THE SOURCE NEWSLETTER

Securities Broker-Dealers Adjust to New
Post-Sanction Realities

by Aaron Fox, Managing Director, Minneapolis Office

(Definitions have been provided for all highlighted terms)

Regulatory expectations of what broker-dealers must do under the USA Patriot Act continue to evolve. Since 2006, a number of broker-dealers have been sanctioned for shortcomings in their anti-money laundering (AML) programs after they failed to identify and report potentially suspicious activity arising from securities transactions. The sanctions touched a varied crowd – from retail brokers in Las Vegas to market makers in New York — and reflect the evolution of Patriot Act interpretation from regulation driven by banking definitions of potentially suspicious activity to regulation tailored to the business activities of specific firms.

Regulators have always insisted that AML programs reflect the risks of a particular financial business. That concept was included in the 2001 Money Laundering Strategy, published shortly after 9/11, which reflects input from more than 20 federal agencies. As that document notes, since securities fraud is a predicate offense for money laundering,it is reasonable to expect broker-dealers to target potential violations of securities law as potentially suspicious activities. The recent spate of broker-dealer sanctions confirm that securities-related activities, not just fund-flows, must be considered under a firm’s AML program.

The sanctions suggest that failing to tailor AML red flags to securities activity constitutes a serious broker-dealer AML program shortcoming, just like failing to reporting potentially suspicious activity. Accordingly, matters that warrant AML review include wash sales, cross trades and market domination or activity patterns, such as delivery of significant volumes of physical certificates for immediate sale and wire of proceeds.

Firms are likely to be watching for classic securities frauds, but the link between AML evaluation and reporting and general surveillance may not be well established. Plus, a broader view of some activity may not be evident to a single broker-dealer, or may be more evident to a clearing services provider. That nuance introduces additional tension in discussions, as clearing services providers, Introducing brokers and regulators struggle to clarify the gray area between the requirement to report potentially suspicious activity and separation of regulatory responsibilities under NYSE 382 and NASD 3230. It is clear that Introducing brokers and clearing services providers each have a separate and independent duty to identify and report potentially suspicious activity. But defining responsibility, identifying opportunities to collaborate and coordinating cost effective and efficient approaches to meeting this obligation continue to challenge many broker-dealers.

Many firms will refer to the sanctions as a way to judge the completeness of their programs. If we do the same, we find that while the parties sanctioned have disparate businesses, the common message is that they failed to customize their AML programs and failed to report potentially suspicious activity. Although the businesses are disparate, another common thread in these enforcement actions concerns activity in low-priced securities.

Role of low-priced securities

The complaints against Nevwest, Domestic Securities and Franklin Ross provide context for reviewing AML program red flags.

For those unfamiliar with these actions, Nevwest, a small retail broker-dealer, was alleged to have failed to implement an appropriate AML program and, in particular, to file Suspicious Activity Reports (SARs) related to a particular client. The client delivered billions of shares of Casavant Mining (later known as Casavant Diamonds) in physical certificates, sold the securities and wired some $53 million in proceeds to third-party accounts. According to the complaint, 30 of 32 accounts controlled by this person were at the same address, a UPS postal box service. Although the security traded billions of shares through Nevwest, the financial statements did not reflect a level of business activity commensurate with the stock price or trading volume. CMKM Diamonds registration was eventually revoked by the Securities and Exchange Commission.

Domestic Securities is a wholesale market maker that deals primarily in in NASDAQ, Over the Counter (OTC) and Pink OTC Market securities. It has no retail customers. Domestic was sanctioned by the Financial Industry Regulatory Authority (FINRA) for failing to develop and implement an adequate written AML program. Much of the sanction centered around a lack of red flags in the AML program specific to market-making activities and a failure to identify cross trades as potentially suspicious.

Franklin Ross (FRI), another retail broker-dealer, violated AML rules by failing to obtain adequate background information on new customer accounts, to conduct an independent test of its AML program and to provide AML training as well as to investigate and report numerous suspicious transactions. Franklin Ross had previous sanctions for failure to develop adequate supervisory processes, as well as for matters related to private placements. In November 2007, FINRA revoked Franklin Ross’s broker-dealer registration for repeated violations of AML rules.

