State of Missouri
Office of Secretary of State

Case No. AP-08-12

IN THE MATTER OF:

MORGAN STANLEY & CO. INCORPORATED,

 

Respondent.

 

CONSENT ORDER

SUMMARY OF ALLEGATIONS

  1. The Enforcement Section of the Missouri Securities Division (the “Securities Division”) alleges that during the period from at least 1995 to August 2005 Morgan Stanley & Co. Incorporated and Morgan Stanley DW Inc. (collectively, “Morgan Stanley”) failed to maintain adequate systems to reasonably ensure compliance with Blue Sky laws and which resulted in the sale of unregistered securities in violation of Section 409.3-301, RSMo. (Cum. Supp. 2007).

  2. The Securities Division alleges that Morgan Stanley failed to reasonably supervise its agents or employees, in violation of Section 409.4-412(d)(9), RSMo. (Cum. Supp. 2007)

  3. CONSENT TO JURISDICTION

  4. Morgan Stanley and the Division stipulate and agree that the Commissioner has jurisdiction over Respondent and these matters pursuant to the Missouri Securities Act of 2003, Chapter 409, RSMo., et seq.

  5. Respondent and the Division stipulate and agree that the Commissioner has authority to enter this Consent Order pursuant to Section 409.6-604(h), RSMo. (Cum. Supp. 2007), which provides:

    The commissioner is authorized to issue administrative consent orders in the settlement of any proceeding in the public interest under this act.

  6. WAIVER AND EXCEPTION

  7. Morgan Stanley waives its right to a hearing with respect to this matter

  8. Morgan Stanley waives any right that it may have to seek judicial review or otherwise challenge or contest the terms and conditions of this Order. Morgan Stanley specifically forever releases and holds harmless the Missouri Office of Secretary of State, Secretary of State, Commissioner of Securities and their respective representatives and agents from any and all liability and claims arising out of, pertaining to or relating to this matter.

  9. CONSENT TO COMMISSIONER'S ORDER

  10. Morgan Stanley and the Securities Division stipulate and agree to the issuance of this Consent Order without further proceedings in this matter, agreeing to be fully bound by the terms and conditions specified herein.

  11. Morgan Stanley consents to the Commissioner's Findings of Fact and Conclusions of Law as set forth below solely for the purpose of this proceeding and any other proceeding that may be brought to enforce the terms of this Consent Order.

  12. Respondent agrees not to take any action or to make or permit to be made any public statement creating the impression that this Order is without a factual basis.

  13. COMMISSIONER'S FINDINGS OF FACT AND
    CONCLUSIONS OF LAW

  14. Morgan Stanley & Co. Incorporated (“MS&Co”) is a broker-dealer registered in the State of Missouri.

  15. Morgan Stanley DW Inc. (“MSDW”), formerly known as Dean Witter, Discover & Co. (“Dean Witter”), was a broker-dealer registered in the State of Missouri.

  16. On or about August of 2005, Morgan Stanley notified the North American Securities Administrators Association (“NASAA”), that it learned that certain order entry systems in place at its primary retail broker-dealer, MSDW, did not check whether certain securities transactions complied with Blue Sky law registration requirements. The Blue Sky Surveillance problem included most fixed income securities and certain equity securities sold to customers in solicited and non-exempt transactions, from at least 1995.

  17. Morgan Stanley discovered the Blue Sky issue in late May 2005. Shortly thereafter, Morgan Stanley commissioned an internal investigation to determine the origins and reasons for the oversight. Morgan Stanley discovered that its surveillance systems were deficient for the following reasons:

    1. Broker workstations, the automated trading system used at Morgan Stanley, did not have any type of Blue Sky block, or other exception report, for trades involving fixed income securities;

    2. Morgan Stanley's Blue Sky surveillance system covered only securities contained in its Blue Sky databases, which were maintained separately for MSDW and MS&Co. As such, if the surveillance system did not locate a particular security in the Blue Sky database, the systems would allow the transaction to proceed without further checking or creating any exception report noting the inability to locate Blue Sky registration confirmation;

    3. Morgan Stanley did not adequately stock its Blue Sky database with sufficient information, either by way of internal research or outside vendors research, to properly review all transactions for Blue Sky compliance;

    4. Morgan Stanley did not direct enough resources and personnel during the ten-year period to adequately manage the Blue Sky issues.

    The result of the surveillance failures was that thousands of securities transactions, particularly fixed income securities, during the time frame January 1997 - May 2005, were approved and executed without first confirming Blue Sky registration status.

  18. History of the Blue Sky Issue at Morgan Stanley
    Blue Sky Compliance Pre-1995

  19. Before 1995, Dean Witter brokers entered customer transactions using paper order tickets and the internal electronic wire. Dean Witter's Blue Sky surveillance system compared orders (by CUSIP number) with information in its internal Blue Sky database, known as BSKS.

  20. If the system detected a possible problem, it would allow the order to be filled out, but it would list the trade on a next-day T+1 exception report. Dean Witter's Blue Sky Manager then reviewed the report and contacted branch officers involved to determine whether particular trades had to be cancelled.

  21. BSKS contained information on equities in which Dean Witter made a market, a total of about 1,200 to 1,500 stocks. BSKS did not regularly contain information on fixed income securities unless the Blue Sky Manager was asked to manually enter such information by the fixed income trading area.

  22. Where Dean Witter's Blue Sky system could not locate a security in BSKS, it did not reflect its inability to find the security in a "security-not-found" or other exception report.

  23. As a result, before 1995, Dean Witter had no surveillance system in place that would check for possible Blue Sky violations for most fixed income securities or equities in which Dean Witter was not making a market.

  24. Automation of Trading Systems in 1995 Did Not Correct
    Blue Sky Compliance Issue

  25. In 1995, Dean Witter began developing its automated order entry system, called the Financial Advisor Workstation (“Workstation”). In addition to using the Workstation to enter customer orders, Financial Advisors (“FAs”) could use it to look up the Blue Sky status of securities in BSKS. After a customer order was entered on the Workstation, the system compared securities (by CUSIP number) with information in BSKS and automatically blocked trades not meeting specified requirements, including transactions that potentially posed Blue Sky issues.

  26. However, the Workstation design team noted that the system was not designed to block fixed income securities and noted that such a feature would be added in a later phase:

    .As previously discussed, the Order Entry System will perform the Blue Sky validation on-line. Initially, the Blue Sky and Compliance edits will be built into the Equity Ticket, while Blue Sky validation in Fixed Income Ticket will be added in a later phase. (emphasis added)
  27. Until May 2005, no one on the Workstation design team or anyone else at the firm followed up on whether or when fixed income securities would be added to the Blue Sky validation process.

  28. FAs using the Workstation to research the Blue Sky status of fixed income products did not receive either the requested Blue Sky information or a warning message to contact Compliance which resulted in the processing of fixed income transactions without the performance of proper Blue Sky checks.

  29. In response to early complaints about the Workstation's slowness, MSDW programmed the system to execute an order for equity securities regardless of whether the system had completed Blue Sky screening. However, the system compared all such trades at the end of the day to BSKS and listed possibly violative transactions on the T+1 exception report.

  30. In addition, MSDW did not include surveillance for Blue Sky compliance in the various trading platforms that it subsequently built out to support MSDW's managed account business. Although MSDW initially built and revised these systems over time, it failed to incorporate Blue Sky surveillance into these systems.

  31. During the automation process in 1995, MSDW's Blue Sky Manager advised the Compliance Director and the Deputy Compliance Director that the new automated system would require her to monitor more than 15,000 equity securities, rather than about 1,500 equity securities which she previously monitored.

  32. During this time, the Firm, the Compliance Director and his deputy, failed to recognize the significant compliance issue that existed due to the pre-automation system not providing Blue Sky checks on many equities or fixed income securities.

  33. To assist the Blue Sky Manager, MSDW bought a newly available automated Blue Sky information feed covering only equities from an outside vendor, Blue Sky Data Corp (“BSDC”) on April 11, 1996 (an information feed for fixed income securities was not available until 1997). Upon buying the service, MSDW terminated the Blue Sky Manager's only assistant.
  34. The new BSDC equity feed resulted in a substantial increase of information (from 1,500 to 15,000 covered equities) causing the volume of possible Blue Sky violations appearing on the daily T+1 exception report to increase substantially, which overwhelmed the Blue Sky Manager.

  35. Blue Sky Problem Not Detected Following The Merger

  36. On or about May 31, 1997, Dean Witter merged with Morgan Stanley Group, Inc. After the merger, the Blue Sky problems continued.
  37. The predecessor Morgan Stanley Group, Inc., had conducted a retail business, including Blue Sky checking, through its relatively small Private Wealth Management Group (“PWM”), which served ultra-high net worth clients.

  38. After the merger, the combined firm kept the two predecessor firms' trading systems (including the corresponding Blue Sky systems) running in parallel-one for MSDW and the other for PWM. Beginning in 1998, Morgan Stanley assigned MSDW's Blue Sky Manager to monitor the PWM Blue Sky system as well, even though the Blue Sky Manager had difficulties with the increased review responsibilities created by the MSDW T+1 exception reports.

  39. The two Blue Sky systems produced different, but similar, exception reports that identified transactions with possible Blue Sky violations. For PWM this included all such trades, and for MSDW this included trades that had not been stopped by the front-end block then in place.

  40. Morgan Stanley's Blue Sky databases contained only a small amount of fixed income Blue Sky information entered manually over the years and did not cross-reference the information they each separately contained.

  41. Beginning sometime in 1997, BSDC began offering a fixed income Blue Sky information feed, and on December 15, 1997, BSDC contacted Morgan Stanley to solicit the new fixed income feed. Morgan Stanley elected to add BSDC's fixed income feed to the PWM Blue Sky System, but not to MSDW's Blue Sky system.

  42. For the next eight (8) years, although some of Morgan Stanley's employees in its compliance department were aware that MSDW did not have an adequate fixed income Blue Sky registration verification system, neither Morgan Stanley, nor any of its employees took any action to rectify the situation.

  43. Blue Sky Violations Not Detected By Internal Audit

  44. Morgan Stanley's Internal Audit Department commenced an audit of Blue Sky surveillance in the Fall of 2002. Internal Audit noted that the “objective of the audit was to assess whether adequate internal controls and procedures exist[ed] to ensure that Product Surveillance activity for .Blue Sky.[was] properly performed, documented, and monitored, in accordance with [Morgan Stanley] policy, applicable laws and regulatory requirements.”

  45. The audit workpapers stated that a control objective was to assure that the Blue Sky unit monitored “equity security trading activity” and “market maker securities and those securities recommended by Morgan Stanley's Research Department,” but they did not mention the need to monitor fixed income trading activity nor securities beyond those where Morgan Stanley made a market or provided research coverage.

  46. A review of the Internal Audit revealed that fixed income, as well as other types of transactions, were reviewed. In particular, workpapers show an October 29, 2002 trade in a particular bond which noted: “Bond originally was not blue sky available,” but found this trade was appropriately resolved, from a Blue Sky perspective, by “Signed Solicitation letter obtained from client acknowledging unsolicited order.”

  47. Despite the fact that some fixed income transactions were reviewed, the Internal Audit failed to recognize that there were no hard blocks when a security was not found in the Blue Sky database.

  48. While the workpapers from the Internal Audit concluded that Morgan Stanley's performance was “adequate” for most Blue Sky surveillance activities, the workpapers also concluded that performance was “inadequate” in the area of communicating Blue Sky surveillance findings to management and commented that “there is no evidence of analysts/supervisory review over Surveillance Reports.”

  49. In its final report dated July 31, 2003, the Internal Audit concluded, in part, that there were “[n]o control deficiencies noted” in the areas of “Exception Reporting” (“Review of daily exception reports”) and “Management Oversight / Monitoring” (“Supervision of Compliance analyst activities to ensure the adequacy of investigation and corrective action”).

  50. After noting that the audit “evaluated the existence and the adequacy of the design of the monitoring mechanisms employed to ensure that key controls are operating effectively,” the report concluded that there were “[n]o findings.that warranted discussion with the Board Audit Committee.”

  51. The State Of Blue Sky Systems Existing In Early 2005

  52. At the beginning of 2005, MSDW had in place an up-front order entry block, but it covered only transactions involving equities, certificates of deposit, mutual funds, managed futures, insurance, and unit investment trusts. The block did not cover fixed income securities, apart from certificates of deposit.

