An Analysis of SEC and FINRA Enforcement Actions Against

#CCOsGoingViral: An Analysis of SEC and FINRA Enforcement Actions Against Compliance Officers, Written for Millennials (and those who work with Millennials) (September 2016 to February 2017)

By Brian L. Rubin and Amy Xu

Introduction Millennials now constitute the largest portion of the American workforce, according to Pew Research Center analysis of U.S. Census Bureau data.1 The impact of the younger generation is felt, in particular, in the financial services industry as millennials begin to invest their accumulating wealth2 and transition to becoming decision-makers within the financial services sector.3 As such, it is critical that the risks and rewards of ensuring compliance with federal securities laws are explained in language that millennials understand. In an attempt to bridge the divide between securities laws written in the 1930s and a population born between approximately the 1980s and 2000s,4 this article uses hashtags, Internet memes, catch phrases, and other pop culture references to analyze some of the cases that the U.S. Securities and Exchange Brian L. Rubin is Head of Litigation in Commission (SEC) and FINRA have brought against compliance the Washington, D.C. office of Eversheds- officers. Not to be bloviating blowhards,5 but this article may be Sutherland (US), and is the Administrative the thing that baby boomers (who are often organizing paper files) Partner in charge of the Securities Enforce- ment and Litigation Team.* need to decode the hashtag-filled jargon of millennials (who would rather tweet than call). Just as all citizens should stay #woke6 in an ever-changing world, Chief Compliance Officers (CCOs) of broker-dealers (BDs) and investment advisers (IAs) must stay hip with enforcement trends as they carry out the momentous task of helping their firms comply with securities laws and regulations. This article, analyzing cases brought from September 2016 to Feb- ruary 2017, is one in a series7 that provides illuminating analyses, astute insights, and sometimes hilarious tidbits for compliance Amy Xu is an associate in the Washington, professionals (regardless of their biological or psychological age)… DC office of Eversheds-Sutherland (US).** or not ¯\_(ツ)_/¯.8

PRACTICAL COMPLIANCE & RISK MANAGEMENT FOR THE SECURITIES INDUSTRY | JULY–AUGUST 2017 11 #CCOsGoingViral

Failure to Adopt Adequate conduct involved facilitating and engaging in a pattern of ficti- Supervisory Systems tious trading, which included purchasing a security from an institutional customer into the firm’s inventory, and then selling “I am about to do what old people have done throughout the security from the firm’s inventory to another institutional history: call those younger than me lazy, entitled, selfish and customer. The firm’s process for handling trade cancellations shallow. But I have studies! I have statistics! I have quotes permitted him, as the registered representative of record on all from respected academics! Unlike my parents, my grandpar- customer accounts, to initiate, enter, and approve trade cancel- ents and my great-grandparents, I have proof.” lations without independent review or approval. FINRA stated that, “as the Chief Executive Officer and Chief Compliance —Joel Stein (“a member of Gen X, Officer for [the firm], [he] was responsible for ensuring that which invented flannel and Wynona Ryder”),9 [the firm] established and maintained a reasonable supervisory ranting about millennials in Time magazine10 system and WSPs reasonably designed to supervise the firm’s business activities.” As a result, he violated Municipal Securities Whether supported or not, the general consensus about Rulemaking Board (MSRB) Rule G-27 by failing to establish millennials is that they are entitled, lazy, and self-obsessed. reasonable supervisory systems and procedures to prevent Focused entirely on themselves, these “special snowflakes”11 and detect unauthorized trading and discretionary trading. often reject prescribed social norms and supervision. Never- Additionally, he failed to establish a system to provide for the theless, to avoid enforcement actions, firms need to eschew proper review and approval of daily orders and related trade these millennial tendencies and put in place policies and cancellations and to address transaction reporting and order procedures to ensure compliance with federal securities ticket requirements. Based on these actions and others, FINRA regulations (and leave this generational psychobabble analysis found that the individual violated NASD Rules 3010(a) and to other professions). FINRA requires BDs to establish and (b), FINRA Rules 3110(a) and (b) and 2010, and willfully maintain supervisory systems “reasonably designed to achieve violated MSRB Rule G-27 for “failing to establish reasonable compliance” with applicable laws, regulations and rules, supervisory systems and procedures to prevent and detect including written supervisory procedures (WSPs) designed unauthorized trading and discretionary trading, to provide to supervise the business activity of firms.12 FINRA also for the proper review and approval of daily orders and related requires that the supervisory system be “tailored specifically trade cancellations, and to address transaction reporting and to the member’s business.”13 IAs are also required to adopt order ticket requirements.” He was barred from association with and implement written policies and procedures reasonably any FINRA member firm in any capacity. Unfortunately, in designed to prevent violations of applicable laws, regulations describing these violations, FINRA failed to identify whether and rules.14 All IAs must also “[d]esignate an individual (who these violations stemmed from the individual’s role as CEO or is a supervised person) responsible for administering the poli- as CCO. In the future, regulators should emulate the Greatest cies and procedures” that the IA adopts.15 Generation (rather than slack off)17 and provide a more explicit CCOs, sometimes while wearing multiple hats (or backwards analysis as to why people are charged for violations. Such baseball caps), have been sanctioned when firms failed to “estab- specificity would enable the industry and CCOs to understand lish reasonable supervisory systems and procedures to prevent regulatory expectations for compliance professions and to assist and detect unauthorized trading and discretionary trading, them in avoiding personal liability. to provide for the proper review and approval of daily orders If a CCO has adopted the so-called lazy work ethic of mil- and related trade cancellations, and to address transaction lennials and failed to establish supervisory procedures related reporting and order ticket requirements.” In September 2016, to research reports, she or he may be subject to disciplinary an individual who served as Chief Executive Officer (CEO), actions. In October 2016, FINRA accepted the settlement CCO, and Financial and Operations Principal (FinOp), of an individual through a Letter of Acceptance, Waiver and settled a disciplinary action with FINRA through an offer of Consent (AWC) for failure to adopt supervisory procedures settlement related to his fraudulent conduct and his failure related to the firm’s research reports.18 Among other posi- to establish reasonable supervisory systems.16 His fraudulent tions, the individual was the CCO and the firm’s Director of

