finra's record-breaking sanctions of 2015

April 28, 2016

WEBINAR FINRA’s Record-BreakingFines and Sanctions of 2015

Andrew McCormickSutherland Asbill & Brennan LLP

Brian L. RubinSutherland Asbill & Brennan LLP

Mike PaganiSmarsh

Quick Overview

Proliferation of content subject to regulatory compliance

EMAILIM

SOCIAL

WEB

MOBILE

VOICE/AUDIO

FILES

VIDEOS

2000 2016

The diversity and complexity of electronic communications being used continues to grow year over year

4

• Leading Comprehensive Archive Platform

• Focus on Financial Services, Public Sector and other regulated industries

• Founded in 2001 by CEO Steve Marsh

• Headquartered in Portland, Oregon with offices throughout the USA and UK/EMEA

• 20,000+ customers with 95% retention

Our company

5

Our core offering• Immutable retention across a broad

range of content types and versions• Support for over 40 content types

across email, IM, social, mobile, files and web

• Policy-driven compliance and supervision workflows and use cases

• Powerful search and case management for discovery workflows and use cases

• Cloud-based SaaS model for rapid deployment and optimal scalability

• Investment-enhancing professional services and support for optimized ROI

6

Search Policies

Cases Admin

Core Platform Features

Top-tier analyst firms recognize Smarsh and its offerings as INDUSTRY LEADING

Leader in the 2015 Gartner Magic Quadrant for Enterprise Information Archiving, and Top 3 placement in 2014 and 2015 Gartner Critical Capabilities for compliance and e-discovery Comprehensive Archive Platform solution category designation for The Archiving Platform™ in the Forrester Research MARKET OVERVIEW: INFORMATION ARCHIVING, Q2 2015

7

What functions are key for our customers

8

FINRA’S RECORD-BREAKING FINES AND SANCTIONS OF 2015

Brian RubinAndrew McCormick

Mike PaganiApril 28, 2016

• Number of 2015 Cases Filed: 1,462

• 1,397 cases filed in 2014

• 5% increase

• 36% increase in the number of cases since 2008

• Number of firms expelled: 18 in 2014; 25 in 2015; increase of 39%

• Number of individuals barred: 481 in 2014; 492 in 2015; increase of 2%

• Number of individuals suspended: 705 in 2014; 737 in 2015; increase of 5%

2015 FINRA Actions

• $94M in fines reported in 2015• $134M in fines reported in 2014

• 30% decrease in fines

• Second-highest amount of FINRA fines reported since the financial crisis.

• 236% increase in fines since 2008

2015 FINRA Actions

• $96M in restitution reported in 2015• $32M in restitution reported in 2014

• Increase of 200%

• This is the most restitution FINRA has ever reported.• Largely driven by sales charge discount cases: 25 reported in

2015, $52M in restitution• Due to restitution, FINRA’s overall sanctions increased in 2015

• $166M in 2014 to $190M in 2015• Increase of 14%

2015 FINRA Actions

Supersized Fines of $1M+• 2013: 12 supersized fines, $31M in total fines• 2014: 25 supersized fines, $100M in total fines• 2015: 18 supersized fines, $52.2M in total fines

2015 FINRA Actions

2015 TOP FINRA ENFORCEMENT ISSUES (by total fines)

1. Trade Reporting: $30 million, 159 cases2. Anti-Money Laundering: $21 million, 36 cases3. Suitability: $18 million, 76 cases4. Forms U4, U5, and 3070: $13 million, 154 cases5. Advertising: $12 million, 36 cases

1. $10M – Firm allegedly had widespread supervisory failures, including the sales of complex products, fee disclosures, trade reporting, and confirmation delivery.

2. $7.5M – Firm allegedly failed to effectively monitor the suitability of customers’ investments in Puerto Rican closed-end funds.

3. $6M – Firm allegedly sold billions of unregistered microcap securities and AML system was not reasonably designed to detect suspicious activity regarding microcaps.

4. $3.75M – Firm allegedly executed thousands of unsuitable mutual fund transactions because it did not have a reasonable supervisory system; firm’s system did not flag many mutual fund trades for review and customers did not receive breakpoint discounts they were owed.

5. $3M – Firm allegedly did not provide accurate “blue sheet” trade data in an automated format to the SEC and FINRA.

Largest FINRA Fines of 2015

2015 Top Enforcement Issue:Trade Reporting

• 2015: $30.3M in fines; 159 cases• 2014: $11.1M in fines; 176 cases

Increase of 173% in fines and decrease of 10% in the number of cases in 2015

• Trade reporting was #5 on Sutherland’s Top FINRA Enforcement Issues list for 2014 and #2 in 2013.

• The $10M widespread supervision case alleged that trade data was reported incorrectly for approximately one million trades; most trade reporting issues were due to technology problems.

• $2.4M fine where firm allegedly failed to accurately report options positions in nearly 15 million instances; received cooperation credit (self-reported, hired an independent consultant, produced the consultant’s report).


Increases of 56% in fines and 6% in the number of cases in 2015

• AML was #4 on Sutherland’s Top FINRA Enforcement Issues list for 2014.

• The $6M fine case alleged that the firm’s AML program was not reasonably designed to detect and monitor suspicious activity relating to microcaps; guidance provided to supervisors, as well as the training and systems used by the firm, were insufficient. Two individuals were also fined and suspended.

• $950K fine for allegedly liquidating nearly four billion shares of unregistered penny stocks; firm did not investigate AML red flags, including that many deposits of unregistered securities were immediately followed by liquidations and had no exception reports to address this issue. Two AML compliance officers were fined and suspended.

