What Investment Advisers and Broker-Dealers Should Expect After the First Wave of COVID-19

With the confluence of our current global health and economic crises, these are unprecedented times. As we witnessed in the post-2008 financial crisis world, frauds, Ponzi schemes, and misconduct, undertaken by those who wanted to take advantage of the crisis, come to light. For example, with Ponzi schemes, when the consistent flow of money from new investors dries up, Ponzi schemes tend to collapse, and firms may find themselves discovering that advisors/representatives or customers led these fraudulent schemes for years. Market turmoil can also lead to a host of customer complaints and arbitrations as well as firm operational issues with account access glitches. Finally, as we have already seen in the news, there are often more insider trading investigations in times of crisis.

For the past three months, the regulators have not only been providing guidance and relief from certain regulatory requirements, they have also been providing stern warnings to both firms and investors due to the anticipated uptick in fraudulent schemes arising out of the COVID-19 pandemic.

If history is any indication, fraudsters will prey on the current health crisis by taking advantage of investors’ charity, fear, and overall uncertainty regarding the virus. The state regulators, through the North American Securities Administrators Association (NASAA) warn that bad actors can be expected to develop schemes that falsely purport to raise capital for companies manufacturing personal protective equipment (PPE), distributing pharmaceuticals, or manufacturing vaccines and miracle cures.[1] Similarly, the Financial Industry Regulatory Authority (FINRA) has warned of increasing cybersecurity concerns, especially with the challenges to supervision that comes with advisors and registered representatives working from home.[2] FINRA has also issued fraud warnings to the industry and investors.[3] The Securities & Exchange Commission (SEC) has also recognized that Main Street investors must be particularly vigilant during this time.[4]

While the confluence of our current health and economic crises is unprecedented, we can learn from past crises regarding red flags of wrongdoing to be on the lookout for and best practices to mitigate risk that firms, associated persons, and customers will fall victim. This article seeks to provide tips for firms as they navigate their new reality following the first wave of COVID-19, including what to expect generally as well as the specific actions firms can take now to prevent or limit harm from frauds and Ponzi schemes, operational errors and general concerns with market volatility and cybersecurity risks going forward.

Be on the Lookout for Ponzi schemes

After the Great Recession, between 2008 to 2013, there were over 500 Ponzi schemes that collectively involved over $50 billion.[5] On average, a Ponzi scheme was uncovered or busted every four days in that six-year period.[6] We had already been seeing a rise in Ponzi activity in 2019, with 60 schemes identified with alleged losses of $3.2 billion and a median scheme size of $10 million. Now, with the tumultuous market and the substantial rise in unemployment, expect more Ponzi schemes to be uncovered – as the inflow slows or stops and current investors seek to withdraw their principal.

As Ponzi schemes surface, expect the regulators to be more aggressive – bringing more cases and larger fines than they have previously imposed. This expectation is based on a number of factors. The Securities and Exchange Commission (SEC) has increased its focus on the “Main Street investor.” The SEC focuses on broker-dealer firms as gatekeepers and look to such firms that inadvertently aided Ponzi schemes thereby harming such investors for accountability. NASAA, the SEC and FINRA will point to their alerts on potential increase in frauds as indicators of “red flags” to firms of such activity.[7] Moreover, as many Ponzi schemes in the past were related to a registered representative’s approved Outside Business Activity (OBA), the new FINRA Rule 3270 requiring greater review of OBAs may be a focus of an investigation. After all, this rule is intended to require greater review of those activities.

A review of recent cases in which firms were found to have failed to supervise their registered representatives who engaged in Ponzi schemes or were found to have failed to develop or implement a reasonable anti-money laundering policy when customers were running a Ponzi scheme, the common thread was FINRA’s determination that red flags existed that firms failed to adequately pursue.[8] To mitigate regulatory risk, firms should review areas that repeatedly have been seen as “red flags” in the past including:

• 1) Review all approved and unapproved OBAs and Private Securities Transactions (PST). Review company documentation and correspondence related to the OBA and PST and scour the internet to ensure the OBA or PST matches the disclosures made to the firm.
• 2) Conduct regular reviews for the existence of unreported OBAs/PSTs, including reviews for OBA requests that have been denied or restricted.
• 3) Thoroughly vet all private placements and alternative investments. Do firms know the owners; have firms (or their affiliates) interacted with the owners in the past? If so, are representations made throughout the firm by the owner consistent? Were all representations in the due diligence process verified?
• 4) Carefully review account activity. Are moneys going out of (or coming back into) a customer’s account in regular cycles that ‘look funny;’ are they round dollar amounts? Are there third party wires? Are there multiple transfers from business to personal accounts?
• 5) Follow up on any unexplained change in employee’s business generation at branch or individual level.
• 6) Take customer complaints, whistleblower and ethics hotline complaints seriously. Is there a pattern in these complaints? Are there any unknown investments mentioned? Is money slow to be returned?

Additionally, when supervision, risk or compliance identifies a potential concern of fraud or red flags for a Ponzi scheme and requests information to follow up on questions, the answers and information received must fully address the issues and concerns or the firm needs to continue asking questions. As evidenced in the above-cited regulatory settlements, when the supervision or compliance documentation in the files is insufficient or does not make sense, it is more difficult for the firms to establish reasonable supervision.

Similarly, when one area of the firm detects a concern, be sure to communicate to other divisions that may have additional information. It is important for firm personnel to connect the dots among issues identified that touch various departments. In the event that a potential Ponzi scheme is detected be sure to investigate it thoroughly. The firm should aim to discover if the scheme is connected to its business, the scope of the scheme, and what, if anything its advisors/representatives or others knew about the fraud. An internal investigation will involve gathering all documents and electronic data and interviewing employees. The more thorough the investigation, the better able the firm will be to make decisions to protect its clients and its reputation and be prepared for regulatory investigations and litigation.

Expect an Uptick in Fraud Attempts

The pandemic and resulting economic downturn has left millions unemployed, with much higher unemployment in the three months of the COVID-19 lockdown than during the Great Recession.[9] Much like concerns relating to Ponzi schemes, fraudsters are pursuing their newest prey, which includes Main Street investors who may be more readily relying on investments to provide long-term income.

A joint study by the FINRA Investor Education Foundation, the BBB Institute for Marketplace Trust, Stanford Center on Longevity, and the Federal Trade Commission found that key risk factors for susceptibility to scams and losing money are when individuals are under financial strain and social or physical isolation.[10] FINRA has issued a number of investor alerts to, among other things, alert investors regarding potential scams touting investments into companies that claim the companies’ products or services will be used to help stop the coronavirus outbreak.[11]

To identify and address frauds quickly, regulators have created teams specifically focused on monitoring for, identifying, and stopping potential frauds. For instance, FINRA created a “COVID-19 Fraud Task Force” as part of its National Cause and Financial Crimes Detection Programs (NCFC), which is focusing on combatting fraud aimed at investors, insider trading, market manipulation, and fraud by broker-dealers and registered representatives.[12] By early May, the NCFC Fraud Surveillance group had sent fifty (50) referrals to the SEC for potential fraudulent COVID-19 claims involving public companies.[13]

The SEC staff is actively monitoring the markets for fraudulent activity and other misconduct stemming from COVID-19 related conduct. In addition to bringing a number of enforcement actions to halt on-going frauds, the SEC has addressed potential misinformation on issues by issuing trading suspensions.[14] When the SEC believes information about a company is inaccurate or unreliable, it can suspend trading in any stock for up to 10 days. As of June 22, 2020, the SEC has issued 33 trading suspensions of stock of issuers relating to potential COVID-19 fraud.[15]

NASAA has also established a COVID-19 Enforcement Task Force, using online investigative techniques, to identify websites and social media posts that may be offering or promoting fraudulent offerings, investment frauds, and unregistered regulated activities.[16]

Firms are expected to be on notice about the heightened threat of frauds targeted at investors. FINRA has identified four common frauds firms should be combatting; (1) fraudulent account openings and money transfers; (2) firm imposter scams; (3) IT Help Desk scams; and (4) business email compromise schemes. [17]

With impersonation being the common theme with these frauds, FINRA is recommending that firms reevaluate their practices, including beefing up their methods to verify customers’ identities, such as independently verifying customers’ identities using a customer reporting agency or public database. Firms should also examine their bank account verification protocols and potentially look at prohibiting rapid transfers of recently deposited funds to third-party banks or sending automated notifications to the customer email or phone number on file of any account changes.

Firms should be prudent by providing registered representatives and supporting staff training about recent types of frauds and sending customer alerts to remind them to be vigilant by actively monitoring their accounts and notifying the broker-dealer’s Home Office or their financial advisor if they receive suspicious communication, website links, or account alerts. Specifically with minimizing the risk of imposter website links, Firms can “take proactive steps to monitor” by “registering website URL name variations, such as common misspellings or visually character substitutions, and using social media or website monitoring services to watch for websites.”[18] Identifying trends and customer reporting will help keep firms up to date about new schemes as fraudsters deploy them.

The SEC also issued an Investor Alert to educate Main Street investors about current investment frauds, including scams related to the coronavirus pandemic.[19] Noting that fraudsters often manipulate national crises and periods of uncertainty to lure investors into scams, the SEC warns Main Street investors to be especially wary during this time. The SEC also highlighted certain frauds that may see an uptick during the time of the coronavirus pandemic: (1) fraudulent stock promotions and market manipulation; (2) charitable investment scams; (3) fraudulent unregistered offerings; (4) community-based financial frauds; and (5) bogus CDs offering high returns.[20] Below we address some of what firms may see in popular scams.

1. i. Fraudulent Stock Promotions, Market Manipulation, and Charitable Investment Scams

With Main Street investors being susceptible to “good causes” charitable investments scams, such as publicly traded companies claiming there working on COVID-19 vaccines, research, and PPE manufacturing, firms should expect that investors may receive fake “research reports.” In these fake reports, it may be alleged that certain charitable companies stock will jump in value and predictions of “targeted prices” to ultimately create a buying frenzy.

Aside from these false reports trying to manipulate the market in violation of the Securities Exchange Act of 1934, these scams can leave investors holding the short-end of the stick. The SEC urges investors to be weary of these promotions as part of “pump-and-dump” schemes. If the SEC determines that the company made inaccurate or unreliable claims, investors may be impacted when the SEC suspends trading in the company, preventing investors from selling their shares.[21] Firms should continue to scrutinize investors’ research sources and remain ahead of the curve with publishing alerts about internet promotional scams. Broker-dealers should encourage investors to do their due diligence, read a company’s SEC filings and learn where the stocks are trading.[22]

The Financial Crimes Enforcement Network (FinCEN) also issued an advisory for financial institutions to be on guard against the increase in medical scams related to the COVID-19 pandemic.[23] FinCEN’s Advisory provides descriptions of COVID-19-related medical scams, case studies, red flags, and information on reporting suspicious activity.

1. ii. Fraudulent Unregistered Offerings

Although states are slowly reopening, broker-dealers should properly adjust to more functions being performed from home. Firms have the responsibility to ensure that they are complying with federal laws and FINRA rules when participating in unregistered sales of restricted securities and double checking if their supervisory controls in place are adequate to recognize new “red flags” that signal illegal, unregistered resales of restricted securities. As a reminder, FINRA Regulatory Notice 09-05 provides guidance on the red flags firms should be aware of when looking at the circumstances of a proposed resale transaction and guidance for firms’ compliance with their duties and inquiry obligations.[24]

More now than ever, Firms should review their regulatory obligations under regulatory rules and guidance, including, FINRA Rules 2090 (Know your Customer), 4512 (Customer Account Information), 3310 (Anti-Money Laundering Compliance Program), and 3110 (Supervision), and SEC Reg S-P Rule 30, and FinCEN’s advisory FIN-2017-A007 (Advisory to Financial Institutions Regarding Disaster-Related Fraud). If firms need to file a SARs related to COVID-19, FinCEN encourages institutions to enter “COVID19” in Field 2 of the SAR-template, along with checking the appropriate SAR-template boxes for certain typologies.[25]

As with Ponzi scheme concerns, firms should aim to have consistent guidance and protocols in place for investigating and reporting frauds. If an area of the firm detects a concern, communication, and escalation is key to alerting other divisions that may have additional information. Periodic cross-divisional meetings of team leaders from the business, legal and regulatory, complaints, and supervision, can ensure information is being conveyed to those at the ground level for each team. While firm office doors may be closed, the SEC and other governmental authorities remain open and are ready to ramp up investigations and enforcement actions. In a public statement, the SEC warns, it “is committing substantial resources to ensuring that our Main Street investors are not victims of fraud or illegal practices in these unprecedented market and economic conditions.” Now is the time for firms to reevaluate having clear and cohesive strategies for performing investigations and detecting red flags.

Market Turmoil

The market turmoil that has accompanied the global public health crisis brings with it additional areas of concern for broker-dealers beyond the expected uptick in fraud cases. As has occurred in past cases of market volatility, broker-dealers can expect an increase in customer complaints, especially related to margin calls and suitability of investments. But the extraordinary nature of the current crisis—which has forced broker-dealers to activate business continuity plans and create “work from home” arrangements—gives rise to other concerns as well, including potential issues related to firm operations, cybersecurity, and customer privacy. Broker-dealers will need to be prepared to manage issues that arise in the fallout from the current crisis in these additional areas as well.

With Market Volatility Comes an Influx of Customer Complaints and Customer Arbitrations

The unprecedented bull run of the last eight years saw many investors reap the benefits of the rising market in their brokerage and retirement accounts. Now, as the run appears to have come to an end, the historic market volatility of the last three months will likely leave many of these same investors with significant losses in their accounts.[26] Customer complaints and arbitrations against their broker-dealers will inevitably follow; indeed, past market swings (such as the credit crisis and subsequent recession in 2008) saw significant upticks in such claims.[27] In particular, firms can expect a significant increase in both margin and suitability claims.

1. a. Claims Related to Margin Calls

The market volatility will almost certainly lead to lawsuits from investors who suffered losses due to margin calls. In November of 2019, FINRA issued an Investor Alert noting that investor purchases of securities “on margin” averaged more than $592 billion for the first ten months of 2019.[28] FINRA issued the Alert based on its concern “that many investors may underestimate the risks of trading on margin and misunderstand the operation of, and reason for, margin calls.”[29] The Alert explained that investors who cannot satisfy margin calls “can have large portions of their accounts liquidated under unfavorable market conditions” leading to “substantial losses.”[30] Investors were also warned that their firm can sell their securities without contacting them, they are not entitled to an extension of time on a margin call, and they can ultimately lose more money than they deposited into the account in the first instance.[31]

Unfortunately, the Alert now appears prescient in hindsight. Many investors are likely to have suffered significant losses when firms issued margin calls they were unable to meet, resulting in the sale of their securities during the market downturn. Investors are likely to bring claims alleging their broker-dealers did not provide them with sufficient notice of the margin call or misrepresented when the customer’s securities would be sold. For example, although margin loan contracts typically state that the broker-dealer may sell securities to meet a margin call without contacting the customer, an investor may claim her broker gave her the opportunity to meet the call but then sold her securities while she was collecting the necessary funds. Customers may claim their brokers entered into implied agreements to forego securities sales while they collected funds but then broke their agreements. To defend these claims, it will be critical for brokers to document any conversations they have with clients—and particularly any discussion that could be implied as a promise to temporarily forego a securities sale—in advance of asset liquidations.

1. b. Unsuitable Investment and “Implicit Hold” Claims

Investors will also bring claims that their broker-dealers placed them in unsuitable investments that unnecessarily exposed them to the market downturn. While these types of suitability claims are common fare even in times of market growth, the number of claims brought will increase exponentially given the volatility in the market. Moreover, the implementation of Regulation Best Interest, which will take effect June 30, 2020, may make these claims more difficult for broker-dealers to defend.[32] Among other obligations created by the Regulation, it requires the broker-dealer to have a reasonable basis to conclude that a recommendation is in the “best interest” of a retail customer based on the customer’s investment profile.[33] This is a heightened standard compared to FINRA’s current suitability rule, Rule 2111, which requires only that a broker-dealer “must have a reasonable basis to believe that a recommended transaction or investment strategy . . . is suitable for the customer[.]”[34] In the course of defending the upcoming explosion of suitability claims, broker-dealers will therefore be required to demonstrate that a securities recommendation or investment strategy was not just suitable for the customer but in her best interest.

Broker-dealers may also face claims from customers that they should have acted more quickly during the market downturn to avoid losses. Regulation Best Interest, like FINRA’s suitability rule, “does not impose a duty to monitor a retail customer’s account.”[35] However, if a broker-dealer agrees to provide a retail customer with “ongoing monitoring of the retail customer’s investments” then Regulation Best Interest applies to recommendations made as part of the ongoing obligation to monitor the account.[36] Importantly, this includes situations where a broker-dealer does not communicate any recommendation to the customer. The SEC has explained that this absence of communication constitutes an “‘implicit’ recommendation to hold” and thus subjects the broker-dealer to the standard of care imposed by Regulation Best Interest.[37] In the current context, customers may claim their brokers should have contacted them (or contacted them earlier) about repositioning their portfolios at the commencement of the market downturn. As part of this claim, customers may argue their brokers agreed to monitor their accounts and thus were required to communicate with them about market events. By failing to timely inform them, claimants will argue, their brokers implicitly recommended they hold their securities even as the market declined precipitously. Once again, the key to defending these claims will likely be brokers’ recordkeeping of their interactions with clients: brokers will need to be able to show they never agreed to provide ongoing monitoring of brokerage accounts or that they were in fact in regular contact with their clients during this time.

1. c. Complaint Management and Potential Arbitration Complications

Broker-dealers would be well advised to begin preparing for the likely influx of customer complaints that will result from this period of market volatility. FINRA Rule 3110(b)(5) requires broker-dealers to provide written responses to all written customer complaints. In addition to being prepared to manage this process, firms will need to evaluate customer complaints to determine whether they require reporting on a registered representative’s U4 or pursuant to FINRA Rule 4530. Firms should also consider what systems they have in place to monitor and identify trends in customer complaints to escalate potential red flags. These red flags may relate to the sales practices of specific registered representatives, or perhaps concern the firm’s sale of particular investment products.

The nature of the current crisis will also likely affect the timetable for resolving customer complaints in FINRA’s dispute resolution forum. FINRA has administratively postponed all in-person arbitration and mediation scheduled through September 4, 2020, to be rescheduled for a later date. In-person hearings appear unlikely to resume until the fall, at the earliest, and may not be scheduled until even later for areas like New York. The rescheduling of these hearings will create a backlog that will likely affect the scheduling of new arbitrations and mediations arising from the market downturn. It is also possible that FINRA may face a shortage of willing arbitrators, who generally skew older and therefore may be more reluctant to attend in-person hearings for the foreseeable future. While the ramifications of these events are still unforeseeable, one potential result may be a rise in virtual hearings or simply lengthier timetables for resolving claims. Virtual hearings, either telephonically or through Zoom, may only be held if both parties agree or by panel order.[38]

Cybersecurity Attacks

Crisis events create increased opportunities for the unscrupulous cyber-criminal. COVID-19 is no exception. In fact, given the unprecedented number of people working from home or in other remote locations away from the office, there is a heightened risk for cybersecurity breaches. Factors contributing to the increased risk include, among other things, remote work locations, use of home networks and computers, and increased phishing attacks.[39] Firms and their associated persons need to be vigilant and take steps to guard against intrusions.

The SEC and FINRA have been focused on the increased risk to the industry, firms, and customers for a number of years. They have issued alerts, reports, and examination findings focused specifically on ways to mitigate risk of successful cyber attacks.[40]

On March 16, 2020, FINRA issued an Information Notice, Cybersecurity Alert: Measures to Consider as Firms Respond to the Coronavirus Pandemic (COVID-19), specifically to address the increased risk in today’s environment.[41] FINRA highlighted a number of areas for associated persons and firms in order to mitigate their exposure. Such areas include:

• Office and Home Network Security: Ensure that your staff and associated persons have a secure network connection to access the firm’s systems. Ensure that software updates and patches are timely installed. Ensure that passwords on home networking equipment (e.g., Wi-Fi routers) have been changed from the default passwords.

• Computers and Mobile Devices: Ensure that security patches and software updates are applied on a timely basis. Advise staff and associated persons to lock their screens when they are away from their device. Ensure that customer personally identifiable information (PII) is secure and follows firm protocols for safe storage. Ensure that anti-virus and anti-malware is installed.

• Common Attacks: Ensure that staff and associated persons are familiar with phishing scams, including coronavirus or COVID-19 scams, as well as scams that are often referred to as spear-phishing or whaling, i.e., impersonating a specific person – most often a senior executive – and requesting specific action, usually on an expedited basis. Other attacks include fake, unsolicited “helpdesk” calls requesting passwords.

• Incident Response: Ensure that the staff and associated persons understand the firm’s incident response plan, their role, and whom to contact if a cybersecurity event is suspected.

• Network Security Controls: Firms should ensure that their access privileges to sensitive systems and data are up to date and evaluated.[42] Access management, involving on-boarding, transfers, and terminations, need to be continually monitored. Access monitoring is also important. This includes, among other things, assessing failed log-in attempts and account lockouts and proper handling of customer requests for user name and password changes.[43]

• Training and Awareness: Firms should continue to update their staff and associated persons regarding current potential scams and attacks. Firms should also ensure that staff and associated person are trained on how to connect with the firm’s secure network. Finally, firms should ensure that everyone has the contact information for the IT support staff if or when issues arise.

The current and for the foreseeable future of our work from home reality puts a premium on increased vigilance regarding potential cybersecurity attacks. Knowing your firms policies, procedures, and protocols, as well as firms continuing to remind, train, and update their staff and associated persons on possible scams and breaches will go a long way to mitigating the risk of successful breaches.

Conclusion

These are truly unprecedented times. As we have discussed in this article, there are steps firms can take to mitigate the increased risk of financial, regulatory, and reputational harm that can result when individuals seeking to exploit the situation by perpetrating frauds or Ponzi schemes target firms or customers. It is even more critical now for firms to stay alert, follow up on red flags, connect the dots, and remind their registered representatives and financial advisers to stay alert and escalate issues or concerns. Furthermore, remaining vigilant regarding potential operational errors, especially when volatile markets tend to magnify the impact of errors, and cybersecurity risks is critical for firms to similarly reduce financial, reputational, and regulatory risk.

[1] NASAA: COVID-19-Related Investment Schemes Anticipated State and Provincial Securities Regulators Outline What to Expect and Offer Guidance on How to Protect Yourself (March 30, 2020) https://www.nasaa.org/54534/covid-19-related-investment-schemes-anticipated/?qoid=current-headlines.

[2] Information Notice, Cybersecurity Alert: Measures to Consider as Firms Respond to the Coronavirus Pandemic (COVID-19) (March 16, 2020), https://www.finra.org/rules-guidance/notices/information-notice-032620. FINRA also warned the industry of a phishing attack that involved sending emails purportedly from FINRA executives advising that certain actions were necessary. FINRA Regulatory Notice 20-12, FINRA Warns of Fraudulent Phishing Emails Purporting to be from FINRA (May 4, 2020). https://www.finra.org/rules-guidance/notices/20-12.

[3] FINRA: Regulatory Notice 20-13, FINRA Reminds Firms to Beware of Fraud During the Coronavirus (COVID-19) Pandemic (May 5, 2020), https://www.finra.org/rules-guidance/notices/20-13 and Fraud and Your Investment Accounts During COVID-19 Pandemic (May 11, 2020) https://www.finra.org/investors/insights/fraud-and-your-investment-accounts-during-covid-19-pandemic.

[4] SEC: Frauds Targeting Main Street Investors -- Investor Alert (April 10, 2020, updated May 21, 2020) https://www.sec.gov/oiea/investor-alerts-and-bulletins/ia_frauds.

[5] A Ponzi Pandemic: 500+ Ponzi Schemes Totaling $50+ Billion in 'Madoff Era', Forbes, Jordan Maglich (Feb. 12, 2014) https://www.forbes.com/sites/jordanmaglich/2014/02/12/a-ponzi-pandemic-500-ponzi-schemes-totaling-50-billion-in-madoff-era/#80a30f669253.

[6] Id.