12 JULY–AUGUST 2017 | PRACTICAL COMPLIANCE & RISK MANAGEMENT FOR THE SECURITIES INDUSTRY #CCOsGoingViral

Research. Once again, in the settlement order, FINRA failed settlement of an AMLCO through an AWC for his failure to explain whether the individual was liable due to his actions to adopt supervisory procedures related to the firm’s AML in one role or the other. FINRA stated that he did not adopt compliance program.21 He was responsible for the AML and implement supervisory procedures reasonably designed to compliance program, but failed to develop and implement ensure that the firm’s research reports complied with the dis- one that was reasonably designed to achieve and monitor the closure requirements of NASD Rule 2711. Although the firm firm’s compliance with the requirements of the Bank Secrecy had an automated system that generated required disclosures, Act (“BSA”). The AMLCO did not “have any reports that a system did not exist to ensure that required disclosures were the [f]irm used to monitor low-priced securities, and he failed to develop any internal automated reports, manual reports, or other means to The SEC and FINRA do not shy away from monitor securities received and disbursed to assist the [f]irm in monitoring for sus- charging compliance officers for perceived picious activity.” FINRA stated that the AMLCO failed to ensure that the firm regulatory failures. was conducting reviews of transaction activity to monitor for, detect, and cause actually made. Additionally, the firm did not have a system the reporting of suspicious activity in accounts at the firm. in place to track that it made required disclosures relating to: Due to his inaction, the firm’s AML compliance program (a) the firm or the research analyst’s ownership of the subject was not reasonably designed and could not have been reason- company; (b) whether the firm was a manager of public offer- ably expected to detect and cause the reporting of suspicious ings of the subject company or provided investment banking transactions related to short-term trading of low-priced services; or (c) whether the firm provided non-investment stocks through the firm’s accounts. As a result, the AMLCO banking products or services to the subject company. As a violated FINRA Rule 3310, causing him to be suspended in result of this violation and others, the CCO was found to have all principal capacities for three months and fined $30,000. violated NASD Rule 2711(i) and fined $30,000. Takeaway: AML compliance officers may be sanctioned Takeaway: Compliance officers may be sanctioned for their if their firm cannot show evidence of an AML compliance firms’ failure to develop and maintain procedures that detect program reasonably designed to detect suspicious money fraudulent behavior, such as unauthorized trading, and ensur- laundering transactions. ing proper disclosures on research reports. Compliance officers who wear multiple hats may be deemed responsible for ensur- Failure to Execute Tasks Designated ing that reasonable supervisory systems are established, even to the CCO in WSPs if the responsibility is not explicitly given in the firm’s WSPs. “I am not throwing away my shot! Anti-Money Laundering I am not throwing away my shot! “You know so we ain’t really never had no old money Hey yo, I’m just like my country We got a whole lotta new money though” I’m young, scrappy and hungry And I’m not throwing away my shot!” —Lyrics from “Bad and Boujee” by Migos19 —Lyrics from “My Shot,” Hamilton: Anti-money laundering compliance officers (AMLCOs) who An American Musical, by Lin-Manuel Miranda22 fail to establish supervisory systems regarding anti-money laundering (AML) compliance may be deemed “bad” by a Young, scrappy, and hungry are all adjectives that can fittingly regulator (but probably not boujee)20 and may be subject to describe Alexander Hamilton, the main character in Lin-Manuel disciplinary action. In October 2016, FINRA accepted the Miranda’s eponymous hit musical, as well as the millennial

