- enforce the firmís WSPs regarding the handling of PPM, subscription documents, and investor funds for private placement offerings sold by the firm;
- effectively supervise the associated personsí handling of such documents so that he did not prevent the associated persons from sending subscription documents directly to the private placement issuer, precluding the firm from conducting adequate oversight or review of the transactions and from retaining transaction-related documents;
- review the firmís private placement sales for suitability, and typically did not review or approve private placement transactions effected by the associated persons he supervised; and
- enforce the firmís WSPs and failed to effectively supervise their use of non-firm email for securities business.
Euro Pacific failed to timely report quarterly statistical information concerning most of the customer complaints it received to FINRAís then 3070 System.
The firm failed to maintain complete complaint files and did not enforce its WSPs pertaining to customer complaint reporting, and the Uniform Applications for Securities Industry Registration or Transfer (Forms U4) for those representatives who were the subject of the complaints were not timely updated.
The firm failed to enforce its written supervisory control policies and procedures that would test and verify that the firmís supervisory procedures were reasonably designed with respect to the firmís activities to achieve compliance with applicable securities laws, regulations and self-regulatory organization (SRO) rules; the firmís annual NASD Rule 3012 report for one year did not comport with these procedures, and the firm failed to implement its supervisory control procedures to review its producing managersí customer account activity.
The firm prepared a deficient NASD Rule 3013 certification as it did not document the firmís processes for establishing, maintaining, reviewing, testing and modifying compliance policies reasonably designed to achieve compliance with applicable securities laws, regulations and SRO rules. The firm failed to timely file a Financial and Operational Combined Uniform Single (FOCUS) Report and Schedule I Reports.
The firm failed to preserve, in an easily accessible place, electronic emails for one of its representatives for almost a year.
The firm offered and sold precious metal-related products through an entity, but failed to develop, implement and enforce adequate AML procedures related to the business; the firm did not establish and implement policies and procedures reasonably designed to identify, monitor for and, where appropriate, file suspicious activity reports (SARs) for its business processed through its k(2)(i) account. Moreover, the firm failed to implement and enforce its AML procedures and policies related to its fully disclosed business through its then-clearing firm; aspects of its AML program that the firm failed to implement and enforce included monitoring accounts for suspicious activity, monitoring employee conduct and accounts, red flags and control/restricted securities. Furthermore, the firmís procedures provided that monitoring would be conducted by means of exception reports for unusual size, volume, pattern or type of transactions; the firm did not consistently utilize exception reports made available by its then-clearing firm, and the firm did not evidence its review of the reports and did not note findings and appropriate follow-up actions, if any, that were taken. When notified by its clearing firm of possible suspect activity, on at least several occasions, the firm did not promptly and/or fully respond to the clearing firmís inquiries. Such review was required by the procedures for employee accounts, but the firm did not maintain any evidence that such inquiries for employee accounts were conducted. The firmís procedures contained a non-exclusive list of numerous possible red flags that could signal possible money laundering, but the firm did not take consistent steps to ensure the review of red flags in accounts.
The firmís AML procedures reference that SAR-SF filings are required under the Bank Secrecy Act (BSA) for any account activity involving $5,000 or more when the firm knows, suspects, or has reason to suspect that the transaction involves illegal activity or is designed to evade BSA regulation requirements or involves the use of the firm to facilitate criminal activity; because the firm was not consistently reviewing exception reports or red flags, it could not consistently identify and evaluate circumstances that might warrant a SAR-SF filing.
The firm failed to establish and implement risk-based customer identification program (CIP) procedures appropriate to the firmís size and type of business; and the firm failed to provide ongoing training to appropriate personnel regarding the use of its internal monitoring tools as AML program required.
In addition, certain pages of the firmís website contained statements that did not comport with standards in NASD Rule 2210; FINRA previously identified these Web pages as being in violation of NASD Rule 2210, but the firm failed to remove such pages from its website.
Finkin failed to comply with a FINRA request for a document.
The Firm did not retain internal emails firm registered representatives sent or received for three years, and did not retain emails in a non-erasable, non-rewritable format.
The Firm used an internally created email retention system that retained email between firm registered representatives and individuals outside the firm, but did not retain internal email; instead, the firm retained internal email through the use of backup tapes, which the firm archived for less than the required three year period.
The firm implemented a new email retention system an outside vendor created to retain registered representativesí emails, and for an unknown number of emails, there was a difference in the time the firm registered representative sent or received the email and the timestamp on the email as saved in the archive of the new email retention system; in some instances, the difference was a matter of seconds, and as a result, the timestamps on an unknown number of emails in the archive of the new email retention system differed from the times firm registered representatives sent or received those emails.
While attempting to gather emails in response to a FINRA investigation, the firm discovered that, due to a problem with the new email retention system, certain emails were being held in a database of the new system and were not moving to the archive portion of the system.The Firm performed certain upgrades to the new email retention system in an attempt to move those emails from the database to the archiving portion of the system; prior to performing the upgrade, the firm did not copy the contents of the database where the emails were being held. During the upgrade, a default configuration superseded the customized server configuration that the outside vendor had originally utilized for the system, which resulted in a loss of certain header information when those emails were moved from the database to the archiving portion of the system.
In addition, in a statement submitted to FINRA, the firm reported the problem that resulted in email being ingested in the new email retention system without certain header information. Moreover, the new system also malfunctioned during parts of a year, which led to gaps in its email retention and the loss of emails responsive to FINRAís investigation; neither the firm nor the outside vendor was able to determine the cause of the malfunction or the total number of emails lost as a result of the malfunction.
Furthermore, the Firm did not retain or review emails firm registered representatives sent from firm-issued electronic devices to individuals outside the firm.
The Firm did not establish and maintain a supervisory system, including WSPs, reasonably designed to retain emails firm registered representatives sent or received for the required three-year period, to retain emails firm registered representatives sent from firm-issued electronic devices to individuals outside the firm, and to review electronic communications. The Firm did not establish a supervisory system, including WSPs, reasonably designed to detect and prevent malfunctions in the new email retention system.
Harte participated in the sale of unregistered securities, in violation of Section 5 of the Securities Act of 1933.
