Skip to main content


Introducing Greg Ruppert and the National Cause and Financial Crimes Detection Programs

May 26, 2020

Between the level of interconnectedness on the web and the sheer about of data available, we’re living in an era ripe for the perpetration of financial fraud. That makes it more important than ever for FINRA to have a holistic view of emerging trends and risks—and the ability to coordinate closely with other regulators and law enforcement. FINRA’s new National Cause and Financial Crimes Detection Programs (NCFC) aims to be the nerve center to do just that.

On this episode, we meet Greg Ruppert, the new Executive Vice President of the NCFC, to hear about his background and his vision for the new team.

Resources mentioned in this episode:

Episode 57: Securities Helpline for Seniors: Celebrating 5 Years of Senior Investor Protection

Episode 33: Beyond Hollywood: Money Laundering in the Securities Industry

Episode 31: FINRA’s Point Guard: The Central Review Group

Episode 23: Insider Trading: Finding the Needle in the Haystack

Listen and subscribe to our podcast on Apple PodcastsGoogle PlaySpotify or where ever you listen to your podcasts. Below is a transcript of the episode. Transcripts are generated using a combination of speech recognition software and human editors and may contain errors. Please check the corresponding audio before quoting in print. 


00:00 - 00:31

Kaitlyn Kiernan: We're in an era when there is a perfect storm for the perpetration of fraud, according to Greg Ruppert, FINRA's new Executive Vice President of the National Cause and Financial Crimes Detection Programs. That makes it more important than ever for FINRA to have a holistic view of emerging trends and risks, and the ability to coordinate closely with other regulators and law enforcement. On this episode Greg joins us to share how the new and NCFC team is working to allow FINRA to be more proactive in responding to these emerging concerns.

00:31 – 00:40

Intro Music

00:40 - 01:03

Kaitlyn Kiernan: Welcome to FINRA Unscripted. From Hoboken, New Jersey, I'm your host Kaitlyn Kiernan. Today we've got a guest who isn't just new to FINRA Unscripted. He's also new to FINRA. In fact, he was among the first batch of new employees to be onboard remotely. Today, we're welcoming Greg Ruppert, the Executive Vice President of the National Cause and Financial Crimes Detection Programs. Greg welcome to the show.

01:03 - 01:04

Greg Ruppert: Thank you for having me.

01:04 - 01:10

Kaitlyn Kiernan: So, Greg before we kick things off, could you just dig into your background a little bit? What did you do prior to joining FINRA?

01:11 - 01:44

Greg Ruppert: Well for the bulk of my career I actually spent it at the FBI. I started as a special agent working out of the Boston division, specifically in the area of financial crimes looking at economic crimes tied to the securities industry, but also other scams, schemes and investigations involving money laundering and other activities. I spent about 18 years at the FBI and then for the last six years, I was a head of Financial Crimes Risk Management and the Bank Secrecy Act Officer Charles Schwab out in San Francisco.

01:44 - 02:01

Kaitlyn Kiernan: That seems like a good fit for your current role. I also saw on your resume that at one point in your career you were involved in hostage negotiations. I think we can probably take from that that you're very cool under pressure but what was that like?

02:01 - 03:20

Greg Ruppert: Sure, I'd say I've had the fortunate ability at being so long as a career Special agent the FBI have been involved in numerous aspects of what agency does. I was able to work not only in the financial crimes area, but also was able to work overseas for the FBI. I ran a legal attaché office based out of the embassy in Berlin, and I also set up the FBI's sub office in the Netherlands, right out of the Hague. I was also part of the initial structure for the FBI's relationship with Europol, also based in The Hague.

Part of my work in and around the post 9/11 was around terrorism financing and ultimately in the counterterrorism work of the Bureau. And actually, I was the assistant special agent in charge of the Washington field office over some extraterritorial teams. And those teams actually engaged with others in the government, as well as within the FBI, to investigate as well as continue to work on a number of cases that involve terrorism and also hostage taking of U.S. citizens abroad. So I'd say given the level of experience that I had in the FBI I was exposed to a number of things that I think will definitely help bring calm under pressure and a sense of focused attention related to high stress environments and high stress investigations that are going to come out of my role here at FINRA.

