NEXT Smelled Email Smoke But Didn't Pull Compliance Alarm

May 7, 2013

Wall Street regulators have insisted -- and rightly so -- that brokerage firms monitor communications between customers and registered persons. Such surveillance is an excellent tool for the early detection of problems running the gamut from a customer's dissatisfaction with the handling of an order to indications of insider trading. Although many firms have implemented policies and procedures to track emails, the devil is often in the details, as this recent settlement proves.

NEXT On Line

For the purpose of proposing a settlement of rule violations alleged by the Financial Industry Regulatory Authority ("FINRA"), without admitting or denying the findings, prior to a regulatory hearing, and without an adjudication of any issue, NEXT Financial Group, Inc., submitted a Letter of Acceptance, Waiver and Consent ("AWC"), which FINRA accepted. In the Matter of NEXT Financial Group, Inc., Respondent (AWC  2011028898802, May 3, 2013).

A FINRA member firm since 1999, NEXT is a dually registered general securities broker-dealer and Investment Advisor that operates through an independent-contractor model affiliating over 900 registered persons at over 590 registered branch locations.The AWC notes that the firm has had prior relevant disciplinary history. 

The AWC alleges that from February 6, 2008 through June 18, 2012, two of NEXT's registered representatives operated an approved outside business activity and, at times, used their outside business email accounts to send or receive securities-related electronic correspondence with customers. NEXT's then effective written supervisory procedures ("WSPs") allowed such use of non-NEXT email addresses in customer communications provided that the outside email domain names were approved and hosted by NEXT. This approve and hosted precondition permitted NEXT to capture the emails on its server, facilitating the member firm's ability to review the content. 

Smelling Smoke

During the 2009 annual branch audit of the two subject registered persons' branch, NEXT discovered that their outside business emails were not being captured or maintained on NEXT's server and, therefore, were not being reviewed. Despite this knowledge, the AWC asserts that NEXT failed to take any corrective steps. 


NASD Rule 3010 requires members to establish and enforce procedures for the review by a registered principal of incoming and outgoing written and electronic correspondence related to the member's securities business, and to retain such correspondence in accordance with NASD Rule 3110. 

NASD Rule 3110 and SEC Rule 17a-4 impose a general duty on member firms to maintain and preserve certain books and records, including securities-related electronic correspondence.

The AWC asserts that NEXT violated NASD Rules 3010 and 3110, Section 17(a) of the Securities Exchange Act of 1934, SEC Rule 17a-4, NASD Rule 2110 (for conduct occurring on or before December 14, 2008) and FINRA Rule 2010 (for conduct occurring on or after December 15,2008).

In accordance with the terms of the AWC, FINRA imposed upon NEXT a censure and a $250,000 fine. In addition, NEXT agreed to following undertaking (subject to extensions of date per Staff agreement):

a. Within ninety (90) days after issuance of the Notice of Acceptance of this AWC, the Firm shall conduct an audit to identify all non-NEXT email accounts used for securities-related communications by registered persons of the firm and identify whether such email accounts are being captured by NEXT's servers, reviewed as a part of NEXT's normal email surveillance, and retained as required by FINRA rules and the federal securities laws.

b. Within thirty (30) days after completion of the audit, for any non-NEXT email accounts identified during the audit, the Firm shall establish and implement a corrective procedure to ensure that such email accounts will be captured, reviewed and retained by the Firm in the future.

c. Within sixty (60) days after conducting its audit, NEXT shall provide to FINRA's Department of Enforcement in the Dallas District Office a written statement, signed by the responsible principal or principals, describing the steps taken in the audit, the results of the audit, and the corrective steps taken to ensure the future capture, review and retention of the emails identified. FINRA staff's review of the audit, results and corrective procedure shall in no way constitute an approval of the same. The failure of FINRA staff to alert NEXT to any deficiencies in the audit or corrective procedure shall not preclude FINRA from instituting a subsequent disciplinary action as a result of violations NASD Rules 3010 and 3110, Section 17(a) of the Securities Exchange Act of 1934, SEC Rule 17a-4, and FINRA Rule 2010.

Read these Email articles: