that.  At least most of the time.  Sometimes, the examiners are wrong, and sometimes there’s no choice but to draw your line in the sand and dare FINRA to put its money where its mouth is and file an Enforcement complaint.  But, when FINRA has got the goods on you, that’s the time to act, and act quickly and decisively.  Dilly-dallying or half-assing it will not, as Barclays learned, pay off in the long run.



Among the criticisms I have leveled against FINRA are (1) that it is increasingly acting like a claimant’s arbitration attorney, by taking every possible opportunity to blame member firms for losses incurred by investors when other palpable reasons for those losses exist, and (2) that it loves, well after the fact, to jump in on things that have managed to garner the attention of others, perhaps just to show that it has not been asleep at the wheel.  This week, FINRA issued yet another AWC involving the sales of GPB that serves to highlight both of my observations.

By now, everyone knows about GPB, so I won’t go into any background.  But, if you do know about GPB, then you are aware that in the eyes of the federal government, specifically, the SEC and the DOJ, the “bad guy” in the GPB scenario is GPB itself, i.e., the issuer of the securities in question.  In the SEC’s complaint, it took pains to clearly and specifically allege that the “downstream broker-dealers,” i.e., the BDs that sold GPB to their customers, were effectively themselves the victims of false and misleading due diligence and marketing materials supplied by GPB, which served to stymie the BDs’ efforts to conduct reasonable due diligence and cover up issues at GPB.  Similarly, the DOJ’s Indictment paints the same picture, that the BDs that sold GPB were supplied misleading “written correspondence and marketing materials, including in due diligence questionnaires,” which gave a false impression of GPB’s true financial situation.

Of course, that has not stopped investors from filing hundreds of arbitrations involving GPB against the 60+ BDs that sold the product, in which the BDs – not GPB – are alleged to be the bad guys (for failing to conduct adequate due diligence on the front end, and/or for failing to make suitable recommendations on the back end).  These complaints largely, if not entirely, ignore the positions publicly espoused by the SEC and DOJ, and lay all blame at the feet of the BDs, rather than the issuer.

Well, in this world, that’s more than enough reason for FINRA to step in and pile on.  I am not saying that this pertains to every BD that sold GPB (or Red Oak or GWG or any other alternative investments that the claimants bar is feasting on) has been subjected to a lengthy series of 8210 requests, but I can tell you from personal experience that, at a minimum, many have.  And so far, for six firms, by my count, FINRA has exacted settlements in GPB cases in the form of AWCs, including the most recent one from earlier this week with United Planners.

Not surprisingly, all the AWCs are drafted from the same template,[1] and include the same description of the operative violation: that for some very narrow time period – usually about a month or so – the BD failed to inform a handful of investors that GPB had not timely filed its audited financials with the SEC, or the reasons that GPB had propounded for that delay.  According to FINRA, this information was “material information that should have been disclosed,” and the failure to have disclosed it amounted to “negligence,” in violation of Rule 2010.

Let’s talk about that.  What does “material” mean?  According to the U.S. Supreme Court, it means “a substantial likelihood that the disclosure of the omitted fact would have been viewed by the reasonable investor as having significantly altered the ‘total mix’ of information made available.”  I want you to take careful notice of the several loosey-goosey words baked into the definition.  “Substantial.”  “Reasonable.”  “Significantly.”  By virtue of using such fluffy, deliberately imprecise words, which permit reasonable minds to differ on their application to any particular fact pattern, the Court has explicitly recognized that there is no “bright-line” distinction between a material fact and one that is not.  It’s a facts-and-circumstances analysis. Sometimes an omitted fact can be pretty clearly material, but, in most cases, it is a hotly contested issue.

With that said, I get that FINRA is entitled to its opinion on whether something is material or not.  The problem is that here, as in many other situations, FINRA is unwilling to consider even the possibility that there are any alternative viewpoints that can be accepted.  It’s FINRA’s way or the highway.  That sounds to me like a bright-line test, not one that is highly fact-specific and depends entirely on the context of the offering.

So, back to the point of this post.  You start with a situation like GPB, where the U.S. government has taken pains to make it clear that it views the selling broker-dealers as victims, yet where claimants are, nevertheless, going to town with arbitrations.  You couple that with a dubious, difficult-to-prove legal proposition regarding materiality, i.e., a standard that is not easily divined, and which can trigger legitimate, vigorous debate on both sides of the issue.  And you have to wonder: why has FINRA bothered to bring these cases?  Do these cases really represent the best use of FINRA’s resources?  Does these cases really do anything to address investor protection and market integrity?

As I said at the outset, it seems to me that FINRA’s goal isn’t particularly noble or lofty.  FINRA just wants to do something about GPB, maybe just to demonstrate its continuing relevance.  I would hope that it has better things to do than to take this opportunity to pile on its member firms who are already grappling with the consequences of having been swindled – allegedly – by GPB.

[1] All the AWCs are not exactly the same, to be completely candid.  In one, for instance, involving Dempsey Lord, in addition to the “template” findings regarding the failure to disclose material information, FINRA also found that the firm made a few unsuitable recommendations.

Well, Memorial Day is just past us, so we all know what that means: it’s time for FINRA to conduct its first annual assessment of its member firms to determine whether they should be branded a “Restricted” firm under new Rule 4111, with all the benefits and privileges appurtenant thereto.  Given that it’s pretty clear that FINRA’s goal in identifying Restricted firms is to make it so expensive and onerous for them to remain in business that they choose, instead, simply to close down, it behooves every member to understand completely the pretty complex processes baked into the rule.  I am going to try to make it understandable, in six easy steps.

But, understand this: there are plenty of places in the application of the rule where FINRA gets to wield unfettered discretion, so while certain aspects of the rule deal with objective criteria,[1] other parts are simply left to FINRA staff to do whatever they want – but governed by whatever due process is supposedly supplied by an expedited appeal process.

First things first, Step One: we start with the Evaluation Date, which was yesterday.  This is “the date . . . as of which the Department calculates the Preliminary Identification Metrics to determine if the member meets the Preliminary Criteria for Identification.”  Starting with that date, FINRA looks back five years, which constitutes the Evaluation Period, to determine if the firm and, more importantly, persons associated with the firm display any of the six broad categories of misbehavior identified in the Rule:

  1. Registered Person Adjudicated Event
  2. Registered Person Pending Event
  3. Registered Person Termination and Internal Review Event
  4. Member Firm Adjudicated Event
  5. Member Firm Pending Event
  6. Expelled Firm Association

Within each of these categories are more specific events, which will be tallied up by FINRA.  You need to know what they are.

Registered Person Adjudicated Event.  These events are comprised of some actual arbitration or litigation in which an RR was named (or not named, but where the RR was, nevertheless, the “subject” of the case) and the RR actually lost or settled the case.  There are five possible ways for such an event to arise:

  1. Under 4111(i)(4)(A)(i): “a final investment-related, consumer-initiated customer arbitration award or civil judgment against the registered person in which the registered person was a named party or was a ‘subject of’ the customer arbitration award or civil judgment.”
  2. Under 4111(i)(4)(A)(ii): “a final investment-related, consumer-initiated customer arbitration settlement, civil litigation settlement or a settlement prior to a customer arbitration or civil litigation for a dollar amount at or above $15,000”
  3. Under 4111(i)(4)(A)(iii): “a final investment-related civil judicial matter that resulted in a finding, sanction or order”
  4. Under 4111(i)(4)(A)(iv): “a final regulatory action that resulted in a finding, sanction or order, and was brought by the SEC or Commodity Futures Trading Commission (CFTC), other federal regulatory agency, a state regulatory agency, a foreign financial regulatory authority, or a self-regulatory organization”
  5. Under 4111(i)(4)(A)(v): “a criminal matter in which the registered person was convicted of or pled guilty or nolo contendere (no contest) in a domestic, foreign, or military court to any felony or any reportable misdemeanor”

Registered Person Pending Event.  These are basically the same as the Adjudicated Events, except they’re not adjudicated and final, rather, they’re just pending.[2] There are four such events:

  1. Under 4111(i)(4)(B)(i): “a pending investment-related civil judicial matter
  2. Under 4111(i)(4)(B)(ii): “a pending investigation by a regulatory authority
  3. Under 4111(i)(4)(B)(iii): “a pending regulatory action that was brought by the SEC or CFTC, other federal regulatory agency, a state regulatory agency, a foreign financial regulatory authority, or a self- regulatory organization”
  4. 4111(i)(4)(B)(iv): “a pending criminal charge associated with any felony or any reportable misdemeanor”

Registered Person Termination and Internal Review Event.  There are only two of these, and they relate to the circumstances under which an RR left a prior BD:

  1. Under 4111(i)(4)(C)(i): “a termination in which the registered person voluntarily resigned, was discharged or was permitted to resign from a previous member after allegations
  2. Under 4111(i)(4)(C)(ii): “a pending or closed internal review by a previous member”

Member Firm Adjudicated Event.  These events are the equivalent of the Registered Person Adjudicated Events, except the firm, rather than the RR, managed to lose the arbitration or litigation.  Note, however, that unlike RRs, FINRA does not include settlements in this metric.  Not sure why.  There are four such events:

  1. Under 4111(i)(4)(D)(i): “a final investment-related, consumer-initiated customer arbitration award in which the member was a named party”
  2. Under 4111(i)(4)(D)(ii): “a final investment-related civil judicial matter that resulted in a finding, sanction or order”
  3. Under 4111(i)(4)(D)(iii): “a final regulatory action that resulted in a finding, sanction or order, and was brought by the SEC or CFTC, other federal regulatory agency, a state regulatory agency, a foreign financial regulatory authority, or a self-regulatory organization”
  4. 4111(i)(4)(D)(iv): “a criminal matter in which the member was convicted of or pled guilty or nolo contendere (no contest) in a domestic, foreign, or military court to any felony or any reportable misdemeanor”

Member Firm Pending Event.  Again, as the term suggests, these are the BD equivalent of the Register Person Pending Events.  There are three of them:

  1. Under 4111(i)(4)(E)(i): “a pending investment-related civil judicial matter
  2. Under 4111(i)(4)(E)(ii): “a pending regulatory action that was brought by the SEC or CFTC, other federal regulatory agency, a state regulatory agency, a foreign financial regulatory authority, or a self-regulatory organization”
  3. Under 4111(i)(4)(E)(iii): “a pending criminal charge associated with any felony or any reportable misdemeanor”

Expelled Firm Association.  This one is kind of the oddball in the bunch, as it has nothing whatsoever to do with any disclosures by the RR or the firm.  In other words, even RRs with perfectly clean Forms U-4 can trigger this metric (which, again, raises at least the whiff of unfairness).  Under 4111(i)(4)(F), it is driven strictly by two criteria:  (1) Has the firm registered for at least one day during the five-year Evaluation Period someone who (2) was registered for at least “one year with a previously expelled firm and whose registration with the previously expelled firm terminated during the Evaluation Period.”

Got all that?  Remember this is just Step One.  So, FINRA will look at each of these six categories and add up each firm’s score.  It’s like golf: you want the lowest possible score.  If your score does not exceed the thresholds that FINRA has conjured up for your size firm (because it has broken its membership down into seven size groups,[3] ranging from the smallest – 1 – 4 RRs – to the largest – 500+), you win!  But, sadly, if your score exceeds the threshold, you advance to Step Two, the Initial Department Evaluation, which is a scary step.

Why is this evaluation scary?  Because it represents one of the black holes in the Rule, i.e., where behind the scenes and employing criteria that are not articulated anywhere, FINRA staff decide whether they can disregard their own math and deem a BD worthy of getting kicked out of the 4111 machine notwithstanding the fact that its preliminary score exceeded FINRA’s threshold.  As FINRA put it in a webinar it presented recently, in Step Two, the Staff “will review the events and the risk profile of the firm to determine if the firm should not be subject to further review under the rule.”  According to the Rule itself, the purpose of Step Two is for the Staff to determine whether

the member does not warrant further review under this Rule because the Department has information to conclude that the computation of the member’s Preliminary Identification Metrics included disclosure events (and other conditions) that should not have been included because they are not consistent with the purpose of the Preliminary Criteria for Identification and are not reflective of a firm posing a high degree of risk.  The Department shall also consider whether the member has addressed the concerns signaled by the disclosure events or conditions or altered its business operations such that the Preliminary Criteria for Identification calculation no longer reflects the member’s current risk profile.

I am not really sure what any of that means.  And given that this is the first time that FINRA is embarking on this endeavor, it would seem that they’re making it up as they go.  I mean, just consider the phrase “high degree of risk.”  What is that?  How does it differ, whether quantitatively or qualitatively, from a normal “degree of risk,” which, apparently, is not serious enough for a firm to remain in the 4111 process.

Step Three is for any firm unfortunate to have metrics that exceed the established numerical threshold in Step One and which was deemed too much of a risk in the secret Department Evaluation in Step Two.  For such firms, Step Three is the chance to terminate enough RRs whose disclosures and employment history constitute Events in the Step One computation to bring the firm’s overall total down to the point that the thresholds are no longer met.  Kind of like the process that firms can utilize if they trigger the Taping Rule.  Firms that avail themselves of this reduction in force can only use it once, must do it quickly – within 30 days – and cannot rehire anyone terminated for a year.  But, the upside is that a firm that does this will have successfully extricated itself from the 4111 machine.

To participate in Step Four means that the firm either could not or would choose to reduce its staff in Step Three, and so keeps moving down the conveyor belt.  If you find yourself here, you are in awfully dangerous territory.  And that’s because under the Rule, you are presumed to be a Restricted Firm, and it is your burden to overcome that presumption.

But what does it mean to be a Restricted Firm?  That’s where the teeth in the Rule are, because it means that FINRA has the right to require the BD to make a Restricted Deposit, i.e., a cash deposit, and to impose a whole bunch of restrictions and conditions.  The Restricted Deposit is explicitly NOT deemed to be an allowable asset for a firm’s net capital computation, so it has to be in addition to any other cash that a firm has lying about that is used to satisfy its net capital requirement.  How much money are we talking about?  It’s anyone’s guess, as this is yet another part of the Rule that FINRA handles behind the scene, in private, away from scrutiny.  I can tell you that the Rule defines the Restricted Deposit as a sum of money

determined by the Department taking into consideration the nature of the firm’s operations and activities, revenues, commissions, assets, liabilities, expenses, net capital, the number of offices and registered persons, the nature of the disclosure events counted in the numeric thresholds, insurance coverage for customer arbitration awards or settlements, concerns raised during FINRA exams, and the amount of any of the firm’s or its Associated Persons’ Covered Pending Arbitration Claims, unpaid arbitration awards or unpaid settlements related to arbitrations.

The Rule goes on to provide that the Restricted Deposit is designed to “be consistent with the objectives of this Rule, but would not significantly undermine the continued financial stability and operational capability of the firm as an ongoing enterprise over the next 12 months.”  Again, not sure what this means.  Taking these words at face value, it seems that FINRA can make a firm deposit so much money that it “undermines” the firm’s “continued financial stability,” but not enough money to “significantly undermine” such financial stability.  What’s the difference?  Well, that’s a secret.

Making matters worse for firms that find themselves at this Step is that the Rule presumes that FINRA will impose the Maximum Restricted Deposit, which I guess is the most money possible before it would “significantly undermine” a firm’s financial stability.

Firms at Step Four bear the burden of rebutting this presumption.  The mechanism for doing so comes in the form of a Consultation. According to the Rule, there are basically two ways to go about attempting to rebut the presumption.  The first is simply demonstrating that FINRA’s computation is mathematically wrong.  Or, as the Rule puts it, “demonstrating that the Department’s calculation that the member meets the Preliminary Criteria for Identification included events in the Disclosure Event and Expelled Firm Association Categories that should not have been included because for example, they are duplicative, involving the same customer and the same matter, or are not sales practice related.”

The other approach is less precise, as it doesn’t involve the math, but, rather, FINRA’s opinion about the firm.  When you read this list of things that the Rule says you can supply to FINRA to try to rebut the presumption, you will see just how loosy-goosy this is:

  • information provided by the member during any meetings as part of the Consultation;
  • a plan, if any, submitted by the member, in the manner and form prescribed by the Department, proposing in detail the specific conditions or restrictions that the member seeks to have the Department consider;
  • such other information or documents as the Department may reasonably request in its discretion from the member related to the evaluation; and
  • any other information the Department deems necessary or appropriate to evaluate the matter.

Anyway, in theory, the Consultation could result in FINRA concluding that, gee, they were all wrong, and offer their apologies for even suggesting that a firm should be deemed to be Restricted.  Just how successful BDs will actually be remains to be seen, of course.

If a firm reaches Step Five, it means it was not successful in changing anyone’s mind, because Step Five is the issuance of a Notice by FINRA that the firm has, in fact, been determined to be a Restricted Firm.  As well, the Notice will recite the amount of the Restricted Deposit.  That Deposit must then be made within 15 days, absent a showing of good cause to delay it.

In addition, the Notice can include the requirement that the firm “implement and maintain specified conditions or restrictions.”  Like what?  According to the Supplementary Material to the Rule, these include, but are not limited to:

  • limitations on business expansions, mergers, consolidations or changes in control;
  • filing all advertising with FINRA’s Department of Advertising Regulation;
  • imposing requirements on establishing and supervising offices;
  • requiring a compliance audit by a qualified, independent third party;
  • limiting business lines or product types offered;
  • limiting the opening of new customer accounts;
  • limiting approvals of registered persons entering into borrowing or lending arrangements with their customers;
  • requiring the member to impose specific conditions or limitations on, or to prohibit, registered persons’ outside business activities of which the member has received notice pursuant to Rule 3270; and
  • requiring the member to prohibit or, as part of its supervision of approved private securities transactions for compensation under Rule 3280 or otherwise, impose specific conditions on associated persons’ participation in private securities transactions of which the member has received notice pursuant to Rule 3280.

As you can see, these restrictions can be severe; indeed, they might have a much greater impact on a firm’s operations than the Restricted Deposit Requirement.  And note that a failure to abide by any of these restrictions or conditions allows FINRA to suspend or cancel a firm’s membership on seven-day notice under new Rule 9561 (subject to a firm’s ability to stay that by requesting a hearing).

The final step is Step Six, an expedited review – by FINRA’s Office of Hearing Officers – of the determination that a firm is Restricted.  BDs have seven days from the Notice to request the hearing, and that request “must set forth with specificity the basis for eliminating any Rule 4111 Requirements.”  If such a request is made, the good news is that the firm need not make the entire Restricted Deposit; rather, it is only required to deposit “the lesser of 25 percent of its Restricted Deposit Requirement or 25 percent of its average excess net capital during the prior calendar year.”  Quite the bargain!  But, any restrictions or conditions imposed remain in place pending the outcome of the review.

As I stated at the outset, it seems to me that FINRA deliberately drafted this rule so that it is so harsh no member firm in its right mind would ever dare to take the process to the end.  Rather, I believe the hope and expectation of the drafters is that firms that would become Restricted Firms will either take advantage of the opportunity to fire a whole bunch of RRs, to avoid becoming Restricted, or simply reconsider their business model.  I am not saying that this is right, or fair.  I believe the computation that underlies the Rule accords way too much weight to pending matters – for reasons I’ve outlined above – and on settled arbitrations – which are typically settled not necessarily because the claims have merit, but because it’s faster, cheaper and easier than fighting them.

The Rule reminds me of the frustration I felt over 20 years ago, when I was the Director of NASD’s Atlanta District Office.  People often complained to me at the time about the fact that this firm or that firm was somehow still in business, notwithstanding its spotty reputation.  My response was always the same: bring me the evidence to support a case to expel the firm, and I will back that effort with all the power my position provided me.  But, absent such evidence, then stop your whining.  Here, with Rule 4111, FINRA wants to skip the hard part of actually developing cases supported by real evidence, and then bringing and winning those cases.  FINRA wants, instead, to achieve back-door expulsions simply making it too expensive for firms to choose to remain members.  That doesn’t strike me as the right, or fair, way of cleaning up the industry.

[1] I mean, objective in the sense that there are numerical thresholds actually contained in the rule that supposedly represent the cut-off between being an ok firm and a firm that might need to be Restricted.  It bears noting, however, that FINRA simply invented these thresholds.  So, in a sense, even these objective criteria embody a great deal of subjectivity.

[2] I will refrain from commenting about the seeming unfairness of holding pending events against firms, given that “pending events” mean the allegations are unproven, that the RR is presumed to be innocent, and the plaintiff/claimant/prosecutor bears the burden of proof.  You already know how I feel about that.

[3] According to the FAQs it published, FINRA stated that “there are numeric thresholds for seven different firm sizes to ensure that each member firm is compared only to its similarly sized peers.”  In other words, FINRA is looking, theoretically, only for outliers.