Tag: Suspicious Activity reports

Robinhood Misses the Mark on AML

Robinhood experienced massive growth during the pandemic. It had had 5.1 million cumulative net funded accounts by the end of 2019, 12.5 million cumulative net funded accounts by the end of 2020, and 22.7 million cumulative net funded accounts by the end of 2021. Based on the Securities and Exchange Commission’s action against Robinhood, the firm had a lot of growing pains. There is a whole menu of problems in the order. (It goes on for 24 pages.)

I’m currently focused on the Anti-Money laundering failures.

Robinhood had surveillance in place, but it was poorly designed. It generated a large number of false positives, artificially increasing the number of alerts for review. As the number of accounts grew, the alerts surged and Robinhood’s AML group failed to promptly review the flood of alerts.

By the end of 2020, Respondents had accumulated a backlog of more than 10,000 potentially suspicious transactions that had been flagged for review in order to make a SAR-filing determination but remained unresolved beyond the 45-day deadline in Respondents’ internal policies. At that point, Respondents were filing SARs an average of 198 days after initially flagging a transaction for investigation.

Rapid growth in accounts and transactions without commensurate growth in AML systems and personnel.

Sources:

Speeding Past Your AML Requirements

SpeedRoute is a registered broker-dealer that specializes in routing U.S. equities orders for broker-dealer clients to trading platforms for execution. Being a registered broker-dealer means that SpeedRoute has to comply with the Bank Secrecy Act. Among many other things, that requires SpeedRoute to file Suspicious Activity Reports for suspicious transactions that it knew, suspected, or had reason to suspect involved the use of these trading platforms to facilitate fraudulent activity or that had no business or apparent lawful purpose.

SpeedRoute has what seems like a good written set of AML policies and procedures, at least according to the Securities and Exchange Commission.

The firm’s AML Policies specifically mentioned “spoofing,” “layering,” and “wash trading” as types of market manipulation of particular concern to SpeedRoute. The AML Policies also incorporated each of the red flags listed in Section III of FINRA Regulatory Notice 19-18, which includes orders representing a substantial percentage of the daily trading volume in low-priced securities, pre-arranged trading (including wash trading), and spoofing. The AML Policies also outlined procedures for identifying (manually and through automated surveillance), investigating, and filing SARs for transactions indicative of suspicious activity.

The problem is that SpeedRoute’s surveillance system was not aligned with those policies and procedures. It was not programed to raise red flags for all of the items listed in the policies and procedures.

Even when the system flagged transactions, SpeedRoute did not review all of the suspicious activity identified by its surveillance systems. SpeedRoute’s compliance staff only reviewed a sampling of alerts. SpeedRoute’s AML Policies called for all alerts to be reviewed and documented.

By failing to review all of the red flags, SpeedRoute failed to file Suspicious Activity Reports.

Lessons:

  1. Make sure your surveillance system includes all the red flag items in your policies.
  2. Review ALL of the red flags, especially if your policy says that you will review all of them.
  3. File Suspicious Activity Reports

Sources:

The One with Insufficient Compliance Resources

The Bank Secrecy Act requires broker-dealers to file suspicious activity reports. Under the SAR Rule (31 C.F.R. § 1023.320(a)(2)), every broker-dealer has to file a report for a transaction of at $5000 that

  1. Involves funds derived from illegal activity or is intended or conducted in order to hide or disguise funds or assets derived from illegal activity
  2. Is designed to evade any requirements under the Bank Secrecy Act
  3. Has no business or apparent lawful purpose or is not the sort in which the particular customer would normally be expected to engage
  4. Involves use of the broker-dealer to facilitate criminal activity

That’s all a bit vague. So FINRA has produced a list of more actionable items, most recently compiled in FINRA Regulatory Notice 19-18 (May 2019).

There are vendors who sell software that will monitor transactions and flag those that meet the criteria in the FINRA Notice.

OTS Link used one of those automatic surveillance systems. For the first six months of 2021 the system raised over 1800 alerts for transactions to be reviewed. For those 300 alerts a month, the compliance team at OTS Link only devoted 5 hours a month. No surprise, they failed to investigate any or file any SARs.

