by Howard Haykin

Raymond James Financial Services agreed to pay a $2 million fine and to undertake certified corrective actions to settle FINRA charges that it failed to adequately review and supervise email communications. The corrective actions include, the following:

• adopt and implement WSPs and systems designed to address each of the deficiencies identified in this AWC;
• complete a risk-based retrospective review reasonably designed to detect potential violations arising from emails sent or received by Registered Reps (“RRs”) that had been impacted by the noted systemic failures; and,
• comply with its Form U4, Form U5 and Rule 4530 reporting obligations as a result of its findings arising out of the retrospective review.

►    FINRA Rule 4530 requires firms to report specified events; quarterly statistical and summary information regarding written customer complaints; and copies of specified criminal and civil actions.

BACKGROUND.    Raymond James Financial Services ("RJFS"), which is based in St. Petersburg, FL, is an introducing broker-dealer that offers investments and services to retail clients through independent contractors located throughout the country. The firm currently has around 6,100 RRs operating out of 3,114 branch office locations. RJFS introduces accounts to its affiliate, Raymond James and Associates.

FINRA FINDINGS.    Between December 2007 and September 2017 (the "Relevant Period"), RJFS relied primarily on an automated, lexicon-based system to surveil the emails of its personnel. The system allowed the firm to select from and customize various "policies" designed to "flag" emails that contained specified words, phrases, or other characteristics suggesting potential concerns warranting further review. Flagged emails were then reviewed by a team of registered principals in the firm's home office.

This system was flawed in significant respects. For example:

• the primary lexicon used by the firm's system was not reasonably designed to identify emails suggesting certain categories of potentially problematic conduct and circumstances that the firm knew or should have anticipated would recur from time to time

►    e.g., RRs experiencing financial distress, borrowing from or lending to customers, and soliciting penny-stock transactions, which the firm prohibited.

• the firm failed to devote adequate personnel and resources to the team that reviewed emails flagged by the system, even as the number of emails sent or received by the firm increased over time.

• the firm unreasonably failed to apply all of the policies in the firm’s primary lexicon to the emails of approximately 1,300 RRs who worked in branch offices that maintained their own email servers.

• the firm unreasonably excluded from email surveillance certain firm personnel who sent or received emails that required review, including personnel in its HQs who service customer brokerage accounts in addition to their other responsibilities.

• the firm did not periodically test the configuration and effectiveness of its lexicon-based email surveillance system and lacked reasonable procedures for doing so. – i.e., beyond, say, adding or subtracting keywords, with the firm’s primary focus of reducing the number of “false positives.”

Separate and apart from the automated email review system. the firm at times also required and trained its branch managers (“BOMs”) to manually review emails sent and received by the RRs they supervised and retain evidence of that review either electronically or in hard copy. This manual review process, however, was essentially based on an “honor system” whereby supervised RRs self-selected and copied, blind copied, or forwarded emails for review, with no effective means to ensure that RRs were in fact providing all emails that should have been reviewed.

Moreover, when BOMs left the firm, the firm did not retain the electronic records evidencing which emails they had reviewed. The firm discontinued its manual email review by BOMs in January 2013, but failed to reevaluate the adequacy of its primary email review lexicon when it did so.

FINANCIALISH TAKE AWAYS.    Based on the foregoing, it wouldn't be a big surprise if FINRA decided to conduct a Targeted (Sweep) Exam on email surveillance - with particular attention on firms' periodic evaluations as to the adequacy of their lexicon-based review systems.

[Click here for further details on this case: FINRA AWC #2013036343601.]