On July 31, 2023, the U.S. Securities and Exchange Commission (“SEC”) Division of Examinations (“Division”) issued a risk alert presenting observations regarding broker-dealer anti-money laundering (“AML”) compliance program deficiencies (the “Risk Alert”). The Risk Alert highlighted issues relating to: (1) independent AML testing; (2) AML training; (3) customer identification program (“CIP”) compliance; (4) customer due diligence (“CDD”) and beneficial ownership identification and verification; and (5) Office of Foreign Assets Control (“OFAC”) compliance programs.
Specific observations included the following:
Division staff observed broker-dealers that: (1) did not complete AML tests in a timely manner; (2) had inadequate testing; and (3) had inadequate procedures to address testing.
The Risk Alert noted: (1) training materials that were not appropriately updated and/or tailored; and (2) instances in which firms could not demonstrate that personnel attended required AML training.
Customer Identification Program
- Collect customers’ dates of birth, identification numbers, or addresses, or permitted accounts to be opened by individuals providing only a P.O. box address;
- Verify the identity of customers, including instances in which the firms’ files indicated that verification was complete but required information was missing, incomplete, or invalid;
Division staff observed broker-dealers whose CIP “appeared not to be properly designed to enable the firm to form a reasonable belief that it knows the true identity of customers.” For example, the staff observed firms that did not:
- Follow their own CIP procedures; and
- Follow any CIP procedures with respect to private placement investors, in cases “where customer relationships established with the [firm] to effect securities transactions appeared to be formal relationships for purposes of the CIP rule.”
Division staff observed broker-dealers that had not updated their AML programs to reflect the CDD Rule, and also noted various specific deficiencies by certain broker-dealers related to compliance with the CDD Rule.
The Division observed certain weaknesses in OFAC sanctions compliance efforts, including failure to (1) adequately follow-up on potential sanctions matches; (2) perform periodic or event-based OFAC screening of customers; and (3) conduct timely sanctions screening.