SEC Risk Alert - Compliance Issues Related to Suspicious Activity Monitoring and Reporting
The SEC’s Division of Examinations issued a risk alert on March 29, 2021 to remind broker-dealers (“BD”) of their obligations related to anti-money laundering (“AML”) rules and regulations. The SEC also provided its observations regarding various inadequacies that its Staff observed through recent examinations and investigations. Finally, the risk alert also made various recommendations with respect to those inadequacies. The SEC’s risk alert involved the following matters:
Inadequate systems, policies and procedures. Broker-dealers did not establish or did not implement reasonably designed programs to adequately identify and report suspicious activity. Specific items that such programs lacked were:
Red flags in procedures to assist with identifying activity for further due diligence, such as red flags associated with securities transactions. Explicitly, the red flags were not tailored to such activities in which BD’s customers regularly engaged. A notable mention was activity in low-priced securities, which can be associated with improper sales of unregistered securities and market manipulation such as pump-and-dump schemes.
Firms with large volumes of daily trading failed to implement automated systems to monitor and report suspicious activity associated with trading in large volumes. Instead, firms relied on a Manual trading reviews are unreasonable and do not provide for identification trends or suspicious patterns across multiple accounts.
Firms that conduct low-priced securities transactions and monitor that activity through automated monitoring, the threshold for generating an alert for that type of securities was set at less than $1 per share. Securities priced between $1 and $5 – which are also are considered to be low-priced securities or “penny stocks” – were not adequately monitored. Low-priced securities transactions occurring on an exchange were also not monitored by some BDs.
Firm failed to identify and report potentially suspicious transactions because their SAR reporting thresholds were set higher than the $5,000 threshold specified in the SAR Rule.
Introducing BDs did not have proper processes for monitoring trades in low-priced and unregistered securities, instead relying on their clearing firms to identify and report suspicious transactions in customer accounts.
Firm failed to reasonably implement their suspicious activity procedures in that SARs filed were not customized for the activity on which they were filed, monitoring reports/systems were not utilized properly, reports were reviewed but no follow-up was conducted, sub-penny procedures were not enforced.
Suspicious Activity Monitoring and Reporting. Due to the above failures to create and implement adequate procedures and processes suspicious activity, BDs did not file SARs when it appeared that the BDs knew, suspected, or had reason to suspect that they were being used to facilitate unlawful activity, including possible improper sales of unregistered securities, and pump-and-dump schemes and market manipulations of thinly traded, low-priced securities. The SEC founds that – even when firms were presented with activity in this high-risk area involving low-priced securities that also included one or more of the following red flags reflected in the 2014 Risk Alert and FINRA Notice to Members 19-18 – BDs did not review the activity and follow up to consider filing SARs in the following situations:
Large deposits of low-priced securities, followed by the near-immediate liquidations of those securities and then wiring out the proceeds (generally referred to as “deposit, sale, and withdrawal activity”).
Patterns of trading activity common to several customers including, but not limited to, the sales of large quantities of low-priced securities of multiple issuers by the customers.
Trading in thinly traded, low-priced securities that resulted in sudden spikes in price or that represented most, if not all, of the securities’ daily trading volumes.
Trading in the stock of issuers that were shell companies or had been subject to trading suspensions or whose affiliates, officers, or other insiders had a history of securities law violations.
Questionable background of customers such as the fact that they were the subject of criminal, civil, or regulatory actions relating to, among other things, securities law violations.
Trading in the stock of issuers for which OTC stock quotation systems had published warnings because the issuers had ceased to comply with their SEC financial reporting obligations or for which the firms relied on a “freely tradeable” legal opinion that was inconsistent with publicly available information.
Where information that was publicly available or the BD was otherwise aware about activity in customer accounts – e.g. customer sales of the shares of issuers subject to simultaneous promotional activity, trading in low-priced stock by customers that were affiliates or control persons of the issuer, or liquidations of large volumes of low-priced securities concentrated within the introducing BD or a counterparty – BDs did not act upon this information.
BDs are filing inaccurate or incomplete SARs, such as not including details known to the BD about individual customer trades or issuers that were suspicious or not making use of specific structured data fields on the SAR, making the SAR filing too generic with boilerplate language, rending the SAR less valuable to law enforcement and regulators trying to understand the activity and its criminal or regulatory implications.
The full SEC Risk Alert document can be found here.