The Securities and Exchange Commission (SEC) announced that broker-dealers Robinhood Securities and Robinhood Financial have agreed to pay $45 million in combined civil penalties to settle a range of SEC charges arising from their brokerage operations.
“It is essential to the Commission’s broader efforts to protect investors and promote the integrity and fairness of our markets that broker-dealers satisfy their legal obligations when carrying out their various market functions,” said Sanjay Wadhwa, acting director of the SEC’s Division of Enforcement. “Today’s order finds that two Robinhood firms failed to observe a broad array of significant regulatory requirements, including failing to accurately report trading activity, comply with short sale rules, submit timely suspicious activity reports, maintain books and records, and safeguard customer information.”
According to the SEC’s order, the violations by Robinhood related to the following conduct:
- Suspicious Activity Reporting: From January 2020 through March 2022, Robinhood failed to timely investigate suspicious transactions, resulting in systematic failures to timely file suspicious activity reports.
- Identity Theft Protection: From April 2019 to July 2022, Robinhood failed to implement adequate policies and procedures designed to protect their customers from the risk of identity theft.
- Unauthorized Access to Robinhood Systems: From June 2021 through November 2021, Robinhood failed to adequately address known risks posed by a cybersecurity vulnerability related to remote access to their systems. In November 2021, a third party obtained unauthorized access and downloaded information related to millions of individuals who had provided that information to Robinhood.
- Off-Channel Communications: Robinhood had longstanding failures to maintain and preserve electronic communications in violation of the recordkeeping provisions of the federal securities laws. Both firms admitted the findings in the order concerning their off-channel communications failures.
- Retention of Brokerage Data: Robinhood failed to maintain copies of core operational databases in a manner that ensured legally required records were protected from deletion or modification for the required length of time.
- Failure to Maintain Customer Communications: Robinhood failed to maintain some of their communications with their brokerage customers as legally required between 2020 and 2021.
In addition, according to the SEC’s order, Robinhood Securities alone committed the following violations:
- Electronic Blue Sheets: For more than five years, Robinhood Securities failed to provide complete and accurate securities trading information, known as blue sheet data, to the SEC. Robinhood Securities admitted the SEC’s findings concerning blue sheet filings.
- Fractional Share Trading and Stock Lending: In connection with its stock lending and fractional share trading programs, Robinhood Securities failed to comply with Regulation SHO, the regulatory framework designed to address abusive short selling practices. From May 2019 through December 2023, Robinhood Securities violated Reg SHO’s close-out, order-marking, and locate requirements.