PRACTICAL COMPLIANCE & RISK MANAGEMENT FOR THE SECURITIES INDUSTRY | JULY–AUGUST 2017 13 #CCOsGoingViral

generation (possibly). CCOs face possible disciplinary action Due Diligence if they throw away their shot to comply with federal securities laws and fail to conduct reviews that are assigned to them in FOMO (fear of missing out) the firm’s WSPs. For example, in July 2016, FINRA accepted | fōmō | an AWC from a CCO for failing to review representatives’ elec- noun tronic correspondence and conduct branch inspections.23 He testified that he made an initial attempt to review emails when “[A] state of mental or emotional strain caused by the fear he became CCO, but soon realized that he had been reviewing of missing out… a compulsive concern that one might miss the junk mail folder of the firm’s previous CCO. He made no an opportunity…often aroused by posts seen on social media further effort to review the firm’s email correspondence. Addi- websites.” tionally, according to the WSPs, he was responsible for ensuring that branch inspections were conducted in accordance with —UrbanDictionary.com24 the branch inspection schedule, but he failed to do that. He did not review any branch inspection reports, failed to ensure Millennials and compliance officers are united in their ca- that the inspections were conducted, and failed to ensure that pacities to feel FOMO (although a millennial may be more the reports were completed, despite knowing that FINRA had likely to feel it on a Friday night if she decides to stay in and cited the firm for a similar deficiency during an examination actually (watch) Netflix and chill).25 For a compliance officer, in 2013. For these and other violations, he consented to a fine fear of missing out may be an occupational safeguard when conducting due diligence for a private placement. In August 2016, FINRA ac- CCOs, sometimes while wearing multiple cepted an AWC from a CCO related to his lack of FOMO and his failure to con- hats (or backwards baseball caps), have duct adequate due diligence for a private placement.26 FINRA Regulatory Notice been sanctioned when firms failed to 10-22 provided guidance regarding due diligence for a private placement, stating “establish reasonable supervisory systems that firms must have supervisory proce- and procedures to prevent and detect dures reasonably designed to ensure that the firm’s personnel “engage in an inquiry unauthorized trading and discretionary that is sufficiently rigorous to comply with their legal and regulatory requirements.”27 trading, to provide for the proper review and The firm’s WSPs incorporated similar language from the Regulatory Notice and approval of daily orders and related trade NASD Rule 3010 (the rule then in place that required member firms to establish cancellations, and to address transaction a supervisory system and reasonably designed WSPs) and listed specific steps to reporting and order ticket requirements.” be taken as part of the due diligence of a private placement. of $5,000 and a suspension from association with any FINRA In light of the firm president’s inexperience with private broker-dealer in a principal capacity for a period of six months. placements, the CCO agreed to conduct the due diligence Takeaway: CCOs who do not execute tasks explicitly relating to a new offering. However, the diligence that he assigned to them by their firms’ WSPs may face sanctions. conducted was inadequate and failed to uncover a bankruptcy It may be useful for CCOs to review their firm’s WSPs to filed by the CEO of the issuer. The CCO also conducted vari- identify tasks specifically assigned to them. ous analyses of the issuer’s potential profitability, but failed

