Q4 2023 and Q1 2024 was a busy period on the enforcement front. In this article we summarise four key cases from around the world. The lessons from these cases  will be of interest to professionals working for brokerage firms, wherever they are located.

ICE Futures Europe (“ICE EU”) / RJ O’Brien (MENA) Capital Limited (2024)

  • ICE EU identified that between January 2021 and April 2022 two brokers frequently traded against their clients in gasoil, diesel fuel, oil, gasoline in futures markets.
  • Prices were significantly marked up when compared with the prices quoted to the brokers by their market makers.
  • The two brokers:
    • did not inform their clients of the prices quoted by the market makers;
    • sought to disguise their trading strategy by concurrently arranging to trade with market makers in opposite direction for same volume to offset their positions;
    • created an impression that multiple independent trades had occurred; and
    • realised large profits because of their efforts.
  • Exchange held that the firm did not:
    • meet adequate standards in terms of record keeping; or
    • have adequate systems controls during relevant period to monitor the brokers’ activities.
  • Outcome:
    • the firm has dismissed the two brokers involved; and
    • firm paid a total settlement of £1,318,100 reduced from £1,883,000 for early settlement.

Dubai Financial Services Authority (“DFSA”) / RJ O’Brien (MENA) Capital Limited (2023)

  • DFSA determined that the firm had, between 1st July 2020 – 20th November 2022, failed to maintain adequate compliance related systems and controls to accommodate the acquisition of an additional brokerage.
  • Specifically, the DFSA concluded that:
    • the firm had not conducted adequate planning to ensure that the additional brokerage operations could be absorbed without impacting the firm’s ability to continue complying with its regulatory obligations;
    • senior management were aware of the inadequacy of the compliance resources post-acquisition but did not take sufficient steps to address this;
    • the compliance and onboarding function was understaffed for sustained periods after the acquisition, something which had been escalated to senior management;
    • instead of recruiting additional headcount, the firm reduced its compliance monitoring activities for circa three-four months to alleviate pressure on the compliance department in the aftermath of the acquisition;
    • there had been several instances where a broker had used communications applications to discuss trades that were prohibited by the firm’s policies. The broker continued to use these applications despite having been reminded of the firm’s policies and after receiving refresher training. A workaround was implemented until the broker was eventually given a recorded device. The firm did not take any disciplinary action until prompted by an enforcement action brought by an exchange in mid-2022;
    • further communications policy infringements were recorded in 2022, even though brokers had been issued with approved devices and one had been warned not to use unapproved mediums;
    • 16 record keeping related breaches were observed during the relevant period. In 11 instances, the firm had established a business relationship, and traded for / on behalf of clients prior to undertaking customer due diligence (“CDD”);
    • the firm had failed to complete monthly monitoring of block trades even though it had been warned by an exchange; and
    • none of the breaches identified by the compliance department had resulted in disciplinary action because no formal disciplinary processes were in place.
  • The DFSA stressed that the firm did not deliberately set out to breach applicable laws and regulations.
  • Outcome:
    • firm fined $1,368,767 after receiving a 30% discount for early settlement; and
    • firm engaged an external compliance expert to help remediate the deficiencies identified.

Commodity Futures Trading Commission (“CFTC”) / Interactive Brokers Corp and Interactive Brokers LLC (2023)

  • CFTC found widespread record keeping and supervision failures at a Futures Commission Merchant and an introducing broker. Specifically:
    • employees, including senior managers, had communicated internally and externally using unapproved, unrecorded, communications mediums, including WhatsApp, for a sustained period, in breach of the firms’ own policies;
    • the practice of using unapproved mediums was common knowledge throughout the firms; and
    • the firms would not have been in a position to provide communications records promptly in the event the CFTC had requested them.
  • Outcome:
    • Firms required to:
      • pay CFTC a $20 million penalty;
      • conduct a comprehensive systems and controls review within 150 days;
      • evaluate training, surveillance, technological solutions and disciplinary measures to meet / enforce records retention requirements;
      • provide a report re: penalties imposed on staff because of record keeping breaches;
      • provide a one year evaluation report to the CFTC; and
      • two years from the date of the order, provide details of any disciplinary measures imposed on staff, e.g. written warnings, bonus deductions and termination of employment.

