Finra Investigates BNP Paribas
On October 24, 2019, the Financial Industry Regulatory Authority (FINRA) announced a settled enforcement action involving BNP Paribas Securities Corp. and BNP Paribas Prime Brokerage, Inc. A lengthy FINRA investigation found that although the firms did a brisk business in penny stocks between February 2013 and March 2017, their anti-money laundering (AML) procedures were woefully lacking, which resulted in a failure to report hundreds of millions of dollars worth of potentially suspicious transactions. BNP agreed to pay a fine of $15 million, and to certify within 90 days that its procedures are “reasonably designed to achieve compliance…”
BNP the parent company may seem at first glance an unlikely player in the penny playground. A French bank with roots in Belgium, its current incarnation resulted from the 2002 merger of Banque Nationale de Paris (BNP) and Banque de Paris et des Pays-Bas S.A. (“Paribas” is derived from “Pays-Bas,” which means the “low countries,” Belgium and the Netherlands.) Today, it’s one of France’s three top international banks, along with Société Générale and Crédit Agricole. Like all multinational financial institutions, BNP has a great many affiliates and subsidiaries, as the Broker Check entry for BNP Securities demonstrates. It appears its own size, and the complexity of its parent’s organization, contributed to the problems FINRA identified.
Nearly everyone is familiar with the idea of money laundering. Since at least the 1980s, when the Bank of Credit and Commerce International (BCCI), registered in Luxembourg and headquartered in Karachi and London, became the focus of international regulatory attention, the public has enjoyed following complicated stories of financial peculation in the newspapers and at the movies. The mob needs to clean up its ill-gotten gains to so that cash can be invested in the organization’s supposedly squeaky clean “legitimate” businesses, which in turn fund crime bosses’ lives of luxury. Greedy dictators discreetly seek the help of money laundering experts before fleeing to one of those sunny places for shady people. But in the wake of 9/11, exposing the practice became a matter of greater urgency, as law enforcement in the United States and Europe worried about how sophisticated terrorists moved the money they needed to finance their acts of violence.
That is serious indeed, and a very real threat. However, not all money laundering is the work of mobsters or terrorists, nor are its methods invariably complex. An embezzler might use the money he stole to buy chips at a casino. He could then wait a few days and cash in those chips, receiving a “clean” check he could take to a bank or, in a more complicated exchange, sign over to his brother-in-law who owns a dry cleaning establishment. The shop is real, and otherwise legitimate. Going forward, our embezzler will receive a cut of its profits as return on his investment. Experienced financial crooks may move the money to be laundered through a series of shell companies owned by nominees, making its origin difficult to trace. That is called “layering.”
According to the experts, money laundering schemes have three stages: placement, in which dirty money is introduced into the financial system; layering, in which the criminal attempts to distance the proceeds from the crime through the kind of transactions described above; and integration, in which the funds, now ostensibly clean, reenter the economy.
Financial institutions like banks and brokerages are naturally vulnerable to attempted money laundering, as they deal with large amounts of cash or cash equivalents. They’re also highly regulated, and may be found liable if they neglect to keep a close eye on their clients’ transactions.
FINRA and the OTC
FINRA is not a government agency. It calls itself a “government-authorized not-for-profit organization.” Although it’s regulated by the Securities and Exchange Commission, it is, like the SEC, a securities regulator, but unlike the SEC, its jurisdiction extends only to broker-dealers. It has a Department of Enforcement and files complaints against wrong-doers, but does not file them in federal court, as the SEC may do. That doesn’t mean it lacks leverage; it has the power to expel firms and individuals who transgressions are deemed irremediable, or who fail to pay the often-hefty fines imposed. The organization also regulates trading, licenses registered representatives, and admits firms to the industry.
FINRA’s predecessor organization, the National Association of Securities Dealers (NASD), was created in 1939, and was registered with the SEC at that time. Then as now, its mission was to supervise its member broker-dealers under the SEC’s oversight. It continued in that role when it helped found the Nasdaq in 1971. In its early years, the Nasdaq attracted many companies whose stocks traded over-the-counter; the hook was the benefit conferred by its creators’ invention of an electronic quotation system. Once it developed an electronic execution system to match, it became the choice of many issuers that would in the past have sought a listing on the New York Stock Exchange. In 2006, the Nasdaq became a national securities exchange.
