Money Penalties: Securities and Futures Regulators Collect Many Fines But Need to Better Use Industrywide Data

SEC staff have been entering Self Regulatory Organizations' (SROs) disciplinary (19d-1) actions into a database. They have entered all actions from 2002, and are partially complete with 2003 and 2004. They already have run some reports from this information to analyze it and used the data to identify actions that seem like outliers for a particular violation. However, these turned out to be multi-violation cases and thus the lower penalties for the particular violation were made up for by other charges. They are also using reports from the database in their current round of examinations at one SRO's district offices. Although no set schedule for conducting analysis of this data has been proposed, the staff indicated that it will be reviewed periodically. SEC also has recently received approval internally for funding for a new system that will allow the SROs to input or upload their actions directly into the SEC's database. The development of the system is expected to occur in the fall of 2004.

This recommendation is closed. CFTC now documents its analyses in quarterly reports, as well as in an annual report on civil monetary penalties.

SEC's Office of Compliance Inspections and Examinations (OCIE), which has oversight responsibility over securities SROs and routinely inspects their disciplinary programs, has begun to analyze data on the SROs' disciplinary actions. The analyses to date focused on six commonly-cited SRO rule violations and covered the following: misrepresentation or material omissions of fact, failure to respond truthfully and completely, outside business activities, net capital violations, conversion, and continuing education requirements. OCIE has plans to conduct additional analyses and to use the findings from its analyses to determine the scope and timing of future SRO inspections.

This recommendation is closed. CFTC sent SROs a letter requiring them to automate their fine collection activity, and all SROs with sufficient volume to warrant automation have automated systems.

SEC's Office of Compliance Inspections and Examinations (OCIE), which has oversight responsibility over securities SROs and routinely inspects their disciplinary programs, has begun to analyze data on the SROs' disciplinary actions. On January 31, 2005, OCIE staff provided GAO with copies of analyses conducted to date. The analyses focused on six commonly-cited SRO rule violations and covered the following: misrepresentation or material omissions of fact, failure to respond truthfully and completely, outside business activities, net capital violations, conversion, and continuing education requirements. A senior OCIE official, Helene McGee, told GAO during a May 5, 2005, follow-up interview that OCIE had not conducted any additional analyses since the January 31st meeting, but plans to do so. She said OCIE also plans to use the findings from its analyses to determine the scope and timing of future SRO inspections. SEC's Office of Information Technology has also established a September 2005 time frame for implementing a new Web-based SRO database to replace the current database. As of May 2005, OIT was on schedule to meet all of its internal goals for a successful September 2005 deployment.