Skip to main content


COVID-19 Task Force: Staying Innovative and Collaborative Through Crisis

June 09, 2020

The COVID-19 pandemic is unlike any other crisis in recent history, and that presents an opportunity to criminals who are flexible and adaptable. That means firms and regulators must be flexible and adaptable too.

In his first week on the job, Greg Ruppert, the new head of the National Cause and Financial Crimes Detection Programs (NCFC), created a COVID-19 Task Force to help FINRA tackle emerging issues to quickly protect investors and to maintain the integrity of our markets.

On this episode, Greg joins us to tell us more about the task force, how firms can identify, detect and mitigate emerging threats and the importance of adopting a “one team, one fight” approach.

Resources mentioned in this episode:

Episode 60: Introducing Greg Ruppert and the NCFC

COVID-19 Resource Page

Fraud and Your Investment Accounts During COVID-19 Pandemic

Regulatory Notice 20-13

Virtual Conference Panels

Listen and subscribe to our podcast on Apple PodcastsGoogle PlaySpotify or where ever you listen to your podcasts. Below is a transcript of the episode. Transcripts are generated using a combination of speech recognition software and human editors and may contain errors. Please check the corresponding audio before quoting in print. 


00:02 - 00:30

Kaitlyn Kiernan: The COVID-19 pandemic is unlike any other crisis in recent history and that presents an opportunity to criminals who are flexible and adaptable. That means firms have to be flexible and adaptable too. On this episode we hear from Greg Ruppert, FINRA's new head of the National Fraud and Financial Crimes Detection Programs, about how firms can identify, detect and mitigate emerging threats, and about the importance of adopting a "one team, one fight" approach.

00:31 – 00:40

Intro Music

00:40 - 01:21

Kaitlyn Kiernan: Welcome to FINRA Unscripted. I'm your host Kaitlyn Kiernan. Today we are welcoming back to the show Greg Ruppert, the Executive Vice President of the National Fraud and Financial Crimes Detection Programs. On our last episode, we heard a lot from Greg about the new NCSC team and how the current environment offers a perfect storm for fraudulent activity--a situation exacerbated by the ongoing pandemic. Today we're going to hear how FINRA's COVID-19 Task Force is working to protect investors. So just to start, Greg, how does the COVID-19 pandemic play into the bad actors’ efforts to defraud investors and consumers?

01:21 - 03:29

Greg Ruppert: Yeah. So, as we really look at this pandemic, I don't know in recent history if we've ever seen something at this magnitude, where so many people are impacted. A lot of times when you have a crisis situation it's more of a particular incident. And at the time it happens it's relatively clear in terms of there was a beginning, a middle and an end, and it's usually over and you have a response element. A lot of times it tends to be kind of isolated within one particular area or region.

This one, I find unique, especially from a potential criminal as well as fraud aspects because it's not over yet. We started this several months ago, we're still in the middle of it, and we really have to look at it as more of a campaign in that sense. And it's also not necessarily an isolated event because it's something that's impacting a global environment. So, a number of countries have significant impact related to how it's impacting and affecting them and their citizens. But also, there's varying responses, there's varying flare ups that are occurring on this. So, it's something it's very fluid and ongoing but it's a global issue. And from that perspective there's lots of different attention that's being focused by different governments at different areas.

But then there's also a global awareness of the crisis that we're in. And so from that perspective when we look at what criminals—particularly fraudsters do—is they try to prey upon a variety of individuals based on a number of proven techniques that would either prey on somebodies sympathies in a particular area to force them to be more giving or more supportive and less questioning of why and where they're giving their funds, or they try to drive fear through urgency or panic. And this is one of those situations that's providing multiple opportunities for criminals based on whatever vector of attack they want to engage in, but then they also have a number of victim ideologies that they can really look to leverage to their benefit.

03:30 - 03:45

Kaitlyn Kiernan: So, one of the very first things you did when you started at FINRA on March 23rd, was establish a COVID-19 task force. Can you tell us a little bit about this group and how it is working to kind of address that type of fraud that exists out there?

03:46: - 06:13

Greg Ruppert: Sure. And, I think as I mentioned last time we chatted, I actually started at FINRA at the onset of the pandemic in the very stay at home workers. So, I onboarded from my house and quickly sought out to try to engage the teams under the NCFC umbrella and, one, find out how they were doing, what they needed for me, but also really wanted to learn what work they did. And part of that focus was a significant uptick in work that was related specifically to the COVID-19 related fraud activity that we were seeing, and a lot of it was some of the various issuers that were either claiming they had various skills/products/services that were in response to the pandemic that we were investigating and looking at. And that I think was one of the initial aspects of where we saw fraud potentially emerging in this situation.

