How FINRA fines stack up so far in 2017

First taking a look at last year, FINRA levied $204.2 million in fines and restitution and conducted more than 4,100 exams. *

As for 2017, here’s how FINRA fines stack up:

  • There were $81.6 million in fines in the 1st quarter 2017.
  • A total of 181 firms were sanctioned.
  • 14 firms have been expelled.

If FINRA fines continue at this rate, we can expect another record year in fines and sanctions.

*  https://www.finra.org/newsroom/statistics

 

 

 

Posted in Uncategorized | Leave a comment

3 ways to protect your archives from been hacked

Financial firms that archive their Website, social media and emails may be vulnerable to cyberattacks.

Suggestions to prevent your archives from being attacked:

  1. Stay current with patches.  Make sure your vendor or IT department is current with all patches and that patches are scheduled regularly and not patched as a reactionary response to the latest attack.
  2. Make sure hardware is secure.  Ask that archiving tools are tested regularly and that hardware  and firewalls are secure.
  3. Keep open lines of communication. Maintain open lines of communication with vendors/IT and be aware if they or any of their systems have been compromised.

 

 

Posted in Uncategorized | Leave a comment

FINRA issues new guidance on social networking Website

FINRA recently provided further guidance for broker/dealers and financial advisors on how to stay compliant when using social media.

Several clarifications:

Public comments – advisors can create sites that allow clients/prospects to make unsolicited comments regardless if they sound like testimonials or “likes.”

Compliance Officers still need to make sure that the statements made are not paid testimonials or falsified.

Brokers that place links to third party Website that are independent of the firm need to determine two important factors:

  1. is the link “ongoing”
  2. does the broker have control over the content of the third party Website

Firms must make certain that the third party site does not contain any misleading or untrue statements.

Broker/Dealer Websites and social media must be archived to non-erasable storage and saved for six years or as defined by your compliance manual.

Sources:

http://www.finra.org/sites/default/files/notice_doc_file_ref/Regulatory-Notice-17-18.pdf

https://www.forbes.com/sites/joannabelbey/2017/04/19/finra-and-social-media-what-to-expect-from-new-guidance/#3d5649394a6e

http://www.reuters.com/article/bc-finreg-social-media-rules-idUSKBN1862K1

Posted in Uncategorized | Leave a comment

FINRA fines major B/D for recording keeping failures

FINRA continues to fine firms for failing to keep proper records.  It recently fined a large broker/dealer $900,000 for failing to create and send records to more than 1.6 million of its customers.

Compliance officers must ensure that their firm properly sends and stores its records properly or risk being fined.

Posted in Uncategorized | Leave a comment

Yet another massive Amazon cloud service outage affects Websites

Hundreds of thousands of Websites became unavailable after Amazon’s cloud service suddenly went down for 4-hours.

This meant that financial firms that use Amazon Web Services couldn’t access their information.

Financial firms using cloud services for archiving and storage should think twice if it’s unacceptable for your Website and archives to be inaccessible and potentially compromised.

Instead use data centers that store your information to WORM (Write-Only Read-Many) file format to protect your firm and archives.

Compliance vault has physical geographically diverse SSAE-16 certified compliant data centers that store your Website archives to non-erasable, immutable storage.

Contact us for your complimentary archive of your Website.

Sources:

http://www.usatoday.com/story/tech/news/2017/02/28/amazons-cloud-service-goes-down-sites-scramble/98530914/

http://money.cnn.com/2017/02/28/technology/amazon-web-services-outages/

 

 

 

 

Posted in Uncategorized | Leave a comment

4 things to consider when archiving your Website for compliance

  1. Archive your Website after any and all changes and updates
  2. Store your archives to WORM (Write-One Read-Many) file format
  3. Archive your Website to duplicate, geographically diverse data center locations
  4. Retain your archives for a minimum of 6 years or as defined in your compliance manual
Posted in Uncategorized | Leave a comment

Failure to store your Website to WORM could cost you – a lot

FINRA fined 12 firms $14.4 million for failing to store their firm’s records in “write-one read-many” format.

Storing in WORM format assures that your electronic records such as your firm’s Websites have not been changed or altered.

Simply “back up” or storing your Website in “the cloud” means that you are not storing your Website to an immutable format.  Firms failing to use non-erasable WORM format could be opening themselves up to unnecessary risks and fines.

Make sure your Website is being stored to an immutable WORM file format.

Firms are also required to archive their Websites to geographically diverse, separate and secure multiple data centers.

If you’re unsure if you’re following stringent FINRA regulations, ask!   You could save your firm from being fined from not storing your Website properly.

For a full checklist on FINRA Website archiving requirements, visit http://compliancevault.com/compliance-checklist.html

FINRA news release on fines

 

Posted in Uncategorized | Leave a comment

No not all archiving firms are alike

Contrary to what you may have heard archiving firms differ greatly in their archiving methods and approaches.

For example if your Website is being archived using cloud storage, your firm may be opening itself up to unnecessary risks like outages, and the ability to prove that your archives are immutable.

What if the cloud storage your vendor uses goes down like Amazon cloud storage has.  This makes your archives unaccessible and opens your firm to undue risks.  When cloud storage goes down, this means you won’t have access to important firm information.

FINRA/SEC requires broker/dealers to storage their firm Website archives to WORM or immutable file format storage.  Using WORM storage assures without a doubt that your information cannot be changed, altered or deleted.

To assure you’re following regulatory guidelines, verify that your vendor uses WORM storage (not the cloud) and that your Website is being archived  to separate and secure data centers (physical locations).  Archives are needed every time your Website posts an update or revision.

 

 

Posted in Uncategorized | Leave a comment

“Ginormous” FINRA fines for 2016 to set record

FINRA, the enforcement and arbitration agency that regulates broker/dealer firms and exchange markets, reported this year will be a record year for fines. It reported over $79 million in fines had been levied for the first half of 2016. Projections for the entire year could total $160 million in fines – representing a nearly 20% increase from record-setting year 2014.

As part of the books and records requirements, broker/dealers are required to store their firm Websites and firm information to WORM or non-erasable storage to multiple, secure, and geographically diverse data centers.

Is your Website being stored to WORM?

Press release from Sutherland: http://www.sutherland.com/NewsCommentary/Press-Releases/193640/FINRAs-Projected-2016-Fines-Ginormous-Fines-May-Propel-2016-toRecord-Setting-Year

 

Posted in Uncategorized | Leave a comment

Should fund firms using cloud storage for archiving be concerned?

Financial firms using cloud storage to archive firm Websites, emails and social media may be opening up their company to unnecessary risks and should absolutely be concerned.

Here’s why.

Last Friday 7amEST, hackers released a DDoS (distributed denial-of-service), taking offline popular Websites such as Amazon, Twitter, Tumblr, Soundcloud.

While cloud storage has been rising in popularity over the years, firms that use Amazon and other cloud providers for archiving their Websites and other important information subject to government regulations may just find their archives unaccessible and open to further attacks and outages.

Do you know if your Websites and other information subject to books and records requirements are being stored in the cloud?

If so, you may want to rethink your archiving storage strategy and use a provider that uses actual secure data centers for archiving storage.

 

Sources:

http://www.techtimes.com/articles/183218/20161021/cyber-attack-takes-down-netflix-twitter-spotify-more-east-coast.htm

http://www.al.com/news/index.ssf/2016/10/massive_ddos_cyber_attack_down.html

 

 

Posted in Uncategorized | Leave a comment