Robinhood has agreed to a substantial $45m settlement with the SEC over various breaches of securities law.
The settlement addresses a series of infractions across multiple aspects of Robinhood’s operations, underscoring the regulatory challenges facing FinTech enterprises.
The SEC outlined a litany of issues, including failures in reporting suspicious activities and protecting customer identities. From January 2020 to March 2022, Robinhood did not conduct timely investigations of suspicious transactions, leading to delayed filings of suspicious activity reports. Further, from April 2019 to July 2022, the firm fell short in implementing measures to safeguard against identity theft.
Moreover, Robinhood encountered significant lapses in cybersecurity. Notably, between June 2021 and November 2021, a security vulnerability allowed unauthorized access to systems, compromising data on millions of users. This incident highlights growing concerns over cybersecurity in the digital finance space.
The SEC’s findings also noted Robinhood’s failure to preserve electronic communications and maintain necessary brokerage data, violating federal recordkeeping standards. Specifically, Robinhood Securities did not provide accurate trading data, known as blue sheet data, for over five years. Additionally, it failed to meet the requirements of Regulation SHO, which governs stock lending and short selling, from May 2019 to December 2023.
Both Robinhood Securities and Robinhood Financial admitted to these findings, with the former agreeing to a $33.5m penalty and the latter $11.5m. These penalties underscore the financial and operational impacts of non-compliance with regulatory frameworks.
“Today’s order finds that two Robinhood firms failed to observe a broad array of significant regulatory requirements,” said Sanjay Wadhwa, Acting Director of the SEC’s Division of Enforcement. “It is essential to the Commission’s broader efforts to protect investors and promote the integrity and fairness of our markets that broker-dealers satisfy their legal obligations when carrying out their various market functions.”
As part of their agreement with the SEC, both firms have committed to conducting internal audits related to compliance with off-channel communications and certifying the remediation of the deficiencies that led to the violations of Reg SHO.
Copyright © 2018 RegTech Analyst
