NOTE: Stipulations of Fact and Consent to Penalty (SFC); Offers of Settlement (OS); and Letters of Acceptance Waiver, and Consent (AWC) are entered into by Respondents without admitting or denying the allegations, but consent is given to the described sanctions & to the entry of findings. Additionally, for AWCs, if FINRA has reason to believe a violation has occurred and the member or associated person does not dispute the violation, FINRA may prepare and request that the member or associated person execute a letter accepting a finding of violation, consenting to the imposition of sanctions, and agreeing to waive such member's or associated person's right to a hearing before a hearing panel, and any right of appeal to the National Adjudicatory Council, the SEC, and the courts, or to otherwise challenge the validity of the letter, if the letter is accepted. The letter shall describe the act or practice engaged in or omitted, the rule, regulation, or statutory provision violated, and the sanction or sanctions to be imposed.
Nanes, Delorme Capital Management LLC AWC/2009016349601/September 2011
The Firm failed to preserve, for a period of not less than three years, the first two years in an easily accessible form, all email correspondence relating to the firmís business.
The emails involving research and emails viewed by the firm as administrative or technical were deleted, emails were not indexed and were not easily located; consequently, the firm was not able to locate various emails sent or received in one year in response to FINRA requests. The firm failed to preserve all emails relating to the firmís securities business exclusively in a non-rewritable, non-erasable format as required by SEC 13 September 2011 Rule 17a-4(f)(2)(ii)(A). Not only were individual emails users able to delete emails, in which case, they would not be stored, the medium that the firm used to back-up and store emails was rewritable and erasable. FINRA found that the electronic storage media the firm used did not automatically verify the quality and accuracy of the storage media process, and the firm did not have in place an audit system providing for accountability regarding inputting of records required to be maintained and preserved by electronic storage media. FINRA also found that the firm failed to engage at least one third party who has access to, and the ability to, download information from the firmís electronic storage media to another acceptable medium, and who undertakes to promptly furnish to FINRA information necessary for downloading information from the firmís electronic storage system and provide access to information contained on its storage system. In addition, FINRA determined that the firm failed to retain records evidencing supervisory review of email correspondence of registered representatives relating to the firmís securities business. Moreover, FINRA found that the firm failed to report transactions in TRACE-eligible securities to TRACE that it was required to report, and failed to report the correct price for transactions in TRACE-eligible securities to TRACE. Furthermore, FINRA found that in connection with corporate bond transactions, the firm failed to prepare brokerage order memoranda, in that order memoranda did not show the account for which the order was entered, the time the order was received, the order entry time, the execution time and the identity of each associated person responsible for the account. (FINRA Case #)
Nanes, Delorme Capital Management LLC : Censured; Fined $15,000 (FINRA imposed a lower fine in this case after it considered, among other things, the firmís revenues and financial resources)
Dito obtained possession of a computer flash drive that contained non-public customer account information and mined out selected excerpts for his own use by emailing the information, on separate occasions, to his member firm email address. Among other things, the flash drive contained approximately 350 account statements of customers from a FINRA member firm -- each of the customer account statements contained in the flash drive displayed non-public financial information including customer names, addresses, account numbers, financial positions, broker identification numbers and account values. Subsequent to reviewing the contents of the flash drive, Dito copied customer account information from the non-public customer account information contained in the flash drive.
The first email he sent to his firm email address contained the names and addresses of approximately 300 customers, which Dito had copied directly from FINRA member firm customer account statements contained in the flash drive. Dito intended to use the customer account information contained on the first email to cold-call prospective customers.
The second email Dito sent to his firm email address consisted of a listing of financial positions on the flash drive that were for a FINRA member firm securities account a customer owned that showed the customerís equity stock holdings and their total net value.
Dito failed to fully cooperate with FINRA and answer all of FINRAís questions at an on-the-record examination.
Indiana Merchant Banking and Brokerage Co., Inc. AWC/2009016067901/August 2011
The Firm failed to evidence any review of incoming or outgoing written and electronic correspondence; failed to review the incoming and outgoing electronic correspondence of its CCOís personal email account that he used to conduct securities related business, and the CCO had business cards with his personal email address included.
The firm failed to maintain its electronic correspondence (email) and electronic internal communications (email) for almost two years, and failed to maintain the incoming and outgoing electronic communications of an individualís personal email account used to conduct business. The firm failed to notify FINRA prior to employing electronic storage media.
The Firm failed to file an attestation by at least one third party who has access and the ability to download information from its electronic storage media to an acceptable media for such records that are exclusively stored electronically. The firmís electronic storage media failed to have in place an audit system providing for accountability regarding inputting of records required to be maintained and preserved, and inputting of any changes to every original and duplicate record maintained and preserved.
Indiana Merchant Banking and Brokerage Co., Inc. : Censured; Fined $20,000. FINRA imposed a lower fine after it considered, among other things, the firmís size, revenues and financial resources.
Brown Associates, Inc. AWC/2009016207701/July 2011
The Firm failed to properly archive its business-related electronic communications for individual users in some of its Offices of Supervisory Jurisdiction (OSJs).
The Firm stored these emails on stand-alone servers or individual machines only, which theoretically permitted individual users to delete incoming or outgoing emails, and thereby failed to properly preserve its business-related electronic correspondence.
The firm failed to
review business-related electronic communications for the individuals and an additional user;
evidence its review of individualsí business-related electronic communications as the firmís WSPs required; and
provide notification and thirdĖparty attestation to FINRA regarding the use of electronic storage media 90 days prior to employing such media.
Brown Associates, Inc. : Censure; Fined $50,000; Required to certify to FINRA in writing within 90 days of issuance of the AWC that the firm currently has in place systems and procedures reasonably designed to achieve compliance with the laws, regulations and rules concerning the preservation of electronic correspondence.
The Firm failed to preserve all of its business-related electronic communications. The Firm attempted to preserve such communications by burning them to a non-rewriteable, non-erasable disc on a monthly basis, but the process was deficient because it did not result in all such communications being saved to the disc. The Firm did not identify this deficiency in its audit of its electronic communications preservation system.
In contravention of its written supervisory procedures, permitted registered representatives to use outside or non-firm-sponsored email accounts to send and receive securities business-related emails. The firmís preservation process did not capture these emails that were sent to or from those accounts; therefore, the firm did not retain and review them.
The firm relied exclusively on electronic storage media to preserve its business-related electronic communications but did not retain a third party who had the access or ability to download information from its electronic storage media.
Firstrade Securities Inc. AWC/2009016640101/May 2011
The Firm did not have available, for examination by FINRA staff, facilities for immediate, easily readable projection or production of micrographic media or electronic storage media images and for producing easily readable images, as SEC Rule 17a-4(f)(3) (i) required. The firm maintained certain records in electronic formats but failed to notify its examining authority, FINRA, prior to employing electronic storage media. The firm did not have in place an audit system providing for accountability regarding inputting of records required to be maintained and preserved under SEC Rules 17a-3 and 17a-4 to electronic storage media. The firm was required to have the results of such an audit system available for examination by FINRA staff. The firm failed to provide the required access to allow a third-party vendor to download information from its electronic storage media and file the required undertakings with the proper authorities, including FINRA.
Firstrade Securities Inc. : Censured; Fined $20,000
Karn allowed a customer to sign relativesí names on life insurance applications, and before Karn submitted them for processing, she signed the insurance applications and certified that she had witnessed each of the proposed signatures on the insurance applications. Karn falsely certified on the Representativeís Information Supplement document for each insurance application that she had personally seen each proposed insured at the time the application was completed.
One of Karnís clients completed an application to purchase a municipal bond fund by signing her name on an electronic signature pad, and later that same day, Karn signed the clientís name on the electronic signature pad and thereby affixed the clientís signature on an application without the clientís authorization, consent or knowledge. The application Karnís member firm processed and sent to the client reflected the signature Karn had affixed rather than the clientís authentic signature. When the firm questioned Karn about the authenticity of the clientís signature, Karn initially stated it was the clientís original signature, but when questioned further, admitted she had signed the clientís name and in doing so, Karn misled her firm during its internal investigation into a customer complaint.
have reasonable grounds to believe that a private placement an entity offered pursuant to Regulation D was suitable for any customer, after it received red flags that the entity had financial issues and was not timely making interest payments, but continued to sell the offering to customers;
enforce a supervisory system reasonably designed to achieve compliance with applicable securities laws and regulations, and NASD and FINRA rules in connection with the sale of private placements;
conduct adequate due diligence of the private placements or confirm that its representatives were doing their own due diligence;
conduct adequate due diligence of private placements other entities offered; and
enforce a supervisory system reasonably designed to achieve compliance with applicable securities laws and regulations, and NASD and FINRA rules in connection with the sale of the private placements the entities offered pursuant to Regulation D.
The Firm reviewed cursory private placement memoranda (PPMs) for the offerings but failed to investigate red flags or analyze third-party sources of information or take affirmative steps to ensure the information in the offering documents was accurate.
The Firm failed to preserve electronic communications in a non-rewritable, non-erasable or ďWORMĒ format that complied with books and records requirements, and the firm used third-party software for storing and retaining electronic communications that did not comply with the requirements of SEC Rule 17a-4(f). Although the Firm was informed that its electronic storage medium was non-compliant but did not take adequate remedial action to retain email properly.
Workman Securities Corporation : Censured; Ordered to pay $700,000 as partial restitution to investors; Ordered to certify in writing to FINRA that it has established and implemented a system and procedures reasonably designed to achieve compliance with recordkeeping requirements related to electronic communications, and provide a written report to FINRA describing the policies, procedures and controls it has established and implemented related to the integrity of the retention and retrieval process for electronic communications, and the supervisory system it has implemented to oversee the preservation of electronic communications.
An interesting aspect of a recent SEC Order is its treatment of the information provided by multiple Claimants as constituting the conduct of a single whistleblower. In the Matter of the Claims for Award in Connection with Notice of Covered Action [Redacted][Redacted] (Order Determining Whistleblower Award Claims, '34 Act Rel. No. 87544; ... Read On