After SEC Flags Compliance Failures, Broker-Dealers Can Follow These Practical Tips to Avoid Penalties

Let us introduce you to Nathalia, an up-and-coming financial adviser (and fictional character unrelated to any actual person) for a broker-dealer firm in Nogales, Arizona. Nathalia has proven herself a trustworthy employee who knows the essentials of communicating well, negotiating and closing deals. She is also trying to leave a positive impression at her firm, where she started working a year ago.

To expand her client portfolio, Nathalia begins looking to investors just over the border in Nogales, Mexico, where she has a number of contacts through her friends and family. The investors prefer to communicate with Nathalia using WhatsApp. The app’s end-to-end encryption helps keep communications away from prying eyes. Nathalia learned quickly that, for safety and other concerns, these prospective new clients of hers like to keep their private business matters just that. Private.

In an effort to forge genuine customer service, Nathalia obliges. She has been trying to impress her new boss with her entrepreneurialism by generating new customers and these potential investors would each bring $15 million in assets under management for Nathalia and her firm.

Over the course of the next few months, Nathalia and her foreign investors exchange thousands of WhatsApp messages. The two groups also communicate occasionally over Nathalia’s work email.

Nathalia services the investors’ accounts well but, unfortunately, a dispute arises over an investment that did not go the way an investor had envisioned. With the firm and investor arguing about what went wrong, Nathalia’s firm points to the work emails to show Nathalia advised them in accordance with firm policy.

That’s when the investor reveals the WhatsApp messages. Nathalia’s bosses are caught off-guard. While Nathalia believes the messages are consistent with the advice she provided in her email messages, an argument can be made — and is by the investor — that Nathalia was doing the opposite of the investor’s desires. Nathalia’s firm is now a named party in a FINRA arbitration and is left scrambling to collect previously uncollected data and, ultimately, may have to pay hefty fines related to violations of SEC Rule 17a-4.

In her eagerness to grow her client portfolio and to please her newfound investors, Nathalia overlooked one of the many rules she and her firm are bound to follow. Rule 17a-4 requires financial advisers like Nathalia to maintain and preserve electronic records exclusively in a non-rewriteable, non-erasable format to allow for immediate examination and access to those records by the SEC or other regulators. This record-keeping rule is all the more heightened when broker-dealer firms use off-platform apps like WhatsApp.

Nathalia is frustrated because she wants to grow her business by accommodating her new clients’ communication demands. She also wants to be compliant with the various rules to keep her licenses. How can her firm straddle these two seemingly competing interests? 

Here are some practical tips broker-dealers can follow to ensure they are staying compliant (and profitable).

Financial Services

The Board’s Role in AML Compliance

by Ola Tucker

November 4, 2019

Ola Tucker, founder of Compliance Notes, discusses the board of director’s oversight role with respect to a financial institution’s BSA/AML compliance program, as well as the specific responsibilities arising out of that role.

Read moreDetails

A grassroots approach to communication

With more and more compliance measures and the ever-present prospect of hefty fines, the Nathalias of the broker-dealer world are left with a complex balancing act.

Financial advisers like Nathalia are one of a broker-dealer’s main revenue-generating profit centers. Their primary focus is to meet with clients to drive income to the firm. This can create tension when it comes to time spent on compliance training, where advisers feel pulled away from generating revenue by following required regulations. Additionally, compliance training can sometimes feel disjointed from a financial adviser’s day-to-day reality. Instead of partnering with financial advisers to find workable solutions, the training can sometimes miss the mark of being relevant or practical.

Earlier this year, the SEC’s Division of Examinations offered a clear warning for brokerage firms to ensure their AML programs are adequate. The SEC’s risk alert revealed multiple areas where some broker-dealers were failing to meet compliance measures, including not adequately verifying the identity of customers nor devoting enough resources to AML compliance.

The alert also pointed to failures, such as independent testing that did not meet AML compliance measures, including testing that was not performed in a timely manner, no evidence of such tests and unqualified testing personnel. Auditors also found outdated training materials and an inability by firms to demonstrate that ongoing training requirements were met.

To Nathalia, the tension became a daunting choice of her either communicating with her clients through WhatsApp or losing $15 million worth of business.

But there is a third, indispensable option where Nathalia and her firm work together to make sure they are in compliance while still keeping the client. Broker-dealer firms must improve communication with industrious financial advisers. Broker-dealer leadership should take a grassroots approach to educating their advisers and management about the intimidating set of federal rules and regulations.

Education and ongoing training are key, but they must be approached in a digestible way — guiding the advisers in a manner that will have the best impact. Advisors might unintentionally disregard a message about compliance if it is included as part of a regular barrage of dos and don’ts emails. Instead, these messages should be delivered in targeted, concentrated and engaging forms to ensure the advisers retain the message.

It is one thing to simply point out what the rule is. It is another to explain why the rules matter and what the cost is of failing to comply.

A more direct and personal touch during training can go a long way. If it makes sense, firm leadership can engage a third party to present annual or biannual training. If done in an engaging way, financial advisers will appreciate an outside group who are not part of the firm’s in-house compliance team. These mandatory trainings should invite collaboration and feedback from the financial advisers about where they are anticipating points of tension between their business and the compliance requirements. Such a plan can increase the gravity of the training for the employees and facilitate retention.

In Nathalia’s WhatsApp scenario, if the firm’s training on SEC Rule 17a-4 had invited open communication between Nathalia and her firm, there could have been a discussion about how to keep all messaging on the company platform. The firm might have considered developing a company messaging platform to allow Nathalia and her fellow advisers to keep their client communications compliant.

This problem-solving approach is the best way to engage with advisers. It is no secret that an unhappy financial adviser can migrate to another firm, taking their book of business with them. The “human touch” communication approach means listening to advisors to understand what challenges they are facing and working together to find solutions.

An ounce of prevention equals a pound of cure

Broker-dealer firms might look through the long list of rules and regulations and immediately start thinking about the cost of compliance. In the Nathalia example, it is unsurprising that a firm running its own secure messaging platform will come with a hefty price tag.

Compliance takes time, energy, resources and money. But what broker-dealers invest on the front end can save them significant money in fines, fees and other penalties down the road. Not to mention the public-relations consequences of an AML violation.

Regulators have cited larger firms with AML violations up to $17 million. Government regulators and FINRA routinely promulgate new rules for broker-dealers. Maintaining robust and comprehensive compliance programs — even with dedicated in-house compliance counsel — is a daunting task. Regardless, the alternative is more daunting. Better to invest in upfront compliance than become subject to fines, or worse, from regulators. 

Know your customer

Nathalia has now learned her lesson about where to keep her messages. But there are other key issues Nathalia needs to think about carefully. For example, when she acquires a new client, she needs to verify their identity, a common practice called Know Your Customer (KYC).

When Nathalia recently met a new client, it came at a busy time. She was just wrapping up a deal with another longtime client of hers when the new opportunity came knocking. Nathalia’s new client offered the prospect of a large investment. She did not want to irritate them by reaching out to confirm what she thought to be minor information.

Nathalia quickly entered the client’s name and other pertinent data into her firm’s portal. The system flagged a discrepancy, but Nathalia believed it to be too minor to slow the deal down. Maybe it was just a computer glitch, Nathalia thought.

A few months later, the SEC discovers the discrepancy. It turns out that the firm was not compliant with 31 C.F.R. § 1023.220, which dictates customer identification program (CIP) requirements for broker-dealers.

In its recent risk alert, the SEC called out situations like this one. Firms did not appear to have properly designed CIPs. These programs must enable the broker-dealer to form a reasonable belief that it knows the true identities of customers.

Firms should take the step of reminding financial advisors about this critical aspect of AML programs — to curtail the flow of illicit money to terrorist organizations, for example. The recent risk alert discussed compliance around suspicious activity monitoring and reporting. According to the SEC, any misconduct could threaten the safety of investor assets and the integrity of the financial markets.

Final takeaways

With federal regulators closely watching broker-dealers’ AML, BSA and other compliance programs, it becomes all the more important to devote time, energy and resources to staying up-to-date and compliant.