No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

COVID-19 and Working from Home: Enforcement Implications

Taking Cues from Books and Records, Electronic Communications and Social Media Cases

by Brian Rubin, Adam Pollet and Marianna Shafir
April 10, 2020
in Compliance, Featured
illustration of geographically disparate team all working from home

Eversheds Sutherland partners with Smarsh to focus on enforcement actions in key areas that are already presenting significant challenges to firms with mandated work-from-home policies caused by the COVID-19 pandemic.

COVID-19 is not just creating a health crisis around the world, it will also create a crisis for firms that get sanctioned for failing to properly consider prior disciplinary actions involving books and records, electronic communications and social media. Past is prologue – not just in the health care arena, but also in the securities industry.

Because of the COVID-19 pandemic, work environments have changed practically overnight for many firms, but FINRA’s regulations and enforcement actions relating to the supervision of these activities remain the same; firms should heed prior disciplinary actions and remain vigilant.

Past is Prologue[1]

Focus on Overall Fines, Restitution and Disciplinary Actions

The fines reported by FINRA in 2019 decreased significantly to $44 million from $61 million in 2018, a 28 percent decrease. This continues the year-over-year trend of reductions in fines from the record-setting year in 2016, when FINRA ordered $174 million in fines. With the overall reduction in fines, the number of cases with very large fines also declined in 2019. FINRA assessed nine fines of $1 million or more (what we call “supersized” fines), totaling $27.9 million. In contrast, in 2018, FINRA assessed 13 “supersized” fines, totaling $47 million. Similarly, in 2019, FINRA assessed just one fine of $5 million or more (what we call a “yuuuge” fine). In contrast, in 2018, five cases resulted in “yuuuge” fines. Yet, the largest single fine in 2019 ($15 million) was $5 million more than the largest single fine in 2018.

In 2019, restitution ordered by FINRA decreased slightly. FINRA ordered restitution of approximately $24 million in 2019, a decrease of 8 percent from the $26 million in restitution ordered in 2018 and well below the record of $97 million ordered in 2015. As a result of these decreases in 2019, the total monetary sanctions ordered by FINRA (fines, restitution and disgorgement) were $70 million. The total sanctions ordered in recent years were significantly higher: $124 million in 2018, $150 million in 2017, $207 million in 2016 and $193 million in 2015. The number of cases reported by FINRA also decreased last year. FINRA reported 591 disciplinary actions in 2019, a decrease of 7 percent from the 638 disciplinary actions in 2018 and a decrease of 41 percent from the 1,007 cases FINRA reported in 2017. The percentage of cases against just firms (as opposed to cases against individuals or jointly against both firms and individuals) declined to 18 percent from 25 percent during 2018.

The number of individuals barred or suspended and firms expelled also decreased in 2019 compared with 2018. FINRA barred 198 individuals in 2019, a 6 percent decrease from the 211 reported in 2018. The number of firms expelled by FINRA decreased from four in 2018 to three in 2019. Finally, the number of individuals suspended decreased by 4 percent, from 254 in 2018 to 245 in 2019.

Last year, the number of fines, restitution and cases decreased from the previous year, appearing to indicate a kinder and gentler FINRA — at least temporarily. FINRA continued its focus on anti-money laundering in 2019 while also pursuing more “nuts and bolts” issues like suitability, misleading or inaccurate information and supervisory policies and procedures.

The chart below displays FINRA’s fines and the number of disciplinary actions during each of the past 10 years:

FINRA’s Sanctions Statistics, 2010-2019
Fines Reported Percentage Change Disciplinary Actions Percentage Change
FINRA Statistics FINRA Online data
2010 $42 million (16) 1.310 1,147 10
2011 $72 million 71 1,488 1,249 9
2012 $69 million (4) 1,541 1,281 3
2013 $60 million (13) 1,535 1,283 0.2
2014 $133 million 122 1,397 1,212 (6)
2015 $94 million (29) 1,462 1,344 11
2016 $174 million 85 1,434 1,201 (11)
2017 $65 million (63) 1,369 1,007 (16)
2018 $61 million (6) 921 638 (37)
2019 $44 million (28) TBD 591 (7)

The chart below displays the restitution FINRA reported during each of the past 10 years:

FINRA’s Restitution Statistics, 2010-2019
Restitution Reported Percentage Change
2010 $6 million (25)
2011 $19 million 217
2012 $34 million 79
2013 $10 million (71)
2014 $32 million 220
2015 $97 million 203
2016 $28 million (71)
2017 $67 million 139
2018 $26 million (61)
2019 $24 million (8)

Focus on Books and Records

Disciplinary actions against firms for recordkeeping violations have been declining recently, falling 33 percent in 2019 to just five cases, down from 16 cases in 2018. FINRA’s cases against individuals rose 6 percent in 2019 to 48 cases, down from 45 cases in 2018. The drop in violations against firms may have been due to a heightened focus on meeting new rules including General Data Protection Regulation (GDPR), Markets in Financial Instruments Directive II (MiFID II), California Consumer Privacy Act (CCPA) and others. Thus, while it appears that firms are becoming more proactive possibly due to heightened regulatory interest in this space, registered representatives continue to violate recordkeeping obligations, knowingly or unknowingly. Along with a drop in the number of cases, there was an even more significant reduction in the amount of fines, from $4.9 million in 2018 to $1.9 million in 2019. The chart below illustrates this decline and other statistics.

  2018 BOOKS and RECORDS 2019 BOOKS and RECORDS
Issued Cases 61 53
Fines Paid to FINRA $4.89 million $1.91 million
Restitution $965,297 $280,919
vs. Firms 16 5
vs. Firms and Individual(s) 45 48

The largest recordkeeping fine in 2019 was a $700,000 fine against a firm, where the CCO was barred from association with any FINRA member in any principal or supervisory capacity and fined $100,000.[2] Among other things, FINRA found that the firm and the CCO failed to establish and maintain a reasonable supervisory system for the preparation of books and records. FINRA also found that the firm failed to establish and maintain a reasonable supervisory system for the review of electronic correspondence. The firm’s written supervisory procedures (WSPs) did not address how supervisors were to select electronic correspondence for review, how they were to review it, the frequency of such reviews and the manner in which to document reviews, nor did the firm maintain records of its supervisory review of electronic correspondence.

Focus on Electronic Communications

Cases relating to electronic communications also decreased in 2019. There were 24 cases (three against firms), down from 30 cases in 2018 (10 against firms). The number of fines was also down more than 50 percent to $1.47 million from $3.09 million in 2018. The chart below shows the complete details on electronic communications cases in 2018 and 2019.

  2018 ELECTRONIC COMMUNICATIONS 2019 ELECTRONIC COMMUNICATIONS
Issued Cases 30 24
Fines Paid to FINRA $3.09 million $1.47 million
Restitution $967,015 $84,425
vs. Firms 10 3
vs. Firms and Individual(s) 20 21

The largest electronic communications case of 2019 resulted in a $32,500 fine.[3] The firm failed to establish, maintain and enforce a supervisory system, including WSPs reasonably designed to review email correspondence for indications of potential violations of federal securities laws or FINRA rules. The findings stated that the firm lacked any pertinent WSPs, and its methods for reviewing email messages were ineffective and unreasonable given its business, size, structure and customers. The firm’s WSPs did not include procedures describing how it would conduct its supervisory review of electronic communications sent or received by its registered individuals. In addition, the emails selected randomly by the firm’s email vendor did not constitute a reasonable amount of the firm’s overall electronic communications and the search terms that would flag an email for a principal review were not comprehensive enough to yield a meaningful sample of flagged communications.