14 JULY–AUGUST 2017 | PRACTICAL COMPLIANCE & RISK MANAGEMENT FOR THE SECURITIES INDUSTRY #CCOsGoingViral

to document them. The CCO utilized an outside third-party SEC entered a settled administrative order against a CCO consultant to conduct due diligence, who then subcontracted due to untrue statements in multiple Forms ADV that she with another individual to prepare a due diligence report. prepared, signed, and filed on behalf of a firm.31 The firm was The due diligence report was a verbatim cut and paste from an exempt reporting adviser, which the Commission sued in other publically available documents with no independent March 2016 for, among other things, allegedly perpetrating assessment of the issue or issuer. As a result of the above, the a multimillion-dollar fraud and misappropriating investor CCO failed to ensure that the firm conducted adequate due funds. The firm served as the investment adviser to three diligence regarding the offering and failed to enforce the firm’s unregistered private funds. From March 2014 to March WSPs relating to private placements. For these and other 2015, the CCO made several untrue responses on five Forms violations, the CCO consented to a fine of $5,000 and a 15 ADV for three funds advised by the firm. The Forms ADV business day suspension from associating with any FINRA made the following false statements: (1) the fund’s financial registered firm in a principal capacity. statements were subject to an annual audit; (2) the financial Takeaway: Compliance officers may be sanctioned for fail- statements were prepared in accordance with U.S. GAAP; ing to adequately conduct reasonable investigations and due (3) a firm was identified as the private funds’ “auditing firm” diligence in Regulation D offerings if the task is delegated when it had prepared only tax returns and Forms K-1 and to them. was never engaged by the private funds to perform an audit; and (4) the private funds’ audited financial statements were False Statements distributed to the private funds’ investors. The CCO signed the filing, certifying that all the information and statements “I would very much like to be excluded from this narrative, made in the ADV were true and correct. As a result of her one that I have never asked to be a part of, since 2009.” conduct, the Commission found that she willfully violated Section 207 of the Advisers Act, which makes it “unlawful for —Taylor Swift, responding on Instagram after a phone any person willfully to make any untrue statement of a mate- call with Kanye West was leaked online28 rial fact in any registration application or report filed with the Commission … or willfully to omit to state in any such The “bad blood”29 between Taylor Swift and Kanye West, application or report any material fact which is required to two of the most influential musicians of the millennial be stated therein.” The CCO was suspended from associating generation, began at the 2009 MTV Video Music Awards. with organizations, including broker-dealers and investment The rapper rushed onstage during Swift’s acceptance speech advisers for a period of nine months following the order. for Best Female Video, took the microphone away from her, Additionally, the CCO was prohibited from employment or and announced that Beyoncé deserved the award for her hit working in the role of an officer or director for a registered “Single Ladies (Put a Ring On It).”30 West later apologized investment company for nine months. After the period of for his actions, and the two had a lukewarm conciliation. suspension ended, the CCO would not be permitted to act as In February 2016, West released the song “Famous” which a partner, officer, branch manager, or director who directly or included an expletive-filled dig at Swift in one of the verses. indirectly controls compliance capacities with organizations, West claimed that Swift approved the use of her name in including broker-dealers and investment advisers. Finally, the the song lyrics, but Swift later took to Instagram to present CCO was ordered to pay a civil money penalty of $15,000. her side of the story. It is still unclear which party has made CCOs have been sanctioned for making false statements the most false statements throughout the public feud. Savvy on Forms ADV and for failing to comply with requirements CCOs should be able to avoid public scandals (and sanctions of the Custody Rule. In January 2017, the SEC entered a from regulators) if they avoid rushing on stage and if they settled administrative order against an investment adviser avoid making false or misleading statements, especially on and an individual, who served as its owner, sole member, Forms ADV submitted to the Commission. and chief compliance officer, for violations relating to the CCOs can be held personally liable for making false state- firm’s improper registration as an investment adviser and the ments regarding their firms’ actions. In January 2017, the Custody Rule.32 Among other things, the Form ADV falsely

