Firm Fined for Inadequate Supervisory System Leading to $6.6 Million Fraud
January 31, 2024
The Case
The firm failed to establish and maintain a supervisory system. It failed to establish, maintain, and enforce written procedures reasonably designed to comply with the firm’s obligation to monitor transmittals of customer funds to third parties.
As a result, the firm received and approved four fraudulent wire transfer requests from a hacker without taking reasonable steps to confirm whether the requests were genuine, such as contacting an authorized representative of the correspondent firm by telephone.
The hacker, who had gained access to an email account belonging to a registered representative at one of the firm’s correspondent firms, requested that the firm send four wires totaling more than $6.6 million from a joint brokerage account held by two customers to two third parties.
The firm failed to reasonably investigate red flags that the wire requests were fraudulent, including large and increasing amounts in a short period of time, plus the wires that were sent to third-party recipients who lacked any connection to the customers and were located in foreign countries.
Why Does This Matter?
FINRA’s disciplinary action outlines enhanced expectations for its member firms regarding detecting and preventing impermissible trading practices, including manipulative trading. This action also highlights the agency’s ongoing focus on compliance systems and workflows to supervise potential layering and spoofing by the firm’s proprietary traders and all firm customers.
InnReg's Experience
As part of its compliance outsourcing services, InnReg offers a proprietary Suspicious Activity Monitoring product that includes end-to-end coverage for prompt detection, scoring, alerting, workflow processing, and reporting.
Learn More About This Topic
For additional details, read how InnReg’s broker-dealer compliance services can help your fintech build best practices to meet evolving regulatory requirements. InnReg’s framework includes an end-to-end guide for reviewing and testing a broker-dealer supervisory system, conducting business reviews, and testing AML programs.
On December 30, 2024, the US Department of the Treasury and the IRS issued final regulations focused on decentralized finance (DeFi) platforms and their role in digital asset transactions.
The Securities and Exchange Commission announced charges against nine investment advisors and three broker-dealers for failures by the firms and their personnel to maintain and preserve electronic communications in violation of recordkeeping provisions of the federal securities laws.
The SEC’s order finds that, from at least October 2018 until January 2022, an investment advisory firm stated in its offering materials and other documents provided to prospective and existing private fund investors that it was voluntarily complying with AML due diligence laws despite those laws not applying to investment advisors.