03:21 - 03:34

Kaitlyn Kiernan: Well that's fortunate since you have started a very hectic and unusual time at FINRA. That's a very varied career really interesting postings across the globe. What attracted you to FINRA?

03:34 - 04:20

Greg Ruppert: It's definitely the mission. I'm very passionate about FINRA is mission to protect investors and safeguard market integrity. I really believe that the US government's focus on their critical infrastructure--financial markets are definitely at the top. And it's critically important for, not only the US, but the world to see the financial markets in the US as being open, fair, transparent and safe. And with that, FINRA's number one focus in protecting investors and safeguarding that integrity is something that speaks to me and it's something that will be core to the organization that I lead here at FINRA. And so that's a perfect alignment of my skills, my ability, my interest, as well as my passion to be able to focus on that.

04:20 - 04:26

Kaitlyn Kiernan: FINRA is fortunate to have you. I know we're all working from home right now, but once we're back in the office, in which office will you be based?

04:27 - 04:32

Greg Ruppert: I'll be based out of the San Francisco office even though I have teams across the nation.

04:32 - 04:37

Kaitlyn Kiernan: And have you been to that office yet do you know where your desk would be?

04:37 - 04:53

Greg Ruppert: That's a great question. I have never been to that office. I actually did all of my interviewing remotely via Zoom. And so, I will be using my investigative skills to find the building, FINRA's offices as well as my office that's somewhere inside.

04:53 - 05:03

Kaitlyn Kiernan: Well best of luck once you get to put that investigation to work. But what's it been like onboarding and getting up to speed during a pandemic?

05:03 - 05:49

Greg Ruppert: It's definitely been the most interesting onboarding experience that I've ever had. I'm definitely no stranger to onboarding a new role during a crisis and the number of positions I had in the FBI it seemed like a lot of them were crisis driven at the point I made the transition. So, it's been an interesting change. I have never really telecommuted on a full-time basis. Obviously, I’ve worked remotely once in a while based on kind of traveling, but to be focused one hundred percent of onboarding from your house was definitely interesting. FINRA did a great job. I received my FINRA office equivalent via FedEx, and I was able to hit the ground running on day one and everybody has been very friendly, very supportive, very helpful. So, I was definitely able to hit the ground running.

05:49 - 06:06

Kaitlyn Kiernan: That's great. And so, you head up the National Cause and Financial Crimes Detection Programs. It's a new group for FINRA. Can you tell us a little bit of what the program is, and does it have a nickname or acronym yet, because FINRA does love these long names?

06:06 - 06:58

Greg Ruppert: So, we are going to make it simple with a four-letter acronym of NCFC. So, the National Cause Financial Crimes components, adding detection in there that we're not engaged in any financial crimes, we're actually detecting, deterring them and investigating them. So it was very specific that we picked that name, and a lot of what is done here is work that FINRA has been doing for decades, and it's really great work, really great investigations and a really great skillset that comes with the FINRA expertise in this area. But what it's doing is it's consolidating those efforts into an organized function that will allow us to better collaborate, as well as to use the synergies of this larger group to make sure that we're operating, not only effectively, but also efficiently in terms of the mission that we've been charged to carry out.

06:58 - 07:01

Kaitlyn Kiernan: And so how is the group set up?

07:01 - 08:09

Greg Ruppert: A lot of it is focused around the investigation related to fraud that's potentially occurring and that we may be seeing within the markets, as well as those being facilitated at, by or through our member firms. So, we have surveillance teams that look at fraud or certain types of structuring of issuers. And then we have groups to look at insider trading, groups that look at the any money laundering requirements related under the Bank Secrecy Act, as well as the Patriot Act. We have specialty teams that look at cybersecurity and cybercrime. We have a team that specifically focuses on our vulnerable adults and senior population. And then we have under the National Cause Group a consolidated effort that would basically be doing investigations that are specifically targeted based on any tips, complaints or otherwise indications that something is going on within member firms or within registered representatives that we provide oversight. And we have teams that will actually receive tips and complaints from investors or others in the industry, or even outside of the industry through our Office of the Whistleblower program.

08:09 - 08:12

Kaitlyn Kiernan: Where does your group sit within FINRA.

08:13 - 08:23

Greg Ruppert: So, we are organized under Member Supervision. So, we are a component of that group and I report up to Bari Havlik, the Executive Vice President of Member Supervision.

