On September 22, 2015 the SEC announced that a St. Louis-based investment adviser has agreed to settle charges that it failed to establish the required cybersecurity policies and procedures in advance of a breach.
The breach this adviser experienced compromised the personally identifiable information of about 100,000 individuals, which included thousands of the firm’s clients.
The “safeguard rule” enforced by the federal securities require that all registered investment advisers have written policies and procedures designed to protect their client’s records and information. This “safeguard rule” was broken by R.T. Jones Capital Equities Management. For nearly four-years this firm failed to have any written policies and procedures to ensure the security and confidentiality of their client’s information.
$75,000 is the fine being imposed by the SEC. But the loss of trust that this firm's clients will have in them will cost them more than this fine.
To read more: