The American brokerage firm of Interactive Brokers operates the largest electronic trading platform in the US and brokers stocks, options, futures, futures options, forex, bonds and funds. Three federal agencies have clubbed together to punish it for bad suspicious activity reporting.

Interactive Brokers is a global outfit which has just opened an office in Singapore to service the wealth management sector. It has eight other entities around the world, in the US, Australia, Canada, Hong Kong, India, Japan, Luxembourg and the UK, which collectively serve more than 876,000 client accounts in more than 220 countries. Its headquarters are in Connecticut. It offers online trading through self-directed accounts and clears transactions for retail and institutional customers, as well as for customers introduced to it by approximately 610 foreign and domestic introducing firms. It neither confirms nor denies any of the regulators' assertions.

The SEC states that Interactive Brokers failed to send suspicious activity reports or SARs off to the Internal Revenue Service's database in Detroit as required by s17(a) Exchange Act and Rule 17a-8 issued thereunder.

It allegedly failed to spot numerous danger signs or 'red flags' and was deficient in investigating certain conduct as required by its written supervisory procedures, leading to its ultimate failure to make SARs. In a number of instances, its customers deposited a large block of US microcap securities, sold the securities into the market and shortly thereafter withdrew the proceeds of these sales from its accounts. In other instances, the sales by its customer accounted for a significant portion of the daily trading volume in certain US microcap securities issuers. It also apparently failed to review at least 14 deposits of US microcap securities that had been the subjects of SEC trading suspensions. Because it failed to spot these 'red flags,' it did not report this activity in SARs. In those few instances in which its people did spot red flags, it apparently failed to send off SARs anyway. The SEC blames it for not evolving a reasonable surveillance 'programme.'

The SEC's cease-and-desist order, enacted in its own private court, uses the word 'programme' liberally, stating that Interactive Brokers had a deficient AML 'surveillance programme' and even a deficient 'compliance programme' and a separate 'AML programme' which included the firm's policies and procedures and was subject to an annual audit. A programme is a plan of action of some sort, but the SEC does not explain the nature of these projects, instead merely disclosing their existence.

In any case, according to the SEC’s order, over a one-year period Interactive Brokers failed to send off more than 150 SARs that should have raise the possibility that people were manipulating microcap securities in its customers’ accounts.

The firm’s AML policies and procedures were not reasonably tailored to the risks of its US microcap securities business, according to the SEC. Only one of the red flags in its procedures explicitly concerned US microcap securities, stating that its compliance personnel should raise an alert over any customer, who, for no apparent reason, or in conjunction with other red flags, engaged in transactions involving certain types of securities, such as US microcap securities. There was no further description or discussion about US microcap securitiesin the AML literature that Interactive Brokers gave to its compliance people. None of the red flags related to large volume deposits of US microcap securities.

The SEC accuses the firm - and this is one of its hardest-hitting accusations - of not having enough resources in its compliance function to do enough to review and/or solve the problems that its surveillance systems were identifying. For example, during the relevant period, a single employee was responsible for reviewing all of the hits on the incoming stocktransfer report, which included over 3,000 incoming transfers of US microcap securities. The firm, it says, did not systematically identify or review problems raised by outside sources through such things as regulatory inquiries or trading suspension alerts.

During the relevant period, Interactive Brokers failed to investigate the following red flags of potentially suspicious conduct.

• The deposit, sale and withdrawal of funds in a short time period, which may be indicative of unregistered offerings, pumps and dumps, or other manipulative activity, on 78 occations.
• Customers' accounts whose trading represented a substantial percentage of the daily trading volume in a particular security.
• Trading in the securities of issuers subject to regulatory trading suspensions.

The SEC says once again that it often spotted red flags but did nothing.

It ignored other indications of such skulduggery. For a sample of 309 issuers, there were 58 instances where a customer’s sales represented at least 90% of the daily trading volume and 126 instances where a customer’s sales represented at least 70% of the daily trading volume. Interactive Brokers did not send off any SARs regarding these transactions.

On at least three occasions during the relevant period, the firm failed to file timely SARs even though it had spotted red flags in the knowledge that some of its customers had previously broken some criminal laws. In each of these three instances, it banned the customers' accounts from trading in US microcap securities whenever it spotted suspicious transactions, but did not send off SARs in a timely manner.

Consequently, by acceding to its agreement with the SEC, the brokerage has had to "cease and desist" from breaking section 17(a) ever again. It also agreed to be censured and to pay the SEC an $11.5 million penalty.

Meanwhile, the Commodity Futures Trading Commission (CFTC) has reason to believe that Interactive Brokers broke Regulations 42.2 and 166.3, 17 CFR §§ 42.2, 166.3 (2019). It says that between June 2014 and November 2018, the firm failed to diligently supervise its employees’ handling of several commodity trading accounts (one corporate, two HNW) that it held that were the subject of recent enforcement actions and non-public investigations initiated by the CFTC. In the light of these failures, the CFTC says that it lacked a reasonably designed process for conducting investigations of account activity and making decisions about SARs. Consequently, the account holders used their accounts at Interactive Brokers to defraud investors of millions of dollars. The CFTC's administrative order imposes penalties totalling $12.2 million on Interactive Brokers.

The CFTC says that Interactive Brokers' AML 'programme' contained written supervisory procedures or WSPs that spotted several red flags that might have led to SARs if they had only been acted upon. Some included situations where a customer’s account had “inflows of funds or other assets well beyond the known income or resources of the [c]ustomer,” or where a customer’s transactions and/or volume of aggregate activity were “inconsistent with the expected purpose of the account” or were “unusual and unexpected” in comparison with other market participants. The firm also apparently had no policies or procedures in place that forced its compliance people to write down the details of the steps that they were taking and the decisions that they were making while investigating matters and thinking about sending off SARs.

In 2016 the CFTC took Interactive Brokers' customers, Park Entities and related people, to court and alleged that they fraudulently induced fifty HNW members of the public to invest more than $23 million in an unregistered commodity pool that traded futures contracts as well as leveraged or margined retail off-exchange foreign currencies.

The order also said that Haena Park herself transferred the funds into her personal trading account at Interactive Brokers, where she traded on behalf of the pool. Unbeknownst to Interactive Brokers, Park also withdrew and misappropriated funds, plus commissions and fees, for her personal use. The order requires Interactive Brokers to pay a civil monetary penalty of $11.5 million and disgorge $706,214 in gains that (according to the CFTC) it should not have made.

FINRA, meanwhile, has fined Interactive Brokers $15 million for widespread AML failures which persisted for more than five years. It has also required the firm to certify that it will implement the recommendations of a third-party consultant to remedy its failures.

FINRA has decided that Interactive Brokers failed to meet its AML obligations because:

• it did not reasonably 'surveil' hundreds of millions of dollars of its customers’ wire transfers for money laundering concerns, some from third-party deposits into customers’ accounts from countries that the American Government thinks of as highly risky;
• it did not reasonably investigate suspicious activity when it found it because it lacked the requisite compliance people and a reasonably designed case management system, with one compliance manager telling his supervisor that “we are chronically understaffed;” and
• it failed to set up good policies, procedures and internal controls to govern the reporting of suspicious transactions as required by the Bank Secrecy Act 1970, with one set of cases of market manipulation resulting in SARs only after a FINRA investigation.