More On Legal & Compliancefrom The Advisor's Professional Library
- Disaster Recovery Plans and Succession Planning RIAs owe a fiduciary duty to clients to prepare for disasters and other contingencies. If an RIA does not have a disaster recovery plan, clients financial well-being may be jeopardized. RIAs should also engage in succession planning, ensuring a smooth transaction if an owner or principal leaves.
- Differences Between State and SEC Regulation of Investment Advisors States may impose licensing or registration requirements on IARs doing business in their jurisdiction, even if the IAR works for an SEC-registered firm. States may investigate and prosecute fraud by any IAR in their jurisdiction, even if the individual works for an SEC-registered firm.
The Financial Industry Regulatory Authority (FINRA) announced Tuesday that it had fined five affiliates of ING $1.2 million for failing to retain or review millions of emails for periods ranging from two months to more than six years.
The five firms, which are indirect subsidiaries of ING Groep N.V., are Directed Services LLC; ING America Equities Inc.; ING Financial Advisers LLC; ING Financial Partners Inc.; and ING Investment Advisors LLC.
In concluding the settlement, the firms neither admitted nor denied the charges, but consented to the entry of FINRA's findings.
FINRA said in announcing the fine that it found that the firms “failed to properly configure hundreds of employee email accounts to ensure that the emails sent to and from those accounts were retained and reviewed at various times between 2004 and 2012.”
In addition, FINRA said that four of the firms failed to set up systems to retain certain types of emails, such as emails using alternative email addresses, emails sent to distribution lists, emails received as blind carbon copies, encrypted emails and "cloud" email (emails sent through third-party systems). “As a result of these failures, emails sent to and from hundreds of employees and associated persons were not retained; and because the emails were not retained, they were not subject to supervisory review,” FINRA said.
Brad Bennett, executive vice president and chief of enforcement, said in announcing the fine that “As a result of broad systemic failures, these firms failed to capture and retain emails from hundreds of representatives and other associated persons, and failed to take adequate steps to ensure that their principals were fulfilling their responsibilities to review emails. Email retention and review continues to be an important regulatory responsibility and an issue of concern for FINRA.”
FINRA also found that the four of the firms “failed to review millions of emails that the firms’ email review software had flagged for supervisory review.” At various times between January 2005 and May 2011, “nearly six million emails flagged for review went unreviewed by supervisory principals because the email review software was not properly configured,” FINRA said.
FINRA also ordered the firms to conduct a comprehensive review of their systems for the capture, retention and review of email, and to subsequently certify that they have established procedures reasonably designed to address and correct the violations.