Broker-dealers (BDs) recently caught a break, with the U.S. Securities & Exchange Commission extending its “no-action relief” for BD customer identification obligations, according to a memo.1 SEC guidance allows brokerage firms to rely on their registered investment adviser (RIA) third parties to conduct some or all of their customer identification program duties, as specified by federal anti-money laundering (AML) laws. The regulator has also extended broker-dealers’ relief for the new ultimate beneficial ownership (UBO) rules, fast-tracked last May in response to the Panama Papers scandal.2
For broker dealer compliance, the latest customer due diligence guidance may seem agreeable, but recent SEC and Financial Industry Regulatory Authority (FINRA) enforcement actions indicate otherwise. More alarming, the widening scope of Bank Secrecy Act (BSA) scrutiny isn’t just targeting large, brand-name brokerages. Smaller and medium-sized firms are increasingly finding themselves subject to similarly exhaustive regulatory inquiries.3 Here are some of the more notable penalties assessed against brokerage firms in 2016:
- Last February, the SEC fined a Miami-based brokerage firm for “allowing foreign entities to buy and sell securities without verifying the identities of the non-U.S. citizens who beneficially owned them.”4
- In May, FINRA announced a $17 million penalty against a major broker-dealer for “failing to establish and implement adequate AML procedures, which resulted in the firms’ failure to properly prevent or detect, investigate, and report suspicious activity for several years.”5
- And most recently in June, the SEC issued the first-ever fine against a BD for failing to file suspicious activity reports (SARs)6 related to the high-volume liquidation of microcap securities.
Given the heightened AML enforcement regime, brokerages of all sizes must work diligently in 2017 to promote a firm- and sector-wide culture of compliance. The SEC’s October Risk Alert only magnifies this responsibility, with its emphasis on whistleblower protection as an examination priority.7 From a regulatory standpoint, brokerages that deal in high volumes of low-priced, over-the-counter securities are the focal point of AML risk8 for the broker-dealer sector. But even bulge-bracket brokerage firms have demonstrated susceptibility to negligent and harmful AML practices.9
Looking forward, regulatory technology, or regtech, will play a vital role in the cultural reforms impacting the broker-dealer sector. The technology solutions available today will augment the risk management controls of chief compliance officers (CCOs), helping them promote counterparty transparency throughout their organizations. For brokerages seeking to actualize a best-in-class culture of compliance in 2017, the following considerations are essential:
- Empower your chief compliance officer
- Design a risk-based AML strategy, with an emphasis on third-party RIA risk
- Supplement CIP and UBO initiatives with regtech
- Protect whistleblowers
- Ensure that transaction-monitoring systems are adequate
Empower your CCO
FINRA’s focus on firm culture as an examination priority10 compels brokerages to grant greater decision-making powers and authority to CCOs. Optimally, CCOs should be the linchpin of firm culture; their focus should be on guiding, instructing, and shaping the ethical character of the organization in compliance with all applicable regulations and core values. To promote the right culture, CCOs at every broker-dealer need an open channel of communication with C-Suite leadership, in addition to state-of-the-art regtech applications11 that bolster SAR monitoring and employee surveillance.
Design a Risk-Based Strategy
While the SEC has allowed brokerages to rely on the AML safeguards applied by their RIA counterparties for now, recent FINRA actions highlight an opposing narrative. Consider that in 2015,12 FINRA issued the following penalties against brokerage firms:
- 1512 disciplinary actions
- 492 brokers banned
- 737 brokers suspended
- $93.8 million in fines
- $96.6 million in restitution to harmed investors
FINRA says that its “examination process is risk-based,” which means brokerages need to identify the vulnerabilities that are most relevant to the size, scale, and scope of their operations. But the current enforcement landscape targeted brokerages that process high volumes of microcap, or penny stock, securities as particularly “high-risk business models.” In 2015, for example, FINRA fined a BD $6 million for failing to “detect the potentially suspicious nature of the illicit sales of almost 3.9 billion shares of microcap stocks which generated over $1.1 million in commissions.”13
Although the microcap market has become a focal point for regulatory scrutiny, risk is broadly predicated on the brokerage’s operational footprint, the geographies they intersect, and the RIAs for which they process trades. In 2017, firms must thoroughly assess the integrity of their trading technology platforms, employees, counterparties, and transaction-monitoring systems. Despite the SEC’s mixed signals, broker-dealers cannot rely solely on the AML controls of the RIA sector, which has often leveraged fund vehicles in high-risk, bank secrecy jurisdictions to realize more tax-efficient returns for their investors.s and more, compliance officers should thoroughly investigate the third parties with which they conduct business.
Supplement CIP and UBO Initiatives with Regtech
To mitigate AML risks, as well as bolster CIP and UBO compliance, brokerages should seek an investigative, public records tool that can pull data from a global network of information resources in real time. This type of regtech asset is vital to BSA compliance in the wake of FinCEN’s recent UBO ruling.
As the SEC enables brokerages to shift some of their CIP and CDD duties to RIA third parties, these trading firms must determine the suitability of all entities that satisfy a control or ownership threshold for their enterprise financial partners. Specifically, the master-feeder structure favored by hedge funds14 and other sophisticated RIAs introduces a plethora of AML risks associated with offshore legal entities.
In these highly structured fund vehicles, various feeder funds, often set up as offshore limited liability corporations, buy a stake in the master fund, which becomes the buyer/seller of record for all trades. Given that master-feeder fund architecture is popular with “foreign investors who wish to maintain a certain level of anonymity,”14 brokerages must leverage new investigative technologies to enhance transparency for RIA ownership structures.
Now that the Panama Papers have shined the spotlight on offshore financial corruption and mobilized some 150 audits and investigations in 79 countries around the world,15 brokerages must improve their third-party due diligence. For this reason, the right regtech solution has become a mission-critical compliance asset.
The SEC is taking a retaliatory stance against certain BD-employee confidentiality agreements that violate Section 21F-17 of the Securities Exchange Act of 1934, which amends “Securities Whistleblower Incentives and Protection” provisions. Section 21F-17 states that “no person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement,” or otherwise restrict an employee from engaging with the SEC.
As regulators prioritize culture in brokerage examinations, broker-dealers across the board must ensure that all of their broker dealer compliance manuals, codes of ethics, employment agreements, and severance agreements have explicit rules that protect employees who report wrongdoing.
Ensure that transaction-monitoring systems are adequate
While recent penalties against delinquent brokerages suggest more human error than technological deficiency, the first-ever fine issued against a BD for failing to file SARs is a wake-up call for the entire sector. It follows that more brokerages will inevitably feel the sting of SAR-related enforcement action in 2017.
To mitigate risk in a changing business environment, BDs must ensure their transaction-monitoring systems are flagging suspicious trades in a timely manner, with a close eye on microcap transactions and trades that deviate from the projected investment activities of their RIA accounts.
Despite the latest no-action-relief guidance from the SEC, brokerages must enhance third-party due diligence capabilities. In today’s regulatory regime, BDs should generally focus on microcap traders and RIAs with highly structured, offshore fund architecture. But ultimately, brokerage compliance initiatives must be reflective of unique risk-based considerations that speak to the size, scale, and scope of a BD’s operating footprint.
Nevertheless, the regulatory disruption wrought by the Panama Papers scandal and the Malaysian 1MDB theft has created the need for a high-tech AML response. A dynamic and data-driven investigative public records tool helps brokerages navigate complex fund structures, isolating unsuitable RIAs and mitigating AML risks across the spectrum.
14 http://uprblj.org/issues/volume 2 issue 2/articles/2-UPRBLJ-264.pdf