Last month US FINRA fined MetLife Securities and three of its affiliates a total of US$1.2 million for failing to establish an adequate supervisory system for the review of brokers' email correspondence with the public. The fine also resolves charges of failing to establish adequate supervisory procedures relating to broker participation in outside business activities and private securities transactions.
From March 1999 to December 2006, MetLife Securities and its affiliate broker-dealers had in place written supervisory procedures mandating that all securities-related emails of brokers be reviewed by a supervisor. However, the firms did not have a system in place that enabled supervisors to directly monitor the email communications of brokers. Instead, the firms relied on the brokers themselves to forward their emails to supervisors for review. To monitor compliance with the email-forwarding requirement, the firms encouraged — but did not require — managers to inspect brokers' computers for any emails that had not been forwarded as required. But brokers were able to delete their emails from their assigned computers, thus rendering spot-checks unreliable.
The firms also conducted annual branch audits, which were likewise ineffective because they did not allow for timely detection of email-forwarding failures. Moreover, the method employed by the auditors to identify email-forwarding deficiencies (prior to July 2005) was itself flawed, consisting mainly of a review of hard-copy files for any correspondence (including emails) that had not been forwarded. Brokers were therefore able to withhold emails without detection by the firm and conceal evidence or "red flags" of misconduct contained in their emails.
During the period from March 1999 through December 2006, two MetLife Securities brokers engaged in undisclosed outside business activities and private securities transactions without detection by the firm, although the misconduct was reflected in more than 100 separate emails that the brokers sent or received using their MetLife Securities email addresses. MetLife Securities did not discover the misconduct of either broker through supervisory review of emails because the brokers did not forward their emails to their respective supervisors.
MetLife Securities ultimately discovered that one of those brokers, Mark Salyer, stole nearly US$6 million from his customers in connection with his participation in numerous private securities transactions to raise capital for real estate development companies with which he had a relationship. In January 2009 SEC barred Salyer from association with any broker, dealer or investment adviser. FINRA's investigation of the misconduct of the other MetLife broker is continuing.
FINRA also found that the firms' inability to ensure compliance with the email-forwarding requirement meant they could not adequately enforce their own supervisory procedures relating to outside business activities and private securities transactions.
Monitoring of staff emails is not a simple matter. Apart from corporate email accounts, dealing malpractices may also be detected from webmail accounts. How could such monitoring be done without infringing privacy?
No comments:
Post a Comment