November 16, 2015 - The Financial Industry Regulatory Authority (FINRA) announced today that it fined Scottrade, Inc. $2.6 million for failing to retain a large number of securities-related electronic records in the required format, and for failing to retain certain categories of outgoing emails.
Scottrade also did not have a reasonable supervisory system in place to achieve compliance with certain Securities and Exchange Commission (SEC) and FINRA books and records rules, which contributed to its record-retention failures.
Federal securities laws and FINRA rules require that business-related electronic records be kept in non-rewritable, non-erasable format (also referred to as "Write-Once, Read-Many" or "WORM" format) to prevent alteration. The SEC has stated that these requirements are an essential part of the investor protection function because a firm's books and records are the "primary means of monitoring compliance with applicable securities laws, including antifraud provisions and financial responsibility standards."
FINRA found that from January 2011 to January 2014, Scottrade did not have centralized document-retention processes or procedures for all firm departments to follow. Further, no one at the firm was charged with responsibility for ensuring a consistent document-retention process, fully compliant with the record-retention rules, including the requirement that all records be retained in WORM format. Personnel in different departments of the firm saved certain documents to a restricted shared drive, which was not WORM-compliant. As a result, Scottrade failed to preserve a large number of key securities business electronic records in the required format.
Over a related time frame, FINRA found that Scottrade also failed to copy more than 168 million outgoing emails to the firm's WORM storage device, resulting in the deletion of those emails. These emails were generated automatically by the firm's internal systems or by third-party vendors acting on Scottrade's behalf, and included items such as margin call notices, address change notifications and failed password attempt notifications.
Brad Bennett, Executive Vice President and Chief of Enforcement, said, "Firms must maintain sound supervisory systems and procedures to ensure the integrity, accuracy, and accessibility of electronic books and records."
In concluding this settlement, Scottrade neither admitted nor denied the charges, but consented to the entry of FINRA's findings.