More On Legal & Compliancefrom The Advisor's Professional Library
- RIAs and Customer Identification Just as RIAs owe a duty to diligently protect their clients privacy and guard against theft, firms also play a vital role in customer identification. Although RIAs are not subject to an anti-money laundering rule, securities regulators expect advisors to address these issues in their policies and procedures.
- Disaster Recovery Plans and Succession Planning RIAs owe a fiduciary duty to clients to prepare for disasters and other contingencies. If an RIA does not have a disaster recovery plan, clients financial well-being may be jeopardized. RIAs should also engage in succession planning, ensuring a smooth transaction if an owner or principal leaves.
Among recent actions taken by the SEC and FINRA were the breakup of an insider trading ring; Raymond James getting fined and censured; and administrative proceedings over securities law violations by China affiliates of the Big Four accounting firms
SEC Charges Ring of 10 With Insider Trading
The SEC has charged an investment banker who was primarily based in Charlotte, N.C., and nine others involved in an insider trading ring that garnered more than $11 million in illicit profits trading on confidential information about impending mergers. It has also frozen the assets of the traders.
The SEC alleges that John Femenia misused his position at Wells Fargo Securities to obtain material, nonpublic information about four separate merger transactions involving firm clients. Upon learning inside information about an impending deal, Femenia’s first call to set the insider trading ring in motion was typically to his longtime friend Shawn Hegedus, who worked as a registered broker. Femenia and Hegedus illegally tipped other friends who in turn tipped more friends or family members in a ring that spread across five states.
According to the SEC’s complaint filed in U.S. District Court for the Western District of North Carolina, Femenia was based in Wells Fargo’s Charlotte office when most of the misconduct occurred, but later moved and worked in New York where he currently resides.
Femenia’s tippees included his friends Aaron Wens, who lives in Encinatas, Calif., and Matthew Musante, who lives in Miami. Musante tipped his father Anthony Musante, who lives in Melbourne, Fla. Hegedus tipped his girlfriend Danielle Laurenti and his business colleague Roger Williams, who lives in Georgetown, S.C. Williams tipped three of his friends: Frank Burgess, Jr. of Charlotte, James Hayes IV of Charlotte, and Kenneth Raby of Greer, S.C.
According to the SEC’s complaint, the illegal trading occurred from July 2010 to July 2012 and involved the acquisition of ATC Technology Corp. by GENCO Distribution Systems (publicly announced July 19, 2010); the acquisition of Smurfit-Stone Container Corp. by Rock-Tenn Co. (publicly announced Jan. 23, 2011); the acquisition of K-Sea Transportation Partners by Kirby Corp. (publicly announced March 13, 2011); and the acquisition of The Shaw Group by Chicago Bridge & Iron Co. (publicly announced July 30, 2012).
The SEC’s complaint further says that Femenia’s tips enabled profitable trades in the stock and options of the companies being acquired in the deals, and at least one trader provided a portion of his profits to Femenia in exchange for the information. Some downstream tippees also kicked back a portion of their profits.
The SEC charged two companies with ties to Hegedus or Laurenti that were involved in the illegal trading: Coram Real Estate Holdings Inc. and GoldStar P.S. The SEC also charged two others as relief defendants for the purposes of recovering illicit profits that are now in their possession: Femenia’s girlfriend Kristine Lack and Anthony Musante’s wife Christine Musante.
Raymond James Hit for Failure to Safeguard Client Information
Fined $250,000 and censured by FINRA, Raymond James paid the price for failing to adequately protect client personally identifiable information (PII). Without admitting or denying the findings, the firm consented to the measures over the events that followed the use of a firm employee by two branches to build and maintain an online document management system (DMS) for customer records.
The employee later departed the firm, and as a nonaffiliated third party was not approved by the firm to receive customer PII. However, one branch office of the firm provided PII of numerous firm customers to the third party anyway, and a second branch office also provided the third party with PII of customers and their beneficiaries.