PRACTICAL COMPLIANCE & RISK MANAGEMENT FOR THE SECURITIES INDUSTRY | JULY–AUGUST 2017 15 #CCOsGoingViral

stated that the firm did not have custody of its clients’ funds to pay both advisory fees and mutual fund fees and expenses, or securities, when in fact the firm possessed and used its without disclosing the firm’s conflict of interest. According to clients’ personal login credentials for their online brokerage the firm’s compliance manual, the CCO was responsible for accounts, meaning the firm had custody of its clients’ funds amending and delivering Forms ADV Part 2 disclosing the or securities. The CCO “was responsible for [the firm’s] conflict of interest. The SEC asserted that the ADV should compliance efforts and knew that [the firm] failed to arrange have disclosed that “the clients who owned [the proprietary for an annual verification of client funds and securities by an mutual fund] paid double fees on the amount invested in [the independent public accountant” as required by the Custody proprietary mutual fund].” Clients paid advisory fees on assets Rule. Additionally, the Form ADV falsely stated that the firm’s under management as well as mutual fund fees and expenses. principal office and place of business was located in Wyoming, The mutual fund fees and expenses were “not disclosed to [the when in actuality, the firm was located in Michigan. For the IA’s] clients and were not reflected in any client’s monthly false statements, the SEC found that both the firm and the account statements.” The firm amended its Form ADV, but individual willfully violated Section 207 of the Advisers Act. failed to deliver it or a summary of the material changes to Because of this conduct and other violations, the individual clients. This occurred even after the CCO sought advice from was ordered to pay a civil penalty of $25,000 and barred from an outside compliance consultant on the subject, who advised association for three years. There was no penalty for the firm. him to provide investors with a Form ADV notice prior to Takeaway: CCOs may be held liable if Forms ADV investors’ initial investments and annually thereafter. After include false statements. the initial investment, the firm separately provided some clients with a written disclosure about the conflict, stating Conflicts of Interest that the firm “may” invest their assets in one or more of its registered funds, resulting in additional fees that “may” create a conflict of interest. However, the SEC found that this “But first, let me take a selfie.” disclosure was inadequate because at the time it was made, the firm had actually invested those particular clients’ assets —Lyrics from “#SELFIE” by the Chainsmokers33 in the mutual fund, and the firm had an actual conflict of interest. As a result of these actions, the SEC found that the Before the birth of millennials and the “invention” of the selfie CCO caused violations of Section 206(2), Section 206(4) stick (if someone can claim to have actually invented a stick), and Rule 206(4)-7, and Section 204(a) and Rule 204(3) of people often had to face an age-old conflict: should I take a the Advisers Act. The CCO submitted a sworn Statement of photo of the scenery or be in the photo? Thanks to the ingenu- Financial Condition and other evidence to assert his inability ity of millennials, this conflict of interest is no longer an issue! to pay disgorgement and a civil penalty. CCOs, however, are not so lucky to avoid the effects of other Similarly, in November 2016, the Commission found conflicts of interest within the financial services realm and that a registered IA and the individual who was its princi- may be held liable for their firms’ failure to manage or disclose pal, owner, and CCO were negligent by failing to fully and material conflicts of interest to clients. In September 2016, the fairly disclose conflicts of interest to their clients.35 The IA SEC entered a settled administrative order relating to failures entered into a revenue sharing agreement with the custodian by a former Commission-registered IA to disclose material of its clients’ accounts. The custodian paid the IA when its conflicts of interest to clients whose money the IA used to clients invested in certain funds. Through this agreement, fund an affiliated mutual fund.34 Two principals (including the IA agreed that it had made and would continue to make the CCO who was also CEO, chief information officer, and all appropriate disclosures to clients regarding conflicts of principal, and owner of 45% of the firm through his holding interest that would arise from the arrangement. However, company) were also charged. Among other things, the firm the IA did not modify the disclosure it provided to clients acted as investment adviser for a proprietary mutual fund. In in its Form ADV until more than a year after executing the 2013, the firm began buying institutional share classes of its arrangement. When the IA modified the disclosure, it stated proprietary mutual fund for its retail investors, causing them that “[c]ertain investment adviser representatives … when

