Close Close

Regulation and Compliance > Federal Regulation > FINRA

FINRA’s 12 Fines of Christmas: Wells Fargo, LPL Flub Security of Records

Your article was successfully shared with the contacts you provided.

The Financial Industry Regulatory Authority fined 12 firms a total of $14.4 million Wednesday for “significant deficiencies” in how they protect millions of broker-dealer and customer records.

According to FINRA, the firms failed to keep electronic records in “write once, read many,” or WORM, format, which prevents the alteration or destruction of e-records — in most cases for “prolonged” periods of time.

The fined firms include various entities owned by Wells Fargo, RBC Capital Markets, LPL Financial, SunTrust Robinson Humphrey and others.

“These disciplinary actions are a result of FINRA’s focus on ensuring that firms maintain accurate, complete and adequately protected electronic records,” said FINRA CEO Brad Bennett, in a statement. “Ensuring the integrity of these records is critical to the investor protection function because they are a primary means by which regulators examine for misconduct in the securities industry.”

Wells Fargo, Others

Wells Fargo Securities, Wells Fargo Prime Services, Wells Fargo Advisors, Wells Fargo Advisors Financial Network and First Clearing must pay total fines of $5.5 million. RBC’s joint fines amount to $3.5 million. LPL was fined $750,000, while SunTrust is required to pay $1.5 million.

Wells Fargo Securities and Wells Fargo Prime Services failed to keep some 350 million records in the WORM format from February 2015 to April 2016. This includes some 128 million records of blotters on purchases, sales, receipts and deliveries of securities and 120 million records on registers of purchases, sales, receipts and deliveries of securities, credits and debits for cash and margin accounts of Wells Fargo clients.

As the volume of sensitive electronic records kept by BDs rises exponentially, FINRA says, these e-records need to be “complete and accurate” so that regulators can protect investors via periodic exams and for BDs to carry out their own audit work.

“Recent years also have seen increasingly aggressive attempts to hack into electronic data repositories,” the regulatory group stated in the one of its findings.

It also says that all 12 firms had “related procedural and supervisory deficiencies affecting their ability to adequately retain and preserve broker-dealer records stored electronically.” Three of the 12 firms failed to keep some records required for maintenance under applicable record retention rules.

The firms affected by the regulator’s actions have put or agreed to put controls in place to address these issues. In addition, no evidence of hacking or lost records was presented by FINRA in its findings on the WORM compliance.

In settling this matter, the firms neither admitted nor denied the charges but consented to the entry of FINRA’s findings.

— Check out FINRA Expels First Crowdfunding Portal on ThinkAdvisor.