FinCEN’s Record Canaccord Penalty Is a Warning to Broker-Dealers on AML and BSA Compliance.

FinCEN’s March 6, 2026, enforcement action against Canaccord Genuity LLC is more than a headline-grabbing penalty. It is a clear statement that anti-money laundering compliance remains a core obligation for broker-dealers, and that failures in this area can draw serious scrutiny not only from FinCEN, but also from the SEC and FINRA. FinCEN assessed an $80 million civil money penalty against Canaccord for willful violations of the Bank Secrecy Act and described it as the largest BSA penalty ever imposed against a broker-dealer.

According to FinCEN, the case involved more than isolated procedural lapses. The agency alleged widespread failures in Canaccord’s AML program, including deficient risk-based customer due diligence, inadequate internal controls for monitoring suspicious activity, failures relating to correspondent accounts for foreign financial institutions, and the failure to file at least 160 suspicious activity reports tied to dozens of over-the-counter securities and thousands of suspicious underlying transactions. FinCEN further stated that these breakdowns deprived law enforcement of timely and critical financial information.

For broker-dealers, the larger lesson is straightforward: AML is not a back-office technicality. It is a front-line regulatory function tied directly to investor protection, market integrity, and a firm’s supervisory responsibilities. That is particularly true where a firm operates in higher-risk areas such as OTC securities, low-priced securities, foreign financial institution relationships, or business lines involving elevated fraud risk. FinCEN’s release expressly emphasized those themes.

The Regulatory Framework Is Broader Than Many Firms Appreciate

The BSA establishes the basic framework for AML obligations imposed on financial institutions, including broker-dealers. Through its guidance, the SEC explained that Exchange Act Rule 17a-8 requires broker-dealers to comply with the BSA’s reporting, recordkeeping, and record-retention rules. The SEC identified core broker-dealer AML obligations to include AML programs, customer identification, beneficial ownership and customer due diligence, suspicious activity monitoring and reporting, and due diligence on foreign correspondent accounts.

FINRA Rule 3310 sits directly on top of that framework. It requires each member firm to develop and implement a written AML program reasonably designed to achieve and monitor compliance with the BSA and Treasury’s implementing regulations. At a minimum, that program must include policies and procedures reasonably expected to detect and cause the reporting of suspicious transactions, internal controls, independent testing, designation of responsible AML personnel, ongoing training, and risk-based ongoing customer due diligence.

Why the Canaccord Action Deserves Close Attention

What stands out in the Canaccord action is FinCEN’s focus on execution and resourcing. The release describes a significantly under-resourced AML program that was not proportionate to the risks of the business. FinCEN said the firm was well-positioned to detect suspicious activity in the securities for which it provided trading services, but failed to do so because its monitoring procedures, staffing, training, and internal controls were not reasonably aligned with the risk profile of the firm’s operations.

That point should resonate across the broker-dealer industry. Regulators do not merely expect firms to have surveillance reports, exception queues, and written escalation paths. They expect those tools to work in practice. A firm that handles higher-risk activity without sufficient staffing, training, calibration, or follow-up may face the argument that its AML program was never reasonably designed in the first place. That is the practical significance of the Canaccord action.

The release also underscores the importance of customer due diligence and foreign correspondent-account diligence. FinCEN highlighted alleged onboarding failures involving high-risk customers with reported ties to illicit actors, and it specifically cited failures to conduct required due diligence on correspondent accounts for foreign financial institutions. Those are not peripheral issues. The SEC’s AML guidance identifies both as core broker-dealer obligations, and FINRA’s oversight guidance continues to highlight them as examination priorities.

Suspicious Activity Reporting Remains a Central Enforcement Focus

Another major takeaway is the central role of suspicious activity reporting. Under the SEC’s regulations, broker-dealers are required to monitor for suspicious activity and file SARs when the applicable standards are met. FINRA Rule 3310 likewise requires policies and procedures reasonably expected to detect and cause the reporting of suspicious transactions. FINRA’s oversight guidance further emphasizes that suspicious activity reporting obligations may apply to any transactions conducted by, at, or through the firm, and highlights low-priced securities and fraud-related red flags as recurring risk areas.

In other words, firms should not view SAR obligations narrowly. In the broker-dealer setting, AML risk often overlaps with fraud risk, manipulation risk, microcap or penny-stock risk, and suspicious movement of cash or securities. FinCEN’s Canaccord action reinforces that regulators expect firms to identify and escalate those patterns promptly, especially where the firm’s business model puts it in a position to see the red flags first.

A Further Reminder: Exam Findings Must Be Addressed Promptly

FinCEN also used the Canaccord matter to emphasize remediation. The agency stated that the firm’s regulator had repeatedly found weaknesses in the AML program and that the firm failed to meaningfully address those concerns for years. That point is critical. Once deficiencies are identified in an examination, a firm’s exposure does not turn only on the original weakness. It may also turn on whether the firm responded promptly, credibly, and in a way that can later be demonstrated to regulators.

The reference to the firm’s “regulator” appears, at least in substantial part, to be FINRA. In FINRA’s 2026 AWC against Canaccord, FINRA found that it had cautioned the firm in 2014, 2017, and 2018 about aspects of its AML program, including the need for automated AML trade surveillance given the firm’s volume of low-priced market-making activity, the need to improve review for suspicious trading activity, the need to timely review surveillance, and the need to review the activities of correspondent accounts for foreign financial institutions. FINRA further found that, although the firm took some steps, not all of those issues were timely or adequately addressed. That history closely tracks FinCEN’s emphasis on prolonged remediation failures and helps explain why the latest action should be viewed not as an isolated lapse, but as part of a broader supervisory and AML compliance breakdown under FINRA Rules 3310 and 3110.

Bottom Line

The Canaccord penalty should be read as a warning shot to broker-dealers, particularly those operating in higher-risk areas of the securities markets. The BSA, FINRA Rule 3310, and Exchange Act Rule 17a-8 collectively require more than a paper program. They require a functioning AML compliance program built around the firm’s actual risks, including suspicious activity monitoring, customer due diligence, correspondent-account controls, escalation protocols, training, and independent testing. FinCEN’s latest action shows what can happen when regulators conclude that those controls were not meaningfully designed, staffed, or executed.

AMW Law PLLC provides securities regulatory counsel to broker-dealers, financial advisors, registered representatives, and financial firms in AML compliance matters, FINRA investigations, SEC investigations, FINRA enforcement proceedings, SEC enforcement defense, supervisory and compliance reviews, and responses to regulatory inquiries and examinations. We assist clients with broker-dealer compliance, AML program assessments, SAR-related issues, supervisory procedures, remediation efforts, and risk management strategies designed to address FINRA and SEC scrutiny before problems become enforcement cases.

If your firm or financial advisor practice is facing AML compliance questions, FINRA scrutiny, or an SEC investigation, experienced securities counsel can help assess the issues, respond strategically, and work to reduce regulatory and enforcement risk.