Subscribe to our mailing list

* indicates required







We seek to provide information, insights and direction that may enable the Financial Community to effectively and efficiently operate in a regulatory risk-free environment by curating content from all over the web.


Stay Informed with the latest fanancialish news.




Regulatory Sanctions

Email Review and Preservation – Ineffective Procedures, Poor Execution

July 26, 2018

by Howard Haykin


Review and preservation of business-related email are obligations of all firms, regardless of size. Supervising the activities of firm supervisors is an obligation, as well. In this case, a small illustratees apparent violations of FINRA rules pertaining to 'Books and Records' and 'Supervision'.


A Huntington, CA-based broker-dealer with 4 Registered Reps agreed to settle FINRA charges that it failed to adequately supervise and preserve certain business-related emails. For its deficiencies and violative activity, the firm was fined $5K - a lower amount than usual, taking into consideration the firm’s revenue and financial resources, among other things.


FINRA FINDINGS.    Throughout the relevant period - January 2012 to July 2016 - the firm allowed its Registered Reps (“RRs”) to use personal email accounts to conduct their securities business, and the firm preserved business-related emails using electronic storage media (“ESM”). 

  • Until July 2013, RRs were required to forward their business-related emails from their personal email accounts to the personal email address of the firm's President/CEO/CCO (“CCO”) for storage
  • Beginning in July 2013, RRs were required to forward their business-related emails from their personal email accounts to firm email addresses for storage.


Where the Firm’s Policies and Procedures Went Wrong.    The policies and procedures for review and preservation of business-related emails were both ineffective and poorly executed in the following ways:


  • Business-related emails stored in the CCO’s personal email address – those from the RRs and those received or sent by the CCO himself - were not stored in a non-erasable, non-rewritable format – i.e., WORM, or “write once, read many” format.


  • The firm had no supervisory system or procedures to ensure that its RRs forwarded all business-related emails, including those with customers, from their personal email accounts. As such ...

►   Rather than use an automated system for the review and preservation of all business-related emails, the firm instead relied on an “honor system” for RRs to manually forward such emails.

►   Between April 2012 and July 2013, 3 RRs did not forward business-related emails from their personal email accounts.

►   Between August 2013 and January 2014, another RR did not forward business-related emails from his/her personal account.

►   The firm was unable to evidence any review of the cited emails.


  • Between January 2012 and July 2013, emails sent or received by the firm's CCO himself were not reviewed by another registered principal – because the firm had not established such a review procedure.


APPARENT VIOLATIONS.   Failure to preserve certain emails in WORM format constitutes a ‘Books and Records’ violation of Section 17(a) of the Exchange Act, Exchange Act Rule 17a-4, and FINRA Rule 4511. Failure to establish, maintain and enforce a reasonable supervisory system and WSPs regarding the review and preservation of RRs’ business-related email, and failure to review certain emails, constitute ‘Supervision’ violations of FINRA Rule 3110.



This case was reported in FINRA Disciplinary Actions for July 2018.

For details on this case, go to ...  FINRA Disciplinary Actions Online, and refer to Case #2016047872901.