Suspicious activity goes beyond traditional money laundering, and includes activity associated with “potential securities fraud, insider trading and a wide variety of manipulative trading schemes,” according to Pete Driscoll, the Securities and Exchange Commission’s exam chief.
Such financial crimes may be carried out through account intrusions and other cyber-related crimes as well as identity theft, Driscoll stated in a recent speech, in which he highlighted key exam priorities for the agency this year.
In releasing its exam priorities in January, the SEC’s Office of Compliance Inspections and Examinations said examiners will review firms’ compliance and anti-money laundering requirements, including whether firms are appropriately adapting their AML programs to address their regulatory obligations.
Broker-dealers and mutual funds, he stated, “should consider their size, location and activities — including the types of transactions customers engage in, the products and services offered to customers, and the means by which those are offered — when determining whether an AML program and related internal controls are reasonably designed to mitigate the risks associated with their businesses.”
As firms evolve, Driscoll stated, “they need to reassess their AML programs to address new and emerging risks and business practices.”
He stressed, however, that the exam office “is not here to second-guess decisions firms have made regarding implementation of their AML compliance programs or whether to file Suspicious Activity Reports,” or SARs, “provided those decisions appear reasonable under existing regulatory guidance as well as the firms’ own business activities and risk-based policies and procedures.”
Firms, Driscoll continued, “need to take reasonable steps to follow up on red flags identified through their transaction monitoring in order to determine whether to file a SAR.”
If a firm spots possible weaknesses or failures in its AML compliance programs or transaction monitoring, “the firm must not ignore the problem, but rather take steps to address those weaknesses or failures,” Driscoll warned.
To the extent that firms are relying on automated systems for transaction monitoring, BDs and fund firms should make also sure that automated systems for transaction monitoring “are operating effectively in terms of the quality and integrity of the data flowing into the systems as well as the quality of the transaction alerts generated for additional review.”
This, Driscoll stated, “is where a firm’s obligation to conduct independent testing to assess its compliance can be especially useful in identifying weaknesses and failures of the firm’s AML program.”
OCIE examiners continue to identify firms that are not conducting independent tests, are not conducting tests on a timely basis, or conduct ineffective tests that cannot identify failures in the firm’s AML program, Driscoll said.
— Check out FINRA Reminds BDs of Their Anti-Money Laundering Duties on ThinkAdvisor.