RSS Feed LinkedIn Twitter Facebook
FMG Law Blog Line

Archive for the ‘Financial Services and Securities Litigation’ Category

FINRA Tightens Expungement Requirements

Posted on: October 12th, 2017

By: Brett C. Safford

On September 25, 2017, the Financial Industry Regulatory Authority (FINRA) issued a “Notice to Arbitrators and Parties on Expanded Expungement Guidance” (hereafter, the “Notice”). The Notice continues the recent pattern of FINRA issuing rules and notices which further limit a broker’s ability to expunge his or her Central Registration Depository (CRD) record.

In 2015, FINRA launched an extensive advertising campaign for its BrokerCheck website. FINRA describes BrokerCheck as “a free tool to research the background and experience of financial brokers, advisers and firms.” However, as BrokerCheck becomes an increasingly utilized resource for customers and potential employers, the impact of a broker’s disclosures on his or her career becomes more significant. With the increased impact of a broker’s disclosures, the necessity of ensuring that those disclosures are accurate likewise increases. Consequently, expungement—a legal action which allows brokers to remove inaccurate disclosures—has taken on greater importance.

FINRA’s expungement procedures are governed by FINRA Rules 12805 and 13805. In the Notice, FINRA advises, “The procedures are intended to ensure that expungement occurs only when the arbitrators find and document one of the narrow grounds specified in Rule 2080.” The three “narrow” grounds specified in FINRA Rule 2080 are: (1) the claim, allegation or information is factually impossible or clearly erroneous; (2) the registered person was not involved in the alleged investment-related sales practice violation, forgery, theft, misappropriation or conversion of funds; or (3) the claim, allegation or information is false.”

By describing the grounds for expungement set forth in Rule 2080 as “narrow,” FINRA is signaling to its arbitrators that expungements are the exception, not the norm. The Notice further advises, “Expungement is an extraordinary remedy that should be recommended only under appropriate circumstances. Customer dispute information should be expunged only when it has no meaningful investor protection or regulatory value.” Yet, FINRA fails to define “appropriate circumstances” or how to assess “meaningful investor protection” or “regulatory value.” Arbitrators are also instructed to request a copy of the broker’s BrokerCheck report and to “carefully review the report when considering whether expungement is appropriate.” Arbitrators are to “pay particular attention to the ‘Disclosure Events’ section of the report.” The Notice, however, is unclear as to what arbitrators should take away from their review the BrokerCheck report. No guidance is offered as to what extent arbitrators should factor a broker’s prior disclosures into their analysis of the pending request for expungement.

The Notice also emphasizes that “[i]t is important to allow customers and their counsel to participate in the expungement hearing in settled cases if they wish to” and instructs arbitrators to allow the customer and their counsel to appear at the hearing; allow the customer to testify (in person, telephonically, or by other method); and allow the customer’s counsel or a pro se customer to introduce documents and evidence, cross-examine the broker and witnesses, and present opening and closing arguments at the hearing. In expungement only cases where an associated person files arbitration claims solely for the purpose of seeking expungement, the Notice advises arbitrators to “order the associated persons to provide a copy of their Statement of Claim to the customer(s) involved in the customer’s arbitration case that gave rise to the customer dispute information (underlying arbitration).”

Finally, the Notice states, “A broker may not file a request for expungement of customer dispute information arising from an underlying customer arbitration until the underlying customer arbitration has concluded.” When the broker is a named respondent in the underlying customer arbitration and he or she can present a defense, this rule prevents inconsistent rulings, i.e., the broker is found liable for claims in the underlying customer arbitration while obtaining expungement of that claims in the expungement-only arbitration, or vice versa. However, this rule also applies to brokers who are not named in the underlying customer arbitration. This means that before bringing an action to expunge a meritless disclosure from his or her CRD records, an unnamed, falsely-accused broker must sit on the sideline and await the resolution of an arbitration which he or she cannot present a defense. As such, a broker’s BrokerCheck report can include a false and erroneous disclosure for years before expungement is obtained—causing significant harm to the broker’s professional reputation.