  53. MSDW's Blue Sky system did not contain information for all securities (especially fixed income) and failed to include any sort of “security-not-found” exception report to flag transactions in securities not contained in the Blue Sky database, resulting in no surveillance for such transactions.

  54. MS&Co's PWM Group operated on a different platform that never included any automated block to prevent execution of transactions possibly violating Blue Sky requirements. Instead, MS&Co's PWM system automatically generated a T+1 exception report covering both equities and fixed income securities containing possible Blue Sky violations.

  55. At the beginning of 2005, MSDW's Blue Sky policies and procedures had remained fundamentally unchanged for a decade. While the policies articulated the obligation of individual FAs and branch managers to check for Blue Sky compliance, MSDW did not provide the FAs and branch managers with the proper tools to assist them in fulfilling their Blue Sky responsibilities, and did not require adequate monitoring systems to check for Blue Sky compliance.

  56. Moreover, Morgan Stanley did not adequately staff the Blue Sky Manager's office with sufficient resources and personnel to assist and supervise all security transactions.

  57. Recognition Of The Blue Sky Surveillance Problem,
    Morgan Stanley's Self-Reporting To Regulators And Remediation Efforts

  58. At the end of 2004, Morgan Stanley hired a new Compliance employee in the Policies and Procedures Group. The employee came with considerable experience in Blue Sky and other surveillance related matters and soon was charged with managing certain surveillance functions.

  59. On or about May 23, 2005, during a review of MSDW's Blue Sky compliance surveillance, the employee learned that while MSDW had an equity Blue Sky feed from BSDC, it received no similar feed for fixed income securities. The employee reported the situation to MSDW's new Head of Compliance the following day.

  60. Upon hearing the report, the Head of Compliance directed the employee to have MSDW acquire the fixed income feed from BSDC as soon as possible. MSDW began receiving the fixed income feed from BSDC on May 30, 2005.

  61. Morgan Stanley then took steps to assess the significance and extent of the gaps in surveillance. A team of persons was formed in June 2005 to examine the issues and worked through the balance of June and July in an effort to identify the deficiencies and to begin to immediately correct the problems. In doing so, the team created a list of Blue Sky compliance requirements for all trading platforms and identified a list of Blue Sky compliance gaps.

  62. On August 12, 2005, an Executive Director in the Regulatory Group of Morgan Stanley's Law Division began the process of self-reporting the Blue Sky problem to state regulators. Over the next couple of weeks, the Executive Director notified regulators in all fifty (50) states, the District of Columbia and Puerto Rico, as well as the National Association of Securities Dealers (“NASD ”). The head of the Regulatory Group had already given preliminary notice to the New York Stock Exchange (“NYSE ”).
  63. Upon receiving the fixed income feed from BSDC, MSDW made necessary system enhancements and conducted testing of the system enhancements, resulting in MSDW putting the fixed income feed into production on June 20, 2005. The changes permitted a daily updating of MSDW's internal Blue Sky database and allowed fixed income exceptions to appear on the daily T+1 report.

  64. On or about July 15, 2005, MSDW developed a “security-not-found ” report to address instances where the BSDC feed may not contain data for a particular security. This report, generated on a T+1 basis, identifies all transactions in securities (by CUSIP number) not recognized by the Blue Sky database that could potentially violate Blue Sky laws. Currently the security-not-found report covers both equities and fixed income transactions entered though the equity and fixed income order entry platforms on the Workstations.

  65. On a daily basis, Compliance personnel analyze the security-not-found report to ascertain the Blue Sky registration or exemption status of the flagged transaction and make a determination regarding the Blue Sky status of the identified transactions prior to settlement date. If they discover a transaction that violated Blue Sky restrictions, they instruct the branch that effected the transaction to cancel it. When analyzing the report, Compliance personnel also update the Blue Sky database to include relevant information about the securities they research.

  66. On or about July 29, 2005, MSDW programmed a hard block - i.e. a block an FA cannot override-that prevents the entry of fixed income transactions that could violate Blue Sky regulations.

  67. MSDW has also refined the process to filter out transactions that qualify for certain exemptions that span all Blue Sky jurisdictions. By eliminating the covered transactions, the system yields a smaller and more manageable pool of securities with potential Blue Sky issues for manual review by the Compliance Department.

