In the first settlement of its kind, FINRA settled with the SEC on October 27, 2011 due to allegations over a 2008 incident where a regional Kansas City office of FINRA doctored documents. The alleged doctored documents were from three internal staff meetings, where information was either edited or deleted and then provided to the SEC with the “inaccurate and incomplete” changes. Mary Shapiro, currently the Chairman of the SEC, is in an interesting spot as she was Chief Executive of FINRA at the time of the alleged wrongdoing. She apparently had no direct involvement with the decision to take action against FINRA.
The motives for doctoring the documents are unclear, and so is whether or not the alterations of the documents led to any material damage other than FINRA’s diminished credibility. Ironically, the SEC has had its own struggles in recent months with a slew of articles published in various newspapers highlighting their own challenges with document retention and the improper destruction of documents. Both of these scenarios have been called to light by whistleblowers within their respective agencies.
These antics certainly pose the question: Is it a good use of taxpayer money to have regulatory agencies fighting each other over document retention and record keeping practices? The answer is probably no. But the first question begs the second: If they don’t do it, who will? While information management is not the sexiest part of the SEC and FINRA’s responsibilities, it certainly is an important one and the foundation of their information intelligence. Without proper document retention and information governance, the probability of connecting the dots to discover insider trading or other malfeasance is low. Moreover, in order for agencies to retain credibility they need to be able to locate documents with ease and speed and those documents must be truthful and accurate.
Because FINRA is a self-regulatory firm for securities and is overseen by the SEC, it seems appropriate that they investigate matters like the one at hand. According to the SEC, the 2008 incident is the third instance in the past eight years where an employee of FINRA, or its predecessor, the National Association of Security Dealers, has provided altered or misleading documents to the SEC. It remains to be seen if this is intentional on the part of FINRA to conceal undesirable facts or to promote an item on their agenda, or if in fact they are simply negligent with regard to their record keeping policies. Either way, it is a problem for the SEC and the government in general as it undermines agency credibility and compromises the ability to intelligently leverage information. This settlement also does no favors for FINRA at a time when they aim to expand their 4,600 base of supervisory authority to include 10,000 more investment advisory firms.
So, what can be done about this behavior and the risks it poses? Corporations and governments are facing the same issues that information governance poses due to the data explosion and the growing complexity of data sources today. At a minimum, there needs to be a policy in place that governs how data, regardless of form, is handled and disposed of in the information lifecycle. It also makes sense to form an audit committee within the government that can inspect and assess the information management practices of each agency, as well as serve as a third party mediator between agencies when these challenges arise. This is a good idea for two reasons. One, agencies can focus on their responsibilities instead of getting sidetracked with issues they are not expert in, like document retention or record management. Next, this problem has reached a point that it’s necessary to appoint an independent group to audit the government due to the data explosion and pace of technology today. We have the SEC and FINRA to watch the financial industry and provide us with assurance that business is being conducted in a lawful manner. We don’t need the SEC or FINRA to take up document retention as another responsibility, as there are other professionals that can do that more effectively and independently.
While expansion of government is not the goal of forming yet another committee, this committee could potentially free up agencies to do more of the work they are charged with. This would also promote standardization across agencies and regulatory bodies, which would be a giant step in the right direction as data volumes grow. The actions that resulted in this settlement were remedial in nature. FINRA took decisive action to air a podcast about document integrity and scheduled an agency-wide town hall meeting addressing the same for all current and new employees. They also hired an independent outside consultant to provide additional staff training on document retention and integrity. This will be a continual educational process for the private and public sector, and employee training and auditing the process will be the lynchpins for success. The element of deflection is also at work here, as the SEC is not a model example of best practices for document retention and the moment.
The SEC is working through allegations of document destruction, FINRA is accused of document doctoring, but all these assertions circle back to the central theme of having a document retention policy and compliance with that policy. This naturally leads to the need for education and training, and the ultimate auditing of the process for compliance. In this rare case of watchdog bites watchdog, three points become clear: 1) The SEC has a higher and best use other than policing these issues; 2) information management has reached a point that it requires a separate and independent body to monitor and regulate allegations of misconduct; and 3) sometimes it takes a dog biting a dog to truly illustrate the magnitude of a problem.