What Companies Can Learn From FINRA’s Significant Enforcement Areas in First Half 2024

For securities industry employers, Financial Industry Regulatory Authority (FINRA) disciplinary actions and fines can be costly. FINRA disciplinary actions in the first half of 2024 show three areas of significant regulatory focus: (1) electronic communications platforms; (2) outside business activities; and (3) social media influencer programs. These disciplinary actions, described below with reference to FINRA's allegations, provide lessons for industry employers.

Electronic Communications Platforms

FINRA censured and fined four member firms for deficiencies in supervisory systems relative to electronic communications platforms:

1. $600,000 fine for failing to establish and maintain a supervisory system reasonably designed to achieve compliance with the firm's obligation to review correspondence and internal communications. The firm repeatedly failed to place new employees' email accounts into its electronic queue for email review. Its written procedures failed to detail the necessary steps to add accounts to the review queue, identify the departments or personnel responsible for those steps, or identify any requirements for when the steps should be taken. The lack of reasonable written procedures led to miscommunications between multiple departments about whether the email accounts had been placed into the queue and misunderstandings about which department was responsible for taking particular steps required to place an account into the queue. As a result, the firm failed to review about 3.5 million emails related to 691 employee email accounts.
   
2. $250,000 fine for failing to preserve and review more than 1.25 million business-related electronic communications, including internal and external emails, instant messages, mass marketing materials, and documents requiring customers' electronic signatures. These communications were sent or received by associated persons of the firm using platforms that the firm made available to them. During a compliance review, the firm discovered that it had not established data feeds from the platforms to the system that the firm used to store and maintain electronic communications.
   
3. $75,000 fine for failing to reasonably supervise the use of external email for business-related communications and failing to preserve such communications. The firm's registered representatives were using personal email for business-related communications. Although the firm sent automated warnings when incoming emails to the firm's system were sent from the registered representative's personal emails, the firm did not review the emails unless they met other supervisory email review criteria. Some personal email communications were not preserved and retained by the firm.
   
4. $25,000 fine for failing to establish, maintain, and enforce a reasonable supervisory system, including written supervisory procedures (WSPs), to supervise the electronic communications of registered representatives. The firm's WSPs did not identify firm personnel responsible for reviewing emails and did not state how frequently the review should occur. The WSPs provided no reasonable guidance on how to conduct reviews of electronic communications or how to address issues identified during the review. They also did not require reviews be conducted or supervised by a registered principal. In addition, the WSPs did not include any criteria for identifying potentially problematic emails, describe what issues or red flags reviewers should be reviewing for, or explain whether and how any potentially problematic emails should be escalated for further review.

Outside Business Activities

FINRA fined a member firm $30,000 for deficiencies with respect to investment professionals' outside business activities (OBAs). FINRA alleged the firm failed to establish, maintain, and enforce a supervisory system reasonably designed to achieve compliance with rules governing OBAs. The member firm knew that registered representatives at the firm were engaged in an OBA involving an investment advisory business and that another registered representative was engaged in an OBA for which he planned to solicit investments in a hedge fund. In approving these OBAs, the firm did not evaluate whether they:

• Should be restricted or prohibited;
  
• Would interfere with or otherwise compromise the registered representatives' responsibilities to the firm or its customers or should be viewed as part of the firm's business; and
  
• Should have been treated as outside securities activities, with any transactions recorded on the firm's books and records.

Social Media Influencer Programs

A member firm was fined $850,000 in the first formal FINRA enforcement disciplinary action involving a firm's supervision of social media influencers. FINRA said social media posts made by influencers on the firm's behalf were not fair or balanced or contained exaggerated, unwarranted, or misleading claims.

The matter arose from FINRA's targeted exam of firm practices related to the acquisition of customers through social media channels. The firm paid influencers who participated in a program to promote the firm. They were paid a flat fee for every new account opened and funded by the customer using a unique link provided by the firm. The firm did not limit the compensation influencers could earn. During the period investigated, more than 39,400 new accounts were opened and funded with the help of approximately 1,700 influencers working on the firm's behalf. According to FINRA, influencers made social media posts promoting the firm that were not fair and balanced and were in violation of FINRA Rules 2210 (Communications with the Public) and 2010 (Standards of Commercial Honor and Principles of Trade).

Takeaways

FINRA member firms should review their WPSs to ensure they are reasonably designed to comply with the firm's obligations to capture, retain, and review both internal and external communications sent or received using electronic communication platforms. Firms' review of OBAs of their registered personnel should be detailed, evaluative, and well-documented. To the extent firms or registered firm personnel market using social media influencers, they must take care to review and pre-approve the influencers' content to ensure it complies with the firm's regulatory obligations.

Please contact a Jackson Lewis attorney with any questions about compliance with your regulatory obligations.

Public link

Please use the above public link if you want to share this noodl on another website.