Where were chief compliance officers (CCOs) most likely to lose their moral compass and get nabbed by regulators in the past year?

According to lead attorneys in Eversheds Sutherland’s securities enforcement practice, who performed a year-end analysis to find the most frequent and remarkable cases Finra and the Securities and Exchange Commission brought against CCOs in 2018, failing to adopt adequate supervision led the regulatory pitfalls that tripped up compliance officers and their staffs.

When there is a breakdown in supervision at firms that allows business practices or investor protections to go awry, CCOs become the prime target for regulators, the law firm said.

And being on the wrong side of regulators’ charges can carry serious consequences, as these CCOs found in 2018. Early in the year, Finra sanctioned and barred a CCO for two years for failing to update written procedures to ensure a registered rep who Finra had placed on restriction for sales infractions was being adequately supervised. The CCO was held responsible because he was the only person at the firm who could revise such written supervisory procedures, Finra found.

Finra suspended another B-D compliance officer for two years and ordered him to pay $50,000 because he failed to establish and maintain a supervisory system over the firm’s microcap liquidation sales business. The CCO appealed the finding in July 2018, arguing that the decision did not reflect the firm’s practices, but lost and failed to reduce his bar or penalty.

In fact, the National Adjudicatory Council (NAC) arbitrators found on appeal that the CCO’s violations were egregious and “demonstrated failure to appreciate the extent and seriousness of the responsibilities he took on,” which warranted the significant sanctions which went beyond arbitration guideline ranges.

“You don’t need an infinity stone to know that regulators may impose sanctions on CCOs who fail to follow, develop and update their firm’s procedures,” said Brian Rubin, the Washington office leader for Eversheds Sutherland’s securities enforcement group.

“This is especially important where the regulator has imposed restrictions on the firm, or where the firm employs individuals who are subject to plans of heightened supervision that compliance officers must draft,” Rubin said.

According to Eversheds Sutherland, five other areas tripped up CCOs in 2018:

CCOs are on the line for such infractions because they have the responsibility to control firms’ policies, procedures and overall compliance structures, which at B-Ds must be “reasonably designed to achieve compliance” and must be “tailored to the member’s business,” Finra regulation states. RIAs, too, must designate an individual who is responsible for administering those policies the firm has adopted and must implement to protect investors and business operations.

Lying in SEC filings is always a bad idea, Rubin said. One CCO who wore many hats at an advisory firm was found by the SEC to have lied and overexaggerated the firm’s assets on its Form ADV over many years to qualify the business for SEC investment advisor registration. At first, the RIA officer said the firm would qualify for SEC registration in four months, then lied in a filing that said the firm had $25 million in assets under management (AUM) and later falsely stated that the RIA had $100 million in AUM.

The SEC barred the CCO from the industry for one year and ordered him to pay a civil money penalty of $20,000, Eversheds Sutherland said.

Performance was another hotbed of CCO infractions in 2018, the law firm said. One 80 percent owner of an RIA who also wore the firm’s CCO hat was charged in April 2018 because his firm had advertised performance without disclosing that the returns were hypothetical, back-tested performance results.

“In other words, the firm went forward and backward in time to paint a rosier picture of the model’s performance,” Eversheds Sutherland said.

The SEC permanently barred the CCO and assessed a $75,000 penalty against him. Specifically, the agency found the RIA officer failed to adopt and implement policies and procedures reasonably designed to prevent such violations. His failures caused the firm to make “willful, fraudulent statements in advertisements, written materials, presentations, seminars, websites, radio shows and weekly updates delivered to clients regarding the firm’s hypothetical algorithmic trading activity,” the SEC said.

“Chief compliance officers may be held liable for failing to implement appropriate policies and procedures in many different areas, including in connection with performance statements,” Rubin warned.