WSJ reported that LPL Financial Holdings was fined $7.5 million by the FINRA, as well as creating a $1.5 million compensation fund for its clients.
This $9 million fine is largest to date, and could have been avoided with a good-faith effort to comply with government legislation. Note here that all that is required is a reasonable endeavour by a corporation to comply, FINRA doesn’t expect a perfect solution and a fine can be avoided by making an effort.
LPL did in fact have an archiving system in place, but was plagued by "systemic email failures", and did not do much to fix or avoid them.
Archiving email is not enough, as well as being retained, the data needs to be monitored and, if requested, it needs to be easily retrieved. In 2009 LPL switched to a different archive provider and lost access to 280 million emails for five months, and that is just one of 35 failures identified between 2007 and 2013.
"We recognize the importance of having effective policies, procedures and systems to review and retain emails, and we very much regret our lapse of oversight" – LPL Spokeswoman
This should serve as a wake-up call for company owners nationwide; an organization that makes a reasonable compliance effort will escape punishment. FINRA’s crackdown on LPL may be showing that they are taking a harder stance on enforcing these regulations and companies should beware and take the necessary compliance precautions to avoid investigation.
Brad Bennett, Executive Vice President and Chief of Enforcement, said, "As LPL grew, it did not expand its compliance and technology infrastructure; and as a result, LPL failed in its responsibility to provide complete responses to regulatory and other requests for emails. This case sends a strong message to firms to make sure your business does not outgrow your compliance systems."
At the end of the day, a company doesn’t need an army of compliance officers scanning and monitoring emails, but a system does need to be put in place that represents an organisations best efforts.
It’s often difficult to know exactly what is required from you by the law. To provide more information on email compliance requirements, we have compiled a free Simple Steps to Compliance whitepaper.