On May 6, 2019, the Financial Industry Regulatory Authority (“FINRA”) issued Regulatory Notice 19-18, addressing members’[1] anti-money laundering (“AML”) compliance programs.  This notice focused extensively on members’ monitoring for suspicious activities and subsequent suspicious activity report (“SAR”) filing obligations, providing 97 examples of “money laundering red flags” to securities industry market participants.  Where applicable to a members’ business operations, FINRA encouraged broker-dealers to take a “risk-based approach” to AML compliance and incorporate these red flags into their AML programs, even though the organization noted that merely doing so will not satisfy all obligations.  Where any red flags are detected, FINRA encouraged firms to consider whether “additional investigation, customer due diligence measures or a SAR filing may be warranted.”

The release of Regulatory Notice 19-18 comes amid a substantial increase in the focus from civil and criminal authorities on U.S. broker-dealers’ compliance with their AML obligations under the Bank Secrecy Act (“BSA”).  Where violations have been identified, this focus has led to a parallel increase in enforcement by the Securities and Exchange Commission (“SEC”), FINRA, and recently the Department of Justice (“DOJ”).  In light of these activities, all broker-dealers should promptly review and integrate such red flags into their AML programs where applicable to their business operations.


Broker-dealers are obligated under SEC Rule 17a-8 to comply with all BSA reporting and recordkeeping requirements.[2]  To ensure compliance, FINRA adopted Rule 3310, requiring each member to design and implement a written AML program “reasonably designed to achieve and monitor the member’s compliance with the requirements of the BSA.”[3]

Under Rule 3310, AML programs must include policies and procedures reasonably expected to detect suspicious activities, and members must subsequently file SARs with the Financial Crimes Enforcement Network (“FinCEN”), an arm of the Department of Treasury (“Treasury”).[4]  Pursuant to Treasury’s rules, broker-dealers must file SARs when persons conduct or attempt to conduct transactions at or through them involving an aggregated value of $5,000 or more where the broker-dealer “knows, suspects, or has reason to suspect” that the transaction, in isolation or when aggregated with other transactions:

  • Involves funds derived from illegal activity or is intended or conducted in order to hide or disguise funds or assets derived from illegal activity (including, without limitation, the ownership, nature, source, location or control of such funds or assets) as part of a plan to violate or evade any federal law or regulation or to avoid any transaction reporting requirement under federal law or regulation;
  • Is designed, whether through structuring or other means, to evade any regulations promulgated under the BSA;
  • Has no business or apparent lawful purpose or is not the sort in which the particular customer would normally be expected to engage, and the broker-dealer knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction; or
  • Involves use of the broker-dealer to facilitate criminal activity.[5]

To assist in satisfying these obligations, the National Association of Securities Dealers (“NASD”)—a predecessor organization to FINRA—published 25 “money laundering red flags” in 2002 in its Notice to Members 02-21.  In it, NASD advised that, where such red flags were detected, a broker-dealer member, should “perform additional due diligence” before proceeding with or reporting a suspect transaction.

Regulatory Notice 19-18

In Regulatory Notice 19-18, FINRA incorporated the content of NASD’s 2002 notice, and expanded upon it to include 97 red flags, organized in six categories.  Within these categories, FINRA highlighted the following that members should be wary of:

  • Customer Due Diligence and Interactions with Customers – FINRA cautioned members to take note when customers were reluctant to disclose pertinent personal information about themselves or their associates, or details as to the sources of funds used in securities transactions. Other red flags address questionable customer backgrounds, including those that consistently transact in suspect jurisdictions, those that have known legal or regulatory proceedings against them, or customers known to have been rejected or had their relationship terminated by another financial institution.  FINRA members should also be attentive at the opening of customer accounts, taking note of politically exposed persons,[6] institutional customers serving geographic regions or persons known to be connected to terrorist activity, and foreign financial institutions acting in a particularly suspect manner.[7]
  • Deposits of Securities – FINRA encouraged members to pay close attention to customers that deposit securities into accounts and immediately or shortly thereafter request that members (a) sell the shares and wire resulting funds to the customer; (b) journal the shares in multiple, seemingly unrelated accounts, potentially to quickly transfer ownership; or (c) liquidate positions in the same low-priced securities as a seemingly unrelated customer, suggesting coordination. Customers may also make deposits that do not appear to make sense, either because a customer with few assets receives “large amounts of low-priced, non-exchange listed securities,” or because there may be no reasonable explanation for how the shares were acquired.  FINRA also warned against specific forms of securities, including (a) large blocks of thinly-traded or low-priced securities; and (b) recently issued securities or quantities that represent a large percentage of a security’s float, issued by an otherwise suspicious company.[8]
  • Securities Trading – FINRA warned members to be attentive to customers engaging in securities trading behaviors evidencing attempted price manipulation.[9] Members should also pay close attention to other customer activities, including those that appear to comprise a significant proportion of the trading in a thinly-traded security, appear to lack a discernable purpose, or where a requested purchase does not match the customer’s investment profile or transaction history.  Further, FINRA advised members to be wary of known stock promoters attempting to sell securities through the broker-dealer, and of customers whose known relationships or trading patterns evidenced potential insider trading.  Finally, members should take note of customers engaged in patterns of securities transactions appearing to be a disguise for currency conversions.
  • Money Movements – FINRA warned of customer attempts to avoid reporting or recordkeeping of fund transfers by structuring deposits and withdrawals, or by breaking up large funds transfers into multiple small transfers. Further, FINRA warned members to be attentive to customers using third party funds transfers to either launder money or accomplish other illicit goals.[10]  Members were also recommended to increase due diligence efforts where wire transfers and other transactions involve suspect jurisdictions known for money laundering, terrorist financing, and other black market activities.  Other concerns involved wire transfers with little or no apparent business purpose or relation to securities activities or that evidenced a suspicious pattern of transfers, and certain suspicious uses of accounts by customers.[11]
  • Insurance Policies – FINRA alerted members to be particularly concerned with how customers engage with insurance products. Red flags included customers that cancel insurance or annuity contracts prematurely or during a free-look period, while also engaging in other suspicious activities and immediately requesting withdrawals or transfers of funds.  FINRA also cautioned against customers buying insurance products without concern for investment objectives or performance.
  • Other Red Flags – FINRA also provided members with other, uncategorized red flags. These included customers conspicuously expressing concern for AML compliance efforts, such as a reluctance to provide necessary information to the member to file transaction reports, unusual concern for government reporting requirements, and active attempts to dissuade a member’s employee from filing and maintaining records.  Members were also cautioned to perform further diligence where a customer’s activities lack business or legal sense, do not match the customer’s stated business strategy or past activities, or show a lack of concern for relevant transaction fees.

FINRA stressed that these are not an exhaustive list, and that their adoption neither ensures compliance with Rule 3310, nor grants the member a safe harbor.  Instead, the red flags serve as helpful guidance to be adopted where beneficial and applicable to a member’s particular business operations.  Finally, FINRA encouraged members to consider how emerging areas of risk—including any engagement with digital assets—relate to their suspicious activity monitoring and SAR filing requirements.


Regulatory Notice 19-18 is just the latest in a recent, increased focus by FINRA and the SEC on broker-dealers’ compliance with their BSA suspicious activity monitoring and SAR filing obligations.  In each of its past three examination priorities letters, FINRA indicated it would focus on members’ AML compliance—explicitly raising concerns for suspicious activity monitoring and money laundering red flags in 2017, and members’ engagement with digital assets and FinTech in 2019.  Similarly, the SEC has prioritized suspicious activity monitoring and SAR filing by broker-dealers in its examinations of their AML programs[12] each year since 2015, and released a comprehensive AML Source Tool for Broker-Dealers in October 2018.

Where deficiencies have been identified with firms’ suspicious activity monitoring and SARs filing under their AML programs, broker-dealers have also been increasingly subject to civil and criminal enforcement actions.  For example, FINRA brought five separate enforcement actions against members in 2018—more than all of its AML enforcement actions in 2016 and 2017 combined—all for violations connected to failures to detect red flags, properly monitor for suspicious activities, or file SARs.  Similarly, the SEC has significantly increased enforcement activity against broker-dealers for violating their AML obligations, nearly always involving a failure to satisfactorily file SARs in the face of red flags, the latest of which was initiated on May 15.  Further, in December 2018, the DOJ brought the first criminal action against a broker-dealer for violating the BSA, again for a failure to properly take note of red flags and file SARs with FinCEN.

In this context, Regulatory Notice 19-18 should be viewed as essential material for each member to consider in relation to their current AML compliance programs.  While FINRA made clear that doing so will not guarantee satisfaction of a members’ AML obligations, recent actions by the SEC, FINRA, and DOJ would seem to indicate that failure to do so brings a high risk of enforcement.  Going forward, all broker-dealers should promptly review Regulatory Notice 19-18 against their current business operations, evaluate their existing AML programs, and adopt and implement red flags monitoring policies and procedures as appropriate to their business.

[1] FINRA is a self-regulatory organization charged with overseeing the broker-dealer and funding portal industries. All SEC-registered broker-dealers and funding portals must obtain membership with FINRA, as do associated persons of those firms who are engaged in the securities business of the firm.

[2] 17 C.F.R. § 240.17a-8.

[3] FINRA Rule 3310.

[4] FINRA Rule 3310(a).

[5] See 31 C.F.R. § 1023.320(a)(2).  Note that FinCEN has also advised that where broker-dealers determine the suspect activity that lead to the SAR filing has persisted, such firms should consider additionally submitting a continuing activity SAR filing.

[6] See Regulatory Notice 19-18 at n.9.  A “politically exposed person” has been defined by the Financial Action Task Force as an individual “who is or has been entrusted with a prominent political function, for example, Heads of State or of government, senior politicians, senior government, judicial or military officials, senior executives of state-owned corporations, or important political party officials.” See FATF Guidance, Politically Exposed Persons, June 2013.

[7] Such areas of concern included an offshore bank or broker-dealer selling unregistered shares of their own stock on behalf of customers, and foreign financial institutions affiliated with a U.S. broker-dealer that serve customers by bypassing their U.S. affiliate for no apparent business purpose.

[8] Examples cited included a shell company, a company with no apparent business, service or products, and companies with non-existent or non-compliant SEC filings.

[9] In particular, FINRA highlighted examples that included pre-arranged or non-competitive securities trading, patterned trades evidencing spoofing or layering, and orders timed to influence a stock’s closing price.

[10] Such transfers included check payments made with multiple third party endorsements, payments made by third parties with no apparent connection to the member’s customer, and outgoing funds transfers to third parties shortly before or after the receipt of incoming transfers from other third parties.

[11] Particularly concerning to FINRA were the use of personal accounts for business purposes (or vice versa), and dormant accounts that become active without plausible explanation.

[12] Such examinations are carried out by the SEC’s Office of Compliance Inspections and Examinations.