Broker- Dealer Law Corner

Broker- Dealer Law Corner

Is FINRA’s New Regulatory Notice On Departing Reps A Unicorn?

Posted in Disclosure, FINRA, Registered Representative

FINRA came out with a slightly weird Regulatory Notice last week. In a succinct document, barely over two pages, FINRA addressed something that may, or may not, actually be of concern to anyone. In short, Regulatory Notice 19-10 states FINRA’s position on what a broker-dealer is supposed to tell the customers of a registered representative who “departs” the firm…at least those customers who bother to ask. According to FINRA, the reason it has chosen to supply this guidance is “to ensure that customers can make a timely and informed choice about where to maintain their assets when their registered representative” leaves (for whatever reason). But, as I suggested at the outset, I am not entirely certain what prompted the Notice. Is it that BDs aren’t telling customers that their assigned rep have left (so they can try to keep the customer)? That they aren’t telling the truth about why they left (to avoid a possible defamation suit)? That they are taking steps to prevent customers from communicating with their “departed” former reps (again, for competitive reasons, presumably)?

Regardless, it is now clear what is supposed to happen when a rep leaves. And it boils down to just a few things.

First, firms need to have “policies and procedures reasonably designed to assure that the customers serviced by that registered representative are aware of how the customers’ account will be serviced at the member firm.” That means that when a rep leaves, the firm “should promptly and clearly communicate to affected customers how their accounts will continue to be serviced.” According to FINRA, this means explaining to customers “how and to whom” they “may direct questions and trade instructions following the representative’s departure.” It also means informing customers to whom their accounts are being assigned. That seems pretty self-evident, but, apparently, this has been an issue for some customers.

Second, and perhaps more significant, firms “should communicate clearly, and without obfuscation, when asked questions by customers about the departing registered representative.” Let’s unpack this.

My initial thought is, how interesting that, based on how this was phrased, FINRA only requires this sort of candid conversation in response to questions posed by customers. In other words, it appears that firms need not volunteer the reasons why a rep has left; but, if a customer is curious enough to ask, the firm then has to provide the sordid details, “[c]onsistent with privacy and other legal requirements,” of course. Like when selling a house. The seller doesn’t have to volunteer most hidden defects, but, if the prospective buyer asks, then the seller has the legal obligation to provide an honest and complete answer. I suppose this means that in cases of terminations for cause, mere disclosure on Form U-5 won’t suffice. I cannot imagine that firms are thrilled at the prospect of having conversations like this, given the willingness of many terminated reps to raise the prospect of an arbitration seeking damages for defamation. While truth is most assuredly a defense, we all know that in the funky world of arbitration, legally recognized defenses are often disregarded.

The next requirement outlined in this Notice is “clarifying that the customer has the choice to retain his or her assets at the current firm and be serviced by the newly assigned registered representative or a different registered representative or transfer the assets to another firm.” I can’t argue with this. Too many times, a rep’s departure is immediately followed by a fight over the customers left behind, who are subject to pressured calls from the jilted BD, encouraging them to stay or, worse, not even suggesting that the customers have the right to move, too. Better to make it clear that the BD advise the customer of his or her options.

FINRA gets this. And we know it does by virtue of the final admonition in the Notice, which is that – again, when asked by a customer – BDs must provide the customers the departed RR’s “reasonable contact information,” such as the phone number, email address or mailing address, so the customers may then contact the RR, and decide whether they want to move their accounts or stay with the old BD (albeit with a new RR). So, no more stonewalling by the BD by claiming ignorance of the RR’s new whereabouts in order to buy time to continue to pound on the customer to try to keep the account where it is.

On balance, I like the tenor of this Notice. It seems to be fair to the BD, to the departed RR, and, most importantly, to the customers impacted by the departure. As I said, I am just unsure what prompted it. Is it an effort to protect the RRs who leave, and encounter trouble from their former BDs when trying to get their customers to follow them? Is it, instead, designed to help the BDs, which may now provide all the nasty details surrounding an RR’s termination knowing that they can defend themselves by arguing that “FINRA made me do it?” Is it intended to help the poor, forgotten customers? Or is it a true unicorn, the rarest of beasts, an initiative that works in everyone’s best interest? I don’t suppose I can answer that last one, since, really, I can’t recall if I’ve ever spotted one of those!

Wedbush Learns That It’s Not Enough Just To Spot Red Flags

Posted in SEC, Supervision

I have been busy the last month getting ready for a big arbitration, and attending the first week of what looks like is going to be a four- or five-week slog when all is said and done. So, I am just catching up on some recent developments, and mulling over what might be of interest to readers of this blog. I debated discussing the arbitration itself, and some of its more surreal moments, but I will wait for it to conclude before doing that. Ultimately, I came across an SEC settlement that was the subject of a nice article by an old friend, Jeff Ziesman, another former FINRA Enforcement lawyer who’s also on the defense side of the table, and shared his view that the case contains some really helpful guidance on what it actually means to respond to “red flags.”

The case was against Wedbush Securities, and resulted in a $250,000 civil penalty against the firm. According to the SEC, while Wedbush “was aware of certain aspects of” the suspicious activities of one its RRs as far back as 2012 and 2013 – in other words, although Wedbush managed to spot the red flags – “its supervisory policies and implementation systems failed reasonably to guide staff on how to investigate” them. And here is where the case provides its utility in describing what NOT to do when confronted with red flags.