Harte and a registered representative at his member firm sold millions of shares of a thinly traded penny stock, resulting in proceeds exceeding $9.3 million for firm customers; the total commissions generated were $481,398.
Harte failed to conduct any due diligence prior to the stock sales; the circumstances surrounding the stock and the firmís customers presented numerous red flags of a possible unlawful stock distribution.
Harte did not determine if a registration statement was in effect with respect to the shares or if there was an applicable exemption; Harte relied on transfer agents and clearing firms to determine the tradability of the stock. Harte failed to undertake adequate efforts to ensure that the registered representative ascertained the information necessary to determine whether the customersí unregistered shares could be sold in compliance with Section 5 of the Securities Act of 1933. Also, he did not consider the determination of the free-trading status of shares to be within his supervisory responsibilities.
Harte failed to follow up on red flags; he was on notice of the inconsistencies between customersí trading experience and activity in their firm accounts but took no action.
In addition, Harte received customer emails which evidenced a greater level of market sophistication than reflected in their account forms but failed to investigate these discrepancies.
Acting through Ayre, its CCO, Ayre Investments failed to establish and maintain a supervisory system and establish, maintain and enforce WSPs to supervise the activities of each registered person that were reasonably designed to achieve compliance with the applicable rules and regulations related to
- CRD pre-registration checks,
- exception report maintenance and review,
- supervisory branch office inspections,
- approval of transactions by a registered securities principal,
- annual compliance meeting,
- financial and operations principal (FINOP) review of checks received and disbursements blotter,
- NASD Rule 3012 annual report to senior management,
- review and retention of correspondence, Regulation S-P and outsourcing arrangements.
The Firm's WSPs were purchased from a third-party vendor and were intended to meet the needs of any broker-dealer, regardless of the firmís size or business. Acting through Ayre, the Firm failed to tailor the template WSPs to address the firmís particular business activities. With respect to the areas identified above, the firmís WSPs failed to describe with reasonable specificity the identity of the person who would perform the relevant supervisory reviews and how and when those reviews would be conducted; and with respect to the maintenance of electronic communications, the firm completely failed to establish, maintain and enforce any supervisory system and/or WSPs reasonably designed to ensure that all business-related emails were retained.
Acting through Ayre, the Firm violated the terms of a Letter of Acceptance, Waiver and Consent (AWC) by failing to file a required written certification with FINRA regarding the firmís WSPs within 90 days of the issuance of the AWC. Despite being given multiple reminders and opportunities by FINRA staff during a routine examination to file the certification, the firm and Ayre have yet to file the certification the AWC required.
The Firm only had one registered options principal (ROP) who was required to review and approve all of the firmís option trades; for more than half a year, however, the ROP resided in another state and did not work in the firmís main office. Furthermore, the firmís WSPs did not address or explain how the ROP, given his remote location, was to accomplish and document the contemporaneous review and approval of all options trades firm customers placed; the firm executed approximately 450 options transactions, none of which the ROP approved.
The firm failed to maintain and preserve all of its business-related electronic communications, and therefore willfully violated Securities Exchange Act Rule 17a-4.
The Firm permitted its registered representatives to use email to conduct business when the firm did not have a system for email surveillance or archiving. Each firm representative maintained electronic communications on his or her personal computer or arranged for the retention of electronic communications in some other fashion, and the firm relied on representatives to forward or copy their businessrelated emails to the firmís home office for retention. Not all of the representativesí business-related emails were forwarded to the home office, and the firm did not retain the electronic communications that were not forwarded or copied to the firmís home office; as a result, the firm failed to maintain and preserve at least 10,000 business-related electronic communications representatives sent to or received.
Ayre Investments, Inc.: Censured; Fined $10,000 (note: FINRA states that it imposed a lower fine against the firm after it considered, among other things, the firmís revenues and financial resources); Undertakes to review its supervisory systems and WSPs for compliance with FINRA rules and federal securities laws and regulations, including those laws, regulations and rules concerning the preservation of electronic mail communications, and certify in writing to FINRA, within 90 days, that the firm has in place systems and procedures to achieve compliance with those rules, laws and regulations.
Timothy Tilton Ayre: Fined $10,000; Suspended 2 months in Principal capacity only.
Klecka created a non-genuine email purporting to be from the Arizona Department of Insurance (AZ DOI) regarding the agencyís investigation into Kleckaís activities at his former firm, and then provided a copy of the email to the member firm with which he was associated.
Kleckaís firm commenced an internal investigation of Klecka concerning questionable business activities related to his sale of life insurance policies. During the course of the firmís review, it was learned that Klecka was the subject of an investigation being conducted by the state regarding activities that occurred while Klecka was associated with another member firm.
Klecka forwarded an email from his personal email address to his managing director at the firm --the forwarded email was purportedly from the state insurance department, which contained a timeline documenting Kleckaís contact with the agency, and the email bore what appeared to be the typed signature of an investigator with the AZ DOI. However, Klecka subsequently admitted that he was not truthful on the dates and fabricated the email to lead his firm to believe that the state investigation was more recent than it actually was. The forged document provided an explanation for Kleckaís failure to disclose the investigation to the firm earlier than he did.
The firm subsequently terminated Klecka for, among other reasons, creating a non-genuine email purporting to be from the AZ DOI regarding its investigation into Kleckaís activities at his former firm. In addition, Klecka failed to appear for a FINRA on-the-record interview.
H. Beck Inc. failed to maintain and preserve certain of its business-related electronic and written communications.
Most of the firmís registered representatives are independent contractors operating from ďone-manĒ branch office locations throughout the country; the firmís representatives were allowed to maintain written correspondence at their branch offices; and the firm permitted representatives to send emails from their personal computers. The firm did not have an electronic system to capture emails, but instead required representatives to print and make copies of their emails, which along with their written correspondence were reviewed during annual branch inspections; representatives were required to send emails and written correspondence involving the solicitation of products to compliance for pre-approval. The firm did not have prior system or procedures in place to retain all other emails and written correspondence after the representatives terminated from the firm. and, as a result, the firm did not subsequently retain most of the emails and written correspondence for representatives who terminated from the firm.
