This well attended and extremely insightful session was chaired by Lisa Colone, VP Enforcement at FINRA, and included Gurbir Grewal (GG), Director, Division of Enforcement, SEC, and Chris Kelly (CK), acting head of enforcement at FINRA and Senior VP.
LC: Starting with a hypothetical, if you leave your current job and go to work for a BD, which key cases in the last year do you emphasize as worth attention with your new employer?
GG: So I finally get the job in the private sector that my wife always wished I had! But on a serious note, the off-channel communications cases signify the sort of behavior that reduces trust and engenders a feeling with the public that wrongdoers in finance are not being brought to justice when big names on the Street are flouting the basic rules. These actions were very important to show that the big firms cannot ignore being accountable, they must adhere to best practice, and play within the chalk lines.
The second theme would be the cybersecurity cases we have brought. A great example was one against Morgan Stanley in September where a moving company was contracted to dismantle and dispose of hardware from the firm and this resulted in mishandled PII of customers. The servers were resold and this was a severe breach of PII safeguarding. The average investor was affected significantly and this justified a $35m fine.
A third theme would be Reg BI enforcement related to placing the customer’s interest first.
CK: I would focus on best execution under Rule 5310. Two cases are top of mind and have the same fact pattern. They involved routing orders to an ATS without a proper review for best ex and considering the opportunity for price improvement outside the ATS. This is a fundamental rule that has been in place for more than a decade and yet still some firms do not get this right.
Let’s turn to Reg BI now.
GG: There have been some cases and we are learning some lessons here. This is an exam priority this year. In June last year we had a case against Western and parts of it are still in process. It involved the sale of high-risk bonds to retirees with a moderate to low risk profile and was an example of violating the care obligation where no product review was undertaken, as well as a violation of the compliance obligation without any suitable policy or procedure to stop this happening. It was an egregious instance of a high-risk product being pushed to unsuitable investors. Firms need to train their reps so that they are properly educated on the rule and its requirements – this cannot be dealt with by ‘tick the box‘ training.
CK: I think our Reg BI cases sit in three categories. First is Form CRS where firms are not filing, not filing on time, or filing incorrectly. Second is failure of compliance obligations where systems and policies/procedures have not been updated to accommodate Reg BI. Third is substantive Reg BI violations such as the care obligation. We have cases in the pipeline for all three categories at the moment but the third category is the most common group right now.
“I repeat again that recordkeeping as a base requirement is sacrosanct.”
Gurbir Grewal, Director, Division of Enforcement, SEC
Can we turn to off-channel communications and address the recent cases?
GG: There were two settlements last week that were notable and were reductions in comparison to the previous raft of cases ($15m and $7.5m rather than the previous $125m). The back story here is that penalties like this need to have some deterrent effect. The larger fines were characterized by gaps in document production where the BDs simply did not have the records they were required to under the rules but we had seen these records as we had access to them through a third party. I repeat again that recordkeeping as a base requirement is sacrosanct. The consequence is that law enforcement might be inhibited from unpacking potential fraud without access to the full books and records.
We have seen a number of approaches in recent Wells processes. I can describe these as extensive pitches involving large law firms, documents exceeding our 40-page limit significantly, with vast appendices etc and a following argument that a fine of $10m to $15m was reasonable. It is obvious that our prior penalties are not having the required deterrent effect if this is still ongoing in the industry – $125m fines get attention. We need these headlines to shock firms into becoming compliant.
The recent cases were different because these firms were self-reporting, already remediating, using best efforts to comply, and cooperating with us. We still need to overcome this cultural issue at the top of firms that this conduct is acceptable.
How do these topics and trends become industry-wide sweeps? Will there be more?
GG: You bet there will be more! People pay more attention to sweeps than to individual cases which is why this is of benefit but we focus on where we see common risk in the industry and the trends that are developing.
CK: I want to address some misconceptions related to FINRA sweeps. Some people view these as an industry-wide dragnet but we usually sweep by going to anything from six to 24 firms and a sweep does not lead to automatic enforcement. They are useful for focus on an area and for getting a message across as they get more attention. We are good about publishing what we are doing and the questions we are asking. We regularly update what we are seeing as we do the sweep so the results can be acted on while the sweep is under way.
Can you focus on the good and bad you see in the Wells process right now?
GG: We are keen to increase the pace of our investigations. Trust and accountability is crucial to the public and this gets diminished if we take 24 months to investigate an issue. There is no automatic right to a Wells process and firms need to understand that. We want to expedite the process and don’t see a need for delay unless there is a substantial disagreement about the facts, a programmatic issue or something new to consider.
These meetings really affect the level of credibility that a firm and attorneys have in our eyes. We don’t appreciate attorneys fighting tooth and nail on every issue – they must pick their battles and focus on the key points they want to win.
CK: I agree with GG here. They must pick their battles and prioritize what they want us to address. We also encourage firms to approach us before a Wells process at the end of a case. We need the facts as soon as possible and are happy to meet early when it is needed. Discussion is more effective than a back and forth document process.
“I no longer see the value in keeping our cards close to our chest before a big reveal at the end of a case. We aim to be open and get to the point.”
Chris Kelly (CK), acting head of enforcement and Senior VP, FINRA
Can you give more views on cooperation and what you view as non-cooperation?
GG: We see a lack of cooperation in this arena as more prevalent than in the criminal enforcement world but I guess we had a bigger hammer in that respect. It really does hinder the process and damages the credibility of the client, attorney and firm. I think a colleague gave a speech 10 years ago called Lawyers Behaving Badly and the one I gave recently was version 2.0 of this.
James Comey gave an excellent speech as Deputy Attorney General and this dealt with the fact that there is a two-way street on this issue that requires law enforcement to engender credibility itself. We don’t want and should not play hide the ball ourselves in our dealings with firms and individuals. He referred to a reservoir of trust that takes a lifetime to fill and can get drained very quickly.
CK: We see similar examples of this in our BD world. We have many interactions that help to build trust over time but this can be lost very quickly if there is obvious non-cooperation. At this stage in my career I no longer see the value in keeping our cards close to our chest before a big reveal at the end of a case. We aim to be open and get to the point and so we are encouraging more reverse proffers to help with this.
What are the top issues in the BD space that keep you up at night?
GG: Unregistered intermediaries operating in the crypto space with a group of affiliates all under one roof.
CK: What I can best describe as BD/IA arbitrage. We have more dual registrants than ever. We have spotted a small number of BDs trying to take advantage of fee structures by moving things out of the BD account into the IA. This results in higher fees and we have seen this done over very short time periods such as 24 hours.