[7] SEC: Frauds Targeting Main Street Investors -- Investor Alert (April 10, 2020, updated May 21, 2020) https://www.sec.gov/oiea/investor-alerts-and-bulletins/ia_frauds. NASAA: COVID-19-Related Investment Schemes Anticipated State and Provincial Securities Regulators Outline What to Expect and Offer Guidance on How to Protect Yourself (March 30, 2020) https://www.nasaa.org/54534/covid-19-related-investment-schemes-anticipated/?qoid=current-headlines. FINRA: Fraud and Your Investment Accounts During COVID-19 Pandemic (May 11, 2020) https://www.finra.org/investors/insights/fraud-and-your-investment-accounts-during-covid-19-pandemic.

[8] Examples of cases in which the registered representative ran the Ponzi scheme:

• - See AWC No. 200902149901 (2012): $100,000 fine after branch found evidence of Ponzi but failed to adequately respond to red flags.
• - See AWC 2009020149801 (2012): $350,000 fine plus restitution to customers after firm failed to adequately respond to red flags, including correspondence alluding to outside investment and cashiers’ check.
• - See AWC No. 2010025074101 (2012): $175,000 fine plus restitution of $5.63 million arising out of registered representative’s outside business activity. The OBA was a Ponzi scheme where 156 investors including some of his Lincoln customers invested $34 million. The firm failed to supervise: (a) firm on-boarded even though there was an open inquiry by state; (b) firm allowed RR to hire his own OSJ manager; (c) branch audit procedures required access to email accounts used by RR in OBAs, but were not reviewed.

Examples of cases where the customer ran the Ponzi scheme:

• - See AWC No. 2009018985203 (2012: $400,000 fine, plus agreement to conduct comprehensive review of AML policies where firm failed to adequately review red flags. For over 2 years the customer transferred funds into his brokerage account and then wrote monthly checks for round dollar amounts from his brokerage linked money market account. Transactions triggered on exception reports, but the firm failed to adequately follow up, including by accepting same answer for months from RR.
• - See AWC No. 2011029749101 (2016): $200,000 fine for firm’s failure to adequately supervise potentially suspicious transactions. Customer in North Carolina was able to kite checks between firm account and separate bank account. In last year, monies going through account increased by over $400 million, with virtually no securities transactions. The firm met with the client but received “what it believed was a plausible business explanation for the activity.” Later, Firm shut it down.

[9] Unemployment rose higher in three months of COVID-19 than it did in two years of the Great Recession, Pew Research Center (June 11, 2020), https://www.pewresearch.org/fact-tank/2020/06/11/unemployment-rose-higher-in-three-months-of-covid-19-than-it-did-in-two-years-of-the-great-recession/.

[10] See Exposed to Scams, What Separates Victims from Non-Victims? (Sept. 2019) https://www.finrafoundation.org/sites/finrafoundation/files/exposed-to-scams-what-separates-victims-from-non-victims_0_0.pdf.

[11] See “Look Out for Coronavirus-Related Investment Scams - Investor Alert,” (Feb. 4, 2020), https://www.sec.gov/oiea/investor-alerts-and-bulletins/ia_coronavirus.

[12] COVID Fraud Task Force, https://www.finra.org/rules-guidance/key-topics/covid-19/covid-fraud-task-force. See also, “#InThisTogether: Collaborating to Fight Fraud—FINRA’s COVID-19 Fraud Task Force” https://www.finra.org/media-center/blog/in-this-together-covid-19-fraud-task-force.

[13] “#InThisTogether: Collaborating to Fight Fraud—FINRA’s COVID-19 Fraud Task Force” https://www.finra.org/media-center/blog/in-this-together-covid-19-fraud-task-force.

[14] Information Regarding Trading Suspensions and COVID-19, https://www.sec.gov/files/information-regarding-trading-suspensions-covid-19_1.pdf. See also, Trading Suspensions at https://www.sec.gov/litigation/suspensions.shtml and COVID-19.

[15] Trading Suspension list at https://www.sec.gov/sec-coronavirus-covid-19-response (Enforcement, Examinations and Investor Education).

[16] See “NASAA Forms COVID-19 Enforcement Task Force,” (Apr. 28, 2020) https://www.nasaa.org/54844/nasaa-forms-covid-19-enforcement-task-force/?qoid=current-headlines

[17] See FINRA Notice 20-13 available at https://www.finra.org/rules-guidance/notices/20-13.

[18] See FINRA Information Notice “Imposter Websites Impacting Member Firms” available at https://www.finra.org/rules-guidance/notices/information-notice-042919 (Apr. 29, 2019).

[19] See Frauds Targeting Main Street Investors -- Investor Alert (Apr. 10, 2020, Updated June 10, 2020) https://www.sec.gov/oiea/investor-alerts-and-bulletins/ia_frauds.

[20] Id.

[21] Id.

[22] See “Wake Up and Smell the Pump-and-Dump,” https://www.finra.org/investors/insights/avoid-pump-and-dump-scams.

[23] See FinCEN Advisory: Medical Scams Related to the Coronavirus Disease 2019 (COVID-19) (FIN-2020-A002), (May 18, 2020) https://www.fincen.gov/sites/default/files/advisory/2020-05-18/Advisory%20Medical%20Fraud%20Covid%2019%20FINAL%20508.pdf.

[24] FINRA Regulatory Notice 09-05, FINRA Reminds Firms of Their Obligations to Determine Whether Securities are Eligible for Public Sale (Jan. 2009), https://www.finra.org/rules-guidance/notices/09-05.

[25] See FinCEN news release (March 26, 2020), https://www.fincen.gov/news/news-releases/financial-crimes-enforcement-network-fincen-encourages-financial-institutions.

[26] The Chicago Board Options Exchange’s CBOE Volatility Index (known as “VIX”), a popular measure of market volatility, reached a peak of 82.69 in March; an historic high. See https://www.tradersmagazine.com/am/the-vixs-wild-ride/.

[27] According to statistics published by FINRA Dispute Resolution, the number of arbitration cases filed per year have been, so far, substantially below the post-2008 financial crisis numbers, when the number of arbitration cases peaked at 7,137 in 2009 and 5,680 in 2010. Dispute Resolution Statistics, https://www.finra.org/arbitration-mediation/dispute-resolution-statistics.

[28] Investing with Borrowed Funds: No “Margin” for Error (last updated Nov. 26, 2019), https://www.finra.org/investors/alerts/investing-borrowed-funds-no-margin-error.

[29] Id.

[30] Id.

[31] See id.

[32] See 84 Fed. Reg. 33,318 (July 12, 2019) (codified at 17 C.F.R. 240.15l-1).

[33] Id. (emphasis added).

[34] FINRA Rule 2111(a).

[35] 84 Fed. Reg. 33,318.

[36] Id.

[37] Id.

[38] FINRA, Coronavirus Impact on Arbitration & OHO Hearings, https://www.finra.org/rules-guidance/key-topics/covid-19/hearings.

[39] FINRA recently issued an alert advising member firms that some individuals received a phishing email purportedly from named FINRA executives asking for certain actions to be taken by the recipient. FINRA Regulatory Notice 20-12, FINRA Warns of Fraudulent Phishing Emails Purporting to be from FINRA (May 4, 2020) https://www.finra.org/rules-guidance/notices/20-12.

[40] SEC OCIE Cybersecurity and Resiliency Observations (Jan. 27, 2020) https://www.sec.gov/files/OCIE%20Cybersecurity%20and%20Resiliency%20Observations.pdf; SEC OCIE Risk Alert, Observations from Cybersecurity Examinations (April 7, 2017) https://www.sec.gov/files/observations-from-cybersecurity-examinations.pdf; FINRA Report on Selected Cybersecurity Practices – 2018 (Dec. 2018), https://www.finra.org/sites/default/files/Cybersecurity_Report_2018.pdf; FINRA Common Cybersecurity Threats

https://www.finra.org/rules-guidance/guidance/common-cybersecurity-threats.

[41] FINRA Information Notice: Cybersecurity Alert: Measures to Consider as Firms Respond to the Coronavirus Pandemic (COVID-19) (March 26, 2020) https://www.finra.org/rules-guidance/notices/information-notice-032620.

[42] See, SEC OCIE Cybersecurity and Resiliency Observations (Jan. 27, 2020) at pp. 3-4. https://www.sec.gov/files/OCIE%20Cybersecurity%20and%20Resiliency%20Observations.pdf.

[43] Id.