$100,00 Fine For AML Violations

Herbert J. Sims & Co, Inc., a broker-dealer, has settled Financial Industry Regulatory Agency charges for failing to implement an anti-money laundering (AML) program to detect and report suspicious cyber-events. FINRA alleged that HJ Sims’ cybersecurity policy lacked a requirement to review cyber-events for AML purposes and file suspicious activity reports if necessary. Five cyber-attacks were not investigated. In one of them, “HJ Sims approved an $80,000 wire request and funds were sent to the third-party account (but eventually recovered). In the other three events, bad actors gained access to the email accounts of HJ Sims’ employees.” HJ Sims failed to file any suspicious activity reports on the cyberattacks. FINRA determined that the conduct was in violation of Rule 2010 (“Standards of Commercial Honor and Principles of Trade”) and Rule 3310 (“Anti-Money Laundering Compliance Program”). The settlement includes a censure and a civil monetary penalty of $100,000.