FINRA warns that fraudsters are increasingly using AI and other technologies to scam victims — sometimes even with the victims' help.
The Financial Industry Regulatory Authority, the broker-dealer industry's self-regulator, published on Tuesday its annual
FINRA warns, for instance, that scammers are employing social media posts to direct investors to phony investment clubs where they're encouraged to put their money into risky securities. Sometimes the inducement to join comes from "deepfake" audio and visual impersonations of financial gurus devised with the help of AI.
READ MORE:
FINRA is also warning of scams in which fraudsters gain clients' trust and persuade them over time to move money out of their accounts, ostensibly for investment purposes. Many times the bad actors reach out through text messages or online portals.
Similarly, fraudsters are setting up fake websites designed to look like legitimate pages posted by broker-dealers, firms' registered representatives, regulators or law enforcement agencies. FINRA said scammers are also using AI in attempts to manipulate the market — sometimes by using deepfakes of financial gurus to dispense investment advice.
As far as
Rather than relying on AI for investment advice, wealth managers are using it to summarize information from multiple sources, to check the accuracy of transaction reports against the source data and to quickly retrieve policies and procedures from regulatory documents.
"We're monitoring the evolution of generative AI and the industry," Greg Ruppert, the executive vice president of member supervision,
Keeping an eye on subcontractors
FINRA's report also showed that regulators continue to be concerned about the third-party vendors many firms rely on for various services and products. The Securities and Exchange Commission, which oversees FINRA,
That proposal has since stalled. But FINRA is still anxious that third parties could present risks, such as being a weak spot in a firm's cybersecurity defenses. FINRA recommended firms keep a list of all the subcontractors they employ and then check up with them regularly to make sure their internal procedures and policies match their own compliance requirements.
"Really we're looking at an increase in the number of cyber attacks and related cyber outages that happen at third-party providers — not at the member firms themselves," Ruppert said in the podcast. "That has a direct impact on our member firms. And it also can have a cascading impact if other firms rely on member firms for services."
Bill St. Louis, FINRA head of enforcement, said in the podcast that both FINRA and the SEC have been reviewing firms' cybersecurity systems and pointing out deficiencies when necessary. But those efforts haven't always borne fruit.
"And even after such notice, the firms have experienced numerous cyber incidents that could have been avoided if they had reacted to the red flags that were brought to their attention," St. Louis said.
Anti-money-laundering efforts
FINRA is also concerned that third parties may not have safeguards matching member firms' prohibitions on money laundering. Anti-money laundering, or AML, has been another priority of regulators in recent years.
"In the AML space, we continue to bring a number of significant cases," St. Louis said.
St. Louis said some of the recent enforcement actions involved firms that had internal systems designed to check the identities of current or potential customers and detect affiliations with bad actors.
"But the systems weren't calibrated properly, and there was a lack of testing around those systems that contributed to those failures," St. Louis said.
RILAs and Reg BI
St. Louis also called attention to concerns about registered index linked annuities, or RILAs. RILAs are insurance-like products that track stock or other indexes and provide steady income in return sometimes for high fees and commissions.
St. Louis noted that brokers who recommended RILAs are required by the SEC's Regulation Best Interest conduct standard to do what's best for their clients. He said questions have arisen over wealth managers who move investors out of other types of annuities, such as variable annuities, and into RILAs.
Such transactions can sometimes cause clients to pay additional fees and commissions.
"Sales of RILAs have recently outpaced sales of variable annuities, so it's important for firms to ensure that their procedures and supervisory systems are set up to ensure recommendations and sales of this product adhere with their requirements under Regulation Best Interest," St. Louis said. "One issue we continue to observe is around recommendations to replace or exchange a variable annuity with a RILA or with a new variable annuity where proper consideration isn't given to the benefits the customer would be giving up or sacrificing within the exchange."