In sum, the Notice continues the trend of FINRA toughening the requirements for expungement. Public protection against crooked brokers is essential and needed, but FINRA’s expungement guidance is increasingly creating a framework in which innocent brokers may struggle to obtain necessary and justified expungements.

If you have any questions or would like more information, please contact Brett Safford at [email protected].

Another Delay Is in the Works for the DOL Fiduciary Rule

Posted on: September 1st, 2017

By: Ze’eva R. Kushner


The landscape of the Department of Labor’s Fiduciary Rule continues to shift and has changed significantly since our last commentary on this topic in June. (DOL Fiduciary Rule is Delayed No More) On June 9, 2017, two provisions of the Rule became applicable: (i) the expansion of the definition of who is a fiduciary, and (ii) the establishment of impartial conduct standards. The next step, full implementation, is currently set to take place on January 1, 2018. This date is no longer set in stone. In fact, it likely will be delayed until mid-2019.

The DOL has started the process to delay the date of full implementation by 18 months, until July 2019. On August 9, 2017, the DOL submitted its proposal for extending the date to the Office of Management and Budget (“OMB”). In less than one-third of the time statutorily allocated for review, the OMB approved the proposed 18-month delay on Monday and posted it for comment on Tuesday, August 29, 2017. The proposed extension still must go through the rulemaking process, which allows stakeholders to submit comments for consideration before implementation.

The DOL’s proposed delay pertains to three essential components of the Fiduciary Rule, the best interest contract exemption, which allows brokers to charge variable compensation for products if they sign a legally binding agreement putting their clients’ interests ahead of their own, as well as exemptions for principal transactions and for insurance agents and brokers. At the end of June, the DOL had put out a request for information regarding the best interest contract exemption, also referred to as BIC or BICE, in furtherance of its compliance with President Trump’s directive in February 2017 for additional analysis of the potential impact of the Rule.

An 18-month delay of the Fiduciary Rule could present a renewed opportunity for the DOL and U.S. Securities and Exchange Commission to work together and coordinate the implementation of a uniform fiduciary rule that applies to all investment accounts, not just retirement accounts. Or, in theory, Congress could enact some form of legislation on the topic. A postponement also would provide more time for firms to budget for the resource-intensive requirements of the regulation.

Nonetheless, the underlying narrative of the Obama-era Fiduciary Rule—that retail retirement investors should be protected from financial harm stemming from biased advice—remains the same and does not appear to be going away. The fiduciary rule, in some form or another, is the new reality for broker-dealers and registered investment advisors.

The Financial Services practice group attorneys are here to assist you. Please contact Ze’eva Kushner at [email protected] or John Goselin at [email protected] for more information.

SEC Issues Risk Alert on the Cybersecurity Practices of Registered Broker-Dealers, Investment Advisers, and Investment Funds.

Posted on: August 11th, 2017

By: Jennifer Lee


The U.S. Securities and Exchange Commission (“SEC”) is becoming increasingly focused on cybersecurity issues in recent years as data breaches and ransomware attacks become more frequent and wide-spread across all industries. The most recent Risk Alert, issued on August 7, 2016 by the SEC’s Office of Compliance Inspections and Examinations (“OCIE”), shows that cybersecurity continues to be a high priority for the SEC in 2017.

The Risk Alert was based on an examination of the cybersecurity policies and practices of 75 broker-dealers, investment advisers, and investment funds over a nine-month period, from September 2015 to June 2016. The examinations focused on firms’ written policies and procedures regarding cybersecurity, including whether such policies were actually implemented and followed.

The 6-page report found that although most firms had cybersecurity policies in place, such policies were often too general and vague, as they did not articulate specific procedures for implementing the policies or examples of how employees can apply the policies in their daily work. In addition, even when firms had specific cybersecurity protocols in place, their actual practices were much more lax and did not reflect their stated policies and procedures. For example, firms often had policies requiring all employees to complete cybersecurity awareness training. However, they did not have a mechanism in place to enforce such requirements. The Risk Alert also pointed out that some firms were using outdated operating systems that were no longer supported by security patches and not taking measures to address the results of any penetrating testing.

