More On Legal & Compliancefrom The Advisor's Professional Library
- Risk-Based Oversight of Investment Advisors Even if the SEC had a larger budget and more resources, it is doubtful that the Commission would have the resources to regularly examine all RIAs. Therefore, the SEC is likely to continue relying on risk-based oversight to fulfill its mission of protecting investors.
- The Need for Thorough and Effective Policies and Procedures Whethere an advisor is SEC or state-registered, RIAs must revise their policies and procedures to address significant compliance problems occurring during the year, changes in business arrangements, and regulatory developments.
The Financial Industry Regulatory Authority announced Tuesday that LPL Financial must pay $9 million for 35 separate, “significant email system failures,” and for making material misstatements to FINRA during its investigation.
LPL was fined $7.5 million for not supervising its representatives, responding to regulatory requests and producing emails to customers in arbitration proceedings. LPL was also ordered to establish a $1.5 million fund to compensate brokerage customer claimants potentially affected by its failure to produce emails.
LPL neither admitted nor denied the charges, but consented to the entry of FINRA's findings.
“As LPL rapidly grew its business, the firm failed to devote sufficient resources to update its email systems, which became increasingly complex and unwieldy for LPL to manage and monitor effectively,” FINRA states. LPL, FINRA says, “was well aware of its email systems failures and the overwhelming complexity of its systems.”
Consequently, FINRA found that from 2007 to 2013, LPL’s email review and retention systems failed at least 35 times, leaving the firm unable to meet its obligations to capture email, supervise its reps and respond to regulatory requests. “Because of LPL’s numerous deficiencies in retaining and surveilling emails, it failed to produce all requested email to certain federal and state regulators, and also likely failed to produce all emails to certain private litigants and customers in arbitration proceedings, as required.”
Brad Bennett, Executive vice president and chief of enforcement, said in a statement announcing the fine that as LPL grew, it did not expand its compliance and technology infrastructure, and as a result, LPL failed in its responsibility to provide complete responses to regulatory and other requests for emails.”
This case, Bennett said, “sends a strong message to firms to make sure your business does not outgrow your compliance systems.”
LPL released a statement the same day stating that in September 2011, LPL "reported to FINRA issues relating to the surveillance and retention of emails" and "cooperated fully with FINRA throughout its ensuing investigation." LPL said that it "recognizes the importance of having effective policies, procedures and systems to review and retain emails, and we very much regret our lapse of oversight."
LPL has now "undertaken a comprehensive redesign of our email systems and associated compliance policies and procedures, and have engaged independent experts to assess and validate our approach."
As noted in the LPL quarterly report for the three months ended March 31, 2013, LPL went on to say that it "recorded an expense related to the expected settlement of the FINRA matter in the Company's financial statements as of and for the three months ended March 31, 2013." Therefore, LPL said that it "does not anticipate any related charges in its operating results for the current quarter."
FINRA listed some examples of LPL’s 35 email failures, which included the following.
—Over a four-year period, LPL failed to supervise 28 million “doing business as” (DBA) emails sent and received by thousands of reps who were operating as independent contractors.
—LPL failed to maintain access to hundreds of millions of emails during a transition to a less expensive email archive, and 80 million of those emails became corrupted.
—For seven years, LPL failed to keep and review 3.5 million Bloomberg messages.
—LPL failed to archive emails sent to customers through third-party email-based advertising platforms.
In addition, LPL made “material misstatements” to FINRA concerning its failure to supervise 28 million DBA emails. In a January 2012 letter to FINRA, “LPL inaccurately stated that the issue had been discovered in June 2011 even though certain LPL personnel had information that would have uncovered the issue as early as 2008,” FINRA says. “Moreover, the letter stated that there weren’t any ‘red flags’ suggesting any issues with DBA email accounts when, in fact, there were numerous red flags related to the supervision of DBA emails that were known to many LPL employees.”
LPL said in its statement that FINRA's action "identified that certain LPL personnel had information that would have uncovered the DBA issue earlier than senior management was aware and we have taken steps to train our employees on escalating compliance issues."
FINRA asserts that LPL “likely failed to provide emails to certain arbitration claimants and private litigants.”
LPL will now be required to notify eligible claimants by letter within 60 days from the date of the settlement and the firm will deposit $1.5 million into a fund to pay customer claimants for its potential discovery failures. FINRA states that customer claimants who brought arbitrations or litigations against LPL as of Jan. 1, 2007, and which were closed by Dec. 17, 2012, will receive, upon request, emails that the firm failed to provide them.
According to FINRA, claimants will also have a choice of whether to accept a standard payment of $3,000 from LPL or have a fund administrator determine the amount, if any, that the claimant should receive depending on the particular facts and circumstances of that individual case. Maximum payment in cases decided by the fund administrator cannot exceed $20,000. If the total payments to claimants exceed $1.5 million, LPL will pay the additional amount, FINRA said.
Read LPL Q1 Earnings Rise on Strong Hybrid-RIA, Other Growth on AdvisorOne.