In the press release regarding Franklin Ross, Susan Merrill, FINRA enforcement chief, stated: “Suspicious Activity Reports provide law enforcement with information that is critical for investigating and prosecuting money laundering, terrorist financing and other financial crimes. FRI's failures to investigate red flags allowed it to serve as a 'safe haven' for individuals seeking to capitalize on highly suspicious or illegal stock transactions without detection."

Both the fall 2006 and spring 2007 FINRA Securities Conferences included discussion of red flags related to low-priced securities. Profiles for potentially suspicious clients and activity related to low-priced securities can be developed from client behavior, attributes of physical certificates, service provider history, content or lack of regulatory filings and associated persons’ history as well as patterns of trading activity and funds flow. Reviewing for these issues can be an extensive process. To reduce false positives, firms need to apply a risk-based approach to identifying which securities to review.

Broker-dealers may wish to reevaluate the red flags monitored by their AML program to confirm that the flags reflect issues associated with higher-risk transactions as well as the primary business of the firm. Firms can improve the effectiveness of their surveillance by reviewing controls within specific functions such as the procedures used to validate physical securities or accept that a restriction has been legitimately removed. Once controls are confirmed, communication channels to ensure escalation for AML review should be evaluated as well.

Additionally, even a simple google search often yields valuable information. Hartley Bernstein, a partner at Bernstein and Cherney LLP and editor of StockPatrol.com, notes “broker-dealers should not limit themselves to narrow formulas for discovering AML problems. Even a cursory review of public statements by CMKM and some of the more prominent message boards would have given NevWest pause, and could have enabled the firm to avoid regulatory problems."

Clearing Services Providers

At the 2008 spring SIFMA AML conference, AML regulators stated that a number of AML-related actions are being considered against clearing services providers. While none of them has been finalized, clearing services providers may want to revisit their AML programs in anticipation of stricter expectations in the coming year.

A significant paragraph in the recent guidance by the Financial Crimes Enforcement Network (FinCEN) regarding customer identity verification and the duties of clearing services providers reinforces the concept that clearing services providers have a duty to monitor Introducing broker activity. clearing services providers can assess their conformance to regulatory expectations by evaluating their AML program as it relates to Introducing broker partners in light of this paragraph from the March 4, 2008, customer identification program (CIP) guidance:

“Despite this position [which relieves clearing services providers of responsibility and/or liability for Introducing broker CIP], a clearing firm's anti-money laundering program should contain risk-based policies, procedures, and controls for assessing the money laundering risk posed by its fully disclosed clearing arrangements, for monitoring and mitigating that risk, and for detecting and reporting suspicious activity.”

In this paragraph, FinCEN reiterates that clearing services providers have a duty to report potentially suspicious activity that is evident to them regardless of the business line from which the activity arises. Historically, clearing services providers have considered their function as mere processing, with limited requirements to evaluate activity. However, this guidance makes clear that firms must monitor their Introducing brokers for potentially suspicious activity.

Regulators suggest that, much like a correspondent bank, broker-dealers have a duty to recognize the potential money laundering risk posed by their particular customer, the Introducing broker, and to investigate when activity of concern is identified. By understanding the products, geography and risk of the Introducing broker, a clearing services provider can ensure that its AML program is tailored to identify activity of concern.

Historically, industry participants have responded that NYSE 382 and NASD 3230 exempt them from these duties. However, the SIFMA document, “2008 Guidance for Deterring Money Laundering and Terrorist Financing Activity,” specifically states that even with an apportionment of duties, both the Introducing broker and the Clearing broker retain full independent responsibility for their AML programs and, with the exception of CIP, cannot delegate responsibilities to the other.

