Firms, particularly broker-dealers, should review their policies and procedures to ensure that all messages subject to record retention are captured and maintained on firm systems, according to Matt Calabro, Executive Director, Compliance Services at Confluence.
“Firms should actively train their staff on these requirements and obtain compliance certifications,” he said.
On Tuesday, August 8, ten broker-dealers and one dually registered broker-dealer and investment adviser agreed to pay combined penalties of $289 million to the Securities and Exchange Commission (SEC) for compliance failures to maintain and preserve electronic communications.
Wells Fargo Securities together with Wells Fargo Clearing Services and Wells Fargo Advisors Financial Network has agreed to pay a $125 million penalty; BNP Paribas Securities Corp. and SG Americas Securities have each agreed to pay penalties of $35 million; BMO Capital Markets Corp. and Mizuho Securities USA have each agreed to pay penalties of $25 million; Houlihan Lokey Capital has agreed to pay a $15 million penalty; Moelis & Company and Wedbush Securities have each agreed to pay penalties of $10 million; and SMBC Nikko Securities America has agreed to pay a $9 million penalty.
“The SEC continues to stress the importance of maintaining accurate books and records,” commented Calabro.
“These enforcement actions and the size of penalties make it clear that there are serious risks associated with such practices and that firms need to take action and implement changes,” he stressed.
The SEC’s investigation uncovered pervasive and longstanding “off-channel” communications at all 11 firms.
As described in the SEC’s orders, the firms admitted that from at least 2019, their employees often communicated through various messaging platforms on their personal devices, including iMessage, WhatsApp, and Signal, about the business of their employers.
The firms did not maintain or preserve the substantial majority of these off-channel communications, in violation of the federal securities laws.
By failing to maintain and preserve required records, certain of the firms likely deprived the Commission of these off-channel communications in various SEC investigations.
The failures involved employees at multiple levels of authority, including supervisors and senior executives.
Each of the broker-dealers was charged with violating certain recordkeeping provisions of the Securities Exchange Act of 1934 and with failing to reasonably supervise with a view to preventing and detecting those violations.
Wedbush Securities was additionally charged with violating certain recordkeeping provisions of the Investment Advisers Act of 1940 and with failing to reasonably supervise with a view to preventing and detecting those violations.
In addition to the significant financial penalties, each of the firms was ordered to cease and desist from future violations of the relevant recordkeeping provisions and was censured.
The firms also agreed to retain independent compliance consultants to, among other things, conduct comprehensive reviews of their policies and procedures relating to the retention of electronic communications found on personal devices and their respective frameworks for addressing non-compliance by their employees with those policies and procedures.
According to Calabro, firms should actively train their staff on these requirements and obtain compliance certifications.
“Crucially, firms would also be well served to look at solutions that are easy to use so that employees are less likely to go around established procedures,” he said.
“For example, it is possible to provide a business texting option in which the messages are captured and separate from any non-business messages,” he said.