Also, the firm did not establish and implement policies and procedures that could be reasonably expected to detect and cause the reporting of suspicious transactions. In addition, the firmís WSPs relating to the reporting of suspicious activity failed to provide reasonable detail, such as the specific reports and documents to be reviewed, the timing and frequency of such reviews, the specific persons to conduct the reviews, and a description of how the reviews would be conducted and evidenced. Moreover, the firmís supervisory procedures did not provide adequate guidelines regarding the reporting of suspicious activity, including when a suspicious activity report should be filed and what documentation should be maintained. Furthermore, although the firm had 140,000 active accounts, it used only a minimal number of exception reports, relying instead on its clearing firms to assist in the review of suspicious activity. The firm failed to conduct adequate independent tests of its AML compliance program (AMLCP), failed to sufficiently test topics and failed to adequately memorialize what was reviewed. The findings also included that with respect to a sample of corporate bond transactions and municipal securities transactions the firm executed, it failed to accurately disclose the receipt time on the majority of the order tickets.
The Firm failed to preserve, for a period of not less than three years, the first two years in an easily accessible form, all email correspondence relating to the firmís business.
The emails involving research and emails viewed by the firm as administrative or technical were deleted, emails were not indexed and were not easily located; consequently, the firm was not able to locate various emails sent or received in one year in response to FINRA requests. The firm failed to preserve all emails relating to the firmís securities business exclusively in a non-rewritable, non-erasable format as required by SEC 13 September 2011 Rule 17a-4(f)(2)(ii)(A). Not only were individual emails users able to delete emails, in which case, they would not be stored, the medium that the firm used to back-up and store emails was rewritable and erasable. FINRA found that the electronic storage media the firm used did not automatically verify the quality and accuracy of the storage media process, and the firm did not have in place an audit system providing for accountability regarding inputting of records required to be maintained and preserved by electronic storage media. FINRA also found that the firm failed to engage at least one third party who has access to, and the ability to, download information from the firmís electronic storage media to another acceptable medium, and who undertakes to promptly furnish to FINRA information necessary for downloading information from the firmís electronic storage system and provide access to information contained on its storage system. In addition, FINRA determined that the firm failed to retain records evidencing supervisory review of email correspondence of registered representatives relating to the firmís securities business. Moreover, FINRA found that the firm failed to report transactions in TRACE-eligible securities to TRACE that it was required to report, and failed to report the correct price for transactions in TRACE-eligible securities to TRACE. Furthermore, FINRA found that in connection with corporate bond transactions, the firm failed to prepare brokerage order memoranda, in that order memoranda did not show the account for which the order was entered, the time the order was received, the order entry time, the execution time and the identity of each associated person responsible for the account. (FINRA Case #)
Dito obtained possession of a computer flash drive that contained non-public customer account information and mined out selected excerpts for his own use by emailing the information, on separate occasions, to his member firm email address. Among other things, the flash drive contained approximately 350 account statements of customers from a FINRA member firm -- each of the customer account statements contained in the flash drive displayed non-public financial information including customer names, addresses, account numbers, financial positions, broker identification numbers and account values. Subsequent to reviewing the contents of the flash drive, Dito copied customer account information from the non-public customer account information contained in the flash drive.
The first email he sent to his firm email address contained the names and addresses of approximately 300 customers, which Dito had copied directly from FINRA member firm customer account statements contained in the flash drive. Dito intended to use the customer account information contained on the first email to cold-call prospective customers.
The second email Dito sent to his firm email address consisted of a listing of financial positions on the flash drive that were for a FINRA member firm securities account a customer owned that showed the customerís equity stock holdings and their total net value.
Dito failed to fully cooperate with FINRA and answer all of FINRAís questions at an on-the-record examination.
Although the Firm sought and received permission to conduct its private placement activity, it failed to timely amend its Application for Broker-Dealer Registration (Form BD), as it did not identify this business on its Form BD until years later.
Acting through Searle, the Firmís president and CCO failed to establish, maintain and enforce an adequate system and written procedures reasonably designed to supervise its placement business; and failed to adequately supervise the placement business conducted by a former registered representative who conducted firm business at an unregistered office. The Firm failed to adequately ensure that its ledgers or other records accurately reflected all of the firmís assets, liabilities, income and expenses. The Firm impermissibly ďnettedĒ the commission revenue it received, failing to reflect the gross amount of commission the firm received and the amount paid to the registered representative who placed the business, thus understating gross revenues and expenses. As a result, the Firm filed inaccurate Financial and Operational Combined Uniform Single (FOCUS) Reports and inaccurate annual audits.
The Firm failed to establish, maintain and enforce adequate WSPs regarding the use of outside emails for firm business and the review and retention of emails; the firm permitted associated persons to use personal email accounts to send and receive emails related to the firmís securities business without capturing, reviewing or retaining them.
In addition, the Firm paid fees and commissions totaling $21 million to non-registered limited liability company (LLC) entities of which the firmís registered representatives were the sole members. Moreover, the Firm improperly paid the non-registered entities rather than paying the commissions and fees directly to the registered representatives who owned the non-registered entities. The suspension was in effect from August 15, 2011, through August 26, 2011. (FINRA Case #)
Searle & Co.: Censured; Fined $47,500 ($10,000 was jointly and severally with Searle)
Robert Southworth Searle: Fined $10,000 joint/several with Searle & Co.; Suspended 10 business days in Principal capacity
The Firm failed to establish and maintain a supervisory system or WSPs reasonably designed to detect and prevent the charging of excessive commissions on mutual fund liquidation transactions.
The Firm failed to put in place any supervisory systems or procedures to ensure that customers were not inadvertently charged commissions, in addition to the various fees disclosed in the mutual fund prospectus, on their mutual fund liquidation transactions. The firmís failure to take such action resulted in commissions being charged on transactions in customer accounts that generated approximately $64,110 in commissions for the firm.
The firm had inadequate supervisory systems and procedures to ensure that a firm principal reviewed, and the firm retained, all email correspondence for the requisite time period; the firm failed to review and retain securities-related email correspondence sent and received on at least one registered representativeís outside email account, and the firm did not have a system or procedures in place to prevent or detect non-compliance.
The firm failed to conduct an annual inspection of all of its Offices of Supervisory Jurisdiction (OSJ) branch offices.