16 JULY–AUGUST 2017 | PRACTICAL COMPLIANCE & RISK MANAGEMENT FOR THE SECURITIES INDUSTRY #CCOsGoingViral

acting as registered representatives of a broker-dealer, may Increased Regulatory Attention Due to an receive selling compensation … as a result of the facilitation Individual’s Compliance Role of certain securities transaction on Client’s behalf through such broker-dealer,” and that these “arrangements may create “May the 4th be with you.” a conflict of interest.” However, the IA did not provide details about the conflict that “may” exist. —Star Wars fans everywhere Initially, the administrative law judge (ALJ) dismissed the proceeding principally on the ground that the SEC’s What originally started as a pun has now transformed into Division of Enforcement failed to prove that the IA and the an international holiday, in which Star Wars fans worldwide principals acted with scienter or negligence. After Enforce- connect with one another and celebrate a galaxy far, far away.36 ment appealed, the Commission agreed with the ALJ that Each May 4th, hordes of fans dress up in costumes, engage in the record did not support a finding of scienter, but found festivities, and repeat the phrase “May the 4th be with you,” which that the parties were negligent by failing to fully and fairly sounds similar to “May the Force be with you” – the now-classic disclose conflicts of interest to their clients. The Commission line from the movie franchise. This year, even Canadian Prime stated that the firm and the CCO should have known that Minister Justin Trudeau (favored among millennials) celebrated the Form ADV disclosure was inadequate because it clearly May 4th by wearing mismatched “Star Wars” socks in a meet- failed to provide clients with the information they needed ing with Prime Minister Enda Kenny of Ireland: “one in blue to assess relevant conflicts of interest. The firm’s Form ADV and gray with R2D2 and the other in gold and black depicting was deemed to have material omissions. As a result of these C3PO.”37 Later that day, Trudeau tweeted a picture of his socks actions, the Commission found that the IA and the individual with the caption: “These are the socks you’re looking for. #May- violated Section 206(2) and Section 207 of the Advisers Act. TheFourthBeWithYou #GuerreDesEtoiles”38 Even if CCOs fail This case is yet another example in which regulators should to celebrate May 4th with Star Wars fans, they would do well not to fail to withhold relevant information on Forms U4 (which is not the name of a robot Not to be bloviating blowhards, but or droid from the Star Wars movies—not yet this article may be the thing that baby anyway), because FINRA has demonstrated that it ascribes greater culpability for CCOs boomers (who are often organizing paper who commit these violations due to their compliance experience. files) need to decode the hashtag-filled In October 2016, through an order accepting an offer of settlement, a CCO jargon of millennials (who would rather settled a FINRA disciplinary proceeding related to multiple violations of failing to tweet than call). report tax liens.39 She willfully failed to amend her Form U4 to disclose five federal provide more clarity about the respondent’s role when he tax liens filed against her by the IRS, totaling approximately or she committed a violation. Neither the ALJ nor the SEC $174,289. After she became registered with another firm as discussed the responsibilities of the CCO or whether the firm the CCO, she failed to disclose them on her initial Form had WSPs stating that it was the role of the CCO to ensure U4. At her new firm, the CCO amended her firm’s WSPs to that conflicts were adequately disclosed to clients. As a result, include language requiring a registered or associated person it is not clear whether the individual was found liable due to to report all judgments and liens. Despite her amendments, his compliance role or another position. she did not disclose her tax liens to her second firm until Takeaway: CCOs may be found individually liable if a few months later, following an inquiry from FINRA. In their firms fail to fully and fairly disclose material conflicts discussing her violations, the settlement offer highlighted of interest. her role as the CCO, seeming to suggest that the she had

PRACTICAL COMPLIANCE & RISK MANAGEMENT FOR THE SECURITIES INDUSTRY | JULY–AUGUST 2017 17 #CCOsGoingViral

increased culpability due to her role in compliance.40 As a At times, generation gaps may seem as expansive as the result of her actions, FINRA found that the CCO violated screaming crowds of teenagers at a Justin Bieber concert Article V, Section 2(c) of FINRA’s bylaws and FINRA Rule (or a Bruce Springsteen concert, for those of a different 1122. She consented to a fine of $5,000 and a three-month vintage). Cultural references from one generation may suspension from association with any FINRA member. The always be lost on the other, but with proper care (and fre- CCO’s failure to disclose her own federal tax liens on her quent consultation of Urban Dictionary),42 communication Form U4 does not constitute a compliance activity, but this between generations can become more coherent. Compli- case is an example of how regulators can focus on a compliance officers can also benefit from a better understanding ance officer’s position when assessing conduct. of communication coming from the SEC and FINRA. As Takeaway: An individual’s role in compliance may affect seen in the cases described above, those communications are the regulators’ perspective in determining culpability for clear: the SEC and FINRA do not shy away from charging individual violations. compliance officers for perceived regulatory failures. -Un fortunately, regulators do not always clearly explain why an Conclusion individual is being charged or whether the violations relate to a compliance role. To gain insight about the “dopest”43 Manny Delgado (youth on “Modern Family”): “I don’t new enforcement trends from regulators, compliance officers get it. You’re the Greatest Generation. Why do you push may want to read (digitally or in print) as many securities people away?” laws and rules, regulatory notices, cases, and articles in publications like this one as possible. This knowledge will Jay Pritchett (step-father of Manny, more than 50 years be ammunition in a compliance officer’s arsenal (along with his senior): “Why don’t you lock yourself in your room like “hot sauce in my bag, swag”)44 possibly to help prevent a normal teenager?”41 future violations.

ENDNOTES

* Brian L. Rubin represents companies and individu- Forbes, May 7, 2015, available at: https://www. Practical Compliance & Risk Management for the als being examined, investigated and prosecuted forbes.com/sites/laurashin/2015/05/07/how- Securities Industry, May-June 2016 at 5. by the Securities and Exchange Commission, the millennials-money-habits-could-shake-up-the- 8 The “shruggie” is a symbol that “encapsulates Financial Industry Regulatory Authority (FINRA) financial-services-industry/#4b9ac7307176. what it’s like to be an individual on the Internet. and the states. He also advises broker-dealers 3 “Millennials at work – Reshaping the workplace in With raised arms and a half-turned smile, it and investment advisers on federal and state financial services,” PwC, March 2012,available at: exudes the melancholia, the malaise, the ac- regulatory and compliance matters. Brian was https://www.pwc.com/gx/en/financial-services/ ceptance, and (finally) the embrace of knowing previously Deputy Chief Counsel of Enforcement publications/assets/pwc-millenials-at-work.pdf. that something’s wrong on the Internet and you with NASD and Senior Counsel with the SEC’s 4 https://en.wikipedia.org/wiki/Millennials#Date_ can’t do anything about it.” Robinson Meyer, “The Enforcement Division. and_age_range_defining. Best Way to Type ¯\_(ツ)_/¯,” The Atlantic, May ** Amy Xu advises investment advisers, broker- 5 http://www.urbandictionary.com/define. 21, 2014, available at: https://www.theatlantic. dealers, investment companies and corporations php?term=Bloviating%20Blowhard. com/technology/archive/2014/05/the-best- on securities litigation, investigations, and regu- 6 Staying “woke” means being informed of what’s way-to-type-__/371351/. latory and enforcement matters involving the going on around you, especially in times of tur- 9 http://theweek.com/articles/464506/5-best- Financial Industry Regulatory Authority (FINRA) moil and conflict. http://knowyourmeme.com/ reactions-time-cover-story-millennials. and the U.S. Securities and Exchange Commis- memes/stay-woke 10 Joel Stein, “Millennials: The Me Me Me Genera- sion (SEC). Amy also has experience counseling 7 See, e.g., Brian L. Rubin and Amy Xu, “Make tion,” Time Magazine (May 9, 2013), available at: clients on complex commercial and white collar America Compliant Again: SEC and FINRA En- http://time.com/247/millennials-the-me-me- litigation matters. Additionally, she maintains an forcement Actions Against Compliance Officers me-generation/. active pro bono practice, serving as counsel in a During an Election Year (January-August 2016),” 11 Megham Daum, “‘Special snowflake’ is the Triscuit number of immigration cases. Practical Compliance & Risk Management for the of insults. Banish it in 2017,” Los Angeles Times, 1 http://www.pewresearch.org/fact-tank/2015/ Securities Industry, January-February 2017 at 19; available at: http://www.latimes.com/opinion/ 05/11/millennials-surpass-gen-xers-as-the- Brian L. Rubin, Katherine E. Dumeer, and Amy op-ed/la-oe-daum-snowflakes-20161225-story. largest-generation-in-u-s-labor-force/. Xu, “Harry Potter and the Compliance Stone: html. 2 Laura Shin, “How Millennials’ Money Habits SEC and FINRA Enforcement Actions Against 12 FINRA Rule 3110 (effective Dec. 1, 2014). Prior Could Shake Up The Financial Services Industry,” Compliance Officers (July-December 2015),” to Rule 3110’s effective date, NASD Rule 3010