FINRA’s findings stated that subsequently, a firm customer complained that her firm account information and PII were available on the Internet. The firm learned that while building and maintaining the DMS, the nonaffiliated third party had inadvertently posted customer PII to the Internet.
Once the firm learned that the customer PII was searchable on the Internet, it immediately contacted the unauthorized third party, who contacted the search engine to remove the customer information. The firm subsequently notified regulators of the incident and notified affected customers and their beneficiaries that their PII had been exposed on the Internet, and offered customers and their beneficiaries free credit monitoring and protection services.
The firm also amended its WSPs in connection with the protection of PII, and conducted mandatory training in the protection of PII to all associated persons, including branch personnel. To date, to the firm’s knowledge, no customer has suffered any instances of identity theft or other actual damages because of the information security breach.
The firm did not have a supervisory system or written procedures in place to ensure that its employees adhered to its policies on the matter. It also failed to establish and maintain adequate supervisory systems and procedures to safeguard against the unauthorized disclosure of PII to nonaffiliated third parties, and failed to provide customers with opt-out notices prior to disclosing nonpublic customer information to a nonaffiliated third party.
Separately, the firm failed to have a supervisory system and written procedures to monitor the dissemination of PII, or to take reasonable steps to prevent the dissemination of PII in its mailings. A firm-approved third-party vendor sent correspondence to customers relating to a cash management account program. To prepare for the mailing, the firm provided the vendor with a list of customers. The vendor printed mailing labels for the envelopes and processed a mailing to 87,000 customer accounts; however, the labels on the envelopes mailed to customers disclosed each customer’s account number along with the customer’s name and address.
Big Four Accounting Affiliates in China Targets of SEC
The SEC has begun administrative proceedings against the China affiliates of the Big Four accounting firms and another large U.S. accounting firm for refusing to produce audit work papers and other documents related to China-based companies under investigation by the SEC for potential accounting fraud against U.S. investors.
The Securities Exchange Act and the Sarbanes-Oxley Act require foreign public accounting firms to provide the SEC upon request with audit work papers involving any company trading on U.S. markets. The SEC has charged BDO China Dahua Co. Ltd, Deloitte Touche Tohmatsu Certified Public Accountants Ltd, Ernst & Young Hua Ming LLP, KPMG Huazhen (Special General Partnership) and PricewaterhouseCoopers Zhong Tian CPAs Limited with violating both acts.
According to the SEC’s order instituting the proceedings, its investigators have been trying for the past several months to obtain documents from these firms. The audit materials are being sought as part of SEC investigations into potential wrongdoing by nine China-based companies whose securities are publicly traded in the U.S. The audit firms have refused to cooperate in the investigations.
The SEC has launched an initiative to address concerns arising from reverse mergers and foreign issuers. Through the work of a Cross Border Working Group, the agency has deregistered the securities of nearly 50 companies and filed fraud cases against more than 40 foreign issuers and executives.
The SEC’s Enforcement Division has also taken a series of actions against China-based audit firms. Earlier this year, the SEC announced an enforcement action against Shanghai-based Deloitte Touche Tomatsu for refusing to produce documents for an SEC investigation into one of its China-based clients. That proceeding is ongoing. The SEC previously filed a subpoena enforcement action in federal court against the firm for failing to produce documents in response to a subpoena pertaining to its longtime client Longtop Financial Technologies Limited.
In the separate administrative proceeding against Longtop, an administrative law judge found that Longtop was delinquent in its reporting obligations and ordered Longtop’s securities registration to be revoked.
“Only with access to work papers of foreign public accounting firms can the SEC test the quality of the underlying audits and protect investors from the dangers of accounting fraud,” said Robert Khuzami, director of the SEC’s Division of Enforcement, in a statement. “Firms that conduct audits knowing they cannot comply with laws requiring access to these work papers face serious sanctions.”
