Raymond James & Associates, Inc. (RJA), Raymond James Financial Services, Inc. (RJFS) and Linda Busby, the anti-money laundering compliance officer for RJA agreed to settle charges by the Financial Industry Regulatory Authority that, from at least November 2011 through June 2014, both firms failed to implement and maintain an adequate AML program and that through February 2013, Ms. Busby was responsible, at least in part, for RJA’s violations.

During the relevant time, RJA and RJFS were Securities and Exchange Commission-registered broker-dealers and members of FINRA. RJA was a full-service broker-dealer, providing clearance, execution and custodial services, and also engaged in correspondent clearing services for other firms. Among those other firms was RJFS. Ms. Busby served as the designated AML compliance officer of RJA from 2002 through February 2013. FINRA said that, although RJA and RJFS each maintained separate AML departments, RJFS relied “heavily” on RJA as its clearing broker to support its AML program.

RJA agreed to pay a fine of US $8 million to resolve FINRA’s charges, while RJFSA agreed to pay a fine of US $9 million. Each firm also agreed to retain a consultant to review its AML program. Ms. Busby agreed to pay a fine of US $25,000 to resolve FINRA’s allegations and not to associate with any FINRA member in any capacity for three months.

According to FINRA, during the relevant times, the two firms experienced material growth but “…did not dedicate resources to match the firms’ growth with reasonable AML compliance systems and procedures.” This permitted, said FINRA, “…certain red flags of potentially suspicious activity to go undetected or [be] inadequately investigated.”

Among other things, said FINRA, RJA did not have “a single written procedures manual describing its AML procedures” while RJFS failed to establish and maintain an “adequate” Customer Identification Program as part of its AML program. (Under federal law and rules of the Financial Crimes Enforcement Network of the US Department of Treasury, broker-dealers, as well as certain other financial institutions, are required to obtain, verify and record certain information that identifies each person who opens an account; click here for more information.)

FINRA also alleged that both companies failed to develop and implement surveillance reports to help detect certain suspicious activities. For example, said FINRA, neither firm had written procedures or surveillance reports governing the monitoring of:

  • fund transfers to unrelated accounts where there was no apparent business purpose;
  • securities and cash journaling between unrelated accounts where there was no apparent business purpose, “particularly internal transfers of cash from customer accounts to employee or employee-related accounts;” and
  • fund movements from multiple accounts to the same third party account.

The firms and Ms. Busby also were deficient in investigating red flags, said FINRA, and assessing whether a suspicious activity report should be filed. (Under FinCEN rules, broker-dealers must monitor and file reports with FinCEN of transactions that raise suspicions of illegal activity; click here for more information.) According to FINRA, during the relevant time, the two firms:

…relied upon a patchwork of written procedures and systems across different departments to detect suspicious activity. These systems and procedures were not coordinated to allow the firms to link patterns and trends of suspicious conduct, leaving certain risk areas and certain red flags unchecked.

As a result, FINRA claimed that the firms failed to adequately investigate certain specific examples of suspicious conduct.

Previously, in March 2012, RJFS agreed to pay a fine of US $400,000 to FINRA to resolve charges that it failed to implement policies and procedures reasonably designed to identify and cause SAR reporting of transactions in the account of a customer that allegedly was operating a Ponzi scheme.

Compliance Weeds: Two weeks ago, FinCEN expanded its existing AML and CIP requirements for broker-dealers and other covered financial institutions by finalizing rules requiring them to identify the material beneficial owners of their legal entity customers based on tests of equity ownership and control. Currently such entities are mandatorily required to know the identity of each of their legal entity customers, but not necessarily their beneficial owners. Although the requirements of the new rules do not need to be implemented until May 11, 2018, FinCEN’s commentary in adopting the new rules (in the Federal Register release) provides helpful insight into FinCEN’s current understanding of industry practices. (Click here for an article describing these new rules, “FinCEN Finalizes Rules Requiring Banks, Broker-Dealers, FCMs, Mutual Funds and IBs to Help Verify Beneficial Owners of Certain Accounts” in the May 8, 2016 edition of Bridging the Week.) Banks, broker-dealers, futures commission merchants, introducing brokers and mutual funds should review this commentary to ensure they are adhering to current expectations, while potentially implementing the new requirements in advance of when required. Moreover, investment advisers, commodity pool operators and commodity trading advisors, which are not covered by FinCEN’s current or proposed requirements, should also consider adhering to FinCEN’s requirements as a best practice. Indeed, FinCEN has formally proposed that investment advisers be mandatorily subject to its AML requirements. (Click here for more information on FinCEN’s proposal in the article, “FinCEN Proposes AML and SAR Requirements for Investment Advisers” in the August 30, 2015 edition ofBridging the Week.)

My View: Once again a compliance officer—here the anti-money laundering compliance officer—has been named in a disciplinary or enforcement action by a regulator for his/her employer’s failure to implement and maintain an adequate compliance program of some type—here an AML program. (Click here for another example where a compliance officer has been named in a regulatory action in the article, “Investment Adviser Chief Compliance Officer Blamed in SEC Lawsuit for President’s Theft of Client Funds; SEC Commissioner Criticizes Enforcement Actions Against CCOs” in the June 21, 2015 edition of Bridging the Week.) Under the applicable FINRA rule, an AML compliance officer does not have to be registered in any capacity and a member of senior management (presumably registered in some capacity) must expressly approve a member’s AML program. Although his/her registration is not required, an AML compliance officer must be an associated person of a member and has the express responsibility under the relevant FINRA rule “for implementing and monitoring the day-to-day operations and internal controls of the [firm’s AML] program” (click here to access FINRA Rule 3310). It seems that this express obligation provided the hook, in FINRA’s view, to name RJA’s designated AML compliance officer in this disciplinary action. This case provides another uncomfortable reminder to compliance officers of their potential current personal liability for performing their role. FINRA likely will argue that the facts in this matter were especially egregious, but AML compliance officers and compliance officers generally will have a hard time understanding where the line of personal responsibility might be drawn in the future.