On 14 August, 2024, the Commodity Futures Trading Commission (CFTC) levied significant penalties on three prominent financial institutions—Truist Bank, The Toronto Dominion Bank (TD Bank), and Cowen and Company—for pervasive failures related to recordkeeping, supervision, and the improper use of unapproved communication methods. These enforcement actions are a stark reminder of the critical importance of compliance with federal securities laws and CFTC regulations, with cumulative penalties reaching into the millions of dollars.
Truist Bank, a leading financial services provider based in North Carolina, has been ordered to pay a $3 million civil monetary penalty after the CFTC found that the bank failed to maintain, preserve, or produce records as required under CFTC recordkeeping regulations. The CFTC’s investigation revealed that from December 2019 through the present, Truist employees, including senior executives, engaged in business-related communications using unapproved methods such as personal text messages and social media applications. These communications, which were critical to the bank’s swap dealer operations, were neither monitored nor archived, in direct violation of both the bank’s internal policies and federal regulatory requirements.
Despite having policies in place that broadly prohibited the use of unapproved communication methods for conducting firm business, Truist’s failure to enforce these policies resulted in a significant loss of business-related communications. The firm required regular attestations from employees affirming compliance with communication policies, yet the widespread use of personal devices and applications continued unchecked. Recognizing the gravity of these lapses, Truist conducted an internal review, identified the violations, and proactively self-reported them to the CFTC. This decision to self-report, combined with the bank’s substantial cooperation during the investigation, led to a reduced penalty.
TD Bank, another major player in the financial industry, faced even stiffer penalties, with the CFTC imposing a $4 million fine for its failure to diligently supervise its electronic communications surveillance system. The investigation revealed that TD Bank’s oversight of its surveillance processes was severely lacking, resulting in a five-year period during which communications from hundreds of its swap dealer personnel were not properly monitored. The issue began in July 2016 when a vendor-related change disrupted the bank’s automated process for ingesting communications into its surveillance tool. Instead of rectifying the problem, the bank relied on a temporary manual process, which was eventually abandoned in January 2018, leaving a substantial gap in surveillance.
This failure persisted until March 2023, by which time TD Bank had failed to surveil any new messaging platform accounts created after January 2018. The CFTC’s order highlighted the bank’s inadequate supervision and internal monitoring, which prevented it from detecting the surveillance gap for several years. TD Bank’s failure to escalate these issues to a senior oversight body further compounded the problem. Despite these lapses, the CFTC acknowledged TD Bank’s cooperation during the investigation and its ongoing remediation efforts.
In a related enforcement action, the CFTC imposed additional penalties on both TD Bank and Cowen and Company for their failure to maintain and preserve required business-related communications. TD Bank was ordered to pay an additional $75 million, while Cowen was fined $3 million. The orders revealed that both firms allowed their employees, including those at senior levels, to use unapproved communication methods for conducting business. These communications were critical to the firms’ CFTC-registered activities, yet they were not maintained or preserved as required, leading to significant compliance failures.
The CFTC’s investigation found that the use of unapproved communication methods, such as personal text messages, violated the firms’ internal policies and federal regulations. The failure to preserve these communications meant that neither firm could promptly provide the necessary records to the CFTC when requested, severely undermining the regulatory oversight process. Furthermore, the supervisory personnel responsible for ensuring compliance with these policies were themselves found to be using unapproved methods for business-related communications, exacerbating the firms’ compliance breaches.
These enforcement actions are part of a broader CFTC crackdown on non-compliance within the financial industry. Since December 2021, the CFTC has imposed over $1.2 billion in civil penalties on 24 financial institutions for similar violations of recordkeeping, supervision, and communication requirements. The significant penalties imposed on Truist Bank, TD Bank, and Cowen and Company shows the CFTC’s commitment to enforcing regulatory standards and protecting the integrity of the financial markets.
(Source: https://www.cftc.gov/PressRoom/PressReleases/8945-24, https://www.cftc.gov/PressRoom/PressReleases/8944-24, https://www.cftc.gov/PressRoom/PressReleases/8943-24)