08:23 - 08:40

Kaitlyn Kiernan: So, you mentioned National Cause Group, Insider Trading, Whistleblower. I know those were parts of the Office of Fraud Detection and Market Intelligence. We've done podcasts on those groups in the past. How is the NCFC different or similar to the group that was formerly OFDMI?

08:41 - 11:33

Greg Ruppert: I would say if you really look at the work that has been done over the years, the excellent investigations, referrals to the S.E.C., other regulators and law enforcement. It's going to be a very similar type in terms of focusing on that level of work, the relationships with FINRA Enforcement and other organizations within FINRA is going to be consistent with what has been done, again, for years if not decades in response to the mission and the requirements.

The difference that you're going to see is the combination of the historic OFDMI fraud teams with the specialty teams that I mentioned around cybersecurity, anti-money laundering, as well as the senior and vulnerable investors area, which we're calling the Vulnerable Adults and Seniors Team (VAST), which just had their five year anniversary under the group that was previously structured as the Senior Helpline. And I think there's a lot of information out there that our listeners would have seen just in the recent anniversary, but then also the Office of the Whistleblower, which is responsible for, as I mentioned earlier, receiving a number of complaints and tips, and then the culmination of the fraud surveillance and what's being seen by examining the markets and related market activity, tied in with the specialty teams, but also groups that previously weren't connected as closely with these groups of the National Cause team. And that National Cause team exists and lives in each of the districts and was responsible for handling referrals and investigating that.

Having all of that as a coordinated entity, I think is going to again allow us to look at intelligence more cleanly and more aggressively in order to be a little bit more proactive and responsive as we're seeing things. So it will, in my view, eliminate the risk that there might be potential stovepipes or information that doesn't make it across to all the teams that need to see it in a timely manner in order to assess the threat and the risks that we're seeing and then being able to act on those.

So, the hope is through that increased visibility and increased collaboration we're going to see a more holistic view of the various trends that are happening and be able to communicate that out not only internally within FINRA, for key teams that would obviously include FINRA's Enforcement group, but also with our key counterparts with the S.E.C., law enforcement, like the FBI and the Secret Service, local law enforcement, as appropriate, but also other state regulators and state entities, and even foreign regulators. So that combined approach will hopefully speed things up in our expectation and then leverage the expertise that exists and has existed on these teams, and then, from that standpoint, we'll be able to further execute on our mission of protecting investors and safeguarding our markets.

11:34 - 11:42

Kaitlyn Kiernan: So long term--I know you just started in late March--but long term, what is your vision for the NCFC?

11:43 - 13:20

Greg Ruppert: Well I think our long-term vision will track very closely with the FINRA values as well as with Member Supervision's vision. And it essentially will center around leveraging the already existing expertise of our investigators and our analysts and those working diligently day in and day out to protect investors, as well as examine, investigate activity in the markets to ensure the utmost visibility, accountability in those markets.

So, following on that responsibility, I think everyone shares is really getting into the collaboration aspects of what we need to do. We're going to be bringing our diverse views within the various teams together and then trying to consolidate that as we collect intelligence and really follow what I would call the intelligence cycle of collection, analysis and then further action based on what we're seeing. And then to that end we're going to definitely have to leverage technology, complex data analytics, which really gets to the overall innovation pillar of FINRA's overall values.

And with that, I think you start to combine those, we're going to see an overarching ability to really look at things more proactively and address the threats that we're seeing from a holistic, enterprise view, and from that standpoint, we'll be able to I think better anticipate where that threat is going, to warn member firms, as well as for us to be able to conduct our investigations and make those referrals to our key relationship counterparts in law enforcement and securities regulatory industry.

13:21 - 13:28

Kaitlyn Kiernan: And so why is it so important to be able to use intelligence and data in the work of your group?

13:30 - 14:31

Greg Ruppert: I would say the importance really comes into making sure we're seeing one, the whole picture here. We want to be able to not just investigate singular cases as they come in, but really leveraging intelligence we'll be able to help us identify, is there a particular trend that we're seeing? And how do we get ahead of that trend? We don't always want to be in a reactive posture. We want intel led investigations, so that would enable us to address situations perhaps before they even occur.