There were (and are) still many stocks that trade over-the-counter, or OTC markets. In 1990, the NASD created what was called the Over-the-Counter Bulletin Board, or OTCBB. The stocks that traded on the OTCBB were of varying quality; some were SEC registrants, others weren’t. In 1999, the SEC decided all OTCBB issuers would have to comply with SEC registration requirements if they hadn’t already done so. Those that declined to meet the obligation would be delisted to the lowly Pink Sheets. In the end, that proved to be an enormous boon for a group of investors led by Cromwell Coulson. The group had recently purchased the National Quotation Bureau, operator of the Pink Sheets. The Pinks thrived, thanks to Pink Link, the electronic execution platform developed by Coulson’s people.
By 2009, Pink OTC Markets—which would be renamed OTC Markets Group the following year—had become by far the dominant player in the OTC space. The NASD had also acquired a new name—FINRA—thanks to its consolidation with the member regulation, enforcement, and arbitration functions of the NYSE. It was not particularly interested in continuing to operate the OTCBB, and attempted to sell it and its website. After a few years, it became clear no one was seriously interested in buying. The result of its failure to find a suitor was that although the OTCBB website has been erased, the OTCBB itself apparently lives on in a kind of limbo. What’s more important is that FINRA continues to process Forms 211, which are submitted by brokers-dealers to bring new OTC issuers into compliance with SEC Rule 15c2-11 and thereby qualify them for trading, and also continues to process certain types of corporate actions OTC issuers wish to take. To keep the public informed of those corporate actions, it publishes the Daily List. Finally, it imposes trading halts, mostly for foreign issuers.
So FINRA is quite familiar with penny stocks, and with the many regulatory issues surrounding them, including suspicious transactions that may be cover for money laundering.
In the Acceptance and Consent signed by officials from BNP and FINRA, it’s first noted that although both failed miserably at their anti-money laundering obligations, the document would be signed, and the fine paid, by BNP Paribas Securities only. BNP Securities, a FINRA member since 1984, is a clearing and carrying broker-dealer for “institutional and certain high net worth retail customers.” Its headquarters are in New York, and it has eight other offices. In its fiscal year 1918, it reported gross annual revenue of $1.7 billion. BNP Prime Brokerage was an affiliate of BNP Securities. It was also a carrying and clearing broker-dealer, and provided clearing services to retail and institutional customers of its introducing brokers. Its offices were located at BNP Securities’ address in New York, and the two firms shared some officers as well. It merged with BNP Securities in July 2018.
FINRA makes a point of saying neither firm has any “relevant” disciplinary history. That doesn’t mean their operations over the years had been without problems. One of the most recent was among the most serious: in August 2018, the U.S. Commodity Futures Trading Commission (CTFC) announced it had filed and settled charges against BNP Securities for attempted manipulation of the USD ISDAfix benchmark. Both BNP Securities and the now-dissolved BNP Prime had been active participants in derivatives trading for many years. According to the CTFC, between 2007 and 2012, the trading firm had attempted to manipulate USD ISDAfix (more formally known as the U.S. Dollar International Swaps and Derivatives Association Fix) “to benefit… [its] derivatives positions in instruments such as cash-settled options on interest rate swaps and certain exotic structured products.”
It wasn’t all drudgery for the CTFC investigators. They learned that on one occasion, BNP traders compared their manipulation to the Salt-N-Pepa hit song “Push It.” In the end, though, the regulator was not amused, and fined BNP Securities a whopping $90 million.
The Currency and Foreign Transactions Reporting Act of 1970, better known as the Bank Secrecy Act (BSA), “requires U.S. financial institutions to assist U.S. government agencies to detect and prevent money laundering. Specifically, the act requires financial institutions to keep records of cash purchases of negotiable instruments, file reports of cash transactions exceeding $10,000, and to report suspicious activity that might signify money laundering, tax evasion, or other criminal activities. Today, the Financial Crimes Enforcement Network (FinCEN) implements, administers, and enforces compliance with the Bank Secrecy Act.