In the Order, the SEC says that if OTS Link had properly surveilled transactions it would have spotted:

(a) a large volume of thinly-traded, low-priced securities;
(b) a sudden spike in investor demand for, coupled with a rising or decreasing price in, thinly-traded, low-priced securities;
(c) suspicious manipulative, pre-arranged or wash trading activity;
(d) subscribers who were publicly known to be the subject of criminal, civil or regulatory actions for crime, corruption, or misuse of public funds.

In response to the SEC exam, OTS Link added two people to its AML compliance team and hired a third-party compliance consultant to review the program.

The SEC order mandates additional reporting and levied a $1.19 million fine. You either pay for compliance or you PAY for compliance failure.

Sources:

Suspicious Activity Reports and Private Funds

fincen logo

Over the years, the Financial Crimes Enforcement Network (FinCEN) has required banks, brokers, and other financial entities to officially report suspicious activities of its customers. Investment advisers and private fund managers have managed to sty outside the requirements. In large part, that’s because a fund’s custodial accounts are already subject to the self-policing. since the account is with a broker subject to the FinCEN requirements.

But changes are coming. James H. Freis, Jr., Director of the FinCEN, let us know that his agency is working on anti-money laundering requirements for investment advisers. At a November 15, 2011 speech at the American Bankers Association/American Bar Association’s Money Laundering Enforcement Conference he raised the issue and mentioned that a new rule is in the works.

Reuters is reporting that a proposed rule is likely to come out in the first half of 2013. The rule would likely address anti-money laundering concerns. Although that may be an issue for some types of funds, it’s not a concern for most private funds. Once you limit redemption rights, you make the investment very unpalatable for drug kingpins and other bad guys trying to hide their money. They are not typically patient investors looking for long term returns.

Hedge funds were thrown into the bucket of “shadow banking” and private equity firms were labeled as “vulture funds” during Romney’s presidential campaign. It looks like the federal government will continue to pile regulatory requirements on private fund managers for the foreseeable future.

Sources:

Mortgage Fraud Rises in 2011

The Financial Crimes Enforcement Network released its full year 2011 update (.pdf) of mortgage loan fraud reported suspicious activity reports. It  reveals a 31% increase in submission.It also shows some of the trends that lead to the 2008 financial crisis.

Financial institutions submitted 92,028 MLF SARs in 2011, compared to 70,472 submitted in 2010. Financial institutions submitted 17,050 MLF SARs in the 2011 fourth quarter, a 9 percent decrease in filings over the same period in 2010 when financial institutions filed 18,759 MLF SARs. While too soon to call a trend, the fourth quarter of 2011 was the first time since the fourth quarter of 2010 when filings of MLF SARs had fallen from the previous year.

Since 2001, the number of mortgage loan fraud SARs has grown each year.

The report pins the sharp increase in 2011 on mortgage repurchase demands. Those demands prompted a review of mortgage loan origination files where filers discovered fraud. In 2011 a majority of the SAR filings related to fraud that was more than 4 years old. So this is the fraud leading up to the bubble now being detected.

Simply redo the chart by focusing on the year of the fraudulent activity instead of the date of filing.

You can see the rise in fraud tracking the heights of the real estate bubble in 2005 through 2008.

Going back to the 2011 reports:

  • 21% involved occupancy fraud, when borrowers claim a property is their primary residence instead of a second home or investment property
  • 18% involved income fraud, either overstating income to qualify for a larger mortgage or understating to qualify for hardship concessions.
  • 12% involved employment fraud

The up and coming frauds are related to the repercussions of the housing bubble.

Short sales are a source of fraud. SAR filers noted red flags in short sale contracts, such as language indicating that the property could be resold promptly, or “common flip verbiage” in the sales contract, or discovered that the “buyer’s
agent” was not a licensed realtor.

Several SAR filers described borrowers who “stripped” or removed valuable items from their foreclosed homes before vacating the premises. In one SAR, borrowers removed $33,000 worth of fixtures from the home, including major appliances and fixtures.

Sources: