Robinhood Broker-Dealers to Pay $45 Million for Violating Securities Over 10 Law Provisions 

• Robinhood Securities and Robinhood Financial agreed to pay the $45 million SEC charge for failures across multiple operational areas.
• The penalties aim to resolve more than 10 violations of separate federal securities laws.
• Robinhood failed to adhere to regulatory requirements and did not comply with federal recordkeeping.

Robinhood Securities LLC and Robinhood Financial LLC (collectively called Robinhood) will pay $45 million in civil penalties to resolve numerous violations of federal securities laws. The charges stem from Robinhood's brokerage activities, according to the announcement of the Securities and Exchange Commission (SEC).  

The penalties, split between the two entities, include $33.5 million from Robinhood Securities and $11.5 million from Robinhood Financial. Both firms have admitted to specific findings in the SEC’s order and agreed to the charges.

The SEC's enforcement action revealed systemic failures across multiple operational areas, as Robinhood failed to adhere to regulatory requirements in Suspicious Activity Reporting (January 2020 – March 2022), Identity Theft Protection (April 2019 – July 2022), and Cybersecurity Vulnerabilities (June 2021 – November 2021).

Among these are also failures in areas such as Off-Channel Communications, Retention of Brokerage Data, and Customer Communications (2020 – 2021).

Robinhood did not promptly investigate and report suspicious transactions, leading to systemic failures in filing timely suspicious activity reports (SARs), and did not adequately safeguard customers from identity theft risks.  

The company failed to address a known cybersecurity flaw related to remote system access, resulting in a third party gaining unauthorized access to millions of user records in November 2021.  

Robinhood did not comply with federal recordkeeping requirements nor maintain legally required records securely, leaving them susceptible to modification or deletion. Evidence shows the company failed to maintain essential correspondence with its brokerage clients as required by law.  

On the other side, Robinhood Securities failed to provide accurate and complete securities transaction data – known as blue sheet filings – to the SEC and violated multiple provisions of Regulation SHO, including close-out, order-marking, and locate requirements intended to prevent abusive short-selling practices.  

The SEC detailed the infringed rules, which include violations under Regulation S-P, Regulation S-ID, and Regulation SHO, as well as the broker-dealer recordkeeping and reporting provisions of federal securities laws.  

Both firms admitted to specific findings in the SEC’s order and agreed to implement corrective measures. These include conducting internal audits regarding off-channel communications compliance and addressing the deficiencies underpinning the Regulation SHO violations.  

In October, the SEC announced fines totaling $7 million against four companies for misleading disclosures related to the 2019 SolarWinds cyberattack.