So, as we look at detecting what's happening, we also want to have potential deterrence effect, so that it doesn't continue to happen. And with that, that's where intelligence really allows one to see the forest through the trees. And from that perspective you'll be able to, as an organization, connect dots better that line up, and then you can start addressing any particular or potential root causes that would allow us to get in front of any particular threats or risks that we're facing, member firms are facing or the industry as a whole is facing.

14:31 - 14:49

Kaitlyn Kiernan: Why is this so important in our current environment not just in terms of the ongoing pandemic, which is top of mind, of course, but also in terms of just where we are as a society in terms of Internet adaptation and the global interconnectedness of our markets.?

14:49 - 17:12

Greg Ruppert: That is a phenomenal question and it really gets into the volume of data that we're going to be faced with. And from that standpoint I think we're in a unique situation now that is the confluence of globalization on one hand, but technology on the other hand. And so, if you kind of in your mind divided up into four quadrants that are all coming together in this perfect storm of activity, you have on one hand in the top quadrant on the left hand side, in terms of visualizing it, you would have Internet saturation in kind of bluntly and basically put, that's the number of people that are connected to the internet in any given country.

Statistics obviously will vary wildly in this area, but some of the ones I've heard that seem to speak most realistically is in the United States we're at about 90 percent Internet saturation. So, as a country we are that connected. When you start to look at worldwide connectivity it drops to about 50 percent in some of the better statistics I've seen. But with that, that shows the potential for a trend in potentially threatening behavior down the road, as more countries become plugged in and they're online that could potentially increase the threat that we're seeing.

So, a lot of times when I talk about how I started out in the FBI back in the 90s, it was totally possible in that time frame for us to investigate a case that occurred in our jurisdiction. So, if I use Boston for example, everything happened in the greater Boston area. It's where the subjects were located. It's where the victims were located. It's where all of the exchange happened related to a particular fraud. What I started seeing, and a lot of the FBI as a whole started seeing, related to the crime problem towards the later 90s, was with the Internet more and more crimes were not happening totally in a local environment.

With that connectivity, that more people that were plugged in using email expanded the footprint of where the victims could be located vis-a-vis where the subjects or the fraudsters were located, as well as all of the technology used to facilitate the crime, would also be located in different jurisdictions and even internationally. So, with that, the globalization and tying back to the Internet saturation of being more globally connected causes, in my mind, a potential for greater criminal activity in this area.

17:12 - 17:18

Kaitlyn Kiernan: OK. So that covers the first quadrant. What's the second quadrant?

17:18 - 17:53

Greg Ruppert: The second quadrant would be the Internet of Things and that would be defined simply as devices that you plug into the Internet. And when you think about it the interesting aspect of that is there are more devices plugged into the Internet right now than there are people on the planet. Seems kind of a mind-blowing statement to make. But when you look around your personal life, you know either in the office or outside of the office, how many devices do you have connected to the Internet right now? A lot of people will have their work laptop, their home laptop, perhaps an iPad and iPhone, or Android device. But then you get into your TV in a lot of places is now connected to the Internet.

17:53 - 17:56

Kaitlyn Kiernan: Now there's refrigerators even connected to the Internet.

17:56 - 18:08

Greg Ruppert: Yep. Your thermostat, your doorbell. All of these devices designed to make our lives easier also provide additional avenues for criminals to manipulate and get into particular systems.

18:01 - 18:14

Kaitlyn Kiernan: OK. So, you've got the overall connectivity and the Internet of Things. What's on the other side of the board?

18:14 - 19:00

Greg Ruppert: So now I'm going to jump to the other side of the quadrant--the information side of what is potentially out there for criminals to use. And from that we'll start off with what people are voluntarily putting out on the internet about themselves, and that is primarily through social media. Although there are some other means of getting that out there.

So if I were to stop to you on the street, Kaitlyn, a couple of years ago even, and asked to take a photograph of you, and then say, "Now you're going to give me your name, you're going to give me where you work--no stop--give me everywhere you've ever worked. And specifically, what you did in those roles while you worked there. I want all of your business contacts. I want where you went to school and, you know, give me a smattering of interests that you have." You're not going to stop you know--

19:00 - 19:01

Kaitlyn Kiernan: Yeah, no way.