As a result, it appears that apportioning duties to a clearing services provider would be more likely to be interpreted as outsourcing. Even if the clearing services provider agrees to execute on behalf of the Introducing broker, the introducing broker retains responsibility for the activity. The clearing service provider, apart from accepting the outsourcing from the Introducing broker, would have an independent obligation to remain vigilant for potentially suspicious activity arising from the Introducing broker. clearing services providers may choose to identify red flags related to Introducing brokers and integrate controls and training related to those red flags in their AML processes.

The transactional activities and regulatory history of the Introducing brokers and their customers can be used to extrapolate the potential AML risk a particular Introducing broker carries in its business.

In response to concerns regarding the resources necessary to meet such expectations, regulators insist that firms may apply a risk-based approach to their AML compliance program. While many firms would prefer more clarity, the broad and complex nature of financial services makes it difficult to provide guidance appropriate to every situation. Firms will need to establish a basis for their approach and be prepared to explain how they arrived at their decisions.

FinCEN is not saying that firms must monitor the clients of their Introducing brokers; rather, FinCEN appears to be advising firms that, collectively, the transactions, clients and regulatory history of Introducing brokers may provide an indication of AML issues that are evident to a clearing services provider in the course of its normal duties. To monitor that risk adequately, the clearing services provider must have a compliance program in place that defines how to identify and manage potential AML issues arising from the activity of Introducing brokers. FinCEN’s guidance reinforces the belief that firms have a responsibility to tailor their AML compliance practices to the risk of their businesses.

Gatekeepers, controls and training

The key to an effective program is continued attention to new rules, regulatory guidance and sanctions combined with an understanding of the firm’s business. While sanctions are not the only force driving change in an AML program, evaluation of sanctions can be an effective means to validate particular elements of an AML program, especially when a peer with similar business activities has been sanctioned.

Review of the AML shortcomings identified at Nevwest and Domestic Securities can fuel discussions of the adequacy of your firm’s red flags. By evaluating them against the types of securities violations likely to arise from the transactions your firm executes, you may be able to identify gaps in your program.

Staff involved in such functions as changes to account titles, returned mail management, security transfer and receipt, lifting restrictions from shares, trade clearance and settlement, processing W8 forms, margin approval and call activities, and trade surveillance can be helpful in defining potentially suspicious activity, as well as in designing controls to trap and escalate the activity for appropriate analysis and decision-making. AML training customized for groups responsible for these functions can help identify new patterns of potentially suspicious activity proactively.

Firms can ensure that the additional red flags enhance the effectiveness of the AML program by identifying and documenting controls related to newly identified concerns. Firms may be able to leverage existing controls by reviewing points of entry to the firm for transaction or natural gatekeeper functions. For example, procedures for accepting physical certificates at the front line can be expanded to include checklists to target certain risks. A physical certificate checklist that reflects regulatory requirements acts a safety net for staff that may not typically deal with securities in this form and addresses issues before they rise to the level of an AML concern. Alternatively, a similar checklist could be established within the security transfer and receipt function that would cause certain securities to be escalated for further review. Similar trigger points can be established in the margin or credit functions, tax and/or wire operations.

Firms may improve their overall red flag system with internal cross-functional roundtables. Cross-functional roundtables can flush out unusual activities within various functions, and determine whether the activity should be evaluated for AML and if the current red flags detected the activity. These sessions can be used as informal training as well as to identify new incidents or patterns of unusual and potentially suspicious activity. As additional controls are established, training can be expanded from the particular work group affected to the rest of firm.

Broker-dealer regulators have repeatedly stated that the SAR form includes a broad selection of securities-related concerns as a basis for filings. Recent sanctions underscore regulatory expectations that broker-dealers will integrate processes to identify and escalate potentially suspicious activity related to securities transactions into their AML programs. As resources are stretched by multiple regulatory needs, the only effective method of AML oversight is to integrate AML process and controls into day to day activities. We can expect continued attention to how firms meet their obligation to monitor for potentially suspicious activity, regardless of size, business model or client base.

References

2001 Money Laundering Strategy
FINRA Press Release – Franklin Ross

Back to Top