SEC enforcement actions highlight anti-money laundering reporting focus for financial gatekeepers

The Securities and Exchange Commission (SEC) announced on November 22, 2024, that three broker-dealers have agreed to settle charges for filing suspicious activity reports (SARs) that failed to include important, required information. These cases follow an August 2024 SEC enforcement action against another broker-dealer for failing to file SARs over a three-year period due to deficient anti-money laundering (AML) policies.

The settlements illustrate the increased focus by regulators on AML and countering the financing of terrorism (CFT) efforts of private financial institutions, including broker-dealers, investment advisers, loan or finance companies, and others. It is no longer simply a failure to file SARs that triggers enforcement. These latest actions underscore that broker-dealers who file SARs run the risk of enforcement action if those SARs do not contain complete information.

The experience of these broker-dealers is also informative for both registered investment advisers and certain exempt reporting advisers who will be required to develop risk-based AML/CFT compliance programs – including filing SARs – in response to regulations becoming effective by January 1, 2026.

In recent years, we have seen an increasingly active, whole-of-government enforcement approach by regulators and prosecutors to AML/CFT, sanctions, and national security, which, based on historical regulatory and enforcement trends, we do not expect to materially change in the incoming presidential administration.

The SEC’s enforcement actions against the broker-dealers

Federal law mandates that broker-dealers file SARs with the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) to report transactions that the broker-dealer has reason to suspect involve, among other things, funds derived from illegal activity or activity that has no apparent lawful purpose. Instructions from FinCEN require that SARs contain “a clear, complete, and concise description of the activity, including what was unusual or irregular that caused suspicion.” Brokers are also required to include any other information that is necessary to explain the nature and circumstances of the suspicious activity.

The SEC found that the three broker-dealers repeatedly filed SARs between 2018 and 2022 that failed to provide the required “who? what? when? where? and why?” information that was necessary to provide a clear, complete, and concise description required by law. Examples of specific deficiencies cited in the SEC’s findings include:

• Failure to provide details regarding the circumstances of the transactions, and why they were deemed suspicious (eg, why they appeared to involve layering and/or wash sales, why they were deemed manipulative, or why there was a high probability of insider trading)
• Failure to include subject/customer names and account numbers
• Failure to include the names of securities at issue and the dates, amounts, and prices of the trades
• Failure to include details of regulatory inquiries, and
• Failure to describe the broker-dealers’ communications with subject/customers.

The SEC found that all three broker-dealers had policies in place that required SARs submitted by the respective firm to contain all necessary information, yet the firms each repeatedly submitted deficient SARs.

Consequently, the SEC found that the broker-dealers violated Section 17(a) of the Exchange Act and Rule 17a-8 thereunder. Without admitting or denying the findings, the firms agreed to be censured, cease and desist from violating the charged provisions, and pay civil penalties totaling $275,000 across the three firms. The SEC also required two of the broker-dealers to hire an independent compliance consultant as part of a review of their AML programs.

What does this mean for investment advisers and other gatekeepers?

These enforcement actions emphasize the SEC’s increased focus on ensuring that financial industry gatekeepers are fully satisfying their reporting requirements under the Bank Secrecy Act (BSA). These actions also show that the SEC is willing to probe the contents and details of SARs, even where the regulated entity has an AML program in place. Specifically, the SEC – like the Treasury Department – expects SARs to meaningfully assist law enforcement, rather than be a rote or automated compliance process.

For SARs to be helpful to law enforcement, broker-dealers need to devote resources to AML/CFT programs to ensure that they understand the basic “who? what? when? where? and why?” of the suspicious or unusual activity that they may come across and include that information in the SARs.

Additionally, FinCEN recently issued a new rule that will require SEC-registered investment advisers and certain exempt reporting advisers to develop and implement risk-based AML/CFT compliance programs, and to file SARs in accordance with the BSA by January 1, 2026 (the IA AML Rule), with potential civil and criminal penalties for willful violations. See our prior alert for a more detailed discussion about the new rule.

One of the Treasury Department’s goals in promulgating the IA AML Rule was to level the playing field, making it more difficult for investment advisers to operate if they have inadequate AML/CFT controls, or if they either enable or ignore money laundering and national security risks.

Given the whole-of-government enforcement environment related to AML/CFT, sanctions and national security, and the punitive and remedial measures being imposed by regulators (eg, fines, penalties, asset caps, third-party monitors, and compliance consultants), industry participants should understand that a risk-based AML/CFT compliance program could become a competitive advantage for financial institutions (including broker-dealers, registered investment advisers, and exempt reporting advisers).

Key takeaways

The risk of government action may be mitigated by conducting thorough risk assessments. These actions may include:

• Regularly evaluating and, where appropriate, improving policies and procedures
• Conducting robust training and tabletop exercises designed to implement and test policies and procedures, and
• For SEC registrants, conducting mock examinations designed to detect and remediate potential deficiencies before regulators have the opportunity.

For more information

With experience in AML/CFT compliance, risk management, and regulatory and criminal enforcement actions, DLA Piper’s lawyers are well-equipped to assist businesses in navigating this dynamic and onerous enforcement environment.

If you have any questions about SEC enforcement, FinCEN’s new rule, or developing a risk-based AML/CFT or sanctions compliance program – including where required by the BSA – please contact any of the authors, your DLA Piper relationship attorney, or any member of the DLA Piper’s White Collar, National Security and Global Trade, or Investment Funds practices.