TD Private Client Wealth LLC

January 31, 2024

The Case

The firm failed to establish and maintain a supervisory system, including written procedures, to comply with the firm’s obligation to review correspondence and internal communications.

The firm’s written procedures failed to set forth the necessary steps to add accounts to the review queue, identify the departments or personnel responsible for those steps, or identify any requirements for when personnel should take those steps.

The lack of reasonable written procedures caused miscommunications between multiple departments about whether email accounts had been placed in the queue and which department was responsible for carrying out particular steps required to place an account in the queue.

Why Does This Matter?

The action reflects a continued focus on off-channel communication (including emails, chats, SMS messages, social media posts, and other ad hoc, person-to-person communications). It is a cautionary tale for FINRA members who may not fully comply with Rule 3110 covering the examination, documentation, and retainment of electronic correspondence.

Importantly, this follows expanded guidance on e-communications recordkeeping and supervision rules published in September 2021 during the pandemic. Given this regulatory environment, fintechs should remain aware of the report’s baseline electronic communications rules and emerging expectations to ensure comprehensive program design and implementation.

InnReg's Experience

InnReg has over a decade of experience developing effective supervisory frameworks for fintechs based on a systematic approach to identifying risks, implementing effective controls, and enhancing internal documentation to reduce regulatory burdens. InnReg’s compliance consulting services empower fintechs to enhance policies, processes and technologies used for e-communications compliance.

Learn More About This Topic

For additional insights, read InnReg’s detailed Fintech Compliance Checklist to understand key compliance risks governing how firms manage and monitor e-communications, amongst others.

Subscribe for Compliance Insights

Subscribe for Compliance Insights

Subscribe for Compliance Insights

In mid-February, the FTC announced a proposed settlement to resolve allegations that security software company Avast unfairly sold consumers’ granular and re-identifiable browsing information. This was after Avast informed consumers that its software would protect their privacy and that any disclosure of their browsing information would only be in aggregate and anonymous form.

On March 13, 2024, the European Union’s parliament formally approved the EU AI Act, making it the world’s first major set of regulatory ground rules to govern generative artificial intelligence (AI) technology.

From January 2018 to present, MMA failed to establish, maintain, and enforce a supervisory system, including written supervisory procedures (WSPs), reasonably designed to achieve compliance with rules governing outside business activities (OBAs). During this period, the firm failed to evaluate and document its evaluation of OBAs disclosed by its registered representatives as required by FINRA Rule 3270.

LinkedIn Innreg
X InnReg
Quora Innreg
Blog Innreg

© 2024 InnReg LLC

1101 Brickell Avenue
South Tower, 8th Floor
Miami, FL 33131

LinkedIn Innreg
X InnReg
Quora Innreg
Blog Innreg

© 2024 InnReg LLC

1101 Brickell Avenue
South Tower, 8th Floor
Miami, FL 33131