Following 9/11, the Patriot Act mandated the extension of the AML provisions of the BSA to broker-dealers, and so FINRA created its Rule 3310, which provided that each member firm should develop its own anti-money laundering program, following the specifications of the BSA. As part of its 2017 report on the subject, the regulator discusses AML compliance and offered some examples of firms that had failed its examinations of their programs, noting:
FINRA observed that firms with effective AML programs actively tailor their risk-based AML program to the firm’s business model and associated AML risks as opposed to simply implementing a more “generic” program. They also conducted independent testing that included sampling customer accounts in order to test whether the firm was collecting and verifying customer identification information on all individuals and entities that would be considered customers under the BSA, as well as trading and money movement activity to test whether the firm was performing adequate monitoring for and investigations of potentially suspicious activity. In addition, they designed training programs that were specific to the roles and responsibilities of the participating employees and captured current and evolving aspects of the AML landscape.
If that is the gold standard of AML compliance, BNP Securities and BNP Prime failed on all counts. The two firms shared an AML program that appears to have been poorly designed from the start. The firms’ “U.S. Financial Security” department (USFS) was put in charge of developing the program, but it failed to create any procedures intended to monitor penny stock activities. USFS itself only reviewed potentially suspicious wire activity, and relied on BNP’s Capital Markets Surveillance (CMS) team to catch any suspicious trading. However, CMS focused on trades in listed equities and fixed income products; it didn’t even look at penny stock transactions until early 2016. As a result, information critical to any examination of possible irregularities in penny stock trading was entirely omitted:
BNP’s AML Program also did not include any surveillance of customer deliveries of securities by physical certificates and incoming electronic transfers to identify whether customer deposits and resales of securities complied with Section 5’s registration requirements. As a result, BNP’s AML Program could not reasonably be expected to identify potentially suspicious deposits of penny stocks, or transactions conducted by individuals who owned 10% or more of the outstanding shares of the issuer.
As anyone familiar with the penny market knows, customers who present physical certificates for clearance and deposit with a view to immediate resale are almost always toxic funders, who lend cash in return for convertible promissory notes or convertible debentures. They’ll always be in technical compliance with the registration requirements of Section 5 of the Securities Act of 1933 in the sense that they’ll never declare themselves to be greater-than-ten-percent owners, and therefore affiliates. Several nominee companies attempting to deposit big certificates may be controlled by the same individual or group, however. That would be a violation of Section 5, but the BNP AML program would never have uncovered such a scheme. Nor would it have detected illegally backdated notes, another common trick.
Section 5 also prohibits the sale of unregistered stock unless the seller can claim a legitimate exemption from registration. In January 2009, FINRA issued Regulatory Notice 09-05, which reminded its members that:
… before selling securities in reliance on an exemption, a firm must take reasonable steps to ensure that the transaction qualifies for the exemption…. This includes taking whatever steps necessary to ensure that the sale does not involve an issuer, a person in a control relationship with an issuer, or an underwriter with a view to offer or sell the securities in connection with an unregistered distribution.
The notice also warns firms that they cannot rely “solely on others, such as clearing firms, transfer agents, or issuers’ counsel, to fulfill [its] obligations.” The firms must conduct their own investigations.
BNP’s poorly designed program resulted in many missed red flags. FINRA lists a few:
- A customer account that, during a seven month period, received more than 11 billion restricted shares of penny stocks in 553 separate deliveries, and then sold the shares for more than $10 million.
- A toxic funder who received 3.7 billion restricted shares of penny stocks in 222 separate deliveries, and sold them for more than $7 million.
- A customer account that sold 47 million shares of a penny stock in which it owned more than 8 percent of the commons when the issuer’s auditor produced a “going concern” warning, and management noted that the company was dependent on toxic financing.
- A customer account that generated proceeds of more than $500,000 by selling more than 1.3 million shares of a stock graced by OTC Markets Group with a caveat emptor icon for promotional activity.
There were also problems with the AML program’s consideration of wire transfers. Surveillance was set up to review U.S. dollar transfers only. No review was made of transfers “to or from high-risk jurisdictions or financial institutions. BNP also did not conduct any surveillance or review of foreign currency-denominated wires; as a result, 3,448 foreign currency-denominated wires with a total value of $2.5 billion were not reviewed to determine whether they involved high-risk entities or jurisdictions or represented the proceeds of potentially suspicious trading activity.”
FINRA doesn’t say whether some or all the wires in question were in fact problematic; the lack of an explanation suggests for the most part they were not. Yet again, telling examples are offered:
- Thirty-four customer accounts that received more than 18 billion restricted shares of penny stocks and incoming wires totaling $40,344, while sending 220 outgoing wires that totaled more than $62 million.