But, first, let’s talk about the RR. Not a good employee. For six years, from in or around 2008 to 2014, the RR “was involved in a manipulative trading scheme” along with someone not associated with Wedbush. (That guy, you will be pleased to learn, is currently serving a 151-month sentence after pleading guilty to securities fraud, among other things). The scheme involved penny stocks controlled by the guy now in prison. The RR would buy those “stocks in her customers’ accounts, or encouraged her customers to buy the stocks, in exchange for undisclosed compensation in the form of shares and cash.” In addition, she “engaged in manipulative trading designed to create a false appearance of volume and increase or stabilize the price of securities.”

Ok, so what did Wedbush know, and when? A lot, it seems, and pretty early on, too. The first red flag was an email that revealed the RR’s role in the scheme. It was discovered by the RR’s supervisor, who actually seems pretty on-the-ball. Consider that the SEC found that when he became the RR’s supervisor in April 2009, he “conducted a review of the trading and customer portfolios of each representative he supervised,” including the “bad” RR. “Based on his experience in the industry, he had general concerns about the quantity of penny stocks in [the RR’s] customers’ accounts.” So far, so good, right? He even “took measures to restrict [the RR’s] trading activity by limiting her trading in the last hour of the day and restricting all customer trading in certain penny stock securities.” More good stuff. But, because the RR “had been at the firm for 30 years and her business partner was a partial owner of the firm,” the supervisor “felt he had to ‘be gentle’ in terms of restricting [the RR’s] activities and could not take more ‘draconian action’” (even though, personally, he called the email “the smoking gun . . . whatever suspicions or worries I had, this confirmed a lot of the worst of them.”).

Well, it seems he (or Wedbush, more accurately) was too gentle. In late 2012, the supervisor reviewed the email in question, which was from the RR to one of her customers “who was substantively involved” in the penny stock scheme. It outlined the customer’s “efforts to assist in inflating the price of penny stocks, many of which were held in Wedbush accounts by [the RR] and her customers.” Moreover, the email “noted that one of the deals had to be handled through a different broker-dealer because [the RR] was restricted from any purchases through Wedbush during the last hour of trading,” i.e., the very restrictions the supervisor had placed on the RR.

Faced with this pretty glaring evidence, the supervisor “escalated” the matter up to Wedbush’s president, who “reviewed and initialed the email,” but that’s about it. In addition, the SEC determined that “[l]egal and compliance personnel also were aware of the email,” but did nothing.

Next red flag – or flags – were two FINRA arbitrations against Wedbush filed by customers of the RR around the same time as the customer email. As with the email, the president, legal and compliance were all aware of these filings. The customers in the first case alleged that the RR (1) solicited their investments in certain penny stock issuers, (2) guaranteed no losses, and (3) was involved in manipulating the securities in their accounts in order to guarantee them profits. The second arbitration contained allegations describing “similar transactions involving [the RR] in similar securities.” Both cases settled, and because Wedbush determined that the RR was “culpable,” she paid half.

Finally, besides the email and the two arbitrations, Wedbush also learned of two FINRA inquiries regarding the RR, one into her personal trading in one of the penny stock issuers, and the other into the allegations underlying the customer arbitrations. The SEC was troubled by the fact that Wedbush let the RR draft her own responses to FINRA’s requests for information, and even though she sent them to compliance for review, compliance “did not take any steps to investigate or confirm the veracity of [her] responses,” or follow-up at all when certain responses the RR gave to FINRA at an interview “were inconsistent and contradicted what the firm had already learned from” the customer email and the two arbitrations.

It’s not like Wedbush did nothing. Both legal and compliance conducted investigations into the RR, but, as the SEC put it mildly, both were “flawed,” for a variety of reasons:

  • Wedbush did not document or otherwise clarify the scope of each investigation;
  • There was no process as to how the results of the investigations were to be documented or reported;
  • The lack of documentation or other reporting mechanism resulted in no coherent response to the red flags. Indeed, it was “unclear what, if anything, was reported from legal or compliance to Wedbush’s management”;
  • Although Wedbush placed the RR on heightened supervision for a year, this was done “to resolve the ongoing FINRA matter, rather than in response to any misconduct by [the RR] related to the red flags”;
  • Despite the fact the FBI interviewed the RR about her role in the penny stock scheme, and she reported this promptly to her supervisor, who, in turn, brought it to the attention of legal and compliance, no one in compliance interviewed the RR about the FBI interview, no internal investigation was done in response to the FBI’s interview or the topics that RR discussed, and no old investigations were reopened or revisited.

Given all this, it is easy to see why the SEC concluded that

Wedbush’s policies and supervisory systems lacked any reasonable coherent structure to provide guidance to supervisors and other staff for investigating possible facilitation of market manipulation by registered representatives. . . . There was substantial confusion as to whose responsibility it is to conduct investigations related to red flags of potential market manipulation by [the RR].

In short, “Wedbush had no clear process for how to handle red flags of potential market manipulation.” The real lesson of the case can be found in the sanctions that the SEC meted out. In addition to the hefty civil penalty I mentioned earlier, Wedbush had to update “its policies and procedures relating to internal investigations to address the allegations in the Division’s OIP,” adding the following specific provisions in order to document:

  • when internal investigations will occur,
  • who shall conduct the investigations,
  • how the results should be escalated, and
  • how the investigation should be documented and, as appropriate, reported to regulatory or other authorities.

It really comes down to this: it is clearly not enough simply to spot red flags; when spotted, they must be investigated in a clear, logical manner, with the results shared among appropriate decision-makers, and, of course, well documented. There is no such thing as getting partial credit; I mean, sure Wedbush found that customer email, which must mean its email surveillance system worked. But, armed with that knowledge, it then proceeded to whiff when given the chance to do something about it before customers were harmed. The only happy story here belongs to the RR’s supervisor, who appears to have done as much has he could reasonably be expected under the circumstances. He saw the red flags. He reported them promptly. He took action by restricting the RR. Do what he did, and you’ll be sitting pretty even when the SEC goes after your firm, and its legal and compliance personnel.