So, as I learned more about what they were doing, and their work with the SEC in this area, as well as what other groups under the NCFC umbrella were doing, I saw an opportunity to increase collaboration, increase intelligence sharing and really kind of bring those groups together, so that we were making sure that we were addressing everything that we were seeing, we were leveraging all of the expertise that we had across the organization to address the threats that were coming in. But then with that I saw an opportunity to really reach out and bring in more groups at FINRA that we thought might have an additional role to play or additional intelligence that would make us stronger in this area. So, that was the reason for the idea on a task force.

Something I learned in the FBI was to really embrace a "one team, one fight" model, where we're all going up against a common foe, if you will, in this matter. And from that, we needed to share everything we had, we needed to work together. And then from that task force approach fit really well. So, we brought the groups together. We meet frequently. We bring in outside counterparts. So far, we've had the SEC, the FBI, come in and brief us on what their task forces are doing. But then we also leveraged our innovation and our technology capabilities of having a shared platform that we collect and track intelligence and the investigations that we're doing so that we can, one, ensure that everybody has awareness, and we're bringing all of FINRA's resources together at one to respond to this.

06:13 - 06:25

Kaitlyn Kiernan: And so, you mentioned it's not just individuals from the NCFC involved, there are others across the organization. So, who all is involved in this task force?

06:25 - 06:58

Greg Ruppert: So, we have a large number of teams involved. Well over 30 teams at FINRA are involved in this task force. Obviously given what we do, the bulk of those teams are coming out of Member Supervision, but we also have groups within Enforcement. within Market Regulation, within the Office of General Counsel that it deals with things like the Corporate Financing approvals for new issues, as well as Investor Education and the state regulation liaison. So, a number of groups within FINRA are actively collaborating on this task force.

06:58 - 07:03

Kaitlyn Kiernan: And so, what are some of the key areas of concern that you're seeing right now?

07:03 - 08:34

Greg Ruppert: So right now, I'd say the bulk of what we're investigating and the referrals we're seeing are coming out of issuer related to fraud or manipulation. So, the focus is primarily on microcap issuers. And then we're also seeing, based on the market volatility, areas that would potentially lean towards investigations for our insider trading teams. And then even moving on to the Market Regulation teams looking for any attempts to manipulate the market through a variety of schemes.

We're closely tracking investor complaints that are coming in potentially around their investments. We are keenly looking for any initial red flags or potential indication of Ponzi or pyramid schemes or other fraud schemes. We're targeting areas in education around our senior or vulnerable investors that are out there, but we're also looking to educate and inform broker-dealers on a large variety of cyber-related crimes and cybersecurity activity given a large number of the workforce is now working from home.

We anticipate that there's going to be a number of schemes that are going to try to either socially engineer the individuals at firms that are working at home or socially engineer clients leveraging the common knowledge that a lot of people working from home and use that opportunity to either scam or trick investors into giving up their user name passwords or access to their financial accounts.

08:35 - 08:49

Kaitlyn Kiernan: Even just in early May, FINRA was part of a phishing scheme where firms got emails from people alleging to be FINRA employees. So, it seems no one's safe. It's investors and broker dealers that have to watch out for that type of fraud.

08:49 - 10:12

Greg Ruppert: Exactly. Around the perfect storm that I talked about last time, it's really the value of the information provides criminals these days. So any opportunity for them to learn anything about individual account holders from any financial services area is something that will help them, one, sell that on the black market--the opportunity to take individuals names, addresses, phone numbers, their account information, their Social Security numbers, their dates of birth--all of the things that when you can't engage a client face to face and you're going to have to rely on a telephonic means in which to verify who they are. You have a set of questions that you ask them to make sure that you are who you say you are.

As criminals gain more and more access to that information—nothing is safe anymore—so it makes it extremely difficult for our member firms, but also anybody in financial services to try to validate that information. So there's a number of things that they're going to have to do to make sure that they are talking to who they say they're talking to, and criminals really track the latest questions that are being asked and then they try to go back out and engage in what is called social engineering to try to get answers to those questions and sometimes they even impersonate employees from the brokerage firm they impersonate law enforcement. And as you said even or impersonate FINRA and other regulators.

10:13 - 10:23

Kaitlyn Kiernan: And so FINRA is overall jurisdiction is limited. So how are you working with other regulators and law enforcement agencies at this time?

10:23 - 11:49

Greg Ruppert: So, we're interacting with them. And I'll say at the outset this is nothing new. FINRA has been engaging securities regulators, specifically the SEC, but also state securities regulators and even law enforcement for decades. So, back when I was a young FBI agent in the 90s, it wasn't FINRA it was the NASD that since merged into FINRA, but there's always been a very close working relationship in terms of either getting referrals or facilitating investigations with documentation, follow up basis between law enforcement and the securities regulators and what we do. So, I would say this crisis has brought us even closer together.

And we have frequent engagement on, if not a daily basis, definitely a weekly basis with individuals as appropriate. And again, related to what we're seeing. So, there are times that we will get investor that calls into one of our hotlines, and it's something that is a violation of law, criminal activity, but it may not be within offender's jurisdiction. We don't just take that and sit on it. We take that and immediately refer it over to law enforcement. And from that standpoint, using my background as well, we can figure out which law enforcement agency is probably the most suited to handle it, maybe which jurisdiction is most suitable to go to. And then also we have a very robust relationship within the insider trading and fraud groups with the SEC.

11:49 - 12:00

Kaitlyn Kiernan: So, you're not expecting investors to know the right agency to go to, your group in the task force is making sure that this information gets to the right person regardless of how it comes in?

12:00 - 12:01

Greg Ruppert: Absolutely.

12:01 - 12:08

Kaitlyn Kiernan: So how many referrals have you made so far, and how does that compare to the typical rate?

12:08 - 12:44

Greg Ruppert: So, it's one of those numbers that is ever evolving. So, I would say we are pretty close to about 100 referrals specifically related to COVID-19 fraud specific items that we're referring over to, again the SEC, state regulators, as well as foreign regulators and law enforcement. That is a significant uptick in terms of any one specific type of crime problem or crime threat that we're facing. So, it's a significant number. And the action we're seeing coming out of that is also I think leading statistics in terms of what's been done even in prior years.

12:45 - 12:53

Kaitlyn Kiernan: And can you share any concrete outcomes so far. You mentioned a lot of it is issuer fraud. Have there been any trading suspensions or the sort that you can share?

12:54 - 13:24

Greg Ruppert: Yeah. There have been a number of trading suspensions performed by the SEC. I'd say we're around 25 trading suspensions, and we're starting to see a number of matters that the SEC is charging out of some of those trading suspensions, even on a week by week basis. So, they are aggressively responding and reacting to our referrals in this space. Law enforcement cases tend to take a little bit longer, but I would expect we're going to see some law enforcement related cases out of these as well.

13:25 - 13:34

Kaitlyn Kiernan: And so, is the task force sharing any of its findings publicly or is there a way that firm compliance staff or investors can stay up to date on what you're seeing?

13:35 - 16:12

Greg Ruppert: Yeah, definitely, and part of the collaboration that I talk about is going to be getting that information out to member firms, specifically the broker dealers, so they can protect their clients, but also getting information directly out to investors. So, we have a couple of notices that we've done. We've done a Regulatory Notice that we're calling Regulatory Notice 20-13, specifically related to what we're seeing that would impact firms related to the COVID-19 activity.

For investors, if you go to FINRA's web site under Investor Insights, there's a number of fraud alerts that we put out there. So, the latest one that went out in early May was fraud in your investment accounts during COVID-19. The one thing I also point out with these Investor Insights is that at the bottom of the document, we also provide a specific action items that, from investors wanting to report fraudulent activity with the ability to use either FINRA's website, the SEC's website, the FBI's website or other state regulators, state securities or the FTC. But we also list in our fraud and COVID-19 update specific websites where you could go for more information.

So FINRA has set up a COVID-19 web page specifically for updates, but the SEC, the CFTC, the Federal Trade Commission, the CFPB, as well as the Better Business Bureau, the North American Securities Administrator, the FBI, the Secret Service, DHS and the CDC have websites, of which we provide links to most of those from our website. We'll serve as a hub that will allow you to keep track of the number of schemes that are proliferating during this time, but also specific examples and specific tips for what you as a broker-dealer, as a compliance or risk professional in a member firm, or even what an investor can do to avoid particular scams and really kind of check what they're seeing.

