Regulation and Compliance Federal Regulation FINRA

LPL Hit With $2.75M FINRA Fine Over Cyber Infractions

News November 27, 2018 at 03:04 PM
Share & Print

LPL Financial's San Diego campus. LPL Financial's San Diego campus.

– Ed. Note: This is a different version of an story we reported Oct. 29. We apologize for any confusion.

LPL Financial was censured and ordered to pay a $2.75 million fine to the Financial Industry Regulatory Authority as a result of internal supervisory shortcomings in its anti-money laundering (AML) program, resulting in failures to notify the government and FINRA about unauthorized cyber-related activities.

FINRA found that LPL failed to file or amend registered representatives' forms that would have disclosed many reportable customer complaints, according to the letter of acceptance, waiver and consent signed by both parties Oct. 29.

These entries are referred to as Forms U4 and U5, for Uniform Application for Securities Industry Registration or Transfer and Uniform Termination Notices for Securities Industry Registration, consecutively.

LPL, which has about 20,000 registered persons operating out of more than 12,000 branches, had an "unreasonably designed" AML program, according to FINRA.

For instance, due to reliance on inaccurate guidance on a fraud case chart, the Boston firm then did not investigate some unauthorized cyber-related activities that FINRA says should have resulted in the filing of more than 400 Suspicious Activity Reports, or SARs.

The shortcomings of the firm and its laxness related to detecting, investigating and reporting suspicious cyber activity spanned a period of more than three years, from at least Jan. 1, 2013 through May 31, 2016, according to FINRA.

During this time, LPL failed to establish and implement an AML program reasonably designed to detect and cause the reporting of suspicious activity, including cyber-related events, FINRA said.

Over this time period, LPL's AML analysts used inaccurate internal guidelines to determine whether to investigate cyber-related events and to file a SAR.

So far, the cyber events appear to be unsuccessful, according to the FINRA consent order.

"This case highlights FINRA's persistent focus on ensuring that firms file with the government and with FINRA information critical to the protection of investors and the public," stated Susan Schroeder, a FINRA's Department of Enforcement top executive in a press release Oct. 30. She noted that Forms U4 and U5 are important as a source of information to the investing public when they determine the trustworthiness of a broker-dealer.

Despite the many issues uncovered at the firm, LPL gave FINRA extraordinary cooperation its investigation and made remedies, according to the agency. This was a factor in determining the monetary sanction, FINRA said, suggesting it could have been more.

LPL neither admitted nor denied the charges, but consented to the entry of FINRA's findings.

— Check out How Dan Arnold Is Driving Change at LPL on ThinkAdvisor.

FINRA
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Related Stories

FINRA Fines CUNA Brokerage Services Over Deleted Rollover Records FINRA Files to Raise Fees Starting in 2025 Osaic Failed to Supervise Trading in Dead Client's Account: FINRA What's at Stake in the Ameriprise-LPL Fight Over Client Data Morgan Stanley to Pay $1M Over Lack of Risk Controls Rep Churned Senior Business Owner's Account, Violated Reg BI: FINRA

Resource Center

Can Systematic Risk Be Reduced? link

Guide

Can Systematic Risk Be Reduced?

The Business Model Playbook: Mastering Technology for Firm Success link

Playbook

The Business Model Playbook: Mastering Technology for Firm Success

Harnessing AI to Power Advisor-Client Relationships link

White Paper

Harnessing AI to Power Advisor-Client Relationships