Merrill Lynch, Bank of America Fined $3 Million by FINRA for Surveillance Failures

Merrill Lynch and its parent company, Bank of America, have agreed to pay a $3 million fine and accept a censure from the Financial Industry Regulatory Authority (FINRA) for failing to properly monitor potentially manipulative trading activities by their customers. The settlement, announced on August 28, addresses violations that occurred from 2015 to present at Merrill Lynch and from 2019 to present at Bank of America Securities, the bank's institutional broker-dealer.

According to FINRA, both entities relied on "deficient" third-party surveillance systems to detect transactions such as wash trading and prearranged trading, practices where investors buy and sell the same securities to create artificial market activity. The parameters used to generate automated alerts were deemed "too narrow" by the regulator.

The investigation revealed that the broker-dealers failed to review approximately 155 alerts representing around 700 potentially manipulative equity trades and about 1,000 alerts covering roughly 125,000 potentially manipulative options trades. Notably, Merrill and Bank of America did not uncover one of the issues until August 2020, despite the presence of numerous red flags, including internal testing results.

FINRA also pointed out that Merrill officials were unable to explain their rationale for selecting specific alert parameters over others offered by third-party vendors. Between 2017 and 2018, Merrill failed to detect wash trading or spoofing in low-priced securities and warrants, partly due to not purchasing a necessary low-priced data feed from its third-party vendor.

The settlement states that Merrill and Bank of America violated FINRA's Rule 3011, which requires reasonably designed supervisory systems, and Rule 2010, which mandates "high standards of commercial honor." While agreeing to the settlement, both entities neither admitted nor denied FINRA's findings.

Of the $3 million fine, $699,000 will be paid to FINRA, with the remainder going to various exchanges including the NYSE and Nasdaq.

A Bank of America spokesperson stated that the company has been "enhancing our surveillance program and will continue to implement improvements to ensure we meet regulatory requirements." The spokesperson also noted that no client harm was identified in the settlement.

This case highlights the ongoing challenges financial institutions face in maintaining effective surveillance systems, particularly when relying on third-party vendors. It also underscores the importance of regularly reviewing and updating monitoring parameters to ensure compliance with regulatory requirements.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.