When compliance systems look good on paper but miss critical details in practice, the results can be expensive. A recent FINRA settlement shows exactly how this happens in real-world supervision.
Three broker-dealers in the Cetera network just paid over $1.1 million for supervisory and anti-money laundering weaknesses. The issue wasn't a complete absence of controls. It was inconsistent application where risk actually lived.
Receive future blog posts by email.
Where the System Broke Down
The firms required detailed reviews when low-priced securities arrived as physical certificates. But electronic deposits of the same securities got lighter treatment. Most activity happened electronically, creating a dangerous gap.
In one case, a new account deposited tens of thousands of over-the-counter shares and liquidated everything within weeks. Red flags included promotional activity and trading volumes that dominated the entire market for that security.
The AML program had similar blind spots. Despite hundreds of millions of shares being sold, the firms lacked effective tools to monitor coordinated trading or rapid movement of proceeds.
The Revenue Trap
This business represented only a tiny fraction of firm revenue. But FINRA emphasized a key principle: risk isn't measured solely by revenue contribution.
Sometimes your smallest business lines carry the greatest regulatory exposure. You can't supervise based on profit margins alone.
Beyond Trading Issues
The problems extended to customer reporting. One firm failed to properly supervise consolidated account reports that combined firm-held and outside assets.
Supervisors weren't consistently required to verify manually entered valuations. Tens of thousands of reports shared with customers weren't preserved as required records.
The Real Lesson
This case reveals a pattern many compliance teams will recognize. Policies existed. Reviews sometimes happened. Red flags were occasionally identified.
But without clear escalation paths and consistent application, the framework still failed regulatory expectations. Compliance was present but not fully operational.
The penalty is significant, but the operational lesson matters more. Your supervision needs to match where your actual risk lives, not where you think it should be.
If you're struggling with supervisory design or AML program effectiveness, GiGCXOs can help strengthen your compliance framework before gaps become enforcement actions.
Frequently Asked Questions
How can firms avoid inconsistent supervision across different transaction types?
Map your actual business flows first, then design controls around where risk really occurs. Don't assume electronic and physical processes carry the same risk profile just because they involve similar securities.
What makes an AML program effective for low-priced securities monitoring?
You need automated tools that can detect coordinated trading patterns and rapid liquidations. Manual review alone won't catch sophisticated schemes involving hundreds of millions of shares.
Why do small revenue business lines get so much regulatory attention?
Regulators focus on risk exposure, not profit contribution. Low-revenue activities often involve higher-risk securities or customers that can create significant compliance and reputational damage.
Subscribe to Regulated Intelligence Brief
Get new compliance intelligence delivered to your inbox.
The content in this blog is for informational purposes only and does not constitute legal advice, regulatory guidance, or an offer to sell or solicit securities. GiGCXOs is not a law firm. Compliance program requirements vary based on business model, customer base, and regulatory classification.