NOTE: Stipulations of Fact and Consent to Penalty (SFC); Offers of Settlement (OS); and Letters of Acceptance Waiver, and Consent (AWC) are entered into by Respondents without admitting or denying the allegations, but consent is given to the described sanctions & to the entry of findings. Additionally, for AWCs, if FINRA has reason to believe a violation has occurred and the member or associated person does not dispute the violation, FINRA may prepare and request that the member or associated person execute a letter accepting a finding of violation, consenting to the imposition of sanctions, and agreeing to waive such member's or associated person's right to a hearing before a hearing panel, and any right of appeal to the National Adjudicatory Council, the SEC, and the courts, or to otherwise challenge the validity of the letter, if the letter is accepted. The letter shall describe the act or practice engaged in or omitted, the rule, regulation, or statutory provision violated, and the sanction or sanctions to be imposed.

Hernan Charry Jr. aka Herman Charry (Principal)
AWC/2010022715607/December 2011

Charry failed to enforce his firm’s WSPs regarding the handling of PPM, subscription documents and investor funds for private placement offerings his firm sold, and he failed to effectively supervise the associated persons’ handling of such documents. 

Hernan Charry Jr. aka Herman Charry (Principal): Fined $10,000; Suspended 20 business days

Tags:  WSPs    Supervision    Private Placement    Regulation S-P     |    In: Cases of Note : FINRA

Patrick Thomas Walker (Principal)
AWC/2008011724302/October 2011

Walker's member firm was issued a Letter of Caution following a FINRA examination, which advised of numerous deficiencies in the firm’s WSPs; these deficiencies included maintenance of the firm’s Form BD, prohibition of commission payments to non-registered entities, designation of an appropriately licensed principal for each of the firm’s product lines, maintenance of WSPs at each OSJ, investigation into the qualifications of new hires, obligations of the firm when handling accounts of associated persons employed at other FINRA-regulated broker-dealers, timely providing account records to customers, prompt notification to regulators of deficiencies in required net capital, and prohibition of the sale of unregistered securities beyond the private offering’s expiration dates. The Letter of Caution also indicated that the firm’s WSPs were deficient with respect to Regulation S-P. 

Although issued only to the firm, the Letter of Caution was delivered to Walker in his capacity as president and chief compliance officer of the firm; thus, Walker had notice of the deficiencies but failed to update and amend the WSPs to correct the deficiencies. A later FINRA examination disclosed the same deficiencies outlined in the Letter of Caution, but Walker failed to update and amend the WSPs to correct the deficiencies. In addition, FINRA determined that Walker failed to establish, maintain and enforce WSPs and supervisory control procedures in the cited areas to ensure compliance with applicable securities laws and regulations, including Regulation S-P.

Patrick Thomas Walker (Principal): Fined $5,000; Suspended in Supervisory/Principal capacities only for 10 business days.

Tags:  WSPs    Regulation S-P     |    In: Cases of Note : FINRA

Ayre Investments, Inc. and Timothy Tilton Ayre (Principal)
OS/2009016252601/September 2011

Acting through Ayre, its CCO, Ayre Investments failed to establish and maintain a supervisory system and establish, maintain and enforce WSPs to supervise the activities of each registered person that were reasonably designed to achieve compliance with the applicable rules and regulations related to

• CRD pre-registration checks,
• exception report maintenance and review,
• supervisory branch office inspections,
• approval of transactions by a registered securities principal,
• annual compliance meeting,
• financial and operations principal (FINOP) review of checks received and disbursements blotter,
• NASD Rule 3012 annual report to senior management,
• review and retention of correspondence, Regulation S-P and outsourcing arrangements.

The Firm's WSPs were purchased from a third-party vendor and were intended to meet the needs of any broker-dealer, regardless of the firm’s size or business. Acting through Ayre, the Firm failed to tailor the template WSPs to address the firm’s particular business activities. With respect to the areas identified above, the firm’s WSPs failed to describe with reasonable specificity the identity of the person who would perform the relevant supervisory reviews and how and when those reviews would be conducted; and with respect to the maintenance of electronic communications, the firm completely failed to establish, maintain and enforce any supervisory system and/or WSPs reasonably designed to ensure that all business-related emails were retained.

Acting through Ayre, the Firm violated the terms of a Letter of Acceptance, Waiver and Consent (AWC) by failing to file a required written certification with FINRA regarding the firm’s WSPs within 90 days of the issuance of the AWC. Despite being given multiple reminders and opportunities by FINRA staff during a routine examination to file the certification, the firm and Ayre have yet to file the certification the AWC required.

The Firm only had one registered options principal (ROP) who was required to review and approve all of the firm’s option trades; for more than half a year, however, the ROP resided in another state and did not work in the firm’s main office. Furthermore, the firm’s WSPs did not address or explain how the ROP, given his remote location, was to accomplish and document the contemporaneous review and approval of all options trades firm customers placed; the firm executed approximately 450 options transactions, none of which the ROP approved.

The firm failed to maintain and preserve all of its business-related electronic communications, and therefore willfully violated Securities Exchange Act Rule 17a-4.

The Firm permitted its registered representatives to use email to conduct business when the firm did not have a system for email surveillance or archiving. Each firm representative maintained electronic communications on his or her personal computer or arranged for the retention of electronic communications in some other fashion, and the firm relied on representatives to forward or copy their businessrelated emails to the firm’s home office for retention. Not all of the representatives’ business-related emails were forwarded to the home office, and the firm did not retain the electronic communications that were not forwarded or copied to the firm’s home office; as a result, the firm failed to maintain and preserve at least 10,000 business-related electronic communications representatives sent to or received.

Ayre Investments, Inc.: Censured; Fined $10,000  (note: FINRA states that it imposed a lower fine against the firm after it considered, among other things, the firm’s revenues and financial resources); Undertakes to review its supervisory systems and WSPs for compliance with FINRA rules and federal securities laws and regulations, including those laws, regulations and rules concerning the preservation of electronic mail communications, and certify in writing to FINRA, within 90 days, that the firm has in place systems and procedures to achieve compliance with those rules, laws and regulations.

Timothy Tilton Ayre: Fined $10,000; Suspended 2 months in Principal capacity only.

Tags:  Email    Electronic Communications    Annual Compliance Meeting    FINOP    Regulation S-P    Options     |    In: Cases of Note : FINRA

Prestige Financial Center, Inc. and Lawrence Gary Kirshbaum (Principal)
AWC/2009016405902/July 2011

Prestige, acting through Kirshbaum and at least one other firm principal, were involved in a fraudulent trading scheme through which the then-Chief Compliance Officer (CCO) and head trader for the firm concealed improper markups and denied customers best execution.

As part of this scheme, the CCO falsified order tickets and created inaccurate trade confirmations, and the hidden profits were captured in a firm account Kirshbaum and another firm principal controlled; some of the profits were then shared with the CCO and another individual.

The trading scheme took advantage of customers placing large orders to buy or sell equities. Rather than effecting the trades in the customers’ accounts, the CCO placed the order in a firm proprietary account where he would increase or decrease the price per share for the securities purchased or sold before allocating the shares or proceeds to the customers’ accounts; this improper price change was not disclosed to, or authorized by, the customers, and this fraudulent trading scheme generated approximately $1.3 million in profits for the firm’s proprietary accounts. Kirshbaum was aware of and permitted the trading. In an account that Kirshbaum and another firm principal controlled. 47 percent of the profits from the scheme were retained. In furtherance of the fraudulent trading scheme, the CCO entered false information on the corresponding order tickets regarding the share price and the time the customer order ticket was received, entered and executed; the corresponding trade confirmations inaccurately reflected the price, markup and/or commission charged and the order capacity.

In addition, acting through Kirshbaum, Prestige entered into an agreement to sell the personal, confidential and non-public information of thousands of customers to an unaffiliated member firm in exchange for transaction-based compensation from any future trading activity in those accounts. In connection with that agreement, Kirshbaum provided the unaffiliated member firm with the name, account number, value and holdings on spreadsheets via electronic mail. Furthermore, Kirshbaum granted certain representatives of that firm live access to the firm’s computer systems, including access to systems provided by the firm’s clearing firm, which provided access to other non-public confidential customer information such as Social Security numbers, dates of birth and home addresses. Prestige and Kirshbaum did not provide any of the customers with the required notice or opportunity to opt out of such disclosure before the firm disclosed the information, as Securities and Exchange Commission (SEC) Regulation S-P requires.

Acting through Kirshbaum, Prestige failed to establish and maintain a supervisory system, and establish, maintain and enforce written supervisory procedures to supervise each registered person’s activities that are reasonably designed to achieve compliance with the applicable rules and regulations regarding interpositioning, front-running, supervisory branch office inspections, supervisory controls, annual compliance meeting, maintenance and periodic review of electronic communications, NASD Rule 3012 annual report to senior management, review and retention of electronic and other correspondence, SEC Regulation S-P, anti-money laundering (AML), Uniform Application for Securities Industry Registration or Transfer (Form U4) and Uniform Termination Notice for Securities Industry Registration (Form U5) amendments, and NASD Rule 3070 reporting. FINRA found that the firm failed to enforce its procedures requiring review of its registered representatives’ written and electronic correspondence relating to the firm’s securities business. In addition, the firm failed to establish, maintain and enforce a system of supervisory control policies and procedures that tested and verified that its supervisory procedures were reasonably designed with respect to the activities of the firm and its registered representatives and associated persons to achieve compliance with applicable securities laws and regulations, and created additional or amended supervisory procedures where testing and verification identified such a need. Moreover, the firm failed to enforce the written supervisory control policies and procedures it has with respect to review and supervision of the customer account activity conducted by the firm’s branch office managers, review and monitoring of customer changes of address and the validation of such changes, and review and monitoring of customer changes of investment objectives and the validation of such changes. Furthermore, firm failed to establish written supervisory control policies and procedures reasonably designed to provide heightened supervision over the activities of each producing manager responsible for generating 20 percent or more of the revenue of the business units supervised by that producing manager’s supervisor; as a result, the firm did not determine whether it had any such producing managers and, to the extent that it did, subject those managers to heightened supervision.

Acting through one of its designated principals, Prestige falsely certified that it had the requisite processes in place and that those processes were evidenced in a report review by its Chief Executive Officer (CEO), CCO and other officers,and the firm failed to file an annual certification one year. The findings also included that the firm failed to implement a reasonably designed AML compliance program (AMLCP). Although the firm had developed an AMLCP, it failed to implement policies and procedures to detect and cause the reporting of suspicious activity and transactions; implement policies, procedures and internal controls reasonably designed to obtain and verify necessary customer information through its Customer Identification Program (CIP); and provide relevant training for firm employees—the firm failed to conduct independent tests of its AMLCP for several years. Acting through Kirshbaum and another firm principal, the firm failed to implement policies and procedures reasonably designed to ensure compliance with the Bank Secrecy Act by failing to enforce its procedures requiring the firm to review all Section 314(a) requests it received from the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN); as a result, the firm failed to review such requests. In addition, Kirshbaum and another principal were responsible for accessing the system to review the FinCEN messages but failed to do so. Moreover, FINRA found that the firm permitted certain registered representatives to use personal email accounts for business-related communications, but failed to retain those messages.

Furthermore, the firm failed to maintain and preserve all of its business-related electronic communications as required by Rule 17a-4 of the Securities Exchange Act of 1934, and failed to maintain copies of all of its registered representatives’ written business communications. The  firm failed to file summary and statistical information for customer complaints by the 15th day of the month following the calendar quarter in which the firm received them. The findings also included that the customer complaints were not disclosed, or not timely disclosed, on the subject registered representative’s Form U4 or U5, as applicable.The Firm failed to provide some of the information FINRA requested concerning trading and other matters.

Prestige Financial Center, Inc. : Expelled

Lawrence Gary Kirshbaum (Principal): Barred

Tags:  Annual Compliance Meeting    AML    CCO    Confidential Customer Information    Electronic Communications    WSPs    Regulation S-P    SAR     |    In: Cases of Note : FINRA

Jeffrey Nicholas Lombardi (Principalo)
AWC/2010023537101/June 2011

Lombardi improperly transferred confidential and proprietary information outside of his member firm for purposes other than the firm’s business.

Lombardi sent to

• a non-affiliated, third-party member firm internal compliance reports of his member firm that contained non-public personal information regarding customers;
• his personal email address
• internal documents of his firm that included non-public personal information of individuals derived from a request by Financial Crimes Enforcement Network (FinCEN) of the U.S. Department of Treasury and the firm’s internal summary regarding certain registration requirements; and
• documents with another firm customer’s non-public personal information.

In each of these instances, Lombardi acted without the firm’s authorization and knowledge, and contrary to its written policies and procedures. By sending a report with confidential, non-public personal customer information to a non-affiliated third party, Lombardi caused his firm to violate SEC Regulation S-P.

By transferring information from a FinCEN list to his personal email account, Lombardi acted for purposes other than those provided for under FinCEN regulations, and thereby caused his firm to violate FinCEN’s regulations.

Lombardi knew of his firm’s policies regarding the dissemination of confidential and/ or proprietary information, knew or should have known that SEC Regulation S-P prohibits financial institutions from disclosing non-public personal information about a customer to non-affiliated third parties unless certain notice is given to the customer and the customer has not elected to opt out of the proposed disclosure, and knew, or should have known, that information derived from a FinCEN request may not be used for any purpose other than in accordance with FinCEN regulations. In addition, Lombardi signed an affirmation and a certification that he had read and would comply with a Code of Business Conduct and Ethics applicable to firm employees and would comply with the firm’s written policy governing confidentiality of information and use of office equipment. Moreover, Lombardi signed a registered representative agreement in which he agreed that confidential and proprietary information about the firm and/or about existing and prospective firm customers may not be disseminated without requisite permission, and agreed to safeguard confidential and proprietary information from disclosure.

Jeffrey Nicholas Lombardi (Principalo): Fined $5,000; Suspended 15 business days

Tags:  Regulation S-P     |    In: Cases of Note : FINRA

Sammons Securities Company, LLC and Carl Monroe Mook (Principal)
AWC/2009017821401/ 2011

Before Mook terminated his registration with a former member firm, and became registered with Sammons, he accessed the former firm’s system and downloaded customers’ names, addresses, account numbers, account registrations and security products held in the accounts to a compact disk (CD). When Mook began employment with the firm, he turned the CD over to it; the firm then accessed the non-public personal customer information contained on the CD, and using that information, generated and mailed the former firm’s customers transition packets that contained, among other things, a change of broker-dealer form for each securities account. 

Tags:  Regulation S-P     |    In: Cases of Note : FINRA