The Firm failed to comply with various FINRA advertising provisions in connection with certain public communications, including websites, one billboard and one newsletter, in that a registered principal had not approved websites prior to use; websites did not contain a hyperlink to FINRAís or Securities Investor Protection Corporation (SIPC)ís website; one website, the billboard and the newsletter failed to maintain a copy of the communication beginning on the first date of use; and sections of websites that concerned registered investment companies were either not filed, or timely filed, with FINRAís Advertising Regulation Department. In addition, websites contained information that was not fair and balanced, did not provide a sound basis for evaluating the facts represented, or omitted material facts regarding equity indexed annuities, fixed annuities and variable annuities. Moreover, websites contained false, exaggerated, unwarranted or misleading statements concerning mutual B shares; the firmís websites and the billboard did not prominently disclose the firmís name, and a website, in connection with a discussion of mutual funds, failed to disclose standardized performance data, failed to disclose the maximum sales charge or maximum deferred sales charge and failed to identify the total annual fund operating expense ratio, and a website, in a comparison between exchange-traded funds (ETFs) and mutual funds failed to disclose all material differences between the two products.
Furthermore,the firm failed to report, or to timely report, certain customer complaints as required; the firm also failed to timely update a registered representativeís Uniform Termination Notice for Securities Industry Registration (Form U5) to disclose required information. The firm failed to create and maintain a record of a customer complaint and related records that included the complainantís name, address, account number, date the complaint was received, name of each associated person identified in the complaint, description of the nature of the complaint, disposition of the complaint or, alternatively, failed to maintain a separate file that contained this information.
The firm failed to ensure that all covered persons, including the firmís president and CEO, completed the Firm Element of Continuing Education (CE). The firmís 3012 and 3013 reports were inadequate, in that the 3012 report for one year was inadequate because it failed to provide a rationale for the areas that would be tested, failed to detail the manner and method for testing and verifying that the firmís system of supervisory policies and procedures were designed to achieve compliance with applicable rules and laws, did not provide a summary of the test results and gaps found, failed to detect repeat violations including failure to conduct annual OSJ branch office inspections, advertising violations, customer complaint reporting, and ensuring that all covered persons participated in the Firm Element of CE. FINRA also found that the firmís 3013 report for that year did not document the processes for establishing, maintaining, reviewing, testing and modifying compliance policies to achieve compliance with applicable NASD rules, MSRB rules and federal securities laws, and the manner and frequency with which the processes are administered. In addition, the firm also failed to enforce its 3013 procedures regarding notification from customers regarding address changes.
The Firm failed to evidence any review of incoming or outgoing written and electronic correspondence; failed to review the incoming and outgoing electronic correspondence of its CCOís personal email account that he used to conduct securities related business, and the CCO had business cards with his personal email address included.
The firm failed to maintain its electronic correspondence (email) and electronic internal communications (email) for almost two years, and failed to maintain the incoming and outgoing electronic communications of an individualís personal email account used to conduct business. The firm failed to notify FINRA prior to employing electronic storage media.
The Firm failed to file an attestation by at least one third party who has access and the ability to download information from its electronic storage media to an acceptable media for such records that are exclusively stored electronically. The firmís electronic storage media failed to have in place an audit system providing for accountability regarding inputting of records required to be maintained and preserved, and inputting of any changes to every original and duplicate record maintained and preserved.
Jan attempted to arrange an outside third-party business loan for a prospective client without obtaining written authorization or otherwise notifying his member firm; if successful, Jan would have received a referral fee. The potential client agreed and Jan, using his personal email account on his home computer, sent the prospective client a detailed client information sheet from an outside lender; the document Jan sent required the prospective client to provide numerous pieces of information relating to the potential loan, including a passport number, business tax ID number and bank account information. Jan requested a copy of the potential clientís passport and a copy of a bank guarantee or standby letter of credit for review and acceptance. Although Jan used his personal email account, his signature block identified him as a financial consultant with his firm.
Jan engaged in business outside the scope of his relationship with his firm without providing prompt written notice to his firm, and Janís conduct was contrary to his firmís written policies and procedures. Along with conducting outside business with a prospective client through his personal email account, Jan admitted to attempting to solicit business from an unspecified number of other customers using his personal email account. In addition, at times, Jan communicated with a customer who had firm accounts through his home email account about details relating to an asset that was to be deposited in one of the customerís accounts. Moreover, Jan knew that his firmís procedures required approval of his email and he thereby circumvented his firmís supervisory procedures and compromised the firmís ability to supervise and monitor his communications with the public.
The Firm failed to develop and enforce written procedures reasonably designed to achieve compliance with NASDģ Rule 3010(d)(2) regarding the review of electronic correspondence. Although the firm had certain relevant procedures in place, it did not have a satisfactory system for providing designated principals with access to such correspondence for review; instead, the firm relied on registered representatives to forward any emails involving customers to a central email address, which was accessible to the firmís president and chief compliance officer (CCO), for review.
The firm did not have effective procedures to monitor its representativesí compliance with the email forwarding requirement; instead the firm relied on branch inspections to monitor compliance, but, because the firmís branch offices were non-Office of Supervisory Jurisdictionís (OSJs), they were inspected infrequentlyóonce every three years.
During the infrequent branch office inspections, the firm generally failed to conduct adequate reviews of representativesí personal computers to determine if they were complying with the email forwarding requirement; other than some very limited reviews during the inspections, the firm failed to provide for surveillance and follow-up to ensure that email correspondence review procedures were implemented and adhered to.
The firm failed to enforce its written procedures requiring a designated principal to conduct a daily review of business-related electronic correspondence and to evidence that review by initialing the correspondence.
