Robinhood Fine - $45M - SEC - Regulatory Violations - Jan 2025

Quick facts

• Robinhood Fine Amount: $45 million total ($33.5M for Robinhood Securities, $11.5M for Robinhood Financial)

• Date: 13 January 2025

• Violation Period: October 2018 - April 2024

• Primary Violation: Recordkeeping, Regulation SHO violations, Suspicious Activity Reporting Failures

Robinhood Fine Overview

The Securities and Exchange Commission announced that Robinhood Securities LLC and Robinhood Financial LLC have agreed to pay a combined $45 million in civil penalties to settle charges related to multiple regulatory violations. The violations span several critical compliance areas including blue sheet submissions, short-selling regulations, suspicious activity reporting, identity theft protection, and recordkeeping requirements.

Details of the Robinhood Fine

ELECTRONIC BLUE SHEET (EBS) SUBMISSIONS

Robinhood Securities made at least 11,849 deficient Electronic Blue Sheet (EBS) submissions to the SEC between October 2018 and April 2024, affecting over 392 million transactions. The errors included:

• Misreporting primary party identifiers.

• Incorrect contra-party identifier information.

• Missing transaction reports.

• Duplicate transaction submissions.

• Inaccurate order execution times.

REGULATION SHO VIOLATIONS

From December 2019 through December 2023, Robinhood Securities violated multiple aspects of Regulation SHO:

• Mismarked over 15 million principal short sales as "long".

• Incorrectly marked over 58 million fractional share riskless principal orders.

• Improperly marked 4.5 million orders as "short exempt" without meeting the necessary conditions.

• Failed to properly close out fails to deliver from stock lending activities.

SUSPICIOUS ACTIVITY REPORTING

By the end of 2019, Robinhood had 5.1 million funded accounts, which grew to 12.5 million by the end of 2020, and reached 22.7 million by the end of 2021. However, their anti-money laundering (AML) program did not scale appropriately with this growth.

• Surveillance System Issues.

  • Until mid-2021, Robinhood relied on proprietary surveillance software that generated an excessive number of false positives.

  • The high volume of false alerts artificially increased the review workload, contributing to processing delays.

• Process Management Deficiencies.

  • AML personnel relied on basic spreadsheets and shared folders to track and manage investigations.

  • This inefficient system contributed to significant investigation backlogs.

  • By the end of 2020, over 10,000 potentially suspicious transactions remained unresolved beyond the firm's internal 45-day deadline.

• Timeline Violations.

  • The average time to file SARs reached 198 days after initial flagging.

  • This significantly exceeded the regulatory requirement to file SARs within 30 days of initial detection.

  • Even with the additional 30-day extension allowed for identifying suspects, many filings fell well outside compliance timeframes.

RECORDKEEPING VIOLATIONS

The SEC identified multiple recordkeeping failures across different aspects of Robinhood's operations:

• Off-Channel Communications

  • Employees, including senior personnel, used unauthorized communication channels for business-related messages.

  • These included personal devices and unapproved messaging platforms.

  • The firm failed to preserve these business-related communications as required by Exchange Act Rule 17a-4(b)(4).

• Core Operational Database Issues

  • Prior to December 2020, Robinhood maintained WORM-compliant backups of operational data.

  • After system changes in 2020, their WORM backup system no longer captured all required data.

  • Affected systems included:

    • Security order placement, accounting, and position tracking systems.

    • Cash movement handling systems.

    • Customer and account information databases.

• Customer Communications Failures.

  • Between March 2020 and March 2021, approximately 1.6 billion template-based customer communications were not properly preserved.

  • The issue arose when communication volumes exceeded their third-party archiving vendor's ingestion limits.

  • Affected months included March 2020, August 2020, September 2020, October 2020, January 2021, February 2021, and March 2021.

• Data Retention Compliance.

  • Customer statements, trade confirmations, and blue sheet reports were not maintained in a fully compliant manner until December 2023.

  • While using a WORM-compliant cloud storage service, retention periods were not properly configured to meet regulatory requirements.

Robinhood Fines and Penalties

The $45 million penalty was divided between the two entities:

Robinhood Securities ($33.5M):

• $7M for EBS violations

• $15M for Regulation SHO violations

• $6.5M for suspicious activity reporting failures

• $4M for recordkeeping violations

• $1M for identity theft and customer protection violations

Robinhood Financial ($11.5M):

• $6.5M for suspicious activity reporting failures

• $4M for recordkeeping violations

• $1M for identity theft and customer protection violations

Select Quotes

• "It is essential to the Commission's broader efforts to protect investors and promote the integrity and fairness of our markets that broker-dealers satisfy their legal obligations when carrying out their various market functions." - Sanjay Wadhwa, Acting Director of the SEC's Division of Enforcement

• "At the time of its EBS submissions, Robinhood Securities did not detect the above errors at least in part because it did not have reasonable policies and procedures to verify that all of the information it was reporting was accurate."

• "Respondents' policies and procedures were not reasonably designed to meet the requirements of the Safeguards Rule of Regulation S-P. Specifically, Respondents did not implement appropriate written policies and procedures reasonably designed to prevent unauthorized individuals from gaining access to certain of Respondents' systems with confidential customer information."

Sources

• SEC - Press Release

• SEC - Order