2015 Top Enforcement Issue:Anti-Money Laundering


Increases of 227% in fines and 1% in the number of cases in 2015

• Suitability cases have historically been a Top Enforcement Issue.• $7.5M fine for allegedly failing to effectively monitor the suitability of

customers’ investments in Puerto Rican closed-end funds (CEFs) during a four-year period. FINRA alleged the firm did not adjust its supervisory system to the unique business needs in Puerto Rico. Firm also ordered to pay $11M in restitution.

• $3.75M fine for allegedly having an inadequate mutual fund supervision system during a five-year period. FINRA alleged the firm’s definition of a mutual fund switch was incorrect in an automated system, which resulted in thousands of suitability alerts not being reviewed. Firm also ordered to pay at least $10M in restitution.

2015 Top Enforcement Issue:Suitability

• Cybersecurity appeared on the SEC’s Office of Compliance Inspections and Examinations (OCIE) list of Exam Priorities for 2016 and FINRA’s Annual Regulatory and Exam Priorities Letter for 2016.

• SEC Chair Mary Jo White: “cybersecurity is the shared responsibility of all regulators and market participants . . . to guard the broader financial system against intrusions.”

• The SEC recently brought an enforcement action against a firm that was the victim of a cyber-attack. This was the SEC’s first cybersecurity case since the SEC began its cybersecurity sweep in 2014. The firm had implemented certain cybersecurity systems, procedures and protections and the SEC alleged no evidence that any information was stolen by the hackers.

• This case may signify that the SEC will apply a strict liability standard to cybersecurity breaches.

Recent Regulatory Trend:Cybersecurity

Future SEC and FINRA enforcement actions relating to cybersecurity could address:

Inadequate responses to breaches Inadequate policies and procedures Failing to enforce policies and procedures Failing to conduct periodic assessments Failing to respond to identified deficiencies Failing to protect firm networks and customer information Failing to have adequate policies, procedures, or

protections regarding vendors and outsourcing

Recent Regulatory Trend:Cybersecurity (continued)

FINRA FINES IN ELECTRONIC COMMUNICATIONS CASES

Recent Regulatory Trend:Electronic Communications

Fines Reported

Percentage Change

Percentage of Total

FINRA FinesCases

ReportedPercentage

Change

2008 $2.7M - 10% 24 -2009 $3.5M 30% 7% 24 0%2010 $2.4M (31%) 6% 35 46%2011 $3.3M 38% 5% 57 63%2012 $6.5M 97% 9% 63 11%2013 $19.8M 204% 33% 68 8%2014 $2.7M (86%) 2% 54 (21%)2015 $6.2M 130% 7% 64 19%

TYPES OF CASESRetention failures can lead to significant fines.

A 2013 FINRA case resulted in a $7.5M fine for alleged systemic email retention failures. Allegations that the firm could not access hundreds of millions of emails, failed to review tens of millions of emails, and misled FINRA during the investigation. Firm ordered to pay $1.5M to litigants who may have been impacted by these email issues.

Retention systems must be WORM compliant A 2015 FINRA case resulted in a $2.6M fine for allegedly failing to retain 168

million automated outgoing emails and other electronic records in non-rewriteable, non-erasable “WORM” (“Write-Once, Read-Many”) format. The firm did not have a centralized document retention process.

A 2006 SEC case resulted in a $2.5M penalty for allegedly failing to preserve emails in a WORM format because emails could be deleted before they were saved to backup tapes.

A 2005 SEC case resulted in $2.1M in penalties for allegedly failing to preserve the email backup tapes in a WORM format. Additionally, the firm could not locate some backup tapes when responding to the SEC’s requests for emails.


(continued)

TYPES OF CASESUnique categories of emails must also be retained.

A 2013 FINRA case resulted in a $1.2M fine for five affiliated firms for allegedly failing to retain unique categories of emails, including BCC emails, emails to distribution lists, emails to/from alternate addresses, and encrypted emails.

Firms must also retain instant messages. A 2013 FINRA case resulted in a $3.75M fine for allegations that the firm did

not retain electronic records in a WORM format over a 10-year period, including trade confirmations, email attachments, and 3.3 million Bloomberg instant messages.

Lexicon search terms should be robust and relevant. A 2013 FINRA case resulted in a $100,000 fine for allegations that the

surveillance software used by the firm did not flag emails containing language such as “no principal risk,” “completely liquid,” and “principal protection.”


(continued)

TYPES OF CASESMobile devices should be configured properly.

A 2014 FINRA case resulted in a $275,000 fine for allegations that emails sent from Blackberry devices to recipients outside the firm were not retained. FINRA also alleged that no Blackberry messages were retained.

Software must be properly configured. A 2014 FINRA case resulted in a $250,000 fine for allegations that the firm

did not subject 12.6M DBA emails to a surveillance review due to technological problems with a software update. FINRA also alleged that the firm did not perform regular testing to make sure the surveillance system was working properly.


(continued)

• Trade reporting, anti-money laundering, and suitability will likely be big enforcement issues again.

• Regulators will focus on firm culture. It is unclear what this will look like or how it will be enforced, but firms should be prepared to address this issue in examinations, sweeps, and discovery requests.

• Share class issues will be a key focus for regulators.• Restitution will continue to play an increased role in

enforcement actions.

What to Expect in 2016 and Beyond?

Value of archived content beyond compliance

27

What benefits do our customers experience

28

29


30


Thank you!

finra's record-breaking sanctions of 2015

Technology