Close Close
Sign In
Newsletters
Popular Financial Topics Discover relevant content from across the suite of ALM legal publications From the Industry More content from ThinkAdvisor and select sponsors Investment Advisor Issue Gallery Read digital editions of Investment Advisor Magazine Tax Facts Get clear, current, and reliable answers to pressing tax questions
Luminaries Awards
Podcast Center Video Center Webcasts Resource Center Events
About ThinkAdvisor Contact Us Advertise With Us Asset & Logo Licensing Sitemap Terms of Service Privacy Policy Copyright © 2024 ALM Global, LLC. All Rights Reserved.
ThinkAdvisor

Regulation and Compliance > Federal Regulation > SEC

SEC Slaps BD for Failing to File Suspicious Activity Reports

By Melanie Waddell

X
Your article was successfully shared with the contacts you provided.

What You Need to Know

  • GWFS was ordered to pay the SEC a $1.5 million civil monetary penalty.
  • The BD failed to file approximately 130 SARs and omitted information from 297 SARs it did file.
  • GWFS was aware of increasing attempts by external bad actors to gain access to the retirement accounts of individual plan participants.

The Securities and Exchange Commission announced settled charges against GWFS Equities Inc., a Colorado-based registered broker-dealer for failing to file suspicious activity reports, or SARs, related to external bad actors’ attempts to gain access to the retirement accounts of individual plan participants.

GWFS, an affiliate of Great-West Life & Annuity Insurance Co. that provides services to employer-sponsored retirement plans, was ordered to pay the SEC a $1.5 million civil monetary penalty.

According to the SEC’s order, from September 2015 through October 2018, GWFS was aware of increasing attempts by external bad actors to gain access to the retirement accounts of individual plan participants.

During that time period, GWFS failed to file certain SARs with the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) and omitted from certain filed SARs important information it knew, and was required to report, about the suspicious activities.

Over the course of the relevant period, “GWFS began detecting increasing numbers of attempts by bad actors to gain unauthorized access to the retirement accounts of individual plan participants and the funds therein,” the order states.

The bad actors generally tried to access the accounts by using improperly obtained personal identifying information of the plan participants.

“Although GWFS concluded that the personal identifying information was not obtained in connection with any breach of GWFS’ systems, the bad actors frequently were in possession of electronic login information — such as user names, email addresses, and passwords — of the plan participants,” the order states.

GWFS detected most of these attempts before the bad actors could request a distribution from a plan participant’s account, but some incidents involved successful distributions, according to the order.

These attempts, whether or not funds were ultimately withdrawn, are referred to as “account takeovers.”

During the Relevant Period, GWFS failed to implement its anti-money laundering program consistently in practice.

As a result, GWFS, according to the SEC: failed to file approximately 130 SARs, including in cases when it had detected external bad actors gaining, or attempting to gain, access to the retirement accounts of participants in the employer-sponsored retirement plans it serviced; and omitted, from approximately 297 SARs it did file, information it knew, and was required to report, about the suspicious activity and suspicious actors.

The Bank Secrecy Act requires broker-dealers to file SARs with FinCEN to report a transaction (or pattern of transactions of which the transaction is a part) conducted or attempted by, at, or through the broker-dealer involving or aggregating funds or other assets of at least $5,000.

Melanie Waddell

@Think_MelanieW

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.