SEC Highlights Compliance Issues Related to Suspicious Activity Monitoring and Reporting at Broker-Dealers

SEC Highlights Compliance Issues Related to Suspicious Activity Monitoring and Reporting at Broker-Dealers

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on print

On March 29, 2021, the Securities and Exchange’s Commission Division of Examinations (“EXAMS”) issued a Risk Alert seeking to remind firms of their obligations under AML rules, and assist broker-dealers in enhancing their AML programs. Broker-dealers are regulated by the Bank Secrecy Act, which establishes a basic framework for AML obligations (the “AML Program Rule”), and the Securities Exchange Act of 1934, which requires broker-dealers to comply with the reporting requirements of the Bank Secrecy Act.

Broker-dealers are required under the AML Program Rule to maintain policies and procedures related to identifying and reporting suspicious activity. These policies and procedures should be tailored to the firm’s business and account for potential “red flag” activities in order for firm personnel to identify and respond to red flag activities. Broker-dealers are also required to file reports with FinCEN on any transactions involving funds that appear to be suspicious or illegal (the “SAR Rule”). Firms are expected to conduct due diligence in order to determine whether to file a SAR on any transactions that the firm “knows, suspects or has reason to suspect” is problematic.

EXAMS staff has made several observations related to the monitoring and reporting of suspicious activity. Some deficiencies in AML policies and procedures and other internal controls include:

  • Lack of or insufficient “red flags” policies, or policies that were not tailored to the firm’s practices;
  • Failure to establish automated systems to monitor for suspicious behavior associated with large trading volumes;
  • Failure to adequately monitor transactions for securities priced between $1 and $5 per share, considered to be high-risk “penny stocks”;
  • Setting the SAR reporting threshold at an amount higher than the required $5,000 threshold specified in the rule, thus failing to identify suspicious transactions; or
  • Firms inappropriately deferring to clearing firms to identify or report suspicious transactions.

EXAMS also observed that, by failing to adequately implement AML procedures, firms did not:

  • File SARs for transactions that appeared identical to transactions for which the firm would routinely file SARS without distinguishing the transactions from those on which SARs were filed previously;
  • Use available reports to monitor for suspicious activity;
  • Follow up on identified red flags; or
  • Comply with firm prohibitions on low-priced trades and not conducting due diligence on whether to file SARS on those transactions.

EXAMS made the following observations related to monitoring and reporting suspicious activity:

  • Firms often had weak policies and procedures, or failed to implement policies and procedures, that resulted in firms not conducting the proper due diligence or following up on known indicators of suspicious activity as highlighted in a previous EXAM risk alert regarding microcap securities. This led to the failure to file SARS for transactions that should have obviously been reported, such as, for example, “pump and dump” schemes.
  • Firms were not able to reasonably account for information that is publicly available, or in the firm’s possession when evaluating account activity.
  • Firms, in some cases, did not include accurate or complete details on suspicious transactions, or otherwise used insufficient boilerplate language on numerous filed SARS. Some examples include:
    • Not including key information despite having that information available in the firm’s internal records;
    • Recording the deposit of low-priced securities, but not the sale of the same securities shortly thereafter; or
    • For cyber-intrusions, not including details known at the time of reporting regarding the method and manner of the intrusion.

In conclusion, broker-dealers, or advisers that manage mutual funds, have an obligation as front-line participants to identify and address suspicious behavior. Greyline can assist with a review of your firm’s AML policies and procedures in light of this risk alert.

The full risk alert is available at

Related Posts
Greyline is pleased to announce that we have made the short list for the 2021 HFM U.S. Service Awards in the Best Advisory Firm and Best Technology Firm – Newcomer categories. The award winners will be announced on September 22.