FINRA Says, Proof? We Don’t Need Your Stinkin’ Proof

Posted in Disciplinary Process, FINRA, High-Risk firms

If you are a regular reader of this blog, then you know that over my last few posts, I have been talking about an increasingly visible effort by FINRA to turn its regulatory eye from rogue brokers – who have been an irritant to FINRA and NASD for decades – to rogue firms (my term, not FINRA’s).  It started off with a the casual dropping of an odd phrase – “high-risk firms” – in an email, and quickly moved on to an agenda item at a FINRA Board meeting, where the determination was made to go forward and propose a rule.  Well, those Board meetings happen behind closed doors, so it is difficult to get a detailed understanding of FINRA’s intent beyond the few tidbits that are supplied after the fact.

This week, however, Robert Colby, FINRA’s Chief Legal Officer appeared on a regulatory panel at the SIFMA-CL conference in Arizona, and spoke – albeit briefly – on the subject.  SIFMA was kind enough to post the video of that panel discussion for the world to enjoy, so you can listen here to Bob’s own words about the upcoming proposal.  (The conversation starts at about 1:20:30, way towards the end of the panel.)  More importantly, you can hear for yourself the dangerous new territory into which FINRA is boldly moving.

Essentially, FINRA has concluded that it doesn’t like the fact that to get rid of firms that it deems to bad, it must first go through that troublesome Enforcement process.  Mr. Colby makes two particular complaints about that process.  The first perhaps, is not so troubling, and that is that it takes time, sometimes a long time, to get results.  He suggests that bad firms sometimes continue to do bad things even while they are the subject of an Enforcement action, thus creating even more customer harm even while FINRA is doing what it can to deal with them.

That may be true in some instances.  Of course, Mr. Colby seems to be unaware of the fact that FINRA already possesses the power under the Rule 9800 series in the Code of Procedure to institute an action to obtain a Temporary Cease and Desist Order, or TCDO, for certain serious rule violations.  This is a very powerful weapon, which allows FINRA to get the equivalent of an injunction to stop certain behaviors in their tracks while it seeks a final disposition.  It is not clear why this avenue of relief isn’t good enough for FINRA.  What I can tell you is that FINRA almost never uses it, for whatever reason.

Mr. Colby’s second complaint about the Enforcement process, the one that I think is incredibly scary, just sort of slipped out.  As he begins to describe the problems the Enforcement process presents to speedy action, he says (at 1:21:30), “As you know, Enforcement actions require proof . . . .”  As if the need for FINRA actually to demonstrate “proof” of wrongdoing is a bad thing for FINRA.  A thing that is, apparently, stymieing FINRA from promptly booting all those pesky “high-risk firms” from the membership roll.

So, what FINRA is looking to propose is, to use Bob’s words, a way for it to “lower the boom” on the firms that it considers to be bad (pursuant to a definition of bad that does not yet exist) without the need for it to put on the proof that may otherwise be required in an Enforcement action.  I don’t know about you, but that freaks me out.  It is no wonder that the moderator of the panel, Merri Jo Gillette, current Deputy GC at Edward Jones and former Director of the SEC’s Chicago Regional Office, expressed her interest in seeing how FINRA will manage to address the due process issues FINRA’s desired boom-lowering process triggers.  Add me to that list.  As things presently stand, there isn’t much of a system of checks and balances to keep FINRA in line.  To give FINRA even more power, the power to jettison firms that it identifies as “high-risk,” without having to meet the burden of proof it now must meet when it files an Enforcement complaint, runs contrary to the concept of fundamental fairness, no matter how you define that.  I hope the industry presses back hard on this onel


FINRA Is Going After “High-Risk” Firms, But First Has To Invent The Definition Of High-Risk

Posted in FINRA, heightened supervision, High-Risk firms, Rogue rep

I told you two weeks ago in my blog post that this would happen. I told you that when Robert Cook announced the topics to be taken up at the February/March FINRA Board meeting in Boca Raton, he slipped and used the new phrase “high-risk firms.” Well, in yesterday’s announcement about what actually took place at that meeting, all mystery has been removed about FINRA’s intent. Indeed, it is now undisputable that FINRA is expanding its historic interest in rogue reps now to include rogue firms. Or, as Susan Wolburgh Jenah, a member of the Regulatory Policy Committee, put it in her video recap of the meeting (she shows up right after Robert Cook’s introduction), firms with a “disproportionately higher number of risk events and disciplinary events on their record.”

FINRA has apparently been planning this for some time, which is apparent from the fact that it is already at the point of proposing some new rule. According to yesterday’s announcement, “The Board approved moving forward with proposing new rules related to firms that have a disproportionately high number of regulatory disclosure events by the firm and/or its registered representatives.” The big development is the first part of that sentence, the focus on “firms.” As I have discussed previously, FINRA has always professed to have an interest in registered reps – yes, the rogue reps – who are working in the industry notwithstanding their checkered pasts. And, FINRA has been interested in firms that hire such reps. (See my discussion of the Taping Rule in my previous post.) But, now FINRA is, apparently, independently interested in what I am calling rogue firms, i.e., BDs that are in business notwithstanding have a disciplinary history that FINRA feels is somehow an issue.

