FINRA continues to observe challenges in some firms’ compliance with their anti-money laundering (AML) obligations pursuant to FINRA Rule 3310 (Anti-Money Laundering Compliance Program), the Bank Secrecy Act (BSA) and U.S. Department of the Treasury regulations.17 Further, FINRA notes that FinCEN’s Customer Due Diligence (CDD) rule became effective on May 11, 2018, and requires that firms identify beneficial owners of legal entity customers, understand the nature and purpose of customer accounts, conduct ongoing monitoring of customer accounts to identify and report suspicious transactions, and—on a risk basis—update customer information.18 FINRA observed some firms facing new challenges as well as continuing to grapple with issues discussed in the 2017 Report on FINRA Examination Findings.
- Questionable Ownership Status of Foreign Legal Entity Accounts – FINRA has observed increased trading by foreign legal entity accounts in similar low-float and low-priced securities. In some instances, firms considered these accounts unrelated, but uncovered shared commonalities, which raised concerns about potential ownership or control by similar beneficial owners. Examples of these commonalities included trading directed from the same Internet Protocol locations, account funds sent from the same branches of a specific bank, accounts with the same authorized traders, and accounts established with the same mailing address.
- No Documentation of Investigations of Potentially Suspicious Activity – Some firms that use exception reports did not document initial reviews and investigations into potentially suspicious activity identified by the reports. This was particularly troubling where those firms failed to establish and implement a formal investigation management process or document how they decided whether to file or not file Suspicious Activity Reports (SARs).
- Irregular and Undocumented 314(a) Searches – FINRA has found that some firms failed to comply with Section 314(a) of the USA PATRIOT Act, and did not conduct reviews of FinCEN’s Secure Information Sharing System (SISS) on a bi-weekly basis or did not document their reviews after the searches were complete.19 In other instances, firms also did not follow FinCEN’s guidance to print a confirmation page from the SISS upon completing the review to evidence that they had performed the search and maintain records of positive search results.
In addition, FINRA continues to find problems with the adequacy of some firms’ overall AML programs; allocation of AML monitoring responsibilities, particularly responsibilities for trade monitoring; data integrity in AML automated surveillance systems, especially in suspense accounts for processing foreign currency money movements and conversions; firm resources for AML programs; and independent testing of AML monitoring programs. For further information on these topics, please see the Anti-Money Laundering Compliance Program section of the 2017 Report on FINRA Examination Findings.
17 FINRA provides a free template for small firms to assist them with fulfilling their responsibilities to establish the AML compliance program required by the BSA, the relevant federal regulations and FINRA Rule 3310 (Anti-Money Laundering Compliance Program). The template was updated on July 18, 2018, and provides text examples, instructions, relevant rules and links to other resources.
19 Section 314(a) of the USA PATRIOT Act requires firms to access SISS on a bi-weekly basis to view FinCEN’s requests; search their records for accounts maintained by the listed persons and businesses during the preceding 12 months and transactions conducted within the last six months; and respond to FinCEN within two weeks of the posting date.