FINRA Fines, Censures Wedbush Over Supervisory Failures on Compliance
Wedbush Securities Inc. and two registered principals, Richard Anthony Lanni and Ronald Edward Vogel, were censured and fined by FINRA on findings that findings that the firm, acting in part through Lanni, failed to establish and maintain a supervisory system reasonably designed to achieve the firm’s compliance with applicable laws, rules and regulations with respect to the variable annuity (VA) business the firm and some registered representatives transacted.
Without admitting or denying the allegations, the firm, Lanni and Vogel agreed to the entry of the findings and to the sanctions, which cost the firm a fine of $375,000 and Lanni a fine of $10,000 jointly and severally with the firm, as well as suspension from association with any FINRA member in any principal capacity for 60 days. Vogel was fined $5,000 jointly and severally with the firm, and was suspended from association with any FINRA member in any principal capacity for one month.
According to FINRA’s findings, the firm, acting through Lanni, in part, and through other principals, failed to establish, maintain and enforce WSPs reasonably designed to achieve compliance with applicable laws, rules and regulations concerning VAs and general sales practices. The findings also stated that the firm, acting through Lanni, Vogel and another principal, failed to supervise the registered representatives in a manner reasonably designed to achieve compliance with applicable laws, rules and regulations concerning VAs, and to detect the registered representatives’ misconduct.
Vogel and another principal failed to thoroughly review transactions, and approved transactions that were unsuitable and did not comply with the firm’s written supervisory and compliance procedures; the other principal, Lanni and/or Vogel failed to adequately investigate red flags.
Lanni and Vogel were also responsible for conducting periodic office inspections of the branch office, which they did, and the firm’s compliance department conducted an inspection annually but the inspections failed to detect that the registered representatives destroyed transaction documents that reflected unapproved and/or unauthorized VA withdrawal requests to insurance companies and failed to retain and review the related correspondence. The findings further included that the firm also failed to adequately review the representatives’ e-mail correspondence.
FINRA found that the firm, acting through a principal, failed to conduct an adequate prehire investigation, in that the firm had sufficient information to indicate reasonably at the time of hire that the registered representatives had a history of customer complaints, including pending customer complaints, and that they made material misrepresentations concerning the pending customer complaints to the firm, including on initial and amended Forms U4, involving the sale of VAs. FINRA also found additional deficiencies.
Garden State Securities Censured, Fined by FINRA
Garden State Securities was fined $265,000, censured and required to have certain personnel complete 16 hours of antimoney-laundering training, as well as to certify to FINRA that it has review its supervisory system and WSPs for compliance with rules applying to preservation of electronic communications.
Without admission or denial, the firm consented to FINRA’s entry of findings that, acting through its chief compliance officer (CCO) and AML compliance officer (AMLCO), the firm failed to develop and implement a written AML program reasonably designed to ensure its compliance with the Bank Secrecy Act; to monitor, detect and investigate suspicious transactions; and determine whether to file a Suspicious Activity Report (SAR) in response to multiple red flags relevant to customers’ accounts, including certain red flags specifically cited in the firm’s own AML procedures.
The findings stated that the firm, acting through the individual, failed to implement its CIP. The firm opened new accounts for individuals and entities such as partnerships, but failed to obtain the necessary documentation establishing the customer’s identity or status as a legal entity; and, acting through the individual, also failed to verify the identity of certain customers by using required documentation. Also acting through the individual, the firm failed to establish and implement risk-based procedures for foreign correspondent accounts of foreign financial institutions reasonably designed to detect and report through enhanced due diligence known or suspected money laundering activity involving the correspondent accounts, as required by the Bank Secrecy Act, and to perform enhanced due diligence of these accounts.
FINRA also found numerous other violations, including failure to complete accurate annual certifications for two years and other reporting and certification failures, including in the area of customer complaints, records maintenance, telemarketing, training and supervision.