  68. Additionally, MSDW directed its IT Department to examine all of MSDW's trading platforms to determine the nature and scope of the Blue Sky compliance problem.

  69. The review uncovered a gap in Blue Sky coverage for MSDW's managed account platforms to the extent that such platforms include affiliated money managers or accommodate broker discretionary trading. MSDW has taken the necessary steps to close the gaps in the managed account platforms, and has incorporated trading in the managed account platforms into the securities-not-found report.

  70. By the end of 2005, Morgan Stanley remedied all of the previously identified Blue Sky compliance gaps in both MSDW and PWM systems.

  71. Morgan Stanley hired additional Compliance Department employees to staff its Blue Sky function. In particular, the new personnel include a new Blue Sky manager who is dedicated exclusively to Blue Sky compliance. A full time temporary employee was hired to assist the Blue Sky manager and Morgan Stanley has subsequently hired that individual as a permanent full time employee. Morgan Stanley also assigned a back-up person to cover the Blue Sky Manager's responsibilities in the event of absences.

  72. At great expense, Morgan Stanley conducted a review of millions of historical transactions and identified those which were executed in violation of the Blue Sky laws as a result of the system deficiencies and offered rescission to customers with terms and conditions that are consistent with the provisions from the state securities statutes which correspond to the state of residence of each affected customer.

CONCLUSIONS OF LAW

  1. The Commissioner, after consideration of the stipulations set forth above and on the consent of Morgan Stanley and the Securities Division, finds and concludes that the Commissioner has jurisdiction over Morgan Stanley and this matter pursuant to the Missouri Securities Act of 2003, Chapter 409, RSMo. et seq.

  2. Morgan Stanley's failure to maintain adequate systems to reasonably ensure compliance with Blue Sky laws resulted in the sale of unregistered securities in violation of Section 409.3-301, RSMo (Cum. Supp. 2007).

  3. Morgan Stanley failed to reasonably supervise its agents or employees, in violation of Section 409.4-412(d)(9), RSMo. (Cum. Supp. 2007).

  4. This Order is necessary and appropriate in the public interest and for the protection of investors, and is consistent with the purposes fairly intended by the policy and the provisions of Chapter 409, RSMo. et seq.

  5. Pursuant to Section 409.5-509, RSMo. (Cum. Supp. 2007), Morgan Stanley is liable to investors for any sales of securities that are conducted in violation of Section 409.3-301, RSMo. (Cum. Supp.2007)., unless among other defenses, Morgan Stanley offers and completes rescission to investors as set forth in the Act.

ORDER

On the basis of the Findings of Fact and Conclusions of Law, Morgan Stanley consents to the entry of this Order, for the sole purpose of settling this matter, prior to a hearing and without admitting or denying the Findings of Fact or the Conclusions of Law,

NOW, THEREFORE, it is hereby Ordered that:

  1. This Order concludes the Investigation by the Securities Division and any other action that the Securities Division could commence under the Missouri Securities Act of 2003 on behalf of the State of Missouri as it relates to Respondent, Morgan Stanley, or any of its affiliates, and their current or former officers, directors, and employees, arising from or relating to the subject of the Investigation, provided, however, that excluded from and not covered by the paragraph are any claims by the Securities Division arising from or relating to enforcement of the Order provisions contained herein.
  2. Morgan Stanley will cease and desist from violating the Missouri Securities Act of 2003 in connection with the sales of unregistered securities as referenced in this Order and will provide reasonable supervision as necessary to comply with the Missouri Securities Act of 2003.

  3. This Order shall become final upon entry.

  4. As a result of the Findings of Fact and Conclusions of Law contained in this Order, Morgan Stanley shall pay a civil penalty of eight thousand nine hundred and ninety-three dollars ($8,993.00) made payable to the State of Missouri, and delivered to the Securities Division, and the Secretary of State shall forward these funds to the state treasury for the benefit of county and township school funds as provided in Article IX, Section 7 of the Constitution of Missouri. This civil penalty constitutes the State of Missouri's proportionate share of the state settlement amount of 8.5 million dollars ($8,500,000.00), which shall be payable to the State of Missouri within ten (10) days of the date on which this Order becomes final.

  5. As a result of the Findings of Fact and Conclusions of Law contained in this Order, Morgan Stanley rescinded one hundred and eighteen thousand seven hundred and eighty-four dollars ($118,784.00) in transactions with Missouri investors.

  6. If payment is not made by Morgan Stanley, the Commissioner may vacate this Order, at his sole discretion, upon ten (10) days notice to Morgan Stanley and without opportunity for administrative hearing and Morgan Stanley agrees that any statute of limitations applicable to the subject of the Investigation and any claims arising from or relating thereto are tolled from and after the date of this Order.

  7. This Order is not intended to subject any Covered Person to any disqualifications under the laws of the United States, any state, the District of Columbia or Puerto Rico, including, without limitation, any disqualification from relying upon the sate or federal registration exemptions or safe harbor provisions. “Covered Person,” means Morgan Stanley or any of its affiliates and their current or former officers, directors, employees, or other persons that would otherwise be disqualified as a result of the Orders (as defined below).

  8. This Order and the order of any other State in related proceedings against Morgan Stanley (collectively, the “Orders”) shall not disqualify any Covered Person form any business that they otherwise are qualified, licensed or permitted to perform under applicable law of the State of Missouri and any disqualifications from relying upon this state's registration exemptions or safe harbor provisions that arise from the Orders are hereby waived.

  9. For any person or entity not a party to this Order, this Order does not limit or create any private rights or remedies against Morgan Stanley or create liability of Morgan Stanley or limit or create defenses of Morgan Stanley to any claims.

  10. This Order and any dispute related thereto shall be construed and enforced in accordance, and governed by, the laws of the State of Missouri, without regard to any choice of law principles.

  11. The parties represent, warrant and agree that they have received legal advice from their attorneys with respect to the advisability of executing this Order.

  12. Morgan Stanley agrees not to take any action or to make or permit to be made on its behalf any public statement denying, directly or indirectly, any finding in this Order or creating the impression that this Order is without factual basis. Nothing in this Paragraph affects Morgan Stanley's: (i) testimonial obligations or (ii) right to take legal or factual positions in defense of litigation or in defense of a claim or other legal proceedings which the Securities Division is not a party.

  13. This Order shall be binding upon Morgan Stanley and its successors and assigns. Further, with respect to all conduct subject to Paragraph 4 above and all future obligations, responsibilities, undertakings, commitments, limitations, restrictions, events, and conditions, the terms “Morgan Stanley ” as used here shall include Morgan Stanley's successors or assigns.

  14. Morgan Stanley, through its execution of this Consent Order, voluntarily waives its right to a hearing on this matter and to judicial review of this Consent Order.

 

SO ORDERED:

WITNESS MY HAND AND OFFICIAL SEAL OF MY OFFICE AT JEFFERSON CITY, MISSOURI THIS 15TH DAY OF JULY, 2008.

ROBIN CARNAHAN
SECRETARY OF STATE

(Signed/Sealed)
MATTHEW D. KITZI
COMMISSIONER OF SECURITIES

Consented to by:

Nathan Soendker
Chief Registration Counsel
Missouri Securities Division

 

 

 

 

 

 

 

 

 

 

CONSENT TO ENTRY OF ORDER BY
MORGAN STANLEY & CO. INCORPORATED

  1. Morgan Stanley & Co. Incorporated (“MS&Co”), on behalf of itself and as successor to Morgan Stanley DW Inc. (“MSDW”), hereby acknowledges that it has been served with a copy of this Order, has read the foregoing Order, is aware of its right to a hearing and appeal in this matter, and has waived the same.

  2. MS&Co, on behalf of itself and as successor to MSDW, admits the jurisdiction of the Securities Division, neither admits or denies the Findings of Fact and Conclusions of Law contained in this Order, and consents to entry of this Order by the Commissioner of Securities as settlement of the issues contained in this Order.

  3. MS&Co, on behalf of itself and as successor to MSDW, states that no promise of any kind or nature whatsoever was made to induce it to enter into this Order and that it has entered into this Order voluntarily.

  4. Eric F. Grossman represents that he is a Managing Director of MS&Co and that, as such, has been authorized by MS&Co to enter into this Order for and on behalf of MS&Co.(for itself and as successor to MSDW).

 

      Dated this 15th day of July, 2008

Morgan Stanley & Co. Incorporated