- Forty-four customer accounts that executed no buy transactions while depositing more than 17.8 billion shares of penny stocks, and wiring out more than $69 million in sale proceeds.
Clearly BNP Securities and BNP Prime had no idea who their customers really were, or what they were up to.
A Failure to Communicate
Much of what happened at the BNP firms between 2013 and 2017 could easily have been prevented. The AML program was poorly designed and failed to take into account BNPs penny stock business, but that wasn’t a secret. Some BNP employees and associates were aware of the program’s weaknesses, and attempted to alert the people in a position to fix it.
As early as January 2014, the head of Trading Operations told senior management that BNP was “an outlier in the industry” because of its poor surveillance of microcaps. A month later other personnel took a look at recent AML regulatory actions and brought their own concerns to management. A few months later, the company’s auditor articulated his own detailed objections to what he saw as a major problem. Shortly thereafter, USFS asked for more staff to deal with a backlog of wire alerts to be reviewed, and CMS, also trying to deal with a significant backlog, requested additional staff as well. In March 2015, concerned personnel informed management that the company was “operating under reduced standards that did not conform to industry best practices for investigating potentially suspicious activity.”
That last communication seems finally to have made an impression, but even so, it wasn’t until the last months of 2015 that more staff was hired to conduct reviews. Management continued to drag its feet: “Although BNP introduced a manual review of penny stock sales in November 2015, it did not implement automated surveillance systems specifically directed at penny stocks, or integrate the trade surveillance conducted by CMS into its AML Program, until 2016 – more than two years after its personnel initially identified these deficiencies.”
FINRA concluded that:
BNP allowed the deposit of nearly 31 billion shares of penny stocks, with a notional value of approximately $338 million, without any review to determine whether the shares were restricted, qualified for an exemption from registration, held by control persons of the issuer, or otherwise eligible for re-sale. BNP also facilitated the removal of restrictive legends from 33.5 million shares of securities, with a total notional value of approximately $12.5 million, without conducting any review to determine whether the legends were eligible for removal.
And added, on a note unrelated to money laundering:
During the period of June 1, 2013 through December 31, 2015, Prime also did not timely close-out fail-to-deliver (“FTD”) positions in equity securities executed by a foreign affiliate on 304 occasions in violation of Rule 204(a) of Regulation SHO (“SEC Rule 204”) and FINRA Rule 2010. During the same period, BNP routed one short sale order without having first borrowed or pre-borrowed shares of the equity security, in violation of SEC Rule 204(b) and FINRA Rule 2010.
Lest those who seek to blame the elusive Shorty for everything that goes wrong with equities, FINRA further explained that the Reg SHO violations were:
… due to an account coding error that resulted in short sales conducted by a foreign affiliate being treated as long sales for the purposes of calculating Prime’s delivery and closeout obligations. The coding error occurred when the affiliate began clearing trades through Prime, and caused Prime to execute a single short sale of 19,200 shares in an equity security without having first borrowed or bought in the shares as required by SEC Rule 204(b). The account coding error was corrected in July 2015…
It’s perhaps worth noting that although FINRA is willing to offer help and advice to companies uncertain about their AML obligations, no one from BNP contacted the regulator. The weaknesses in the firm’s AML program, and the length of time that passed before they were corrected, were discovered in the course of routine examinations conducted by FINRA’s Department of Member Supervision and subsequently reported to Enforcement.
What happened as a result of BNP’s negligence? Did a terrorist cell launder enough money to pay for a cache of arms with a nice clean check? Did Tony Soprano’s successor buy a mansion in Florida, or even his own island in the Caribbean? Probably not. But given the amounts of money and stock in play over a four year period, a number of questionable characters are likely to have lined their pockets comfortably, with no one the wiser.
For further information, please contact Brenda Hamilton, Securities Attorney at 101 Plaza Real South, Suite 202 North, Boca Raton, FL, (561) 416-8956, or by email at [email protected]. This securities law blog post is provided as a general informational service to clients and friends of Hamilton & Associates Law Group and should not be construed as, and does not constitute, legal and compliance advice on any specific matter, nor does this message create an attorney-client relationship. Please note that the prior results discussed herein do not guarantee similar outcomes.