There are all sorts of problems with this, or, frankly, any attempt to establish some quantitative standard. And note that I am saying it will be a quantitative standard based on FINRA’s use of the phrase “disproportionately higher number of risk events,” which can only be reasonably interpreted one way: that FINRA intends to characterize firms as “high risk” based on some numerical comparison of their disclosure events with other firms. So, what are the problems?

First, what is going to be the dividing line between an ok number of disclosures and too many? I, for one, would have absolutely no idea where to draw that line. I totally get that FINRA thinks it knows more than anyone, but even FINRA could do no more than spitball this concept.

For instance, what do you do about big firms, especially big firms that have been around for a long time? They have tons of disclosures. In a blog post I wrote in November, I pointed out that LPL’s BrokerCheck report reflects 123 final “Regulatory Events” encompassing an astounding 255 pages. Yikes. But, really, that’s nothing. Look at Merrill Lynch. Its BrokerCheck report shows that it has managed to garner 1,434 disclosures, 559 of which are “Regulatory Events,” five “Civil Events” and 870 arbitrations. UBS? Well, it’s only been around since 1978 (according to BrokerCheck), so it only has 265 “Regulatory Events.” I could go on, but you get the point: a lot of firms will have scary-sounding numbers. Does that mean they should, by definition, be deemed to be high-risk?

Second, and more basic, is whether a quantitative approach makes any sense at all. The idea that simply looking at the number of “risk events” – whatever Ms. Wolburgh Jenah meant by that – or “disciplinary events” as an indicator of a firm’s supposed propensity for future regulatory issues strikes me as overly simplistic and, therefore, pointless. Look, FINRA has previously considered imposing some sort of objective criteria before to distinguish between good and bad reps, but those efforts never got very far, and for good reason.

Remember back in 2003, when NASD floated a rule that would require firms to impose heightened supervision on certain reps based on an objective, numerical standard? Specifically, NASD proposed that BDs be required “to adopt heightened supervision plans for registered brokers who, within the last five years, have had three or more customer complaints and arbitrations, three or more regulatory actions or investigations, or two or more terminations or internal firm reviews involving wrongdoing.” Well, that got nowhere – and rightly so – and that was because NASD management realized (or was forced to realize) that while the imposition of such a standard was facially attractive (for its ease of definition), ultimately there was no logical correlation between the sheer number of customer complaints, or arbitrations, or regulatory actions, and a rep’s likelihood of committing a sales practice violation. Well, here we are, 16 years later, and FINRA is now back at it.

We are just in the first step of this process. FINRA is going to draft a new rule (or rules – note the use of plural in the announcement yesterday) on this topic, and send it out for comment. If you care about this sort of thing, don’t sit on the sidelines and wait for others to speak up. Exercise your rights as a member firm to tell FINRA what you think.

Hope Springs Eternal

Posted in Administrative Proceedings, NCLA, SEC

My partner, Ken Berg, writes about his recent meeting with the NCLA, a group that anyone who has an administrative practice should be familiar with.  –  Alan

I had the privilege of being invited to attend in Washington, D.C., on February 28, 2019, the inaugural panel discussion hosted by a relatively new nonprofit civil rights organization, the New Civil Liberties Alliance (“NCLA”). What distinguishes NCLA from most civil rights organizations is that it represents business enterprises and their principals who are impacted negatively by federal financial regulatory agencies that “systematically threaten[] the people’s constitutional freedoms.” It calls the SEC, CFTC and other federal agencies the “administrative state within the Constitution’s United States,” “allowing unelected bureaucrats to exercise all aspects of government power with little accountability to the people and their elected representatives ….” NCLA’s motto nicely sums it up: “Let legislators legislate. Let judges judge. Don’t let bureaucrats do either one.” (Check out

NCLA’s President, Professor Philip Hamburger, a constitutional scholar who teaches at Columbia Law School, writes:

Administrative tribunals sometimes apply inquisitorial methods, but even where their proceedings are adversarial, they do not live up to the Constitution’s procedural guarantees. The SEC, for example, can bring civil insider-trading cases in federal courts, or it can refer insider-trading cases to the Justice Department for it to prosecute criminally in such courts, and either way defendants get judges and juries and the full range of the Constitution’s applicable procedural rights. But the SEC can also pursue insider-trading cases before administrative law judges, who work for the commission, are not really judges, do not offer juries, and do not even allow equal discovery.

NCLA is off to a good start in advancing its mission. It appeared in the recent Supreme Court case, Lucia v. SEC, which declared SEC ALJs unconstitutional resulting in new trials for scores of respondents and is partly responsible for a recent change in the SEC Rules of Practice allowing depositions in administrative actions. NCLA filed a petition with the SEC to eliminate its practice of including a “gag order” in settlement agreements that prohibits a respondent from ever discussing his or her case or criticizing the agency’s handling of it—even if the respondent did not admit or deny the allegations in the complaint.

The panel discussion at the NCLA brought together prominent members of the defense bar to propose radical changes that would level the playing field for those subject to the regulatory reach of financial agencies. Emboldened by the Lucia victory, the group proposed challenging several long-standing administrative practices that the defense bar has all but given up objecting to; such as:

  • the low burden of proof (preponderance of the evidence),
  • the admission of hearsay,
  • the absence of a right to jury,
  • the Chevron deference on appeal given by courts to agency factual findings and legal interpretations, and
  • creating a respondent’s right to remove to court a proceeding initiated by the SEC administratively.

These ideas represent a re-thinking of the basic way the financial industry is governed. “The big ideas that will revolutionize the way we live will not emerge from our nation’s capital. They will be dreamt up, as they always have been, by enterprising Americans who hope to create positive value for others.” (Carl W. Scarbrough)

For now, however, the consensus of the defense bar in attendance was that the best defense starts with a firm’s initial contact with the regulator: the audit.

  • Be prepared.
  • Be responsive.
  • Provide documents and information.
  • Don’t be adversarial.
  • Engage legal counsel early to resolve issues quickly.

Regulators are most flexible and most reasonable during the audit and investigatory stages. At the “Wells” stage or when charges are filed, egos take-over and the litigator’s “win-at-all cost” mentality sets in. “[W]hen disputes reach the litigious stage, usually some malice is present on both sides.” Berlin v. Nathan, 381 N.E.2d 1367 (Ill. App. 1978).

Ulmer has been and continues to be on the forefront of these issues and a leading defender of those caught in the cross-hairs of financial regulators, including not only federal agencies like the SEC and CFTC but also the self-regulatory organizations like FINRA, NFA, and the exchanges. Please call us—early and often.


FINRA Coins A Scary New Term: “High-Risk Firms”

Posted in FINRA, Rogue rep, Rule 3170, Taping Rule

Yesterday, FINRA sent a seemingly innocuous memo to member firms giving a brief outline of the subjects that its Board will take up at its meeting this week in sunny Boca Raton, Florida. (Wait, the Board isn’t meeting in Washington, as it normally does, but, rather, in south Florida? Oh, right, it’s February. Much better chance of securing full attendance.) Buried in the brief message from President and CEO Robert Cook was this sentence: “The Regulatory Policy Committee will review several rulemaking proposals, including proposed rule changes relating to high-risk firms.” High-risk firms? I have no recollection of ever seeing FINRA utilize that phrase. Sure, FINRA talks all the time about “high-risk brokers.” There was an entire Regulatory Notice devoted to that very subject last year. And while in that Notice FINRA made a reference to “high-risk brokers and the firms that employ them,” it never once used the phrase “high-risk firms.”

I think that Mr. Cook has, perhaps, inadvertently tipped his hand. To me, his memo means that FINRA is not so subtly shifting its focus from what it deems to be bad brokers to bad firms. Why? Bottom line is that there really is only so much that FINRA can do about bad brokers. It is really expensive and time-consuming for FINRA to bring disciplinary actions against individual brokers, one at a time, and even though FINRA routinely bars a few hundred RRs each year (492 in 2017, according to the most recent FINRA Annual Report), that is a drop in the bucket. As the data show, there are tons and tons of folks currently registered and working in the industry with lots of dings on their U-4s, and FINRA has taken a beating in the media for allowing this to happen.

So, putting aside the fact that it sure seems (to me, at least) that FINRA is itself responsible for all these “high-risk” brokers still working (because FINRA failed to impose sanctions that would preclude them from remaining registered), how can FINRA somehow repair its image as a sloppy gatekeeper? Simply, by addressing firms, not individuals. If FINRA can manage to put a firm out of business for a sales practice related reason, it becomes a “Taping Rule” firm, a stigma that follows all of the people who used to work for that firm. Under Rule 3170, if enough of the reps from the expelled firm are hired at another BD, the new BD must tape record all the conversations between its reps and their customers and prospective customers. And believe me, no firm wants to have to do that. Which means that it can become difficult for reps of an expelled firm to find a home somewhere else. Which means that FINRA can effectively get a lot more people out of the industry in one fell swoop than having to prosecute a bunch of individual Enforcement actions.

I will wait to see what comes of the Board meeting before I reach any final judgment. But, I fear that FINRA has stepped on to a very slippery slope, one that ends with it conjuring up a mechanism for segregating firms into broad and dangerous categories like high-risk and low-risk. I mean, what reasonable investor would want to do business with a firm that the regulator brands as being high-risk? FINRA had best tread very carefully as it saunters into this uncharted new territory.

INSIGHT: Protecting Broker Dealers From Cyber Threats

Posted in Cybersecurity, FINRA

Yesterday, two of my colleagues here at Ulmer, Fran Goins and Michael Hoenig, published an article in @BLaw Insight in response to a recent report by FINRA outlining the best practices for BDs to deal with cyber threats.  Since this is undoubtedly a subject of considerable interest to many of you, I wanted to share it right away.  Click here to link to their excellent article.  – Alan

Contrary To What FINRA Believes, Rule 8210 Is Not A Search Warrant

Posted in FINRA, Rule 8210

I have been waiting for a while to write about this issue, since it arose in an Enforcement case I handled for a client, and I wanted the matter to run its full course at FINRA before I started throwing stones. Sadly, there are so many things I could complain about here. The fact that the entire case derived from my client’s supposed failure to abide by interim restrictions that FINRA imposed in connection with a pending CMA, even though there was no basis for FINRA to have imposed the restrictions in the first place. The fact that, apparently, it matters not how badly a witness called by FINRA performs at the hearing: they will always be deemed credible. The fact that – pursuant to rule – FINRA invites witnesses who appear for OTRs to go in and review their testimony afterwards, but, if someone actually avails himself of the right to do so and corrects his testimony, that fact will be held against him in gauging his credibility. The fact that FINRA dishes out permanent bars like Halloween candy, almost irrespective of the allegations.

But, there was something worse than all of that. And it involves a subject on which I have written repeatedly, and that’s FINRA’s abuse of its 8210 power. This case may have included not just the worst abuse I have ever witnessed, but, even worse, a threat made not by the examiner but, rather, by the Hearing Officer that underscores the nearly limitless scope of FINRA’s ability to compel an associated person to produce documents, no matter how personal, no matter how clearly unrelated to the exam those documents may be.

