The U.S. Securities and Exchange Commission has censured Morgan Stanley Smith Barney, in Purchase, and assessed a $15 million penalty against the wealth management firm for inadequate supervision of four employees who stole millions of dollars from clients.
Morgan Stanley cooperated with the investigation, according to the SEC, and consented to the Dec. 9 cease-and-desist order and sanctions.
From mid-2015 to mid-2022, Morgan Stanley failed to detect hundreds of unauthorized cash transfers from client accounts.
The firm understood the risks and had even implemented fraud detection software in 2015, believing that it would catch such fraud. But the software was not designed to detect the kinds of illegal transfers that four employees exploited.
And for five years, the SEC says, Morgan Stanley did not test the software to see if it worked.
The failures enabled Michael Barry Carter, of the firm’s Tysons Corner, Virginia office, to steal about $6.1 million by making it look as if clients had authorized cash transfers. At least 53 wire transfers went to his personal accounts to pay for a mortgage, credit card bills and country club membership fees.
Investment advisers in Cupertino, California, El Paso, Texas, and Southlake, Texas also exploited the flawed system and misappropriated more than $1.7 million from client accounts from 2015 to 2022.
The SEC concluded that Morgan Stanley had failed to implement policies and procedures to detect financial advisers who were misappropriating client funds.
The agency ordered the firm to hire an outside consultant to review anti-fraud controls, adopt all recommendations, and pay the $15 million penalty within 14 days.
The SEC noted that Morgan Stanley has compensated the clients whose funds were stolen.