In light of the findings, the report listed specific measures firms can take to ensure that their cybersecurity practice are “robust,” including:

  • Creating and maintaining an inventory of data and information, including classification of the risks of the disclosure of each category of data or information and business consequences in the event of such disclosures;
  • Tracking access and requests for access to data and information;
  • Following a regular schedule of system scans and updates, including security patches;
  • Establishing and enforcing controls concerning firm network and equipment, including protocols with respect to personal devices on firm networks; and
  • Requiring mandatory employee training on cybersecurity issues.

Cybersecurity incidents are a growing and costly problem for the financial services industry, and they do not appear to be going away anytime soon. The SEC has picked up on this and has begun to dedicate more resources to cybersecurity enforcement. In fact, last year, the SEC brought charges against Morgan Stanley Smith Barney LLC (“MSSB”) following a data breach involving customer data for failure to adopt written policies and procedures reasonably designed to protect customer records and information. MSSB, a dually registered broker-dealer and investment adviser, settled the matter by agreeing to a censure and a $1 million fine. With the release of the August 7, 2017 Risk Alert, it seems more likely now, more than ever, that firms will be held accountable for cybersecurity incidents, including data breaches and ransomware attacks, if they fail to implement the recommended measures and protocols contained in the Risk Alert.

However, SEC enforcement actions are not the only thing that broker-dealers and investment advisers need to worry about. As the public becomes more aware of cybersecurity issues, data breaches and ransomware incidents will result in the filing of customer claims. This may prove to be problematic as a single incident can affect thousands of customers, so a broker-dealer or an investment adviser may find itself trying to fight off thousands of individual actions or face a handful of actions involving a large number of customers, similar to a class action or a mass tort case.

To reduce the risk of an SEC enforcement action or customer actions based on cybersecurity incidents, broker-dealers and investment advisers should ensure that they are in compliance with SEC regulations and guidelines regarding cybersecurity, including but not limited to Regulation S-P, Exchange Act Rule 13n-6, and Exchange Act Rule 15c3-5—both on paper and in practice. Firms should also proactively implement any recommendations contained in OCIE’s Risk Alerts to the extent that they have not already.

If you have any questions regarding your firm’s compliance with SEC cybersecurity regulations or cybersecurity litigation in general, please contact the writer, Jennifer Lee, at [email protected].

The DOL Fiduciary Rule is Delayed No More

Posted on: June 1st, 2017

By: Ze’eva Kushner

Broker-dealers and registered investment advisors take note. The Department of Labor’s much anticipated Fiduciary Rule requiring financial advisors to act in the best interests of their clients in retirement accounts became effective on June 9, 2017. As those following the Rule are aware, full implementation is not required to take place until January 1, 2018, but certain provisions of the Rule became effective on June 9, 2017.

The DOL Fiduciary Rule has been a work in process since the Obama Administration made its first rule proposal in 2010. The rule, entitled “Definition of the Term ‘Fiduciary’; Conflict of Interest Rule – Retirement Investment Advice,” expands the definition of who is a fiduciary under the Employment Retirement Income Security Act of 1974 (ERISA) and the Internal Revenue Code of 1986 as a result of giving investment advice to a retirement plan or its participants or beneficiaries.

The DOL Fiduciary Rule has had a tumultuous history, but the rulemaking process was completed before the election, and the first phase of the Fiduciary Rule was set to take effect on April 10, 2017. Many broker-dealers and investment advisors had invested substantial time, energy and financial resources into preparing to comply with the new rule.

But with a new administration comes new directives. President Trump issued an official memorandum on February 3, 2017 ordering the DOL to conduct an updated economic and legal analysis of the Fiduciary Rule. The DOL was re-tasked with undertaking a new analysis regarding whether the Fiduciary Rule would adversely affect the ability of investors to get access to retirement information and financial advice as financial services businesses and trade organizations have been warning since 2010.