Here is what happened. My client was “requested” by FINRA pursuant to Rule 8210 to appear and provide sworn testimony at an OTR. One of the subjects of interest to FINRA was a laptop my client testified was the only computer that he recalled using for BD-related business. He wouldn’t unequivocally say he never used another, but, if he did, he lacked a specific recall. In the middle of the OTR, FINRA whipped out another 8210 letter that required my client to produce the laptop immediately. FINRA had some forensic computer guy standing by, ready to image the hard drive. The only thing that FINRA said it would not copy from the hard drive was the email folder, so as not to obtain any attorney-client privileged communication. But, everything else on the hard drive was fair game. No matter how personal. Wedding photos. Documents relating to businesses other than the BD. Didn’t matter.

We expressed concern, naturally, but FINRA threatened to bring an immediate 8210 Enforcement action. So, like everyone else with an 8210 gun to their head, we produced the computer, and FINRA copied the hard drive, wedding photos and all, everything but the email folder.

At the Enforcement hearing a couple of years later, I objected to the search of the hard drive, calling it illegal, complaining that FINRA had absolutely no right to see anything on the hard drive except documents relating to the BD.

Two things happened. First, the Hearing Officer concluded that we had waived any objection because we capitulated to FINRA’s threat at the OTR that if we didn’t produce the laptop then and there my client would have been named as a respondent in an Enforcement action immediately. Not sure exactly what the HO thought we should have done, to be honest. But, I will tell you this: next time I get a request like this for a laptop, FINRA is going to have to pry it out of my hands. I mean, my client ended up getting charged with an 8210 violation anyway, so why not fight about the scope of the request upfront?

Second – and these are the words that I have been stewing about for two years – the HO said this when I pointed out that 8210 gives FINRA no right to compel my client to produce the many personal documents he maintained on the hard drive: “A firm or an associated person who nevertheless elects to commingle personal or unrelated business materials with member firm materials, whether stored electronically or in hard copy, does so at its own risk.” If you wanted clearer evidence that FINRA considers Rule 8210 to be equivalent of a search warrant, you couldn’t find it. For what is the “risk” that HO is referring to if not the risk that your personal materials are going to be grabbed by the FINRA examiner due to their mere proximity to business materials?

But, that’s NOT how 8210 works. It does not provide FINRA the right to play storm trooper and seize whatever it wants under penalty of being barred. Rule 8210 does not give FINRA the right to rifle through your desk drawers, your file cabinets, or your computer hard drive It merely gives FINRA the right to compel BDs and individuals associated with BDs to produce documents and information that are related to an exam. But, under the HO’s interpretation of Rule 8210, FINRA can literally grab whatever it wants, whether it’s on your hard drive or in your desk, if it happens to be near some business document.

This sad case underscores the need for the rule to be amended to add a process by which the recipient of an 8210 request can challenge the request without having to worry that the consequence of not prevailing is a permanent bar. As I have noted before, a subpoena recipient can go to court to argue about the scope of a subpoena. If he loses, the result is that he must obey the subpoena, and that’s it. There is no other sanction. Under FINRA’s ridiculous rule, however, the only way to challenge an 8210 request is to be named as a respondent in an Enforcement action, an action that will result in a permanent bar if FINRA wins.

FINRA examiners all too frequently misunderstand the scope of their permissible 8210 requests, making life difficult for member firms who have little choice but to knuckle under to overly broad, overly numerous requests; but, when empowered with language like this from OHO, not only it is easy to see why examiners act the way they do, it is clear that they will simply continue to treat their 8210 request as search warrants. This cannot continue. The industry members of the District Committees, of the NAC, of the Board: they must speak as one to rein FINRA in. Otherwise, there is no check, no balance on FINRA’s extraordinary power under Rule 8210.


Does FINRA Have Jurisdiction Over Me?

Posted in Arbitration, FINRA

Does FINRA have jurisdiction over me? This is a question that I regularly field at the outset of regulatory engagements. My answer differs depending on a number of factors, including the nature of a person’s role and duties at a firm, his or her registration status, when the alleged misconduct occurred, whether he or she is still associated with a firm, and when the association ended. This post outlines some of the basics on FINRA’s jurisdiction.

Who Is Subject to FINRA’s Jurisdiction?

Under FINRA Rule 8310, FINRA may impose sanctions, including a censure, fine, suspension, and bar, upon a person associated with a member firm for violations of certain federal securities laws, MSRB rules, or FINRA rules. Under FINRA Rule 8210, FINRA can require a “member, person associated with a member, or any other person subject to FINRA’s jurisdiction” to provide documents, information, or sworn testimony. The definition of an “Associated Person” under FINRA Rule 1011 is extremely broad. It includes just about anyone and everyone who has anything to do with a firm, with the exception of persons who perform only clerical and ministerial tasks:

  • Any person registered with FINRA;
  • A sole proprietor, partner, officer, director, or branch manager of a firm, or any person occupying a similar status or performing similar functions;
  • Any person who controls the firm;
  • Any employee of the firm, except any person whose functions are solely clerical or ministerial;
  • Any person engaged in investment banking or securities business controlled by the firm; and
  • Any person who will be, or is anticipated to be, a person described above.

What Time Period Is Covered by FINRA’s Jurisdiction?

With the exception of requests for documents, information, and testimony issued under Rule 8210 (discussed below), FINRA only has jurisdiction to pursue charges against an associated person for conduct that occurred while the person was associated with a firm. By way of an extreme example, if a registered rep robbed a bank before and after he was associated with a firm, FINRA would not have jurisdiction to bring an action against the rep for either robbery. If the rep was convicted of a felony for the first robbery before joining a firm (and setting aside the facts that the rep would be subject to statutory disqualification, and that no firm, hopefully, would hire him), but the rep did not disclose the robbery on his Form U4, then FINRA could bring an action against the rep for failing to disclose a reportable event on his Form U4. The failure to disclose occurred while the rep was associated with a firm.

How Long Does FINRA Have to Bring a Disciplinary Action?

Registered Persons

Under Article V, Section 4 of the FINRA By-Laws, FINRA retains jurisdiction over a registered person for purposes of filing a complaint (i.e., bringing a disciplinary action) for two years after the effective date of the person’s termination from the firm. Under the same Section, FINRA retains jurisdiction over a registered person for the purpose of requesting documents, information, and testimony under Rule 8210 for just about two years after the effective date of the person’s termination. I wrote “just about two years” because, technically, FINRA can file a complaint against a registered person for not providing documents, information, and testimony requested within the two-year post-termination period, but the complaint needs to be filed within the same two-year period.

There are a couple of important things to note about the two-year time period for registered persons. First, the effective date of termination is the date when the firm files the Form U5, not the date when the person actually stopped working for the firm, and not the date of termination listed on the Form U5. For example, if a firm terminates a registered person on January 1st, but it does not file the Form U5 until January 31st, the two-year period begins to run on the 31st.

Second, under Article V, Section 4, the two-year period for registered persons can be extended by two years by the filing of an amendment to the initial Form U5 that: (1) is filed within the original two-year time period; and (2) discloses that the “person may have engaged in conduct actionable under any applicable statute, rule, or regulation.” FINRA generally has interpreted this provision to apply to the disclosure of new conduct (i.e., not an amendment disclosing that a previously reported customer complaint has settled). For example, if a firm files the initial Form U5 on January 1, 2015, and if it subsequently files an amendment to the Form U5 disclosing a new customer complaint on December 30, 2016 (which is within two years of the initial filing), then the amended filing recommences the running of the two-year period on December 30, 2016. Therefore, it is possible for FINRA to possess jurisdiction over a registered person for purposes of filing a complaint, and requesting documents, information, and testimony, for nearly four years following termination. Lastly, FINRA’s extension of jurisdiction is not limited to pursuing or investigating charges based solely on the newly-disclosed conduct in the amendment to Form U5. In other words, FINRA can use the extension of jurisdiction to bring and investigate charges based on unrelated conduct known to it prior to the filing of the amendment to Form U5 that extended jurisdiction.

Unregistered Persons

FINRA’s retention of jurisdiction over unregistered persons differs slightly. Under Article V, Section 4, FINRA retains jurisdiction over an unregistered person for purposes of requesting documents, information, and testimony, and filing a complaint, for “two years after the date upon which such person ceased to be associated with the member.” In the case of unregistered persons, the two-year period is absolute, and cannot be extended.

Arbitration Award and Settlement Exception

The one exception to the above limitations periods concerns the failure to comply with an arbitration award or written and executed settlement agreement obtained in connection with an arbitration or mediation submitted for disposition pursuant to FINRA rules. Under Article V, Section 4, if an associated person fails to comply with the terms of such an award or agreement, FINRA may suspend the person from associating with a firm so long as that proceeding is instituted within two years after the date of entry of the award or settlement.

Does FINRA’s Jurisdiction for Arbitration Proceedings Differ?

The short answer is “yes” – FINRA’s jurisdiction, to use that term loosely, differs in the arbitration context.

Current and former associated persons[1] generally are required to arbitrate a dispute with a customer in the FINRA forum if: (1) arbitration under FINRA’s Code of Arbitration for Customer Disputes is required by a written agreement, or requested by a customer; (2) the dispute is between a customer and member or current or former associated person; and (3) the dispute “arises in connection with the business activities of the member or the associated person, except disputes involving the insurance business activities of a member that is also an insurance company.” FINRA Rule 12200. This means that even if an associated person has left the industry, he or she still may be required to arbitrate a dispute in the FINRA forum. Customer disputes, however, are ineligible for arbitration “where six years have elapsed from the occurrence or event giving rise to the claim.” FINRA Rule 12206.

With a few notable exceptions, current and former associated persons generally are required to arbitrate a dispute with a FINRA member or associated persons in the FINRA forum under FINRA’s Code of Arbitration for Industry Disputes “if the dispute arises out of the business activities of a member or an associated person and is between or among” members, members and associated persons, or associated persons. FINRA Rule 13200. The exceptions include “a claim alleging employment discrimination, including sexual harassment, in violation of a statute,” and “a dispute arising under a whistleblower statute that prohibits the use of predispute arbitration agreements.” FINRA Rule 13201. Industry disputes, like customer disputes, are subject to a six-year eligibility rule. FINRA Rule 13206.

Class actions and shareholder derivative actions generally may not be arbitrated in the FINRA forum.

Arbitration is a creature of contract so unique circumstances may dictate that certain claims are not subject to arbitration.

[1] FINRA Rule 12100 oddly defines an “associated person” or “person associated with a member” to include, “[f]or purposes of the Code, a person formerly associated with a member is a person associated with a member.” The Code of Arbitration for Industry Disputes contains the same definition. FINRA Rule 13100.

The Securities Regulators All Have Senior-itis. Maybe For Good Reason.

Posted in FINRA, Rule 2165, Rule 4512, Senior Investors

The securities industry’s concern over the aging of the U.S. population, specifically, aging investors, has, apparently, reached a fever pitch. Yesterday in New York, SIFMA hosted its “Senior Investor Protection Conference – One Year Later: FINRA Rules 2165 and 4512,” and, for a securities conference, it received pretty extensive news coverage. I saw at least two articles published today that discussed what transpired, and both stressed the same underlying points: first, abuse of elders is serious and on-going, and, second, while the new FINRA rules are helpful, they are limited in their utility.

I blogged about the two FINRA rules regarding seniors two years ago. I said at the time that they were a good idea, since they primarily served to provide protections to BDs which develop concerns about the mental acumen of an aging customer, and I still feel that way. Look, I am now 60 years old. Despite (or, maybe, because of?) my continued affinity for clearly non-senior things like loud punk rock music, I am compelled to admit that, at a minimum, I may be on my way to becoming one of “those” customers. And there are lots of us. Back in 2007, in the first Regulatory Notice that FINRA published about seniors, some pretty daunting statistics were cited:

The number of Americans who are at or nearing retirement age is growing at an unprecedented pace. The United States population aged 65 years and older is expected to double in size within the next 25 years. By 2030, almost 1 out of every 5 Americans – approximately 72 million people – will be 65 years old or older. Those who are 85 years old and older are now in the fastest-growing segment of the U.S. population.

Age alone certainly doesn’t tell anything, of course, about a person’s intellect. There is a Supreme Court justice in her 80s who no one would reasonably suggest has lost a thing mentally. Nancy Pelosi is 78. Still sharp. Bernie Sanders is 77. Same. Joe Biden is 76. Same. The president is 72. Well, you get my point. The aging of America is undeniable.

Neither is the impact that exploitation of seniors has, and not just on the actual victims of the scams. According to SIFMA, while

no one has yet been able to estimate the precise impact of financial exploitation on the national economy, . . . a New York study estimated an annual cost around $1.5 billion in that state alone. Across the entire U.S. population, that could mean a $25 billion annual cost. Making things more difficult is the fact that the bad actor is often a family member, friend or caregiver of their victim – in fact, that same New York State found that 67% of verified cases of financial exploitation were committed by family members – and only an estimated 1 in 44 cases are ever reported to the authorities.

So, it makes sense that the regulators are paying pretty close attention when it comes to protecting seniors. The problem, however, is twofold. First, there is only so much that rules can accomplish. Second, as with, say, AML, BDs have been installed by their regulators as the first line of defense against senior exploitation, which raises the question whether this in an appropriate role for the industry. I mean, neighborhood watch programs may also a first line of defense against vandalism, but they are voluntary. If some dad is late for his “shift,” and, as a result, misses some teenager whacking a mailbox off its post with a baseball bat, the dad doesn’t find himself named as a respondent in a disciplinary action that could cost him his career. On the other hand, if a BD misses a red flag indicative of senior exploitation, well, the consequences could be dire.

According to FINRA Rule 2165, when a BD “reasonably believes that financial exploitation of the Specified Adult has occurred, is occurring, has been attempted, or will be attempted,” it may impose a temporary hold on requests by the customer to disburse money from his or her account (theoretically, to prevent a scammer who has exercised some unhealthy influence over a senior citizen from quickly getting his hands on funds from the securities account). It’s not perfect, of course; no rule is. As was highlighted at the SIFMA conference, the length of the temporary hold is relatively short – no more than 15 business days initially (subject to being further extended by a state agency or a court), plus up to ten more business days if the initial review turns up something that reinforces the BD’s “reasonable belief” that there is, has been, or may be financial exploitation of the senior customer. In other words, the rule simply may not provide sufficient time within which to investigate the circumstances adequately, or to succeed in getting a state agency sufficiently motivated to intercede (which then leaves the BD no choice but to accede to the disbursement request).

Also, the rule only addresses the disbursement of funds and securities, not actual securities transactions. So, if an elderly customer gives an order to sell securities in his account – even, say, with the stated intent of having the proceeds of the sale disbursed to someone the BD may suspect to be a scammer – while the BD can put a hold on the disbursement request, it cannot legally ignore the sell order. Obviously, that could result in trades taking place that, if the industry had the same ability to step in and impose a hold as it could with a disbursement request, would never happen in the first place. Even trades that make no financial sense, even trades that result in serious tax implications for the customer, must happen if the client directs it.

There is also a practical problem with FINRA Rule 4512, which – sensibly – encourages a BD to make reasonable efforts to identify a “trusted contact” for any customer over 18 years old, i.e., someone who the BD can contact when it develops concerns about “possible financial exploitation” of the customer. The problem is that while BDs can ask their customers to name a trusted contact, they can’t require that their customers actually provide one. It seems that when BDs ask seniors for a trusted contact, many of them react like they’re being asked to give up their driver’s license. They refuse. It was reported that Vanguard’s chief compliance officer informed the attendees at the SIFMA conference that of the 300,000 trusted-contact forms Vanguard received in the last year, 78 percent of them were for investors under age 65. In other words, the investors who have the most pressing need for a trusted contact are the very ones most likely to decline to provide one.

If there’s good news, it’s that FINRA supposedly isn’t immediately interested in dinging firms regarding their compliance with Rules 2165 and 4512. Investment News wrote that Jim Wrona, an associate GC at FINRA (who has been around a long time), announced at the SIFMA conference that while FINRA will look at how firms have implemented these rules, “the exams will primarily be to check on the systems and processes firms have in place, to check that issues are properly elevated and that there’s an identified team to handle relevant decisions.” According to Mr. Wrona, FINRA just “want[s] more information. This isn’t going to be a gotcha, check the box, did you do it or not. We’re interested in learning about your situations, how you’re dealing with [the rules] and how we can assist.”