Some firms just cannot get compliance right. It was just over a year ago that the Financial Industry Regulatory Authority (FINRA) fined 12 firms a total of $14.4 million for failing to protect records from alteration.

The Authority imposed those fines because the firms in question failed to preserve broker-dealer and customer records in a format preventing alteration. And for long periods of time each failed to maintain electronic records in a write-once/read-many (WORM) format to prevent the alteration or destruction of records stored electronically.

FINRA imposed sanctions against the following firms:

• Wells Fargo Securities, LLC and Wells Fargo Prime Services, LLC were jointly fined $4 million.
• RBC Capital Markets LLC and RBC Capital Markets Arbitrage S.A. were jointly fined $3.5 million.
• RBS Securities, Inc. was fined $2 million.
• Wells Fargo Advisors, LLC, Wells Fargo Advisors Financial Network, LLC and First Clearing, LLC were jointly fined $1.5 million.
• SunTrust Robinson Humphrey, Inc. was fined $1.5 million.
• LPL Financial LLC was fined $750,000.
• Georgeson Securities Corporation was fined $650,000.
• PNC Capital Markets LLC was fined $500,000.

Federal securities laws, FINRA, and the SEC require that business-related electronic records be kept in WORM format to prevent alteration as this structure is a “primary means of monitoring compliance with applicable securities laws, including antifraud provisions and financial responsibility standards.” Over the past decade, the volume of sensitive financial data stored electronically has risen exponentially and there have been increasingly aggressive attempts to hack into electronic data repositories, posing a threat to inadequately protected records, further emphasizing the need to maintain records in WORM format.

FINRA found that each of these 12 firms had WORM deficiencies that affected millions, and in some cases, hundreds of millions, of records pivotal to the firms’ brokerage businesses, spanning multiple systems and categories of records.

Brad Bennett, FINRA’s Executive Vice President and Chief of Enforcement, said, “These disciplinary actions are a result of FINRA’s focus on ensuring that firms maintain accurate, complete and adequately protected electronic records. Ensuring the integrity of these records is critical to the investor protection function because they are a primary means by which regulators examine for misconduct in the securities industry.”

FINRA also found that each of the firms had related procedural and supervisory deficiencies affecting their ability to adequately retain and preserve broker-dealer records stored electronically. In addition, FINRA found that three of the firms failed to retain certain broker-dealer records the firms were required to keep under applicable record retention rules.

Who is still not WORM protected?

Plenty of firms, but here’s two recent miscreants targeted by FINRA:

Last month, New York City-based Lightspeed Trading, LLC was censured and fined $290,000, of which $41,428.58 goes to FINRA. The firm consented to the sanctions and to the entry of findings that it failed to establish a system of reasonable supervision, including adequate written supervisory procedures (WSPs), in that it failed to have sufficient procedures for the review of orders entered by firm customers and failed to maintain systems to surveil for potentially manipulative trading activity.

The firm also failed to establish and maintain the required systems to supervise the activities of its registered representatives, registered principals, and other associated persons notwithstanding red flags suggesting closer supervision was warranted. These red flags included a representative’s suspicious trading activity in customer accounts, sending account user identification and passwords to unauthorized persons, repeated wash trades with one of his customers, and repeated withdrawals of the same amount of money within a short period of time. The findings also stated that the firm failed to review a representative’s electronic communications and failed to adequately supervise a representative’s electronic communications. The firm should have been aware that a representative was using a non-firm instant messaging account to conduct firm business.

However, it did not preserve records of these communications. As a result, the firm failed to adequately make and preserve electronic business records. The findings also included that although the firm learned that a representative was affiliated with a previously unreported outside business activity, it failed to follow its supervisory procedures to notify its registration department that a Form U4 was required to be filed. As a result of these supervisory deficiencies, the orders entered by customers of the firm had the potential to adversely impact the integrity of the markets and cause potential harm to other market participants.

What happens to WORM-less firms?

Bad things of course…BOK Financial Securities, Inc. of Tulsa, OK was censured and fined $175,000 for failing to maintain brokerage records in a non-erasable and non-rewritable WORM format for approximately 730,000 order tickets and 2,000 financial records, including accounting ledgers and Financial and Operational Combined Uniform Single (FOCUS) reports. Worse yet, the firm failed to implement an audit system regarding retaining and preserving electronic records and did not establish, maintain, and enforce WSPs reasonably designed to achieve compliance with Rule 17a-4 of the Securities Exchange Act of 1934. The firm’s WSPs failed to specify how the firm would supervise its compliance with Rule 17a-4(f).

Are FINRA fines cheaper than compliant recordkeeping?

Not really. Especially now, when Patrina is offering to process up to 100 GB of historical data ABSOLUTELY FREE (that’s a saving of up to $5000!)!

So, what could possibly be the upside to noncompliance? Wishful thinking is not a compliance strategy. So, let’s talk about how you can keep your organization on the “straight and narrow” (no matter what FINRA throws at you) efficiently and cost-effectively. So, let’s talk. Call 212-233-1155 to ask about Patrina’s cost-effective and comprehensive, 8-module compliance solution, and compliant data capture, file storage, and records archiving specifically designed for the financial services community. Be smart. Be covered.