The largest penalty ever imposed against a broker-dealer for violating the Bank Secrecy Act (BSA) has been served after what regulators describe as a “willful failure” to investigate and report suspicious transactions.

Canaccord Genuity Group Inc’s broker‑dealer subsidiary, Canaccord Genuity LLC, has entered into final settlement agreements with the SEC, FINRA, and the Financial Crimes Enforcement Network (FinCEN). The total settlement amount came to $80m, of which $5m is suspended pending the delivery of a satisfactory suspicious activity reporting (SAR) review pursuant to the terms of the FinCEN consent order.

Last year, the Canadian regulators, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) and the Canadian Investment Regulatory Organization (CIRO) separately fined and charged the business for alleged violations of anti-money-laundering and terrorist-financing regulations, citing many of the same compliance failures identified by the US regulators last week.

Trade surveillance reports

FinCEN said that “throughout the Relevant Time Period, Canaccord relied extensively on trade surveillance reports that – if properly designed, calibrated, and reviewed – could have enabled the Firm to detect and report the types of potentially suspicious activity that the Firm recognized were most likely to arise in its OTC [over-the-counter] market making business, which the Firm had identified as a higher-risk business line.”

But this did not happen for some time because Canaccord “failed to make the relevant reports effective for this purpose, including sufficiently investing in the hiring, training, and oversight of AML personnel tasked with implementation and review of the trade surveillance reports.”

FinCEN stated that even the deficient reports that Canaccord used during that time period “often went unreviewed for months or years at a time by AML personnel.” And FinCEN said that once FINRA started reviewing such reports, “two compliance employees at Canaccord falsified records to give the false impression that they were completing reviews of trade surveillance reports when they were not.”

And in terms of adequate due diligence, FinCEN said “Canaccord also willfully failed to investigate and report a high volume of suspicious transactions in its high-risk lines of business during the Relevant Time Period, including transactions tied to securities fraud and other market manipulation schemes.”

Deficiencies not remedied

In 2016, FINRA identified deficiencies in Canaccord’s AML program, including Canaccord’s failure to implement an adequate program for detecting and reporting suspicious activity.

And in 2025, in an action targeting compliance professionals individually, FINRA suspended Canaccord Genuity’s former chief compliance officer and the former head of its trading compliance group, charging them with improperly supervising the firm’s surveillance of securities transactions from February 2017 to December 2022.

Citing Canaccord’s “high trade volume as a market maker in low-priced securities,” FINRA recommended that it take several remedial steps, including “increasing its use of electronic and automated reports, including adopting a mechanism for identifying “abusive patterns in wire and trading activity.”

Canaccord committed in writing to a corrective action plan that included implementation of automated trade surveillance reports for low-priced securities.

Many of the deficiencies continued to exist, though, since the firm took actions such as setting unreasonable surveillance parameters around trading, “including to reduce the volume of activity captured in the reports,” rather than look at the problem based on the nature and extent of the risk imposed.

For some time, the company employed “inadequate staffing” and had just four employees (each of whom had other responsibilities) conduct trade surveillance, looking at “more than 100 unique reports, many of which were daily reports.”

For stretches of time ranging from months to four years, Canaccord entirely failed to review its low-priced, low-volume, pump and dump, self-trading, and wash sales reports.” And when reviews happened, filters were used mainly to “manage the scope of the review” … “without consideration for the actual risk profile of transactions captured by the report.”

And using boldface in its order, FinCEN touched on the inadequacy of Canaccord’s monthly “pump and dump report,” saying that, for some time, “the report used by Canaccord’s market making business only reflected transactions with a 25% price movement that occurred in a single day. Such a threshold was not reasonable given that the patterns of activity that this report was intended to identify frequently take place over longer periods of time, and Canaccord had not conducted research or testing in establishing the parameters.”

Untrained AML compliance officers

FinCEN referenced Canaccord’s resourcing issues, but the agency also highlighted the fact that many of its employees performing the important AML surveillance work for the business “lacked the knowledge, experience, and training to
perform their duties.”

The order states: “Although Canaccord designated a BSA Officer … the BSA Officer delegated authority for oversight of Canaccord’s trade surveillance program to a newly hired Head of Trading Compliance who lacked prior AML experience and who did not receive training or guidance regarding his new role, other than sitting with a departing employee for a few days.”

The Head of Trading Compliance then delegated to three employees the task of reviewing most of the reports that Canaccord used to monitor for suspicious trading activity. These people lacked prior AML experience, were hired for jobs that had not listed “AML” as part of their responsibilities, and did not receive appropriate training for performing such important oversight tasks.

“[This action] should serve as a wake-up call to broker-dealers that willfully fail to comply with their obligations to safeguard the financial system from illicit actors.”