19:01 - 20:10

Greg Ruppert: Yeah. You're not going to break stride to even pay attention to me, let alone give me that information. But if you have a LinkedIn account right now, you are doing this for the entire world. And from that standpoint, we have to be rethinking how we look at the way we're operating in society. So, I'm not advocating that we stop putting information out there on LinkedIn, but we have to be aware that criminals are leveraging LinkedIn to learn more about you, and about your clients, and about anybody that they want to target.

That's not even getting into Twitter, and Facebook, Snapchat, Instagram, all of these other sites that are putting information out there. So, if you haven't already turned off the location tracker on your phone when you take photographs and you upload those photographs, you're basically telling anybody that they can pull down the metadata in those photographs, essentially it's a time-date stamp of when that photo was taken and it'll usually have some type of geo location coordinates where that photograph was taken. So even if it's not of you, it's telling them where you were when you took it. So, there is a significant amount of information that we are all voluntarily putting out about ourselves.

20:10 - 20:18

Kaitlyn Kiernan: So that third quadrant is the information that we or our friends and family are voluntarily sharing online. What's the final quadrant?

20:19 - 22:22

Greg Ruppert: Then we move down into what I call the lower quadrant of hacked information—information that has been stolen from other sites. And I used to go through oftentimes explaining this area, but I think if you just open up the newspaper on any given day you see another data breach where a company that you have done business with, or somebody you know has done business with, has had some type of data breach and everything from user name and password, down to Social Security numbers, dates of birth, passports, you name it.

We've seen that over the course of the years that the amount of data that's out--and the statistics are just staggering, and I don't want to quote any of them because I can't even keep up with that--but in a given year, over billions of pieces of information are out there and for sale on what they call the dark web, which is the criminal black market of selling information. And so that's why when you combine all of these things together, I liken it to the perfect storm of fraudulent activity that is occurring but will continue to occur for the reasons I just said.

But we really have to think about what we're up against as not a particular individual. I think Hollywood's done a great job of giving us a picture of a hacker that's a young kid in a hooded sweatshirt drinking Monster cola and ordering Domino's Pizza from their mom's basement. And while those people do exist, it's really a billion dollar enterprise out there where you have a large number of criminals operating as almost a multinational conglomerate, where they can trade or sell goods and services to each other on this dark web, and they're able to facilitate their activity based on that.

So this is to some extent a collaboration that we need to engage in on FINRA's side working with law enforcement and the S.E.C. and other securities regulators, but also with member firms, because really it's all of us against a criminal enterprise that's out there and is, again, leveraging technology as well as all of the other information that I talked about earlier to attack any aspect of profitability that they can.

22:22 - 22:32

Kaitlyn Kiernan: Yeah, so it makes sense that then your group needs to be consolidated and it needs to be data driven so that it can keep up with this perfect storm that exists out there.

22:32 - 22:32

Greg Ruppert: Exactly.

22:33 - 23:11

Kaitlyn Kiernan: Well Greg, we're going to leave it there for this episode, but thank you so much for taking the time to introduce us to the National Cause and Financial Crimes Detection Programs and for sharing with us your vision for the team. On our next episode, we're going to jump right back in here with you and dig into how your team is looking to address the current situation through a COVID-19 Fraud Task Force. Listeners, you'll definitely want to join us for that one on June 9th, so if you don't already make sure you subscribe to FINRA Unscripted on Apple Podcasts, Spotify or wherever you listen to podcasts so that you can download it as soon as it airs. Until next time.

23:11 - 23:16

Outro Music

23:16 - 23:44

Disclaimer: Please note FINRA podcasts are the sole property of FINRA and the information provided is for informational and educational purposes only. The content of the podcast does not constitute any rule amendment or interpretation to such rules. Compliance with any recommended conduct presented does not mean that a firm or person has complied with the full extent of their obligations under FINRA rules, the rules of any other SRO or securities laws. This podcast is provided as is. FINRA and its affiliates are not responsible for any human or mechanical errors or omissions. Parties may not reproduce these podcasts in any form without the express written consent of FINRA.

23:44 – 23:50

Music Fades Out

Find us: X / Facebook / LinkedIn / E-mail

Subscribe to our show on Apple Podcasts, Google Play and by RSS.