Other notable 2019 cases involved representatives who were fined and suspended for using text messaging and personal email accounts to engage in business-related communications with customers, causing firms to fail to comply with their recordkeeping obligations. In one case, a representative was fined $20,000 for using instant messaging and text messaging in business-related communications with customers.[4]

Focus on Social Media

FINRA has not historically pursued social media cases aggressively. The numbers in 2019 were consistent with that. There were two social media cases in 2019, an increase from the one in 2018, but the fines in 2019 were down significantly, from $1.73 million in 2018 to $110,000. But after a year where FINRA filed no cases against any firms for social media violations, FINRA filed one case against a firm. The chart below illustrates the limited social media cases in 2018 and 2019.

  2018 SOCIAL MEDIA 2019 SOCIAL MEDIA
Issued Cases 1 2
Fines Paid to FINRA $1.73 million $110,000
Restitution $0 $0
vs. Firms 0 1
vs. Firms and Individual(s) 1 1

The largest case of 2019 involving social media resulted in a $90,000 fine. The firm failed to establish, maintain and enforce a reasonable supervisory system, including WSPs, for the review of email and customer correspondence and the review of its registered representatives’ business-related websites and social media.[5] FINRA found that contrary to its WSPs, the firm failed to conduct a weekly review of representatives’ social media sites that the representatives disclosed to the firm 22 times out of a sample of 26 weeks reviewed.

The Future is Being Written Now: What Firms Can Do in 2020

In 2020, the COVID-19 virus remote workforce mandate has increased the need for communication and collaboration tools. The new dynamic will not change firms’ regulatory obligations. Indeed, firms will likely need to be more vigilant because the increasingly broad array of digital communications (i.e., texting, messaging, social media or collaboration applications) may cause them to struggle with their compliance obligations related to the review and retention of such communications.[6] In turn, the regulators will likely increase their focus on the expanded use of these communications. FINRA expects member firms to establish and maintain reasonable supervisory systems designed to supervise the activities of each associated person while working from an alternative or remote location during the pandemic.[7]

This regulatory regime means that firms need to capture, archive and supervise all written business communications. Retention of electronic communications includes email, text messages, instant messages, social media and collaboration tools. Now may be a good time to review policies and procedures to ensure they properly address the firm’s business activities and comply with the provisions of the recordkeeping and supervision rules.

Firms may need to review whether employees have the ability to communicate through non-firm email addresses or third-party communication systems, such as Bloomberg and Reuters. If a firm permits employees to communicate with customers (or even with other associated persons) through these means, it must supervise and retain those communications. Where firms elect to prohibit the use of these means, they often require their associated persons to certify that they are acting in accordance with such policies and procedures on an annual or more frequent basis. Many firms also block access to these email platforms through their networks. Thus, associated persons would be able to access the internet, but not the non-firm email functionality. Many firms using this blocking functionality periodically conduct tests to ensure that it is functioning as designed or intended. Firms should also consider how to demonstrate adherence to regulatory requirements during exams. Firms should also periodically test their systems as well as third-party systems to ensure that communications are being captured for review and retention. Firms cannot assume that representatives are not using their personal emails to communicate with clients.

Steep fines imposed in 2018 for violations made many firms stand up and take notice. The tone in 2020 has not changed for FINRA. The regulators will continue to sanction firms and registered representatives for failing to meet regulatory requirements. Given the new normal and the number of employees working remotely, we expect the regulators will take a hard look at firms and individuals who ignore the obvious rules and the lessons from the past. Therefore, fines and other disciplinary actions will likely be steeper when we see the 2020 results a year from now.

 


[1] This article contains a summary of the findings.  For a more complete analysis, as well as details about the source of the data, see https://www.law360.com/articles/1250683/finra-disciplinary-actions-underscore-aml-focus.

[2] AWC No. 2016048912703 (July 26, 2019).

[3] AWC No. 2014042949704 (Apr. 12, 2019).

[4] AWC No. 2014039169602 (Mar. 22, 2019).

[5] AWC No. 2015047824201 (July 3, 2019).

[6] See News Release, FINRA, FINRA Releases 2020 Risk Monitoring and Examination Priorities Letter (Jan. 9, 2020).

[7] See FINRA, Regulatory Notice 20-08 Pandemic – Related Business Continuity Planning, Guidance and Regulatory Relief (March 8, 2020) (Jan. 9, 2020).


Tags: COVID-19Electronic Communications ComplianceFINRASECSocial Media Risk
Previous Post

U.S. Privacy Law in the Making

Next Post

D&O Liability Insurance in a Time of Financial Uncertainty

Brian Rubin, Adam Pollet and Marianna Shafir

Brian Rubin, Adam Pollet and Marianna Shafir

Brian Rubin is the Washington office leader of the Eversheds Sutherland (U.S.) litigation group and the head of the firm’s Securities and Exchange Commission (SEC), Financial Industry Regulatory Authority (FINRA) and state securities enforcement practice. With more than 20 years of experience in federal securities law, first prosecuting and now defending, Brian represents clients being examined, investigated and prosecuted by the SEC, FINRA, other self-regulatory organizations and states. As former NASD (now FINRA) Deputy Chief Counsel of Enforcement and Senior Enforcement Counsel at the SEC, he brings an insider’s perspective to defending broker-dealers, investment advisers, investment companies, public companies, asset managers and individuals in examinations, investigations, enforcement proceedings, litigation, arbitrations and in counseling. Recently, Brian represented firms and individuals on matters involving 12b-1 fees, share class selection, revenue sharing, bank deposit sweeps, margin accounts, cyber breaches, 529s, variable annuities, variable life insurance, mutual funds, REITs, advertising, email retention and surveillance, advisory accounts, insider trading, trade reporting, markups/markdowns, registration, privacy and supervision. He regularly litigates against regulators and claimants, counsels clients on regulatory and compliance matters and conducts internal investigations.
Adam Pollet is counsel at Eversheds Sutherland. He defends corporations, broker-dealers, investment advisers and individuals in enforcement and litigation matters involving the SEC, FINRA, state regulatory agencies and numerous federal and state courts. He also represents clients in internal investigations and regulatory examinations and counsels them on various regulatory and compliance matters. Prior to joining Eversheds Sutherland (U.S.), Adam was an associate in the government enforcement practice of another international law firm. Adam also has an active pro bono practice and is involved in community outreach programs, including founding a partnership with a local elementary school.
Marianna Shafir is Corporate Counsel and Regulatory Advisor at Smarsh, where she is responsible for regulatory affairs worldwide. With her expertise in financial services industry, compliance and e-discovery, Marianna counsels Smarsh clients on meeting regulatory obligations, leveraging technology and guidance on best practices related to electronic communications supervision. Prior to joining Smarsh, Marianna worked for BNY Mellon and Invesco, where she was an instrumental member on compliance teams. Marianna has also served as an adjunct professor at New York Career Institute, where she taught Law Office Management and Real Estate Law. She earned her Juris Doctorate from Nova Southeastern University. She is a frequent speaker at industry conferences and a contributor to various online publications.

Related Posts

call of duty activision

Activision Settlement Highlights Where Companies Often Go Wrong With Whistleblowers

by Katherine Krems
March 8, 2023

The SEC has long relied on whistleblowers to enforce securities law, often making it worth their while to the tune...

covid business closure insurance

Who’s on the Hook for Pandemic-Related Business Disruptions? Courts Agree, It’s Not Property Insurers.

by Crowell & Moring
February 8, 2023

We’re nearing the three-year anniversary of widespread business shutdowns in the early days of the Covid-19 pandemic. In that short...

esg sec clawback confusion

Unpacking the SEC’s Executive Compensation Clawback Rule

by John Peiserich
January 4, 2023

The SEC has finalized its long-awaited clawback policy mandated by the Dodd-Frank Act, issuing final rules that are scheduled to...

uvalde crosses

Will 2023 Bring More ‘Permacrisis’ Culture?

by Lisa Schor Babin
January 4, 2023

While 2022 had no shortage of chaotic events, ethics columnist Lisa Schor Babin shares her hopes for 2023 — and...

Next Post
businessman selecting virtual umbrella

D&O Liability Insurance in a Time of Financial Uncertainty

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT