SEC Staff Issues Risk Alert Regarding Observations from Anti Money Laundering Compliance Examinations of Broker Dealers
On July 31, 2023, the SEC’s Division of Examinations issued a risk alert presenting observations regarding deficiencies with respect to compliance with key anti-money laundering (AML) requirements observed in compliance examinations of registered broker-dealers. Registered broker-dealers are required to maintain and implement written AML programs that are approved in writing by senior management and that include certain items. In particular, the AML program must be reasonably designed to achieve compliance with the Bank Secrecy Act (BSA) and to detect and cause reporting of suspicious transactions under 31 U.S.C. § 5318(g). In the risk alert, the SEC staff encouraged broker-dealers to review and strengthen policies, procedures and internal controls of their AML programs and to monitor for amendments, pursuant to the Anti-Money Laundering Act of 2020 and the Corporate Transparency Act, to the rules implementing the BSA.
In the risk alert, the staff noted the following observations relative to AML compliance:
- The staff observed firms that failed to conduct independent testing of their AML programs in a timely manner, that could not demonstrate whether testing had occurred or that had inadequate or ineffective independent testing. Instances of inadequate testing included testing that did not cover certain aspects of the firm’s business or AML program, interested personnel conducting tests, personnel conducting tests without AML expertise and testing that was conducted under requirements that do not apply to the securities industry. The staff also noted firms that did not timely address or have procedures to address matters identified through independent testing.
- The staff observed firms with outdated training materials or materials that were not tailored to the firm’s particular risks, typologies, products and services or business activities. Certain firms also could not demonstrate that all appropriate personnel attended ongoing training sessions and had no process for ensuring all relevant personnel completed training.
- The staff observed firms whose Customer Identification Programs (CIPs) would not allow the firm to form a reasonable belief of the true identity of customers. These observations included, among other things, failure to apply CIP procedures to investors in a private placement “where customer relationships established with the registrant to effect securities transactions appeared to be formal relationships for purposes of the CIP Rule,” failure to collect relevant customer identification data, accounts that were permitted to be opened by individuals who only provided a P.O. box address and programs that did not verify customer identities or keep correct records of whether identity verification occurred.
- The staff observed firms that had not updated their AML programs or new account forms and procedures to account for the adoption of the customer due diligence rule, adopted in 2016, which “requires a broker-dealer’s AML program to contain written procedures that are reasonably designed to identify and verify the identity of beneficial owners of legal entity customers.” The staff observed firms that permitted an entity to be listed as a beneficial owner without obtaining adequate information about that entity’s beneficial owners, allowed the opening of new accounts without identifying a legal entity’s beneficial owners, failed to document the identity of beneficial owners of legal entity customers and failed to follow internal procedures requiring the firm to obtain information about certain underlying parties acting through omnibus accounts.
- Finally, the staff observed firms that did not have the necessary resources to support AML compliance despite the current environment of new and increasing sanctions imposed by the Office of Foreign Assets Control.
The risk alert is available here.
Vedder Thinking | Articles SEC Staff Issues Risk Alert Regarding Observations from Anti Money Laundering Compliance Examinations of Broker Dealers
Article
August 28, 2023
On July 31, 2023, the SEC’s Division of Examinations issued a risk alert presenting observations regarding deficiencies with respect to compliance with key anti-money laundering (AML) requirements observed in compliance examinations of registered broker-dealers. Registered broker-dealers are required to maintain and implement written AML programs that are approved in writing by senior management and that include certain items. In particular, the AML program must be reasonably designed to achieve compliance with the Bank Secrecy Act (BSA) and to detect and cause reporting of suspicious transactions under 31 U.S.C. § 5318(g). In the risk alert, the SEC staff encouraged broker-dealers to review and strengthen policies, procedures and internal controls of their AML programs and to monitor for amendments, pursuant to the Anti-Money Laundering Act of 2020 and the Corporate Transparency Act, to the rules implementing the BSA.
In the risk alert, the staff noted the following observations relative to AML compliance:
- The staff observed firms that failed to conduct independent testing of their AML programs in a timely manner, that could not demonstrate whether testing had occurred or that had inadequate or ineffective independent testing. Instances of inadequate testing included testing that did not cover certain aspects of the firm’s business or AML program, interested personnel conducting tests, personnel conducting tests without AML expertise and testing that was conducted under requirements that do not apply to the securities industry. The staff also noted firms that did not timely address or have procedures to address matters identified through independent testing.
- The staff observed firms with outdated training materials or materials that were not tailored to the firm’s particular risks, typologies, products and services or business activities. Certain firms also could not demonstrate that all appropriate personnel attended ongoing training sessions and had no process for ensuring all relevant personnel completed training.
- The staff observed firms whose Customer Identification Programs (CIPs) would not allow the firm to form a reasonable belief of the true identity of customers. These observations included, among other things, failure to apply CIP procedures to investors in a private placement “where customer relationships established with the registrant to effect securities transactions appeared to be formal relationships for purposes of the CIP Rule,” failure to collect relevant customer identification data, accounts that were permitted to be opened by individuals who only provided a P.O. box address and programs that did not verify customer identities or keep correct records of whether identity verification occurred.
- The staff observed firms that had not updated their AML programs or new account forms and procedures to account for the adoption of the customer due diligence rule, adopted in 2016, which “requires a broker-dealer’s AML program to contain written procedures that are reasonably designed to identify and verify the identity of beneficial owners of legal entity customers.” The staff observed firms that permitted an entity to be listed as a beneficial owner without obtaining adequate information about that entity’s beneficial owners, allowed the opening of new accounts without identifying a legal entity’s beneficial owners, failed to document the identity of beneficial owners of legal entity customers and failed to follow internal procedures requiring the firm to obtain information about certain underlying parties acting through omnibus accounts.
- Finally, the staff observed firms that did not have the necessary resources to support AML compliance despite the current environment of new and increasing sanctions imposed by the Office of Foreign Assets Control.
The risk alert is available here.
Professionals
-
Services