Aegis Capital Corporation, a Securities and Exchange Commission-registered broker-dealer, agreed to resolve separate charges brought by the Commission and the Financial Industry Regulatory Authority that, from at least January 2012 through April 2014, it failed to file suspicious activity reports with the Financial Crimes Enforcement Network of the United States Department of Treasury, as required, in connection with transactions that potentially involved market manipulation of low-priced securities.

The firm settled its SEC matter by agreeing to pay a fine of US $750,000 and committing to certain undertakings, including instituting recommendations made by a compliance consultant. Aegis settled its parallel charges by FINRA by agreeing to pay a fine of US $550,000.

Contemporaneously, Robert Eide, Aegis’s ultimate 100-percent owner and chief executive officer, and Kevin McKenna, the firm’s anti-money laundering compliance officer from June 2012 through June 2013, also agreed to resolve SEC charges related to Aegis’s SEC enforcement action. Mr. Eide agreed to pay a fine of US $40,000 while Mr. McKenna consented to pay a penalty of US $20,000 and not serve as a compliance officer or an AML compliance officer of a broker-dealer or similar organization for at least 18 months. Separately, the SEC filed an administrative complaint against Eugene Terracciano, Aegis’s AML CO from September 2013 through approximately September 2015. Mr. Terracciano did not settle his SEC matter.

According to the SEC and FINRA, during the relevant time, Aegis failed to file SARs “on hundreds of transactions” it should have suspected constituted fraudulent activity or had no legitimate business purpose. These transactions involved the purchases and sales of low-priced securities by customers that evidenced red flags of market manipulation, including sudden high trading volumes of stocks of companies during periods of low business activity, increasing stock prices not supported by the companies' financial performance, and promotional campaigns. The regulators claimed that Aegis’s daily review process did not identify the relevant transactions as suspicious, nor did the firm adequately follow up on alerts provided by the firm’s clearing broker or on inquiries by regulators. These alerts, noted the SEC, were received by Aegis’s then AML CO. Additionally, said the SEC, Aegis did not adequately train its employees regarding AML issues associated with low-priced securities transactions.

Among other things, the SEC said that the failure of the AML COs to double check why the firm’s daily review process did not identify potentially problematic transactions, as well as their failure to file SARS or create written analyses indicating that they even considered filing SARs after red flags of suspicious conduct were expressly brought to their attention, evidenced their willful aiding and abetting of Aegis’s violations. Mr. Eide was charged with causing the violations directly.

The SEC seeks civil penalties and other “appropriate” remedial action against Mr. Terracciano.

Compliance Weeds 1: Applicable law and FinCEN rules require broker-dealers and other covered financial institutions (banking institutions, Commodity Futures Trading Commission-registered futures commission merchants and introducing brokers and SEC-registered mutual funds) to file a SAR with FinCEN in response to transactions of at least US $5,000 which a covered entity “knows, suspects, or has reason to suspect” involve funds derived from illegal activity; have no business or apparent lawful purpose; are designed to evade applicable law; or utilize the institution for criminal activity.

Covered financial institutions should continually monitor transactions they facilitate; ensure they maintain and follow written procedures to identify and evaluate red flags of suspicious activities; and file SARs with FinCEN when appropriate. (Click here for a helpful overview of anti-money laundering requirements for broker-dealers, including SAR requirements. Click here for a similarly helpful compilation of AML resources for members of the National Futures Association.)

Moreover, covered institutions should ensure that problematic transactions identified by non-AML personnel (e.g., compliance staff) that may violate legal or regulatory standards are evaluated by AML personnel to determine whether a SAR should be filed with FinCEN. Indeed, the more consolidated a ledger a firm can maintain of potential problems identified across otherwise separate surveillance functions, the more likely a firm will be able to recognize and act holistically upon material red flags.

Compliance Weeds 2: Beginning May 11, covered financial institutions must begin to identify the beneficial owners of their legal entity customers for new accounts. Currently such entities are mandatorily required to know the identity of each of their legal entity customers, but not necessarily their beneficial owners.

By May 11, covered institutions must establish and maintain written procedures reasonably designed to identify and verify the identities of beneficial owners of legal entity customers unless such customers are expressly excluded (e.g., certain US or non-US regulated financial entities).

Beneficial owners include each real person who directly or indirectly has a 25 percent or more equity ownership interest in the legal entity customer, and a single individual with “significant responsibility to control, manage, or direct a legal entity customer, including an executive officer or senior manager or any other individual who regularly performs similar functions.” Legal entity customers include corporations, limited liability companies, partnerships and other similar business entities.

A covered financial institution must evidence its compliance with FinCEN’s new requirements by obtaining a mandatory certification form from a legal entity customer that identifies its beneficial owners or by receiving the information required by the form (i.e., for each beneficial owner, name, date of birth, address, and social security number, or for non-US persons, passport number) by another means with an appropriate certification. A covered firm must also verify the identity of each enumerated beneficial owners according to risk-based procedures that contain the elements required for verifying the identity of individuals under FinCEN’s existing relevant rules through documents or non-documentary methods (i.e., Customer Identification Program requirements). However, a covered firm may use photocopies or reproductions of original documents in connection with such verification.

Under FinCEN’s new rules, one covered institution may delegate its responsibilities to another covered firm, but only pursuant to a written contract that includes certain enumerated obligations.

Likely, bigger covered financial institutions are in the process now of finalizing their written procedures and processes to ensure compliance with FinCEN’s new requirements. However, smaller firms should also ensure they are ready for their new obligations.

(Click here for further background in the article “FINRA Provides AML Guidance to Members” in the December 3, 2017 edition of Bridging the Week.)