Firm Fined for Inadequate Supervisory System Leading to $6.6 Million Fraud
Broker-Dealers
AML
January 31, 2024
The Case
The firm failed to establish and maintain a supervisory system. It failed to establish, maintain, and enforce written procedures reasonably designed to comply with the firm’s obligation to monitor transmittals of customer funds to third parties.
As a result, the firm received and approved four fraudulent wire transfer requests from a hacker without taking reasonable steps to confirm whether the requests were genuine, such as contacting an authorized representative of the correspondent firm by telephone.
The hacker, who had gained access to an email account belonging to a registered representative at one of the firm’s correspondent firms, requested that the firm send four wires totaling more than $6.6 million from a joint brokerage account held by two customers to two third parties.
The firm failed to reasonably investigate red flags that the wire requests were fraudulent, including large and increasing amounts in a short period of time, plus the wires that were sent to third-party recipients who lacked any connection to the customers and were located in foreign countries.
Why Does This Matter?
FINRA’s disciplinary action outlines enhanced expectations for its member firms regarding detecting and preventing impermissible trading practices, including manipulative trading. This action also highlights the agency’s ongoing focus on compliance systems and workflows to supervise potential layering and spoofing by the firm’s proprietary traders and all firm customers.
InnReg's Experience
As part of its compliance outsourcing services, InnReg offers a proprietary Suspicious Activity Monitoring product that includes end-to-end coverage for prompt detection, scoring, alerting, workflow processing, and reporting.
Learn More About This Topic
For additional details, read how InnReg’s broker-dealer compliance services can help your fintech build best practices to meet evolving regulatory requirements. InnReg’s framework includes an end-to-end guide for reviewing and testing a broker-dealer supervisory system, conducting business reviews, and testing AML programs.
RIAs
The SEC recently brought settled enforcement actions against two registered investment advisers for failing to establish, maintain, and enforce written policies and procedures reasonably designed to prevent the misuse of material nonpublic information (MNPI), in violation of Section 204A of the Investment Advisers Act of 1940 (Advisers Act) and the Compliance Rule.
RIAs
On Sep. 4, 2024, FinCEN published a final rule (Final Rule) adding certain RIAs and ERAs (collectively, Covered Advisers) to the definition of “financial institution” under the regulations implementing the BSA, and imposing on Covered Advisers broad AML and CFT program requirements, as well as other BSA recordkeeping and reporting requirements.
Broker-Dealers
On November 22, the SEC announced (here) that broker-dealers Webull Financial LLC, Lightspeed Financial Services Group LLC, and Paulson Investment Company, LLC agreed to settle charges that they filed with law enforcement SARs that failed to include required information.
