Rule 2010 is the disciplinary rule that FINRA uses to sanction brokers for bad faith or unethical "business-related" misconduct. The line between personal and business activity is not always clear, particularly where brokers are accused of misconduct in connection with their personal bank accounts. Two cases last year grappled with the limits of Rule 2010, both times finding that the misconduct was sufficiently business-related to justify sanctions. These cases are another reminder of Rule 2010's sweeping reach.

Rule 2010

Rule 2010 provides in full: "A member, in the conduct of its business, shall observe high standards of commercial honor and just and equitable principles of trade." The rule is meant to be a catch-all provision aimed at protecting customers by ensuring that securities professionals are honest and ethical.

The rule targets bad faith or unethical conduct. Intentional or willful misconduct—stealing customer funds or submitting fraudulent expense reports to an employer, to cite just two examples—fall easily within the rule. It applies to much more than just fraud, though. FINRA's disciplinary decisions make clear that scienter, or improper motive, is not an element of a Rule 2010 violation.

The rule is also not limited strictly to illegal conduct. While violation of the securities laws is a per se violation of Rule 2010, the rule can also reach immoral conduct that is not expressly prohibited by a law or regulation.

In other words, Rule 2010 has a long reach, and it is thus no surprise that FINRA's Department of Enforcement (Enforcement) invokes the rule in virtually every one of its disciplinary proceedings.

The Business-Related Requirement

One of the few limits on Rule 2010's wide applicability is the requirement that the alleged misconduct be business-related. As with other aspects of the rule, this requirement has been interpreted to reach a wide range of activity. It is not limited to securities-related misconduct. Nor is it limited to activities done in connection with a broker's employment. Instead, the test is focused more broadly on what the activity says about an individual's character; Rule 2010 extends to any misconduct that "reflects on the associated person's capacity to comply with the regulatory requirements of the securities business and to fulfill [his or her] fiduciary duties in handling other people's money." Dep't of Enforcement v. John Anthony Vedovino, 2019 WL 2176672, at *5 (quoting Stephen Grivas, Exchange Act Release No. 77470, 2016 WL 1238263, at *4 (March 29, 2016)) (internal quotation marks omitted).

Phrased this way, the test is open to interpretation, but there are few decisions that give serious consideration to whether the business-related requirement has any meaningful limit.

In 2012, a FINRA disciplinary panel took the rare step of dismissing in part a Rule 2010 case because some of the alleged misconduct was not business-related. In that matter, Department of Enforcement v. Hunt, a broker was accused of, among other things, submitting a series of fraudulent student loan applications for his daughter. In one application, the broker used a customer's name, address, and Social Security number to state falsely that the customer would co-sign the loan. In a different application, the broker submitted a photocopy of his daughter's driver license that had been altered to change the daughter's residential address.

The panel found that fraudulently using a customer's information to co-sign the loan violated Rule 2010. The business-related nexus here was obvious: The co-signer was a customer whose Social Security number the broker had obtained by accessing the customer's file.

The panel did not find a Rule 2010 violation for submitting the altered driver's license, though. There was no proof that the broker used the altered license with the same application that included the phony co-signer, and the driver's license by itself had no tie to any business activity.

Misconduct in Personal Bank Accounts

In Hunt, it was relatively straightforward for the hearing panel to draw a distinction between a loan application that wrongly included customer's information and a loan application that used an altered copy of a family member's driver's license. But the line between business and personal misconduct is not always so clear. In Hunt, Enforcement did not appeal the dismissal of the driver's license allegations, so FINRA's National Adjudicatory Council (the NAC) did not have an opportunity to weigh in the business-related question then. In two cases last year, though, the NAC considered whether misconduct in connection with personal bank accounts can be the basis for Rule 2010 violations.

In the first case, Department of Enforcement v. Vedovino, 2019 WL 2176672 (May 15, 2019), a financial advisor defrauded his employer, Wells Fargo, by falsely claiming that his personal debit and credit cards were used without authorization and then asking Wells Fargo for reimbursements for the transactions. The only nexus between the fraud and the adviser's job was that he used Wells Fargo for his personal banking. The NAC concluded that this was sufficient.

On one hand, this was not a surprising result: The adviser fraudulently obtained money from his employer. Viewed that way, it is not hard to see a business nexus. The financial advisor argued, though, that his reimbursement claims were purely personal—in effect, that any connection between his fraud and his employment was coincidental and not related to any business activity.

The NAC rejected this logic, stressing that as a Wells Fargo employee, the advisor was required to maintain a personal account at the bank and that he received special banking privileges as an employee. That the adviser used so-called "team member" accounts at Wells Fargo to facilitate the fraudulent reimbursement requests was enough to make his misconduct business-related, the NAC found.

The NAC's emphasis on the nature of the adviser's "team member" accounts suggested that it thought it was approaching a limit on Rule 2010's business-related requirement. Would the result of the case have been different if the adviser had used an ordinary, non-employee bank account? Perhaps not—elsewhere in the decision the NAC likened the adviser's conduct to stealing money from an employer by submitting a phony expense report, which is routinely considered "business-related" under Rule 2010—but the NAC's analysis of the question and its focus on the "interconnectedness of [the adviser's] status as an associated person, his team member accounts, and the ethical implications of his misconduct," Vedovino, 2019 WL 2176672, at *5, hinted that the privileged status of the accounts was a significant factor in the result.

The NAC addressed a similar challenge in a second case last year. In that matter, Department of Enforcement v. White, 2019 WL 3425042 (July 26, 2019), a trader was accused of illegally structuring cash deposits in violation of the Bank Secrecy Act by breaking up gambling winnings into amounts of less than the $10,000 currency transaction reporting threshold. The trader argued that he had not engaged in business-related conduct for the purpose of Rule 2010 because the deposits were made to his personal bank accounts.

The NAC disagreed. Noting that Wells Fargo and its employees have a heightened duty to comply with banking regulations, it relied on Wells Fargo's code of conduct and other internal policies that explicitly forbade employees from illegally structuring their personal banking transactions.

Conclusion

The result in White had its roots in the oft-repeated idea that Rule 2010 is aimed at ensuring compliance with the special duties and regulations that govern the securities industry. Neither White nor Vedovino foreclosed the possibility that certain purely personal bank account-related misconduct may be beyond Rule 2010's reach. Securities professionals should be aware, however, that FINRA and the NAC have traditionally taken an expansive view of the types of bad faith or unethical activity that fall within the rule's scope.

John Curley is a partner at Hoguet Newman Regal & Kenney in New York. He focuses his practice on complex business and securities litigation, as well as securities-related regulatory investigations and proceedings. He can be reached at [email protected].