Andrea Gacki, Director, FinCEN

Plus: “Neither the BSA Officer nor Head of Trading Compliance questioned why, over the course of several years, many of the trade surveillance reports – several of which were not, in fact, being reviewed – had never led to a single
escalation of potentially suspicious activity,” FinCEN said.

Undertakings

Canaccord agreed to do the following to satisfy the terms of the consent order:

• Engage a qualified independent consultant at its own expense to conduct a SAR Lookback Review.
• Deliver a detailed SAR Lookback Report to FinCEN that summarizes its review.
• Complete the filing of SARs for all of the covered transactions that should have had a report made on them.

And FinCEN said it considered a number of factors in determining its fine and penalty, from the “extent of possible harm to the public and amounts involved” to “management’s complicity in, condoning or enabling of, or knowledge of the conduct underlying the violations.”

Interestingly, the regulator also mentioned how its remedial measures were not prompt and effective, saying that although they ended up being implemented, they came “near the end of the Relevant Time Period (after years of non-compliance with supervisory findings).”

And it noted that Canaccord did not voluntarily disclose the violations to FinCEN and even made false representations through its employees to another regulator at an earlier stage of that regulator’s investigation into the same misconduct.

Violations

The following rules violations were cited in these US regulators’ orders:

FinCEN

• 31 USC Section 5318(h), for willfully failing to implement and maintain an AML program that met the minimum requirements of the BSA.

• 31 USC Section 5318(g), for willfully failing to accurately and timely report suspicious transactions to FinCEN.

• 31 USC Section 5318(i) for willfully failing to conduct due diligence on correspondent accounts in the US for foreign financial institutions.

SEC

• Rule 17a-8 for not abiding by the reporting, recordkeeping and record retention requirements of currency and foreign transactions.

Canaccord and Canadian regulators

Canaccord Genuity is headquartered in Vancouver and Toronto, Canada, and it offers services on a global scale.

Its broker-dealer (the subject of these actions) largely offers OTC stocks – a high-risk business model for broker-dealers and financial advisers due to the inherent volatility and low liquidity OTC market, which has far more opacity (less public disclosure) than the traditional stock arena.

FinCEN notes in its order that “between 2018 and 2022, Canaccord ranked among the top five largest market makers (by trading volume) for OTC low-priced securities, executing nearly $70 billion in transactions where the stock traded for less than five dollars.”

Last July, FINTRAC announced that it had charged the firm C$544,500 over charges that the firm failed to conduct due diligence on high-risk clients, including by failing to take stock of negative media reports.

And CIRO charged the firm, saying it “failed to act as a gatekeeper to the capital markets in relation to the trading activity in low-priced securities listed or traded over-the-counter in the US,” with Canaccord agreeing to a fine of $600,000, disgorgement of $2,200,000, and costs of $50,000 in Canadian dollars.

Company statement

FinCEN’s press release announcing the charges said Canaccord failed “to implement and maintain an AML program that met the requirements of the BSA, including failures to conduct appropriate risk-based customer due diligence and to establish and implement internal controls to monitor transactions for suspicious activity.”

FinCEN Director Andrew Gacki took the opportunity to state that the action “should serve as a wake-up call to broker-dealers that willfully fail to comply with their obligations to safeguard the financial system from illicit actors.”

For its part, Canaccord issued a statement about the resolutions with US authorities through a board member, the Lead Independent Director of Canaccord Genuity Group Inc., saying the company has moved past its shortcomings.

“Since these matters came to light, we have overseen a wholesale change in compliance leadership and oversight, working closely with management to enhance the culture of compliance, while engaging constructively with regulators. This reflects our responsibility to all stakeholders and our enduring commitment to maintaining trust, transparency, and sound governance.”

Auerbach said that over the last three years the company had undertaken a “comprehensive transformation of its compliance framework” by taking bold actions, including a “wholesale change in compliance leadership.” Other remedial actions included:

• investing substantially in compliance transformation;
• increasing its supervisory personnel and compliance staffing;
• updating its surveillance reports and new surveillance tools;
• revising processes for suspicious activity identification, investigation, and reporting;
• retaining third-party consultants to conduct a comprehensive review of its AML program; and
• new supervision and review protocols.

Compliance considerations

The FinCEN enforcement order covered a period from March 2018 to June 2024, and the SEC’s order covers the period between June 2019 and March 2022.

FinCEN went into great detail in its order to note the surveillance failings in failing to detect and report suspicious trading, even noting that the suspicious activity included an account for a Cyprus-based firm that spent years helping Russian oligarchs move money out of Russia.

Updated financial statements showed substantial changes in one such customer’s accounts, whose total assets grew by over 400% in a three-year period.