So I would say whether you're an investor or a broker-dealer really take a look at all of these publications, and update yourself on what you can do to protect yourself, because the criminal threat during this time is it's so varied and from that standpoint you can see it manifest itself in so many different ways, so many different schemes, and so many different attack vectors. That why we're trying to get as much information out and be very specific in terms of what trends we're seeing, where we're seeing them, as well as what you specifically could do to potentially identify detected as well as mitigate it.

16:12 - 16:39

Kaitlyn Kiernan: Great. We'll link to all those resources in our show notes, and it does sound like a lot of different avenues and a lot to be thinking about. So, do you think it would be helpful for firms to be having their own COVID-19 task forces so that they can have compliance staff and technology staff and others within the firm coming together so that they can make sure that they're all on the same page on all these different ways fraudsters might be trying to get at them or their customers?

16:40 - 19:11

Greg Ruppert: I would think it would be extremely helpful from that standpoint. In terms of the sheer volume of what we're being faced with in terms of how are we working in remote environments? How are we leveraging the technology on which to get our jobs? How are firms responding to their clients with either branch or office closures or the inability for people to get out during these times? And then how does the criminal element then seek opportunities to exploit any one of these particular issues?

As I mentioned at the beginning of the call, this is a time that's relatively unique in terms of any crisis we've seen in recent history. So, from that standpoint we're going to need to think ahead of where this particular threat may be traveling. So, the criminals are really great at being flexible, adaptable and overcoming any controls or hurdles that are placed in their way. And so, as we take different steps, or as we encourage firms to look for different things, the criminals are going to pivot. So, this isn't a situation where any action a firm takes is essentially a one and done. It's going to have to be something that is an iterative process.

And just pointing back out really quickly, the Regulatory Notice 20-13, and looking at the suggested routing of legal compliance, operations, registered representatives, risk management, and getting out of normal stovepipes in terms of receiving these Notices and just thinking that, OK I'm aware of it I have everything I need." Essentially the whole firm has to be involved in responding to this crisis, in particular the fraud that's coming out of it. We're going to see criminals trying to exploit everything from the leadership firm all the way down to how a firm receives and takes in mail, or email, or text messages or any telephonic contact.

So, from that standpoint firms should really be adopting a "one team, one fight" approach. And education is going to be the key to making sure everyone is aware of the latest threats and trends that we're all seeing. And to that end, that's why FINRA will be very aggressive on the education aspects of getting more information out. We've added a specific fraud topic to our virtual conference that we are rolling out on a periodic basis. So, in addition to the cybersecurity/cybercrime panel that we're having, we'll also be having a specific one that's going to be targeting fraud and scams that we're seeing during this pandemic.

19:11 - 19:24

Kaitlyn Kiernan: We'll add links to those when they're available as well. So, Greg, just to wrap up and move a little bit away from COVID-19, you're just over two months into your job--what do you think so far?

19:25 - 20:01

Greg Ruppert: So, my impression so far is FINRA is an amazing organization. It's filled with very capable people and their expertise is impressive. And everyone is driving towards the overarching FINRA mission, which really drove me to FINRA, and it's a desire to protect investors and safeguard markets. From that perspective it's great to work at an organization like this. They have a significant amount of knowledge, as well as information that they can leverage, and the focus on technology and data analytics is also very impressive for an organization.

20:01 - 20:25

Kaitlyn Kiernan: Well, Greg, thanks so much for joining us. I'm sure I'm not alone in looking forward to hearing more of what comes out of NCFC and COVID-19 Task Force. Listeners, if you don't already, make sure you subscribe to FINRA Unscripted on Apple Podcasts, Spotify or wherever you listen to podcasts. If you have any ideas for future episodes you can send us an email at [email protected]. Until next time

20:25 – 20:31

Outro Music

20:31 - 20:58

Disclaimer: Please note FINRA podcasts are the sole property of FINRA and the information provided is for informational and educational purposes only. The content of the podcast does not constitute any rule amendment or interpretation to such rules. Compliance with any recommended conduct presented does not mean that a firm or person has complied with the full extent of their obligations under FINRA rules, the rules of any other SRO or securities laws. This podcast is provided as is. FINRA and its affiliates are not responsible for any human or mechanical errors or omissions. Parties may not reproduce these podcasts in any form without the express written consent of FINRA.

20:58 – 21:05

Music Fades Out

Find us: X / Facebook / LinkedIn / E-mail

Subscribe to our show on Apple Podcasts, Google Play and by RSS.