On May 6, 2019, the Financial Industry Regulatory Authority (FINRA) issued Regulatory Notice 19-18providing guidance to broker-dealers on potential red flags to help identify suspicious activity that may be reportable under the Bank Secrecy Act (BSA) and FINRA rules (the Notice).

FINRA Rule 3310 requires broker-dealers to develop and implement written anti-money-laundering (AML) programs reasonably designed to comply with the Bank Secrecy Act (BSA) and to detect and cause the reporting of suspicious activities under the Treasury Department’s Suspicious Activity Reporting rule (SAR Rule). Red flags have long been used to assist broker-dealers in identifying such suspicious activity.

The Notice is important and merits particular attention because it is the first significant guidance providing such detailed potential red flags since the self-regulatory organization issued Special Notice to Members 02-21 in April 2002.

In addition, the Notice provides a better sense of regulatory expectations beyond those already set forth in FINRA AML enforcement actions issued throughout the years. Indeed, the guidance provides some insight into the regulator’s view on what it deems necessary for broker-dealers to look for when trying to identify suspicious activity.

In particular, the Notice provides significant clarity in the kinds of activity that may trigger additional review or investigation. However, it also reminds broker-dealers to be aware of emerging areas of risk for suspicious activity such as risks associated with digital assets. The Notice makes clear that BSA/AML requirements, including SAR filing requirements, apply to digital assets irrespective of whether they are securities. As a result, broker-dealers should consider the relevant risks around these assets, monitor for suspicious activity and make reports as appropriate.

In light of this Notice, broker-dealers should review the identified red flags and consider incorporating into their AML program those appropriate to, among other things, their client base and business model.

What Categories of Potential Red Flags Does the Notice Identify?

The Notice breaks down a wide range of potential red flags into five specific categories and one general category:

  1.  Potential Red Flags in Customer Due Diligence and Interactions with Customers
  2.  Potential Red Flags in Deposits of Securities
  3.  Potential Red Flags in Securities Trading
  4.  Potential Red Flags in Money Movements
  5.  Potential Red Flags in Insurance Products
  6.  Other Potential Red Flags

This Notice reaffirms many of the red flags identified in prior enforcement actions as well as those set forth in prior FINRA Regulatory and Examinations Priorities Letters.4 Nevertheless, the Notice contains several red flags that are particularly notable for purposes of the SAR Rule and Rule 3310:

  • The customer has been rejected or has had its relationship terminated as a customer by other financial services firms;
  • The customer has no discernable reason for using the firm’s service or the firm’s location (e.g., the customer lacks roots to the local community or has gone out of his or her way to use the firm);
  • Seemingly unrelated clients open accounts on or at about the same time, deposit the same low-priced security and subsequently liquidate the security in a manner that suggests coordination;
  • A customer buys and sells securities with no discernable purpose or circumstances that appear unusual;
  • There are frequent transactions involving round or whole dollar amounts purported to involve payments for goods or services;
  • The customer deposits an insurance annuity check from a cancelled policy and immediately requests a withdrawal or transfer of funds;
  • The customer does not exhibit a concern with the cost of the transaction or fees (e.g., surrender fees, or higher than necessary commissions); and
  • Notifications received from the broker-dealer’s clearing firm that the clearing firm had identified potentially suspicious activity in customer accounts. Such notifications can take the form of alerts or other concern regarding negative news, money movements or activity involving certain securities.

What Should Broker-Dealers Do?

FINRA states that the Notice intends to assist broker-dealers in complying with their existing obligations under the BSA and AML requirements and does not create any new requirements or expectation. Notwithstanding, broker-dealers should carefully review the Notice and, as FINRA states, “consider incorporating [the red flags] into their AML programs,” including revising policies and procedures related to suspicious activity monitoring, investigation and reporting.

Given these regulatory expectations and the litany of red flags set forth in the Notice, certain categories of red flags will likely apply to most, if not all, broker-dealers. For example, the potential red flags associated with customer due diligence and interactions with customers’ category are likely to apply. The applicability of the red flags set out in other categories (for example, those under deposits of securities category) may not apply to every broker-dealer. Broker-dealers, however, should review all the red flags in the Notice in light of their client base and business model, among other things, to determine whether enhancements to their AML program are warranted.

While implementation of the potential red flags into the AML program will be important, the Notice informs broker-dealers that the list is not exhaustive, does not guarantee compliance with AML program requirements and is not a safe harbor from regulatory responsibility.