Financial Conduct Authority  / ADM Investor Services Limited (2023)

On 2nd October 2023 the FCA reported that it had penalised ADM Investor Services Limited (2023)  for a wide range of historic anti-financial crime systems and control breaches. These included:

  • informality in risk management processes;
  • ineffective three lines of defence model;
  • failing to make lasting change following a risk mitigation programme;
  • weak risk assessment processes:
    • failing to put in place a formalised AML client risk rating procedure and fully maintain a country risk list which scored countries based on relevant metrics;
    • failing to use the risk matrix to drive the intensity of AML checks and frequency of reviews;
    • assessment of the financial crime risks associated with each client not produced;
    • risk assessments did not identify which jurisdictions were relevant or make distinctions between countries of incorporation and domicile;
    • no mention of risks associated with products traded or corporate structure;
    • adverse news was not a criteria that was scored;
  • failing to put in place a compliance monitoring programme, the absence of which made the firm an outlier compared with peers;
  • onboarded clients from countries blacklisted in its own policies;
  • inadequate record keeping, particularly about onboarding decisions;
  • failing to act on the findings from internal audits;
  • weaknesses in AML policies and procedures, including:
    • failing to describe AML responsibilities;
    • failing to identify the person with overall responsibility for AML systems and controls;
    • references to out-of-date legislation;
    • limited reference to handling political exposed persons (“PEP”);
    • failing to highlight obvious money laundering risks, for example risks posed by clients from certain jurisdictions;
    • only mentioning counter terrorist financing once;
    • failing to refer to ongoing monitoring;
    • no reference to relationship between the assessment of a client money laundering risk and the intensity and frequency of ongoing monitoring;
    • deficiencies were not remedied and were obvious;
    • account opening procedures made no reference to assessing the money laundering risk of a client; None of the account opening procedures referred to or make provision for aligning the level of due diligence performed to the level of money laundering risk a client posed;
    • account opening procedures did not reference circumstances where it would be relevant to ascertain clients’ source of funds or wealth;
    • in practice compliance policies did not change substantially in approximately 13 years;
  • weaknesses in dealing with politically exposed persons (“PEPs”):
    • no accurate record of PEPs with whom the firm had opened business relationships;
    • record of PEPs made not kept up to date;
    • significant shortcomings in the application of enhanced due diligence (“EDD”) to PEP relationships;
    • no evidence of source of wealth or source of funds on PEP files;
    • no evidence adverse media checks were being conducted;
    • no evidence of periodic review of client due diligence information;
    • the following indicators of high-risk client files not sufficiently scrutinised, despite apparent contradiction with risk appetite:
    • opaque and complex corporate structures, registrations in offshore jurisdictions;
    • ultimate beneficial owners resident in Russia;
    • uses of Yahoo e-mail address;
    • inconsistencies between customer information disclosure form and KYC form completed by trader;
    • bank account in Switzerland;
    • PO Box users registered address;
    • firms not conducting a periodic review of high-risk clients;
  • MLRO reports:
      • did not reference issues identified by the FCA;
      • contained no substantive reference to or assessment of systems and controls;
      • failed to document specifically what the training entailed;
      • 2015 and 2014 reports were so similar that suggested that one was simply copied from the other;
      • wording relating to policies and procedures was identical;
      • erroneous references to roles were identical in both reports;
  • AML training:
        • training not suitably tailored to roles;
        • firm was not able to provide a record of training package that was delivered;
        • FCA found it difficult to assess the suitability of the AML training delivered;
        • records provided were inadequate;
  • internal audit:
    • repeat AML failures noted in audit reports that were not addressed.
  • Outcome:
    • Firm fined £6,500,000.

Need help?

C&G’s consultants have extensive experience of building robust compliance programmes in global brokerage operations. If any of the issues raised in these cases are giving you cause for concern then don’t sweat, come and talk to us.

References

2024.Circular 24/001 Disciplinary Notice: Settlement of disciplinary proceedings against R.J.O’Brien (MENA) Capital Limited. ICE Futures Europe, available at: https://www.ice.com/publicdocs/circulars/24001.pdf (last accessed 4th March 2024).

  1. The DFSA fines R.J. O’Brien (MENA) Capital Limited USD 1.37 million for inadequate compliance resources. Dubai Financial Services Authority, available at: https://www.dfsa.ae/news/dfsa-fines-rj-obrien-mena-capital-limited-usd-137-million-inadequate-compliance-resources (last accessed 4th March 2024).
  2. CFTC orders Interactive Brokers to pay $20 million for recordkeeping and supervision failures for widespread use of unapproved communication methods. Commodity Futures Trading Commission, available at: https://www.cftc.gov/PressRoom/PressReleases/8794-23 (last accessed 4th March 2024).
  3. FCA fines ADM Investor Services International Limited £6,470,600 for serious financial crime control failings. Financial Conduct Authority, available at: https://www.fca.org.uk/news/press-releases/fca-fines-admisi-serious-financial-crime-control (last accessed 4th March 2024).