FINRA Fines Credit Suisse $16.5 Million Over AML ViolationsPrint Article
- Posted on: Dec 26 2016
What anti-money laundering compliance programs should financial firms have in place?
The Financial Industry Regulatory Authority (“FINRA”) recently announced that it had fined Credit Suisse Securities (USA) LLC, a former unit of Credit Suisse AG, $16.5 million for anti-money laundering (“AML”), supervision, and other violations. The self-regulatory watchdog found that the firm’s monitoring program for detecting suspicious activity was deficient in two material ways.
First, Credit Suisse primarily relied on its registered representatives to identify and escalate potentially suspicious trading, including in microcap stock transactions. That reliance, however, was misplaced as representatives did not always escalate and investigate high-risk activity, as required. Second, the firm failed to properly implement its automated surveillance system, which was set up to detect, and monitor for, suspicious money transfers. FINRA found that a significant portion of the data feeds into the system were missing information or had other issues that compromised the effectiveness of the system. Credit Suisse also failed to use certain scenarios designed by the system to identify common suspicious patterns and activities, and failed to adequately investigate activity identified by the scenarios that the firm did use.
“It’s critical that firms have effective AML systems in place so that they can comply with their obligations to review and report suspicious transactions, including those involving trading in microcap securities or potentially suspicious money transfers,” said Brad Bennett, FINRA’s Executive Vice President and Chief of Enforcement.
According to the announcement, from January 2011 through September 2013, Credit Suisse failed to effectively review trading for AML reporting purposes. The firm expected its registered representatives, who were the primary contact with the customers, to identify and report unusual or suspicious activities or transactions (i.e., activities and transactions described in Credit Suisse’s AML policies as red flags) to the firm’s AML compliance department. In turn, the compliance department was required to investigate the activity or transaction, document its findings and file Suspicious Activity Reports (“SARs”) where appropriate. However, the systems and procedures the firm used to monitor trading for other purposes were not designed to detect potentially suspicious activity from an AML perspective and the other departments and branches of the firm did not assume responsibility for reviewing trading for AML reporting purposes. As a result, in certain circumstances, Credit Suisse did not investigate suspicious trading adequately to assess whether a SAR should be filed.
In addition, Credit Suisse’s reliance on representatives to escalate potentially suspicious trading failed to account for the fact that most orders it received from its foreign affiliates came in to the firm electronically and thus were not seen by the firm’s sales traders.
FINRA also found that from January 2011 through December 2015, Credit Suisse failed to effectively review suspicious money transfers. The firm used an automated surveillance system to identify red flags of suspicious activity. Credit Suisse failed to implement the automated surveillance system properly by, among other things, inadequately inputting the data into the system, and failing to use available scenarios that were applicable to the money-laundering risks presented by its business. Although Credit Suisse self-identified some of the deficiencies and retained a consulting firm to assist in evaluating them, the firm initially failed to devote adequate resources to resolve the issues in a timely fashion, and some of the deficiencies remain unresolved today. In addition, FINRA found that Credit Suisse did not have adequate staffing to review the tens of thousands of alerts the automated system generated in any given year.
Finally, FINRA found that Credit Suisse’s supervisory systems and conrols were deficient as it relates to compliance with the prohibition of the sale of unregistered securities. Certain Credit Suisse customers deposited and sold microcap stock through the firm, which should have raised red flags indicating that the shares were potentially part of an illegal distribution. The firm failed to instruct its representatives on how to determine whether those securities were registered or subject to an exemption from registration prior to executing those trades. As a result, Credit Suisse facilitated the illegal distribution of at least 55 million unregistered shares of securities. The firm subsequently implemented additional procedures limiting the trading of microcap securities.
Credit Suisse said in a statement that it had cooperated with FINRA’s inquiry, and that the firm had been taking “appropriate internal remedial efforts.”
In addition to the fine, Credit Suisse agreed to adopt and implement policies and procedures within 90 days to address the problems cited in the letter of Acceptance, Waiver and Consent (which can be found here).
Credit Suisse neither admitted nor denied the charges but did agree to FINRA’s findings.
This case illustrates the need for FINRA member firms to have sufficient AML compliance programs in place since money laundering and other suspicious activity is often concealed in securities transactions, particularly in microcap stocks. Not only can compliance violations result in significant fines, such deficiencies could also trigger a wider securities investigations.