According to FINRA, Brex Treasury LLC, based in Salt Lake City, Utah, was censured and fined $900,000 for failing to maintain a reasonably designed anti-money laundering (AML) program, including inadequate procedures for customer identification, beneficial ownership verification, and suspicious activity reporting. The firm was found in violation of its AML obligations under FINRA rules and the Bank Secrecy Act.

Anti-money laundering programs are a cornerstone of the regulatory framework designed to prevent the financial system from being exploited for illicit purposes, including fraud, money laundering, and terrorist financing. A key component of any AML program is the Customer Identification Program (CIP), which requires firms to verify the identity of customers opening new accounts. Firms must also identify and verify the identities of beneficial owners of legal entity customers to ensure they know who ultimately controls the accounts they service.

The findings revealed that Brex Treasury's AML program failed to include reasonably designed procedures for verifying the identities of customers or for identifying and verifying the identities of beneficial owners of legal entity customers. The firm relied on regulatory technology, or regtech, that was not reasonably designed to verify the identities of new customers. While the use of technology in compliance programs is common and often beneficial, technology is only as effective as its design and implementation. In this case, the technology the firm relied upon was inadequate for the task.

As a result of these failures, the firm approved hundreds of potentially fraudulent accounts that attempted over $15 million in transactions using deposited funds that failed to settle. The firm also failed to have AML policies and procedures reasonably designed to cause the filing of Suspicious Activity Reports (SARs) in connection with transactions in these accounts when required. SARs are critical tools that alert law enforcement to potentially illicit financial activity.

For investors, this case highlights the risks that can arise when firms adopt new technologies without ensuring they are fit for purpose. While fintech and regtech solutions can enhance compliance, they must be rigorously tested and validated to ensure they meet regulatory requirements. Investors should be aware that firms with inadequate AML programs may be more susceptible to fraud, which can ultimately affect the safety of customer assets. This case also serves as a reminder that FINRA holds firms accountable for the effectiveness of their AML programs, regardless of whether those programs rely on manual processes or automated technology.