Financial regulators recently penalized Osaic Institutions, Inc., formerly known as Infinex Investments, Inc., with a censure and a $650,000 fine for significant anti-money laundering compliance deficiencies. The firm failed to maintain a program reasonably designed to detect and report suspicious transactions as required by federal law. Investigations revealed that the organization relied on generic templates and failed to monitor high-risk activities involving international jurisdictions. These systemic lapses left the brokerage vulnerable to illicit financial flows for several years. The settlement includes an undertaking for senior management to certify the remediation of these oversight gaps.

Suspicious Activity Reporting Deficiencies and Template Reliance

The enforcement action highlights that from September 2021 through the present, the firm operated without an effective framework for identifying potentially criminal financial behavior. Rather than building a customized system tailored to its specific business risks, the organization utilized a generic template that provided insufficient guidance for staff. This template omitted critical triggers for filing a suspicious activity report, such as attempted transactions involving at least $5,000 in assets. The lack of detailed protocols meant that employees were not properly equipped to investigate red flags or escalate concerns regarding possible cyber-events and fraudulent transfers.

Internal procedures failed to address the complexities of a firm managing hundreds of thousands of accounts and significant transaction volumes. By relying on a non-tailored program, the firm overlooked the necessity of monitoring for specific indicators of money laundering that were prevalent within its retail brokerage model. The absence of clear instructions for escalating suspicious behavior meant that many potential threats were never properly evaluated for regulatory reporting. This reliance on boilerplate documentation rather than a risk-based approach constitutes a core failure in meeting federal standards designed to protect the financial system from abuse.

Failure to Review Anti-Money Laundering Exception Reports

Evidence shows a persistent failure to conduct timely reviews of exception reports designed to flag high-risk transactions. Between late 2021 and late 2024, the firm utilized only a handful of reports that monitored narrow categories, such as low-priced security purchases. This limited scope ignored vast areas of potential risk, including third-party wire transfers and movements to countries known for weak financial oversight. Even when reports were generated, the firm often neglected to review them for weeks or months at a time. In some instances, the backlog reached twenty-four weeks, rendering the surveillance efforts effectively useless for real-time detection.

Internal confusion further hampered the compliance effort, as there was no clear designation of responsibility for checking these automated alerts. The firm failed to review at least thirty individual exception reports entirely and was delinquent on over one hundred others. This oversight occurred despite the firm processing hundreds of thousands of money movements and securities transactions annually. Without active monitoring of these alerts, suspicious patterns such as unexplained repetitive wires or unusually large foreign currency movements remained undetected. The firm was eventually put on notice of these gaps through independent testing and regulatory requests, but took years to implement functional review procedures.

Ongoing Customer Due Diligence and Risk Profile Gaps

The firm also neglected its obligations regarding customer due diligence and the maintenance of accurate risk profiles. Regulatory requirements mandate that financial institutions understand the nature of customer relationships to identify deviations from normal behavior. However, the internal policies were silent on the requirement to update customer information on a risk basis. While the compliance officer was technically tasked with developing profiles, the firm provided no practical guidance on how to execute this duty. This resulted in a total lack of risk profiles for domestic customers during the period under investigation.

For foreign accounts, the firm did not establish a risk-scoring mechanism until late 2023, at which point it simply applied a blanket high-risk designation to all such accounts. This broad approach failed to satisfy the requirement for nuanced, risk-based monitoring. Ongoing due diligence was essentially non-existent for both domestic and international clients, meaning the firm could not effectively determine if transaction patterns matched the stated purpose of the accounts. By failing to categorize clients based on their specific risk factors, the organization lacked the foundational data necessary to prioritize its surveillance efforts and identify the most likely sources of illicit activity.

Analysis of Regulatory Compliance and Remediation Requirements

The settlement serves as a reminder that the Financial Industry Regulatory Authority demands more than just a surface-level compliance manual. The repeated violations of Rule 3310 and Rule 2010 demonstrate that a firm must actively manage its anti-money laundering obligations through consistent execution and technological adequacy. The move toward an automated surveillance and case management system in late 2023 was a necessary step, but it followed years of inadequate manual oversight. The penalty reflects the severity of allowing high volumes of capital to move through accounts in jurisdictions like Mexico and Argentina without sufficient scrutiny.

As part of the resolution, the firm must undergo a rigorous certification process. A senior principal must attest that the organization has fully remediated the identified issues and established a program that aligns with the Bank Secrecy Act. This includes providing a detailed narrative and supporting evidence of the new internal controls. The requirement for a management-level sign-off places direct accountability on leadership to ensure that the previous culture of compliance neglect is replaced with a functional and proactive framework. This case underscores that regulatory patience has limits, especially when a firm remains on notice of deficiencies without taking immediate corrective action.

---

Key Points

• The firm was fined 650000 dollars and censured for failing to implement a reasonable anti-money laundering program.
• Compliance officers relied on generic templates that lacked specific guidance for investigating red flags and reporting suspicious transactions.
• Over 150 exception reports were either never reviewed or reviewed after significant delays of up to 24 weeks.
• Customer due diligence was inadequate as the firm failed to develop risk profiles for domestic and foreign clients for several years.

---

Related Links

• FINRA Disciplinary Actions Online
• Bank Secrecy Act Regulations at FinCEN
• SEC Anti-Money Laundering Compliance Guide
• FATF Guidance for the Securities Sector

Other FinCrime Central Articles About FINRA’s Actions

• $5.5 Billion Under the Radar: How EFG Capital’s AML Failures Sparked a Major FINRA Fine
• Intesa Sanpaolo faces 125k FINRA fine for critical TRACE errors
• FINRA Fines Mundial Financial Group $100,000 for AML Program Failures

Source: FINRA

Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.

Want to promote your brand, or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.