18 JULY–AUGUST 2017 | PRACTICAL COMPLIANCE & RISK MANAGEMENT FOR THE SECURITIES INDUSTRY #CCOsGoingViral

set forth substantially similar requirements for (June 3, 2016, 2:24 PM), http://money.cnn. 36 http://www.starwars.com/may-the-4th. supervisory systems and written procedures. com/2016/06/03/media/hamilton-tickets-lin- 37 Vanessa Friedman, “Justin Trudeau and the 13 Richard F. Kresge, SEC Admin. Proc. No. 3-12402, manuel-miranda/. Case of the ‘Star Wars’ Socks,” New York 2007 LEXIS 1407, at *2 n.24 (June 29, 2007). 23 FINRA AWC No. 2014039194103(July 2016), Times (May 5, 2017), available at: https:// 14 Rule 206(4)-7 promulgated under Section available at: http://disciplinaryactions.finra.org/ www.nytimes.com/2017/05/05/fashion/jus- 206(4) of the Investment Advisers Act of 1940 Search/ViewDocument/66367. tin-trudeau-star-wars-socks.html?hp&acti (Advisers Act). 24 http://www.urbandictionary.com/define. on=click&pgtype=Homepage&clickSource 15 Id. php?term=fomo. =story-heading&module=second-column- 16 Order Accepting Offer of Settlement, Office of 25 https://en.wikipedia.org/wiki/Netflix_and_chill. region®ion=top-news&WT.nav=top-news Hearing Officers, Disciplinary Proceeding No. 26 FINRA AWC No. 2015046056404 (August 2016), &_r=0. 2015047037401 (Sept. 14, 2016), available available at: http://disciplinaryactions.finra.org/ 38 https://twitter.com/JustinTrudeau/sta- at: http://disciplinaryactions.finra.org/Search/ Search/ViewDocument/66449. tus/860180458319073280. The tweet is a ViewDocument/66586. 27 FINRA Regulatory Notice 10-22, Regulation D reference to the original 1977 movie Star Wars, 17 See Clint Pumphrey, “How the Greatest Genera- Offerings: Obligation of Broker-Dealers to Con- in which Obi-Wan Kenobi says, “These are not tion Works,” How Stuff Works Culture, available at: duct Reasonable Investigations in Regulation D the droids you are looking for.” http://people.howstuffworks.com/culture-tra- Offerings (April 2010), available at: https://www. 39 Order Accepting Offer of Settlement, Disciplinary ditions/generation-gaps/greatest-generation1. finra.org/sites/default/files/NoticeDocument/ Proceeding No. 2014040813801 (October 2016), htm. p121304.pdf. available at: http://disciplinaryactions.finra.org/ 18 FINRA AWC No. 2013034982602 (October 28 https://www.instagram.com/p/BH_TCz Search/ViewDocument/66723. 2016), available at: http://disciplinaryactions. 4DeSj/?hl=en. 40 The order referred to her role as CCO multiple finra.org/Search/ViewDocument/66758 29 “Bad Blood” is a single released from Taylor Swift’s times. First, the opinion stated that “as CCO of 19 Migos, “Bad and Boujee” (feat. Lil Uzi Vert), 2015 multi-platinum album entitled “1989,” and [the firm], [she] routinely reviewed the Forms U4 Culture (2016), lyrics available at: https:// the music video is available here: https://www. of individuals seeking employment at the firm.” play.google.com/music/preview/Twlo youtube.com/watch?v=QcIy9NiNbmo. Next, it stated that “…while registered through 65ppq7usby7xcklwdeq3vyi?lyrics=1&utm_ 30 Grace Gavilanes, Taylor Swift and Kanye West’s [the firm] and employed as the firm’s CCO, [she] source=google&utm_medium=search&utm_ Rocky History: A Timeline, People (September failed to disclose her own federal tax liens on her campaign=lyrics&pcampaignid=kp-lyrics. 26, 2016), available at: http://people.com/ Form U4.” Finally, the order stated: “Despite [her] 20 In the context of the song, “bad” actually means celebrity/kanye-west-famous-inside-his-and- role as CCO and her amendment to the firm’s good. The meaning of the word “boujee” is a taylor-swifts-relationship-history/. WSPs, she did not disclose to [the firm] her own bit more complex. The word is derived from 31 Securities Exchange Act of 1934 Rel. No. 79848, tax liens until in or about May 2014, following an “bourgeois,” which is often used to describe Admin. Proc. File No. 3-17802 (Jan. 19, 2017), inquiry from FINRA.” elitism and a need for material goods. For available at: https://www.sec.gov/litigation/ 41 http://www.imdb.com/character/ch0170387/ more insight, see Sesali Bowen, “What It Actu- admin/2017/34-79848.pdf. quotes. ally Means To Be ‘Bad and Boujee,’” Refinery 32 Investment Advisers Act of 1940, Release No. 42 http://www.urbandictionary.com/. 29, January 9, 2017, available at: http://www. 4620, Admin. Proc. File No. 3-17803 (Jan. 19, 43 See http://www.urbandictionary.com/define. refinery29.com/2017/01/135407/migos-bad- 2017), available at: https://www.sec.gov/litiga- php?term=Dopest (defining “dopest” as “[s]ick- boujee-meaning. tion/admin/2017/ia-4620.pdf. est; coolest; tightest; most awesome”). 21 FINRA AWC No. 2013034982602 (October 33 Music video available at: https://www.youtube. 44 In this case, “hot sauce” is meant to be a secret 2016), available at: http://disciplinaryactions. com/watch?v=kdemFfbS5H0. weapon, rather than a condiment. In the song finra.org/Search/ViewDocument/66758. 34 Investment Advisers Act of 1940, Rel. No. 4537, “Formation” from Beyoncé’s sixth studio album, 22 Millennials, in particular, loved Hamilton: An Admin. Proceeding File No. 3-17588 (September entitled “Lemonade,” she sings: “Earned all this American Musical, which employed rap music 28, 2016), available at: https://www.sec.gov/ money, but they never take the country out me / and cross-cultural casting, making the show litigation/admin/2016/ia-4537.pdf. I got hot sauce in my bag, swag.” Beyoncé’s “hot an instant success and a huge influence on 35 Opinion of the Commission, Investment Advis- sauce” is actually the name of her secret weapon popular culture in 2016. The show won 11 Tony ers Act of 1940 Rel. No. 4566, Admin. Proc. File – a baseball bat, as seen in the music video for Awards and garnered individual ticket prices No. 3-16047 (November 7, 2016), available at: the song “Hold Up.” See Kaitlyn Tiffany, “The as high as $10,000 for Lin-Manuel Miranda’s https://www.sec.gov/litigation/opinions/2016/ hot sauce in Beyoncé’s bag is not hot sauce,” The final performances as the show’s star.See Frank ia-4566.pdf; appeal docketed, The Robare Group, Verge (April 25, 2016), available at: https://www. Pallotta, “‘Hamilton’ tickets as high as $10,000 LTD., et al v. SEC, No. 16-1453, (D.C. Circuit Dec. theverge.com/2016/4/25/11501722/beyonce- on report Lin-Manuel Miranda is leaving,” CNN, 2016). lemonade-hot-sauce-hold-up.

This article is reprinted with permission from Practical Compliance and Risk Management for the Securities Industry, a professional journal published by Wolters Kluwer Financial Services, Inc. This article may not be further re-published without permission from Wolters Kluwer Financial Services, Inc. For more information on this journal or to order a subscription to Practical Compliance and Risk Management for the Securities Industry, go to pcrmj.com or call 866-220-0297

PRACTICAL COMPLIANCE & RISK MANAGEMENT FOR THE SECURITIES INDUSTRY | JULY–AUGUST 2017 19