Merrill Lynch agreed Monday to pay an SEC fine of $2.5 million to settle charges that it had impeded a government investigation into its business practices by dragging its feet on turning over email records.
Merrill, the nation’s largest brokerage outfit, failed to produce in a timely fashion emails requested by the commission from October 2003 to February 2005, SEC officials said. In addition, the SEC cited Merrill’s inadequate policies and procedures for retaining and providing electronic documents. These transgressions were deemed violations of the record-keeping requirements under the Securities Exchange Act of 1934. Merrill neither admitted nor denied any wrongdoing.
“We have acknowledged that our email retrieval systems need to be improved and we have done so,” says Merrill spokesman Mark Herr. “We believe we now have the capacity to respond to regulatory requests in a timely fashion.”
Emails have been the smoking guns in many Wall Street investigations in recent years, enabling crusading New York Attorney General Eliot Spitzer to bring charges against mutual funds, insurers and investment banks. While enforcement actions related to record keeping is old stuff, being hit with a fine for not producing records on time give the Street something new to worry about. The Merrill settlement sends a clear message to the brokerage industry that anything less than full cooperation with regulators’ requests for information will not be tolerated.
At issue is the fact that Merrill has repeatedly failed to promptly furnish emails in connection with various investigations and inquiries involving Merrill’s private client group and certain brokerage-related activities. In October 2003, the commission requested emails on a rolling basis for six Merrill employees as part of an ongoing investigation. Merrill was unable to produce the emails until May 2004, seven months after the initial request. The SEC cited another instance in which the firm took five months to hand over the pertinent email records in connection with another probe.
“It is a problem across Merrill Lynch,” says Richard Grime, assistant director of the SEC’s division of enforcement. “They need to have the proper systems in place and meet the deadlines they’re given.” Grime declined to comment on the content and nature of the emails or the investigations that took place, although a New York Post article suggested that some of the emails were related to an investigation of illegal use of squawk box information. The SEC is currently investigating Merrill employees for allegedly allowing unauthorized daytraders to listen in on the company’s internal squawk box system who then traded on information not yet available to the public. When asked if there was any link between the emails in question and the squawk box investigation, Herr said, “Unequivocally, no.”
The SEC suggests that Merrill may have intentionally delayed efforts to cooperate with examiners. According to the settlement documents, Merrill “knew that regulators had significantly increased their demands for emails in a broad range of investigations and routine inquiries.” Despite its claims that the delay was attributable to the sheer size and volume of the SEC’s request, the commission dismissed that defense saying that Merrill previously stated as early as 2002 that emails generated through its retail branches were “readily retrievable” and those generated outside of its retail branches were “accessible online for review.” The firm also was slow in responding to requests from SROs, state regulators and arbitration panels, the settlement said.
Under the terms of the settlement, Merrill will pay $2.5 million in fines and has been put on notice that further violations of this nature will result in more severe punishments. The deal also requires the firm to conduct an internal audit of its systems and controls related to email record keeping within the next four months. Merrill must hire an independent consultant to review its email policies and procedures within the next 30 days. Upon completion of the audit process, Merrill is required to implement any changes recommended by the consultant and fix any glitches in the system uncovered internally.
The Merrill fine is far from the stiffest of its kind. In August 2004, Deutsche Bank was hammered with an $87.5 million fine for not having the proper controls in place to retain and retrieve email correspondence as part of Spitzer’s global research settlement. In 2003, the SEC, NASD and NYSE fined Goldman Sachs, Smith Barney, Morgan Stanley, Deutsche Bank and U.S. Bancorp Piper Jaffray a combined $8.25 million for having inadequate procedures and systems in place for the retrieval of email. Last month, Morgan Stanley announced that it would pay another $15 million to the SEC over its email-retention woes and is currently negotiating with the NASD over similar charges.
Archiving emails has been a thorny issue for many Wall Street firms because they must determine which emails are considered “records” and which can be deleted. Since the SEC will ask for certain types of emails, it’s not enough to just keep all your emails. Brokerage firms must have email records stored in an organized and easily searchable format so that they can turn around a request from regulators swiftly, which typically means 24 hours.