Compliance: Internal Controls Vital in Recent FINRA Decisions

Recent decisions and plea agreements between FINRA and financial advisors show that internal compliance controls are more important than ever. We’ve reviewed a few examples from the agency to give you a sense of how to avoid similar pitfalls.
‍

In a case involving Midtown Partners & Co., LLC, FINRA entered an agreement with the firm over the lack of internal controls that led to an alleged violation of trading requirements. There, the firm consented to sanctions for failure to properly keep its firm’s watch and restricted list. In this case, the CEO allegedly sold shares on one occasion from the watch list and another from the restricted list. The key for FINRA seems to have come down to the fact that the firm failed to assign someone to supervise the CEO, rather than the lack of proper written procedures.
‍

Firms should also note that they can’t pass off their compliance control diligence to third parties entirely. In the case involving FIS Brokerage & Securities LLC the firm consented to the sanctions even thought it properly alerted Reportable Order events and audit trails. In doing so, unfortunately, the firm seems to have used a platform that was faulty. That platform was provided by a third party vendor and made system errors when the third party changed the platform. Those system errors led to the firm submitting inaccurate, incomplete or improperly formatted information. In this case, even though the original platform met the original FINRA requirements, the changes made by the contractor put the firm outside of the compliance.
‍

And this too goes for outside advisors. In a case involving Oriental Financial Services Corp., the firm consented to FINRA sanctions based on a failure to detect improper language in two of a total of 85 settlement agreements with consumers.  The language, involving FINRA Rule 2081, required as a part of the settlements that the customers consent to Oriental's and the relevant registered representatives' requests for expungement of the customers' claims from FINRA’s claims dispute system. That expungement language violated FINRA Rule 2081. This inclusion of the language, in a clause tucked into the contracts, remained in the settlement agreements even though the agreements were prepared by the outside counsel, reviewed by in-house counsel and by the compliance department, and ultimately were signed by officers of the firm. Even with this four layers of review, the clauses remained in the contracts.
‍

What can firms to do ensure that they don’t make similar internal control mistakes? The key may be to ensure not only that your plan is sufficient to meet FINRA and NASD requirements but also that the current practice of carrying out that plan in fact meets those requirements. As was the case in Midtown Partners, the firm had a policy of oversight of officers and their trading, but never assigned a supervisor to review the employee’s trades. While ensuring that the original system worked properly, the firm failed to ensure that platform updates continued to work accurately in FIS Brokerage. And as for internal controls on work involving mass produced information, like 85 settlement agreements, the key may be to avoid fatigue and inspect each document properly. And it may help to think of any mass produced documents, like marketing information, not just legal documents.

‍