Approximately a month later, on March 2, 2017, the DOL delayed the applicability of the Fiduciary Rule for 60 days and opened the floor for public comments, which were due by April 17, 2017. Before the April 17 deadline, however, the DOL again delayed the implementation date of the Rule, this time until June 9, 2017.

Two provisions of the Rule became applicable on June 9, 2017: (i) the expansion of the definition of who is a fiduciary; and (ii) the establishment of impartial conduct standards. In other words, advisors to retirement investors must give advice that is in the best interest of the retirement investor, charge no more than reasonable compensation, and make no misleading statements. The DOL is going to continue its economic analysis and has requested additional input. In the meantime, politicians in Washington D.C. are working on legislation that would kill the DOL’s Fiduciary Rule in its current state.

The DOL has stated that it will not enforce any part of the Fiduciary Rule until the January 1, 2018 full implementation date. It seems unlikely that Plaintiff’s lawyers will delay trying out their new theories of liability under the new Rule. The much-anticipated change in the landscape regarding servicing retirement accounts has arrived.

The Financial Services practice group attorneys are here to assist you. Please contact Ze’eva Kushner at [email protected] for more information.


The SEC’s Authority Does Not End at the Border

Posted on: April 18th, 2017

By: Ze’eva R. Kushner

Companies with significant operations in the United States but offering securities in other countries should beware. After almost seven years of uncertainty, it finally has been determined by one court that the Securities and Exchange Commission’s (SEC) power to bring enforcement actions extends beyond the border to companies that market securities abroad to foreign investors, even if they do not have any securities listed or sold in this country, if they have substantial operations here.

Back in the summer of 2010, the Supreme Court and Congress got into a tussle over the extraterritorial application of federal securities laws. Prior to that point, courts permitted private plaintiffs and the government to bring extraterritorial claims under the federal securities laws based on whether significant wrongful conduct related to the transaction at issue occurred in the U.S. or whether wrongful conduct had had a substantial effect in the U.S.  However, this “conduct or effects” test was rejected by the Supreme Court in its Morrison v. National Australia Bank, 561 U.S. 247 (2010), opinion issued on June 24, 2010.  Instead, the Supreme Court instituted a new “transactional” test. This test hinges on the purchase or sale of the security at issue taking place in the U.S. or the security being traded on an American stock exchange. Consequently, the risk to companies of being subjected to enforcement actions by the SEC relating to offering securities abroad was reduced considerably.

Less than one month after Morrison, the Dodd-Frank Act was signed into law. Section 929(b) includes language that seemed to restore the “conduct and effects” test for government securities actions. Thus, the question arose of whether the more limited transactional test or the broader conduct and effects test was applicable to actions brought by the SEC. Until last month, courts had avoided deciding the issue.

The case SEC v. Traffic Monsoon, LLC, No. 2:16-cv-00832-JNP, 2017 WL 1166333 (D. Utah Mar. 28, 2017), resolved the issue in favor of the SEC being able to extend its reach by employing the conduct and effects test. Traffic Monsoon, targeted by the SEC, was an internet advertising company that sold advertising packages to members, 90% of which resided outside of the U.S. The SEC alleged the company was engaged in an illegal Ponzi scheme in violation of certain federal securities laws. The Court held that the Dodd-Frank Act superseded Morrison, thus making the conduct and effects test apply to the SEC’s extraterritorial securities actions. More specifically, the SEC’s allegations against Traffic Monsoon’s activities passed the conduct and effects tests because the company operated in the U.S. while allegedly defrauding investors abroad. Nonetheless, out of an abundance of caution, the court also found that it passed the transaction test given that the purchases were made over the internet and liability had been incurred in the U.S. to deliver the products to the buyers.

For any questions, please contact Ze’eva Kushner at [email protected].