FINRA Imposes $1M Fine on Morgan Stanley Over Alleged Risk Control Documentation Failures

The Financial Industry Regulatory Authority (FINRA) has fined broker-dealer Morgan Stanley $1 million due to alleged documentation lapses tied to risk management controls and supervisory procedures, specifically regarding violations of the Market Access Rule.

According to FINRA’s disciplinary action announced on Friday, Morgan Stanley's oversight of customer orders, including how these were categorized as either low- or high-touch, was insufficiently clear. This lack of clarity, FINRA alleged, created a risk that erroneous orders could reach the market without adequate controls.

In Morgan Stanley’s processes, low-touch orders are automated, while high-touch orders undergo manual processing. FINRA alleged that the firm “permitted orders that had been manually reviewed and released and subsequently amended at a later time … without additional manual review,” meaning previously reviewed orders could be altered and re-entered into the market without another review step.

Morgan Stanley has since addressed these issues, completing remediation by June 2023. The firm agreed to the settlement without admitting or denying FINRA’s findings, and declined to comment on the matter. According to FINRA, the case highlights the critical importance of comprehensive risk management controls for broker-dealers and others within the securities sector.

Morgan Stanley’s past compliance history with the Market Access Rule includes a $1.1 million fine in June and August of 2018, as well as a $4 million penalty from the Securities and Exchange Commission (SEC) in December 2014, all over similar regulatory breaches.

From August 2019 to June 2023, Morgan Stanley reportedly failed to adequately document the reasoning behind customer-specific low- and high-touch order categorizations.

Additionally, the firm relied on a “standardized market impact limit control” for low-touch customers, which FINRA alleged did not include software equipped for “high-speed direct market access to latency-sensitive customers.”

FINRA stated that some of Morgan Stanley’s largest clients used software to submit high volumes of orders at a rapid pace, increasing the risk of market-impacting erroneous orders.

When transactions did not meet Morgan Stanley’s internal risk thresholds, these orders were paused, yet the personnel tasked with reviewing flagged transactions did not have to document why orders were released back into the market post-review, according to the disciplinary action.

FINRA concluded that Morgan Stanley had breached FINRA Rules 3110 and 2010, as well as the Market Access Rule. In addition to the $1 million fine, the firm has agreed to a censure. 

By fLEXI tEAM