Acting through Dochinez, the firmís president, chief executive officer (CEO) and a firm principal, failed to establish, maintain and enforce an adequate system of supervisory control policies and procedures that tested and verified that its supervisory procedures were reasonably designed with respect to the activities of the firm, its registered representatives and associated persons to achieve compliance with applicable securities laws and regulations, and created additional or amended supervisory procedures where the need was identified by such testing and verification. In addition, The firmís supervisory control policies and procedures failed to address the requirements of designating a principal responsible for the firmís supervisory control policies and procedures; testing and verification to ensure reasonably-designed supervisory procedures; updating the firmís written supervisory procedures (WSPs) to address deficiencies noted during testing; designating a principal responsible for the annual report to senior management on the firmís system of supervisory controls procedures, summary of test results, significant identified exceptions, and any additional or amended procedures; identifying producing managers and assigning qualified principals to supervise such managers; using the ďlimited size and resourcesĒ exception for producing managersí supervision, including documenting the factors relied on in determining that the exception is necessary; electronically notifying FINRA of its reliance on the limited size and resources exception; reviewing and monitoring all transmittals of customer funds and securities; reviewing, monitoring and validating customer changes of address and customer changes of investment objectives; and providing heightened supervision over each producing managerís activities. Moreover,acting through Dochinez, the firm failed to conduct independent tests of its AMLCP.
Trustmont Financial Group, Inc.: Censured; Fined $10,000 joint/several; Fined additional $20,000
Peter Daniel Dochinez: Censured; Fined $10,000 joint/several
The Firm failed to properly archive its business-related electronic communications for individual users in some of its Offices of Supervisory Jurisdiction (OSJs).
The Firm stored these emails on stand-alone servers or individual machines only, which theoretically permitted individual users to delete incoming or outgoing emails, and thereby failed to properly preserve its business-related electronic correspondence.
The firm failed to
- review business-related electronic communications for the individuals and an additional user;
- evidence its review of individualsí business-related electronic communications as the firmís WSPs required; and
- provide notification and thirdĖparty attestation to FINRA regarding the use of electronic storage media 90 days prior to employing such media.
Gelb solicited individuals, including customers at his member firm, to invest in entities that were purportedly engaged in the export and import business with a manufacturer based in China.
Gelb raised approximately $1.8 million from investors and received approximately $79,500 from the entities as compensation derived from his solicitation of, and directing investors to, the entities.
Private Securities Transaction
Gelb was aware of his firmís policies and procedures, which specifically prohibited its registered representatives from participating in any manner in the solicitation of any securities transaction outside the regular scope of their employment without approval. Gelb signed annual certifications attesting to this knowledge and failed to notify his firm about his solicitation of investors for the entities because he did not expect the firmís approval of the product.
Gelb failed to obtain adequate information about the investment and instead relied upon unfounded representations, including guarantees that the investorsí principal would be protected despite the fact that, at no time, had Gelb seen any financial documentation for the entities. The information available on the Internet about the entities was limited to the companiesí own website.
FINRA determined that despite the highly risky nature of the investment, Gelb led the customers to believe that the investment he was recommending was a safe and secure investment and, in some cases, Gelb was aware that customers were taking out home equity lines of credit on their homes to fund their investments in the entities. Customers who invested in the entities Gelb recommended had low risk tolerances and had investment objectives of growth and/or income, and Gelb did not have a reasonable basis for recommending the entities to the customers.
Gelb utilized an outside email account, without his firmís knowledge or consent, to conduct securities business.Although the firm was aware of the outside email account, Gelb had not been approved to utilize that email address to conduct securitiesrelated business and by operating an outside email account for securities-related business without the firmís knowledge and consent, Gelb prevented his firm from reviewing his emails pursuant to NASD Rule 3010(d).
UBS failed to update the company codes in the client-based database after the individual responsible for that task left the firm.
The emails indicating that the company codes had been added were not sent to the firmís Client Management Team (CMT) by another group at the firm, the Core Client Data Services Group (CCDS).
UBS employed Client Data Strategist (CDS), a senior officer in CMT. The CDS was in charge of producing a business object report that combined the research and revenue information for each client to create required non-investment banking disclosures in equity research reports. Unfortunately, the CDS continued to produce the business object report without confirming that the company codes were updated -- because the CDS continued to produce the reports, a file was created and uploaded in the firmís central disclosure database, even though it contained incomplete information.
Since the reports were completed, email alerts were not triggered at the end of the process, and as a result of the failures during the update process, equity research reports the firm published failed to include one or more required non-investment banking disclosures (non-investment banking compensation, non-investment banking securitiesrelated services and non-securities services). As a result of certain information contained in the firmís central disclosure database not being updated due to the update process failure, research analysts creating and sending information about the impacted subject companies to media outlets in connection with public appearances failed to disclose the firmís non-investment banking related compensation and the types of services (non-investment banking securities-related services and non-securities services) it provided during the prior 12 months.
Moreover, the firm failed to adequately implement its supervisory procedures concerning compliance with NASD Rule 2711(h), and the firm failed to conduct follow-up and review to ensure that its employees were performing their assigned responsibilities of collecting and updating data to generate accurate disclosures, and to have a verification process to confirm that each group was performing its task to ensure the flow of updated information at each stage had accurate disclosures. The firm failed to adequately implement its written procedures that provided for step-by-step guidance for updating the required disclosures in the relevant databases in order to reasonably ensure that they were disclosed in the research reports and in public appearances.
Sheedy engaged in private securities transactions without providing written notice to, or obtaining written approval from, his member firm.
Sheedy facilitated two firm customersí investments in securities issued by an entity in the form of investment agreements.Sccording to the investment agreements the entity issued, the company invested in and brokered life settlement contracts. Sheedy participated in the customersí investments by reviewing the customersí investment agreements, providing the customers with wiring instructions for the issuer, providing status updates to the customers regarding their investments and telling the customers to call him if they had any questions about their investments.
Sheedy utilized an unapproved personal email account to communicate with the customers.
The customers invested a total of $350,000, and pursuant to the terms of the customersí investment agreements, the customers were to receive return of their principals plus a total of $42,000 within five days of the end of their investment period for which certain life settlement contracts were invested. Neither of the customers received the return of their investment principal or the promised investment returns. All of their funds were lost all of their funds were lost.
Lichtenstein intentionally provided false testimony during a FINRA on-the-record interview regarding his knowledge of, and participation in, private securities transactions involving solicitation and sale of private placements within the branch for which he was employed as the branch manager.
Lichtenstein participated in the sale of private securities in the total amount of $234,303.68 to customers without his member firmís prior written approval.
Lichtenstein failed to reasonably supervise a branch office for which he acted as a branch manager. In response to a request to sell private placements at the branch, which Lichtensteinís firm had specifically denied, stating that no one at the branch had approval to sell any private placements and Lichtenstein was aware of this prohibition, he learned of other private placements being sold by a branch registered representative and failed to inform the firmís compliance department of the sales.
Because Lichtenstein was responsible for the review of electronic mail at the branch, he knew, or should have known through email review, of red flags indicating the sale of additional private placements but did not conduct additional investigation and did not inform the firmís compliance department of the red flags.
The Firm failed to preserve all of its business-related electronic communications. The Firm attempted to preserve such communications by burning them to a non-rewriteable, non-erasable disc on a monthly basis, but the process was deficient because it did not result in all such communications being saved to the disc. The Firm did not identify this deficiency in its audit of its electronic communications preservation system.
In contravention of its written supervisory procedures, permitted registered representatives to use outside or non-firm-sponsored email accounts to send and receive securities business-related emails. The firmís preservation process did not capture these emails that were sent to or from those accounts; therefore, the firm did not retain and review them.
The firm relied exclusively on electronic storage media to preserve its business-related electronic communications but did not retain a third party who had the access or ability to download information from its electronic storage media.
Roberts sent unapproved emails from his personal email address to his member firmís customers and a potential investor that consisted of emails with attached documents containing misrepresentations and misleading statements that he created on his home computer that were written on his firmís letterhead.
Roberts misrepresented that his firm would approve the issuance of a line of credit of up to $10 billion to a firm customer and a potential investor if certain conditions were met. Roberts attached another document concerning the issuance of a multi-billion dollar line of credit to additional emails he sent to a firm customer.
Roberts did not provide copies of the documents for review and approval to his firm. By attaching documents that contained misrepresentations and misleading statements to emails sent to a firm customer and a potential investor, Roberts exposed his firm to significant potential liability. Roberts sent an unapproved email from his personal email to another firm customer and attached a letter on firm letterhead with wire transfer instructions in connection with certificates of deposit. In addition, Roberts forwarded the unapproved correspondence from his home computer, thereby bypassing the firmís surveillance systems and preventing the firmís review and approval.
Respondents failed to put any heightened supervisory measures in place for a branch manager or to follow up on ďred flags.Ē Notwithstanding the branch managerís remote location, prior disciplinary history, outside business disclosures or his disclosure that he was potentially under financial stress and unable to meet financial obligations, the Firm and Long failed to put any heightened supervisory measures in place or to follow up on the red flags after he disclosed information on a compliance questionnaire, for which the affirmative answer required that he attach a separate sheet providing complete details about the disclosed activities, which Long did not complete or enforce. Also, the firmís and Longís heightened supervision of the branch manager was inadequate in that it consisted only of inspecting his office annually and speaking on the phone on a fairly regular basis. Long inspected the branch managerís branch office, and although she was aware that the manager was involved in certain outside business activities, based on the disclosures that he made on his Uniform Application for Securities Industry Registration or Transfer (Form U4), she admitted that she did not inspect any files or financial records associated with his disclosed outside business activities and did not detect any undisclosed outside business activities or private securities transactions.During a subsequent inspection, Long again did not review documentation regarding the branch managerís disclosed outside business activities and did not detect any undisclosed outside business activities or private securities transactions.
Additionally, the branch manager had participated in private securities transactions wherein he had raised more than $1.5 million from investors, many of whom were firm customers.
In addition, the firm and Long failed to review or retain email communications on the branch managerís outside email account, and Long did not review his outside email account during her inspections of his branch office. Moreover, FINRA found that the firm did not have any supervisory procedures regarding the review and retention of email communications on outside email accounts.
Portfolio Advisors Alliance, Inc.: Censured; Fined $35,000
Marcelle Long: Fined $7,500; Suspended in Principal/Supervisory capacity only for 30 days
The Firm and Hsu failed to preserve electronic communications related to the firmís business when Hsu and another registered representative of the firm sent and received electronic communications related to the firmís business using personal email accounts that were not linked to the firmís email preservation system; the firmís failure to preserve electronic communications was considered willful.
Hsu and the firm failed to comply with AML rules and regulations in that they failed to access the Financial Crimes Enforcement Network (FINCEN) and review records, failed to develop and implement a written AML program reasonably designed to achieve compliance with the BSA and implementing regulations, and failed to properly conduct annual independent tests of its AML program for several years. Hsu signed and submitted certifications to FINRA that contained inaccurate information regarding preservation of emails in compliance with SEC Rule 17a-4. Hsu willfully failed to amend his Form U4, to disclose material information.
Pyramid Financial Corp.: Fined $55,000 jointly and severally with Hsu
John Hsu a/k/a Juan Hsu (Principal): Fined $55,000 jointly and severally with Pyramid; Fined an additional $10,000; Suspended 45 business days in all capacities; Barred as a Principal only.
As an active participant in the U.S. Private Investment in Private Equity (PIPE) market, Canaccord failed to have in place reasonable information barrier procedures with respect to its PIPE business. The firm failed to have a reasonable system in place to track employees who were brought ďover the wallĒ on specific PIPE transactions, and while the firm had a procedure in place requiring the maintenance of a ďwall-crossing log,Ē it did not maintain such a log. The firm stored information about over-the-wall employees in a computer file that was not readily accessible to persons with responsibilities to monitor trading and review emails of employees brought over the wall on investment banking matters.
The firm failed to maintain a specific log of employee transactions in securities on the firmís grey list and/or restricted list, and the firm was unable to provide documentation evidencing that it had investigated employee trading in grey list securities to determine whether employees had misused material, non-public information.
The Firm failed to have a reasonable system in place to monitor the flow of information concerning PIPE transactions to potential investors, and while the firmís procedures required sales persons to obtain verbal agreements from potential investors to keep information concerning PIPE transactions confidential and refrain from trading on such information, the firm did not reasonably ensure that the procedure was followed or document that such verbal agreements were obtained. The information that was maintained concerning the disclosure of information on PIPE transactions was not used for supervisory or compliance purposes.
