RBS Securities, Inc. agreed to pay a fine of US $65,000 to the Financial Industry Regulatory Authority because of alleged deficiencies in its review of electronic communications. FINRA charged that, for six months from April 2010 through March 2012, RBS failed to enforce its internal procedures related to the timely review of electronic communications, and, for one year during the same period, RBS failed to maintain a system to review electronic communications that contained encrypted attachments or were sent via secure third party file transfer software applications. Among other things, despite a policy requiring daily review of e-mail, as of December 11, 2o11, RBS had a backlog of almost 1,500 e-mails that had not been reviewed for more than 30 days, and from July through December 2011, 25% of staff assigned to review e-mail had received five or more notices that their reviews were untimely. RBS consented to the settlement without admitting or denying any findings.
Compliance Weeds: Firms should regularly review that electronic communications are being captured and retained in accordance with applicable regulatory requirements and their expectations. Weaknesses sometimes occur in connection with the retention of blind copies of emails (bcc’s), as well as encrypted messages and attachments. FINRA previously fined five ING firms US $1.2 million related to their inadequate review of internal e-mail. (Click here for details in the article, “FINRA Fines Five ING Firms related to Email Review and Retention Violations” in the May 9, 2013 edition of what is now known as Between Bridges.)