FINRA Provides Guidance Regarding Suspicious Activity Monitoring and Reporting Obligations

FINRA recently issued Regulation Notice 19-18 (the “Notice”), which provided guidance to member firms regarding their monitoring obligations with respect to suspicious activity pursuant to the Bank Secrecy Act (“BSA”) and anti-money laundering (“AML”) requirements.

The BSA requires broker-dealers to develop and implement AML compliance programs, and FINRA Rule 3310 describes the minimum standards those programs must meet. In accordance with FINRA Rule 3310, an AML compliance program must, among other requirements, be reasonably designed to ensure that the firm detects and reports suspicious activity.

The Notice did not create any new requirements or expectations related to firms’ existing monitoring and reporting obligations under BSA/AML requirements. However, the Notice highlighted red flags related to digital assets. While it remains unclear whether digital assets actually qualify as securities, existing suspicious activity report filing requirements dictate that firms should evaluate the risks associated with activity related to digital assets.

The Notice lays out potential red flags in six categories:

• Customer Due Diligence and Interactions with Customers
• Deposits of Securities
• Securities Trading
• Money Movement
• Insurance Products
• Other Potential Red Flags

The Notice represents the first red flags guidance issued by FINRA since the publication of Notice to Members 02-21 (“NTM 02-21”) in 2002. NTM 02-21 included examples of money laundering red flags to help broker-dealers identify suspicious activity. In addition to the new categories of potential red flags, the current Notice also included the red flags listed in NTM 02-21, providing firms with a single, comprehensive reference to consult for examples.

ACA Guidance

We encourage member firms to review the Notice for additional guidance related to money laundering red flags. At a minimum, firms should reconcile their current list of red flags to the one contained in the Notice to identify any appropriate enhancements. To the extent possible, firms should also refer to the Notice when developing a risk-based AML compliance program.

For More Information

For more information on the Notice, please contact your ACA consultant or Dee Stafford.