Alerts

Broker-Dealers and Mutual Funds: Increased Regulatory Focus on Suspicious Activity Monitoring and Reporting Requirements

April 1, 2021

Congress’ enactment of the Anti-Money Laundering Act of 2020 (“AML Act”) and Corporate Transparency Act (“CTA”), both part of the National Defense Authorization Act of 2021, resulted in some of the most significant reforms to the Bank Secrecy Act (“BSA”) and federal anti-money laundering (“AML”) laws since the USA PATRIOT Act of 2001.[1] While the full impact of this recent legislation will not be fully realized until the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) adopts implementing regulations,[2] we are already seeing increased scrutiny by the U.S. Securities and Exchange Commission (“SEC”) and securities industry self-regulatory organizations (“SROs”), including the Financial Industry Regulatory Authority (“FINRA”), of firms’ compliance with AML program obligations, including suspicious activity monitoring and reporting.

On March 29, 2021, the staff of the SEC’s Division of Examinations (“SEC Exam Staff”) reminded broker-dealers and mutual funds of their obligations under AML rules and regulations[3] and highlighted AML compliance-related deficiencies that they observed during the most recent SEC examination cycle (“AML Risk Alert”). This AML Risk Alert focuses on the SEC Exam Staff’s observations of inadequacies regarding broker-dealers’ policies and procedures to identify and report suspicious activity, inadequate implementation of reasonably designed procedures to respond to suspicious activity, and the filing of incomplete or inaccurate suspicious activity reports (“SARs”).

AML Policies, Procedures and Internal Controls

The SEC Exam Staff continues to examine broker-dealers that have not established AML policies, procedures and internal controls that are reasonably designed to identify and report suspicious activity as required under the Bank Secrecy Act, and its implementing regulations, including:

Failing to tailor red flags to the types of activity in which their clients regularly engage or to sufficiently detail red flags in their policies and procedures;
Failing to implement automated systems to monitor large trading volumes;
Failing to monitor low-priced securities transactions where securities are priced between $1 and $5 or where the transaction occurs on an exchange;
Setting SAR reporting thresholds above $5,000; and
Inappropriate reliance by introducing firms on clearing firms to identify and report suspicious transactions in customer accounts and failing to adopt their own procedures that take into account the high-risk nature of their customers’ activity, e.g., trades in low-priced, unregistered securities.[4]

The SEC Exam Staff also observed that some firms had reasonably designed policies and procedures related to suspicious activity, but failed to adequately implement them, including by:

Making inconsistent determinations to file SARs;
Failing to utilize available reports and monitoring systems;
Inadequately following up on red flags identified in their procedures (such as prearranged or non-completive trading, including wash or cross trades or potential insider trading); and
Failing to adhere to firm policies regarding prohibitions against certain high-risk activity (e.g., accepting trades for securities less than one penny per share without adequate due diligence).

Suspicious Activity Monitoring and Reporting

The SEC Exam Staff observed that many firms failed to adequately conduct or document due diligence in response to known indicators of suspicious activity,[5] especially with respect to activity in low-priced securities, and that firms failed to account for publicly available information about their customers when conducting due diligence, including failing to:

Identify sales of shares that were publicly known to be part of promotional activity;
Link trading in low-priced securities to customers who were publicly known to be affiliated with the issuer; and
Identify concentrations of low-priced security liquidations among clients of high-risk introducing broker-dealers or broker-dealer counterparties.

Lastly, the SEC Exam Staff raised concerns that firms continue to file SARs with inaccurate information or that lack sufficient detail. Of particular concern are:

Failing to include in SAR reports key information that is available in the firm’s internal records (“e.g., social security numbers, dollar amounts for customers’ losses from identity theft and account-takeover fraud, customers’ disciplinary history and account numbers, details relating to foreign customers and sub-accountholders and concerns about suspected promoters and issuers of low-priced securities”);
Reporting only one leg of a suspicious transaction (e.g., the deposit but not the liquidation of low-priced securities); and
Failing to adequately detail cyber-intrusions in SAR reports (e.g., the method and manner of cyber-intrusions and schemes to “take over” customer accounts, including the method of transferring out funds, how the account was accessed, bank account information, phone/fax numbers, email addresses and IP addresses).[6]

In addition to enhanced SEC scrutiny, FINRA continues to aggressively enforce AML rules against its members and has provided additional guidance concerning broker-dealer AML obligations, including the potential for suspicious activity related to low-priced securities or “penny stocks.”[7] Specifically, in February 2021, FINRA published a notice urging firms to review their policies and procedures relating to red flags involving low-priced securities transactions, which it emphasized can be volatile and particularly vulnerable to fraud and market manipulation.[8] FINRA noted that bad actors often perpetrate illegal activity by taking advantage of trends or major events such as growth in cannabis-related businesses or the ongoing COVID-19 pandemic. FINRA advised that firms could mitigate these risks by strengthening their controls to detect, monitor, and report potentially fraudulent low-priced securities activity and identified issuer-, promotional- and customer-specific red flags, as well as specific monitoring and other supervisory controls that broker-dealers can implement to mitigate the risk of these frauds and to detect and report the activity.

