SEC Imposes $45 Million Penalty on Robinhood for Securities Violations

The Securities and Exchange Commission (SEC) has charged Robinhood Financial LLC and Robinhood Securities LLC with violating multiple securities laws and regulations, resulting in a combined civil penalty of $45 million. The SEC's order, issued on January 13, 2025, details a range of regulatory violations committed by the broker-dealers, including failures in suspicious activity reporting, identity theft protection, unauthorized access to systems, and recordkeeping.

From January 2020 through March 2022, Robinhood failed to timely investigate suspicious transactions and file suspicious activity reports (SARs), as required by the Bank Secrecy Act (BSA) and the USA PATRIOT Act. This systemic failure to report suspicious activity posed significant risks to investors and the integrity of the U.S. capital markets. Additionally, from April 2019 to July 2022, Robinhood failed to implement adequate policies and procedures to protect customers from the risk of identity theft, violating Rule 201 of Regulation S-ID.

In a more egregious lapse, Robinhood failed to adequately address known risks posed by a cybersecurity vulnerability related to remote access to their systems. This oversight led to a third party obtaining unauthorized access and downloading information related to millions of individuals who had provided that information to Robinhood. This breach, which occurred between June 2021 and November 2021, exposed sensitive customer information, including names, addresses, and Social Security numbers.

Robinhood also had longstanding failures to maintain and preserve electronic communications, violating the recordkeeping provisions of the federal securities laws. The broker-dealers failed to maintain copies of core operational databases in a manner that ensured legally required records were protected from deletion or modification for the required length of time. Furthermore, Robinhood failed to maintain some of their communications with their brokerage customers as legally required between 2020 and 2021.

In addition to these violations, Robinhood Securities alone committed further infractions. For more than five years, Robinhood Securities failed to provide complete and accurate securities trading information, known as blue sheet data, to the SEC. Moreover, in connection with its stock lending and fractional share trading programs, Robinhood Securities failed to comply with Regulation SHO, the regulatory framework designed to address abusive short selling practices. From May 2019 through December 2023, Robinhood Securities violated Reg SHO's close-out, order-marking, and locate requirements.

The SEC's order finds that Robinhood Securities violated Rules 200(g), 203(b)(1), and 204(a) of Reg SHO. Both firms violated Rule 30(a) of Regulation S-P, Rule 201 of Regulation S-ID, and the broker-dealer recordkeeping and reporting provisions of the federal securities laws. Both firms admitted certain findings in the order and agreed to be censured. Additionally, both firms agreed to conduct an internal audit concerning off-channel communications compliance, and Robinhood Securities agreed to certify its remediation of the deficiencies that caused the Reg SHO violations. Robinhood Securities agreed to pay a $33.5 million penalty, while Robinhood Financial agreed to pay an $11.5 million penalty.

The SEC's enforcement action serves as a reminder that broker-dealers must adhere to regulatory requirements to protect investors and maintain market fairness. The significant penalty imposed on Robinhood underscores the importance of compliance with securities laws and regulations, as well as the consequences of failing to do so.



In response to the SEC's order, Robinhood has taken steps to address and rectify the identified violations and prevent future occurrences. The company has agreed to conduct an internal audit concerning off-channel communications compliance and certify its remediation of the deficiencies that caused the Reg SHO violations. Additionally, Robinhood has invested heavily in improving platform stability, enhancing educational resources, and building out its customer support and legal and compliance teams. These measures demonstrate Robinhood's commitment to addressing the identified violations and preventing future occurrences.

The SEC's enforcement action against Robinhood highlights the importance of regulatory compliance in the brokerage industry. As the SEC continues to monitor and enforce securities laws and regulations, broker-dealers must remain vigilant in ensuring their compliance with these requirements to protect investors and maintain market integrity.