In addition, the firmís system for review of email correspondence was unreasonable; while the firmís procedures required the review of a sample of email communications, the sample included mail boxes for users no longer employed at the firm and permitted Compliance Department employees, at their discretion, to mark emails as reviewed based solely on a review of the senderís name, recipientís name and subject line of an email; stated differently, the firm permitted ďbulk reviewĒ of emails without any written guidelines informing compliance staff of the parameters for such review.
Moreover, the Firm also utilized an Internet chat room system that allowed members of its business units, including but not limited to, the investment banking and research departments, to communicate and/or review each otherís communications. Furthermore, the firm did not have in place any written procedures relevant to monitoring internal communications between its business units on the internal chat room system and could not document that it actively monitored such communication.
In connection with customersí purchases of a private placement offering, DiMaggio falsely represented to each of the customers that she had personally invested funds with the issuer. Based on DiMaggioís representation and recommendation, each of the customers invested $60,000 in the offering.
DiMaggio settled and/or attempted to settle potential customer complaints regarding undisclosed fees, failing to add a living benefit rider to a variable annuity and making unsuitable investment recommendations, without her member firmís knowledge or approval.
DiMaggio exchanged business-related emails with customers using an unapproved email account, thereby causing her firm to violate its recordkeeping requirements. (FINRA Case #)
The Firm entered into an agreement with an entity to sell a private placement for which the firmís brokers sold $1,415,940 of the private placement interests to customers, and the firm failed to create and maintain a reasonable supervisory system to detect and prevent sales practice violations in these transactions. The firm did not collect financial and other relevant information for the customers who purchased the private placement, and did not review these transactions to determine if the recommendations for the purchases were suitable for these customers.
Also, the firm failed to implement a supervisory system reasonably designed to review and retain electronic correspondence. The firm did not establish an email retention system that captured all of its brokersí emails. The firmís brokers were allowed to use email addresses using external domains, and the firm did not have the capability to review, capture and retain these emails.
Erlich failed to disclose to his member firm that he personally possessed stock certificates belonging to prospective firm customers and details concerning such shares. By failing to disclose, Erlich prevented his firm from complying with SEC Rule 15c3-3 in that the firm, without knowing of the securities he possessed, failed to bring the securities under possession or control as required, and compute and maintain sufficient cash and/or qualified securities in its reserve bank account, as required; and prevented the firm from complying with books and records rules, which required that firms record the receipt of securities.
Erlich used a personal email account to send business-related correspondence. Although Erlich courtesy-copied his firm email address on a few of the emails he sent from his personal email account, he failed to copy or forward any of these emails to his firm managers. Erlichís firm did not permit the use of non-firm email accounts for communications related to firm business, and that by using his personal email account for firm-related business and not copying or forwarding such emails to his firm, Erlich prevented his firm from discharging its supervisory obligations.
The Firms failed to ensure that emails were retained and timely reviewed.
The Firms, all subsidiaries of the same parent company, implemented a new, third party system for email archiving and review. In order for the emails to be archived consistent with the requirements of SEC Rule 17a-4 and NASD Rule 3110, the firms relied on their personnel to properly code new and existing email accounts to ensure that emails were journaled from usersí email accounts in the new system, and when email accounts were incorrectly coded, the affected usersí emails were not retained consistent with SEC and NASD rules. Instead, both sent and received emails were retained for 30 days, unless an individual employee double-deleted the email (in which case it would not have been retained at all); after 30 days, any emails remaining in an individual employeeís email inbox or outbox would be retained for an additional 30 days; and all emails would be deleted from the new system after 60 days (unless the auto-delete function was disabled), and additionally, would not have appeared in the new system for compliance department reviews, unless an email user whose account was properly coded sent or received the email message.
The Firms did not properly code certain email accounts and did not have written guidance to ensure that all email accounts for associated persons of each firm were properly recorded, nor did the firms have evidence that they conducted any testing of the new system to ensure that email accounts were being set up properly to capture emails for compliance with SEC Rule 17a-4 and NASD Rule 3110. As a result of the failure to retain emails, the firms also failed to timely review emails of affected users. In addition, FINRA determined that the failure to properly archive and review emails was discovered after a MBSC Securities Corporation compliance department employee searched for an electronic copy of an email he knew to have existed, and failed to locate it; prior to that event, the firms did not know that they were failing to properly archive and review emails.
Moreover, following the discovery of the retention and review problem at the firms, the firmsí parent company retained an outside consultant to assess the scope of the retention failure, and the outside consultant determined that there were 725 affected users between the three firms, for whom emails were not retained consistent with SEC and NASD rules. Furthermore, the outside consultant estimated that the three firms may have lost as many as 4 million emails through the failure to properly code email accounts for journaling to the new system.
In determining the appropriate sanctions in this matter, FINRA took into consideration that the firms self-reported to FINRA their failure to review and retain certain emails and the steps the firms took to remedy those deficiencies.
MBSC Securities Corporation, BNY Mellon Capital Markets LLC and BNY Mellon Securities LLC: Censured; Fined $300,000 joint/several
The Firm failed to
- establish certain elements of an adequate AML program reasonably designed to achieve and monitor its compliance with the requirements of the Bank Secrecy Act and implementing regulations promulgated by the Department of Treasury;
- establish policies and procedures reasonably expected to detect and cause the reporting of transactions required under 31 USC 5318(g) by failing to provide branch office managers with reports that contained adequate information to monitor for potential money-laundering and red flag activity; and for the firmís compliance department to perform periodic reviews of wire transfer activity, require either branch managers or the AML compliance officers to document reviews of AML alerts in accordance with firm procedures, identify the beneficial owners and/or agents for service of process for some foreign correspondent banks accounts, and establish adequate written policies and procedures that provided guidelines for suspicious activity that would require the filing of a Form SAR-SF;
- establish policies and procedures that required ongoing AML training of appropriate personnel related to margin issues, entering new account information, verifying physical securities and handling wire activity;
- ensure that its third-party vendor verified new customersí identities by using credit and other database cross-references, and after the firm determined that the vendorís lapse was resolved, it failed to retroactively verify customer information not previously subjected to the verification process;
- establish procedures reasonably expected to detect and cause the reporting of suspicious transactions required under 31 USC 5318(g), in that it failed to include in its AML review the activity in retail accounts institutional account registered representatives serviced;
- review accounts that a producing branch office manager serviced under joint production numbers;
- evidence in certain instances timely review of letters of authorization, correspondence, account designation changes, trade blotters, branch manager weekly review forms and branch manager monthly reviews; failed to follow procedures intended to prevent producing branch office managers from approving their own errors;
- follow procedures intended to prevent a branch office operations manager from approving transactions in her own account and an assistant branch office manager from reviewing transactions in accounts he serviced;
- establish procedures for the approval and supervision related to employee use of personal computers and, during one year, permitted certain employees to use personal computers the firm did not approve or supervise,
- include a question on thefirmís annual acknowledgement form for one year that required its registered representatives to disclose outside securities accounts and the firm could not determine how many remained unreported due to the supervisory lapse;
- follow policies and procedures requiring the pre-approval and review of the content of employeesí radio broadcasts, television appearances, seminars and dinners, and materials distributed at the seminars and dinners; representatives conducted seminars that were not pre-approved by the firmís advertising principal as required by its written procedures; the firm failed to maintain in a separate file all advertisements, sales literature and independently prepared reprints for three years from date of last use; and a branch office manager failed to review a registered representativeís radio broadcast. A branch office manager failed to maintain a log of a registered representativeís radio broadcasts and failed to tape and/or maintain a transcript of the broadcasts and there was no evidence a qualified principal reviewed or approved the registered representativeís statements. Branch office managers did not retain documents reflecting the nature of seminars, materials distributed to attendees or supervisory pre-approval of the seminars; retain transcripts of a representativeís local radio program and TV appearances or document supervisory review or approval of materials used; and retain documents reflecting the nature of a dinner or seminar conducted by representatives or materials distributed;
record the identity of the person who accepted each customer order because it failed to update its order ticket form to reflect the identity of the person who accepted the order; and
to review Bloomberg emails and some firm employeesí instant messages
The Firm distributed a document, Characteristics and Risks of Standardized Options, that was not current, and the firm lacked procedures for advising customers with respect to changes to the document and failed to document the date on which it was sent to certain customers who had recently opened options accounts. Also, the firmís compliance registered options principal did not document weekly reviews of trading in discretionary options accounts.
The NAC imposed the sanctions following appeal of an OHO decision.
The sanctions were based on findings that acting through Uselton, the Firm
- made false statements to FINRA; and
- failed to make and annotate affirmative determinations prior to effecting short sales.
The firm and Uselton
- failed to maintain the required records necessary to rely upon the exemption in Exchange Act Rule 15c2-11(f)(2),
- failed to maintain the firmís email records for at least three years, and
- failed to establish, maintain, and enforce an adequate supervisory system and written supervisory procedures,
Uselton also provided false information and failed to provide testimony at a FINRA on-the-record interview, and he failed to timely update his Uniform Application for Securities Industry Registration or Transfer (Form U4) with material facts.
Legacy Trading Co., LLC: Expelled; jointly and severally fined $907,035.01, plus interest.
Mark Alan Uselton: Barred; jointly and severally fined $907,035.01, plus interest.
After the Firm became aware of deficiencies in its system for maintaining and preserving emails, and after approval of an AWC arising from the firmís failure to maintain an adequate system for retaining emails, the firmís response to correct the deficiencies was inadequate. The firm retained a vendor to provide services with respect to its email system, including, ostensibly, to provide email retention services; however, the firm never took steps, including after it executed the AWC, to test or ascertain whether or not the vendor had implemented a system to store email in a non-erasable, non-rewritable format. The firm did not store emails in a non-erasable, non-rewritable format; instead, the firmís vendor merely established a ďcompliance folderĒ on the firmís computer network where emails were automatically forwarded, and the vendor apparently maintained ďspamĒ emails the firm received in a separate folder. This system permitted firm employees to delete emails from the ďcompliance folder.Ē
During the course of a cycle examination, the staff requested that the firm produce certain emails of a firm registered representative and, in response to the request, the firm was able to provide only ďspamĒ emails the firm retained. The firm discovered its email retention deficiencies only after FINRA staff brought them to the firmís attention. In addition, the firm intended to employ electronic storage media for its email retention but it failed to provide the required Memberís Notice to FINRA pursuant to SEC Rule 17a-4(f)(2)(i); failed to ensure that its third-party vendor provided the undertakings required by SEC Rule 17a-4(f)(3)(vii); and failed to file the required notice, and its third-party vendor did not provide an undertaking until FINRA staff brought the failures to the firmís attention.
- Accredited Investor
- Affirmative Determination
- Annual Compliance Certification
- Annual Compliance Meeting
- Away Accounts
- Best Efforts Offering
- Blank Forms
- Campaign Contributions
- Check Kiting
- Clearing Agreement
- Confidential Customer Information
- Contingency Offering
- Continuing Education
- Corporate Credit Card
- Credit Cards
- Customer Protection Rule
- Debit Card
- Do Not Call
- Due Diligence
- Electronic Communications
- Electronic Storage
- False Statements
- Finder Fees
- Foreign Language
- Form ADV
- Guaranteeing Against Losses
- Hedge Fund
- Heightened Supervision
- Insider Trading
- Installment Plan Contracts
- Instant Messaging
- Investment Advisor
- Joint Account
- Life Insurance
- Mark-Up Mark-Down
- Material Change Of Business
- Membership Agreement
- Minimum Contingency
- Money Laundering
- Mutual Funds
- Net Capital
- Outside Accounts
- Outside Business Activities
- Power Of Attorney
- Private Placement
- Private Securities Transaction
- Producing Manager
- Production Quota
- Promissory Notes
- Proprietary Traders
- Public Appearances
- Referral Fees
- Reg D
- Reg U
- Regulation 60
- Regulation S-P
- Reverse Mortgage
- Rule 8210
- Sharing Profits
- Statutory Disqualification
- Stock To Cash
- Supervisory System
- Suspense Account
- Third Party Vendor
- Time And Price Discretion
- Trading Limits
- Trading Volume
- Trust Account
- U.S. Treasuries
- Unauthorized Transaction
- Universal Lease Programs
- Unregistered Person
- Unregistered Principal
- Unregistered RRs
- Unregistered Securities
- Unregistered Supervisor
- Variable Annuity
- Variable Insurance