In March 2021, FINRA issued a special alert regarding its near real-time observation of a sharp increase in “instant funds” abuse.[9] Instant funds abuse typically involves new customers opening online brokerage accounts with immediate access to funds and placing securities orders before their account is funded, allowing those customers to engage in fraudulent transactions before the brokerage firm receives a notice of fraud or insufficient funds from the funding bank, resulting in losses to the brokerage firm. Notably, this notice was published, at least in part, based on FINRA’s observation of discussions occurring on social media regarding the instant funds policies of specific firms.[10] FINRA urged firms to mitigate this risk by adjusting the amount of available instant funds, delaying the ability to place orders with unsettled funds, or enhancing account validation processes. These alerts signal that FINRA expects firms to be regularly assessing potential financial risks, taking swift action to mitigate and address them and conducting meaningful due diligence as to whether a SAR should be filed.

The SEC Exam Staff, citing SEC v. Alpine Securities Corp., notes that a broker-dealer’s failure to file a SAR or maintain records as required by the SAR rule would be a violation of Section 17(a) of the Exchange Act and Rule 17a-8.[11] The SEC Exam Staff also notes that “[a] broker-dealer’s failure to follow its own AML procedures could also constitute a failure to ‘document accurately’ its AML compliance program in violation of Section 17(a) and Rule 17a-8.”^{^[}12]

Conclusion

AML continues to be an examination priority for the SEC[13] and various SROs.[14] Firms should expect increased scrutiny by regulators of their AML compliance programs and, in particular, their suspicious activity reporting procedures. Regulators are also focused on market manipulation, issues relating to low-priced securities, including unregistered distributions, and the use of social media and online message boards to disrupt the market and perpetuate fraud. Firms should expect that AML deficiencies will result in substantial and increasing regulatory penalties. Accordingly, firms should continue to proactively review and, as necessary, enhance their AML programs to ensure that their policies, procedures, and internal controls are tailored to their specific business risks, appropriately implemented, and that their SAR-filing procedures satisfy applicable law and industry guidance, including that they are accurate and appropriately detailed.

Authored by Betty Santangelo, Julian Rainero, Craig S. Warkol, Melissa G.R. Goldstein, Derek N. Lacarrubba, Kolby Loft and J. Eric Prather.

If you have any questions concerning this Alert, please contact your attorney at Schulte Roth & Zabel or one of the authors.

[1] See SRZ’s previous Alert regarding the substance of these reforms, available here.

[2] On April 1, 2021, FinCEN issued an Advance Notice of Proposed Rulemaking (“ANPRM”) to solicit public comment on a wide range of questions related to the implementation of the beneficial ownership information reporting provisions of the CTA, commencing its rulemaking efforts. The ANPRM is scheduled to be published in the Federal Register on April 5, 2021. An unpublished version of the ANPRM is available here.

[3] Securities and Exchange Commission, Division of Examinations, Risk Alert: Compliance Issues Related to Suspicious Activity Monitoring and Reporting at Broker-Dealers (March 29, 2021), available here.

[4] See also “Frequently Asked Questions (FAQ) regarding Anti-Money Laundering (AML),” FINRA (March 29, 2021), available here.

[5] See “FINRA Provides Guidance to Firms Regarding Suspicious Activity Monitoring and Reporting Obligations,” Reg. Notice 19-18, FINRA (May 6, 2019), available here, for FINRA guidance regarding suspicious activity monitoring.

[6] See SRZ’s Alert regarding the increased cybersecurity risks arising from the COVID-19 pandemic for more information, available here.

[7] See 17 C.F.R. § 240.3a51-1 (defining “penny stock”).

[8] See “FINRA Urges Firms to Review Their Policies and Procedures Relating to Red Flags of Potential Securities Fraud Involving Low-Priced Securities,” Reg. Notice 21-03, FINRA (Feb. 10, 2021), available here.

[9] “FINRA Alerts Firms to Recent Increase in ACH ‘Instant Funds’ Abuse,” Reg. Notice 21-14, FINRA (March 25, 2021), available here.

[10] FINRA noted that the increase “appeared correlated to the recent market volatility driven by social media interest in certain securities.” Id. Though FINRA did not identify any particular social media platform or source, the FINRA observation period coincided with prominent short squeezing activities by members of the “wallstreetbets” Reddit group. See SRZ’s Alert regarding the recent short squeezes for more information, available here.

[11] Securities and Exchange Commission, Division of Examinations, Risk Alert: Compliance Issues Related to Suspicious Activity Monitoring and Reporting at Broker-Dealers, at 2, n.4 (March 29, 2021) (citing SEC v. Alpine Securities Corp., 982 F.3d 68 (2d Cir. 2020)).

[12] Id.

[13] See Securities and Exchange Commission, Division of Examinations, 2021 Examination Priorities (March 3, 2021), available here.

[14] See, e.g., 2021 Report on FINRA’s Examination and Risk Monitoring Program, FINRA (Feb. 1, 2021), available here.

This communication is issued by Schulte Roth & Zabel LLP for informational purposes only and does not constitute legal advice or establish an attorney-client relationship. In some jurisdictions, this publication may be considered attorney advertising. ©2021 Schulte Roth & Zabel LLP.