The proceedings related to “various investigations and
inquiries” being carried out by SEC staff into Merrill Lynch
between October 2003 and February 2005. In the course of this,
according to the SEC, it had asked the firm to provide certain
emails dealing with its business as a broker, dealer and member of
an exchange.
US regulatory rules require that securities and investment firms
have adequate systems, procedures and policies in place to promptly
produce evidence, including emails, requested in the course of an
investigation. Communications relating to its business must be kept
for three years.
However, according to the SEC, on numerous occasions Merrill
Lynch was unable to furnish the requested emails promptly. On one
occasion it took around seven months to produce the emails, on
another around five months.
The regulator found that Merrill Lynch had wilfully breached the
Securities and Exchange Act 1934, and Rules relating to it.
The action has now settled, with the firm, which has not
admitted any wrongdoing, undertaking to review its systems,
procedures and policies in connection with email retention and to
appoint a Consultant to advise on the review.
The SEC has censured Merrill Lynch and imposed a penalty of $2.5
million.
Merrill Lynch spokesman Mark Herr told Reuters that the firm has
improved its systems and now believes it is able to promptly
provide any further requested emails.
OUT-LAW is running a series of free events on Data Retention
across the UK in May. See details of the OUT-LAW Breakfast Seminars.
