The Financial Industry Regulatory Authority has fined broker-dealer Raymond James Financial Services Inc. $2 million for flaws to its email surveillance system that spanned more than nine years. In addition, the firm has agreed to conduct a risk-based retrospective review to detect potential violations evidenced in past emails.
According to FINRA, Raymond James relied primarily on an automated system to surveil the emails of its personnel and would flag emails that contained specified words, phrases, or other characteristics – also known as a lexicon. The flagged emails were then reviewed by a team of registered principals in the firm’s home office.
FINRA alleges that the system was significantly flawed. For example, the primary lexicon used by the system could not identify emails suggesting certain categories of potentially problematic conduct, including representatives experiencing financial distress, borrowing from or lending to customers, and soliciting penny-stock transactions, which the firm prohibited.
Raymond James is also accused of failing to devote adequate personnel and resources to the team that reviewed the flagged emails, even though the number of emails increased over time.
The regulators found that the surveillance failures contributed to the firm not detecting a former representative who engaged in private securities transactions involving the fraudulent sale of approximately $1 million in unregistered notes, resulting in substantial losses to some of his customers.
There were at least 16 separate email threads that contained evidence that, if reviewed by the representative’s branch manager, could have detected the fraudulent sales.
“Firms have a clear obligation to reasonably supervise electronic communications, which includes periodically re-evaluating the effectiveness of existing procedures,” said Susan Schroeder, FINRA executive vice president, department of enforcement. “They should also assess whether their e-mail review and supervisory systems are reasonably designed in light of each firm’s business model.”
FINRA also found that Raymond James did not periodically test the configuration and effectiveness of the system, as its primary focus was reducing the number of “false positives” that would need to be reviewed, rather than ensuring that the system was effectively identifying problematic emails.
Lastly, FINRA found that the firm excluded certain firm personnel who serviced customer brokerage accounts from surveillance, and failed to apply its entire lexicon to the emails of approximately 1,300 registered representatives who worked in branches that hosted their own email servers.
Raymond James signed the AWC letter without admitting or denying the findings.
Raymond James Financial Services has approximately 6,100 registered representatives working at approximately 3,114 branch office locations and maintains its headquarters in St Petersburg, Florida.