In its Thaddeus J. North v. SEC brief to the DC Circuit Court of Appeals, the Securities and Exchange Commission argues that a disciplinary decision from the Financial Industry Regulatory Authority against a chief compliance officer should be affirmed, which may portend bad news for compliance officers.
The issues presented by the case are troubling because if the court sustains the disciplinary action, it could lead to 1) dozens of CCOs being charged every year for their firms' deficient procedures, even if they acted in good faith; and 2) a strict liability standard applying to "should have known" liability.
Case Against North
In July 2013, FINRA initiated an enforcement action against a registered representative of a broker-dealer, the firm's CEO, and North, the CCO. The RR allegedly enabled a statutorily disqualified person (SDP) to operate as an unregistered person, and the CEO allegedly failed to supervise the RR's relationship with the SDP.
FINRA charged North for failing to establish appropriate procedures to review electronic correspondence and for failing to report to FINRA the RR's relationship with the SDP, despite the fact that he allegedly "should have known" about the relationship.
The FINRA Hearing Panel found North liable. North appealed to FINRA's National Adjudicatory Council (NAC), which also found him liable, and then to the SEC, which sustained FINRA's findings. North has appealed to the DC Circuit.
'Liability for Inadequate Procedures'
FINRA charged North with failing to establish and maintain a reasonable supervisory system.
Why North, when other CCOs are rarely charged for similar conduct? The SEC determined that it's appropriate to charge a CCO who "engages in wrongdoing, attempts to cover up wrongdoing, crosses a clearly established line, or fails meaningfully to implement compliance programs, policies, and procedures." This standard is potentially problematic.
Here, there were no allegations of "cover up" by North. With respect to whether North "engage[d] in wrongdoing," arguably every time a firm is charged, a person engaged in wrongdoing — procedures don't simply write themselves.
By definition in all enforcement proceedings, there is a significant issue, not just a foot fault. But in the overwhelming majority of similar cases, CCOs are not charged. Which is as it should be. North, however, was singled out for discipline.
As the SEC could not answer for FINRA's prosecutorial discretion regarding who gets named as a respondent, it appears the standard is, "we know it when we see it."
FINRA's failure to use prosecutorial discretion here is troubling. First, often, when FINRA finds procedures to be deficient, they are easily fixable by adding a few words or sentences. Here, FINRA did not allow that.
Second, here, the CCO did not simply sit on bad procedures, doing nothing. Instead, North took affirmative steps to make things better.
Even the NAC confirmed his improvements, noting that the new procedures contained more detail, for example, the firm would employ a "risk-based approach" and the CCO would "[u]tilize [an archival and review platform] to review random samples of emails." Thus, if the policy were to charge CCOs only if they made things worse, then North should not have been charged.