If You Outsource IT, Be Sure Your Vendor Knows The Financial Services Business

Friday, October 26, 2012 15:09
edit
If You Outsource IT, Be Sure Your Vendor Knows The Financial Services Business

Tags: data security breach | IT security compliance | sec

The Securities and Exchange Commission (SEC) fined former executives of a broker dealer $55,000 for breaching client privacy.  Two of the former executives were each fined $20,000 for violating customer privacy rules by transferring customer records to another firm, while the third individual was fined $15,000 for failing to ensure the firm’s policies and procedures were designed to safeguard confidential customer information.

This Website Is For Financial Professionals Only


Under the SEC jurisdiction broker-dealers, investment advisers and other financial institutions are required to protect their customers’ nonpublic personal information.  In this particular case one of the former executives took sensitive client data and downloaded it to a portable thumb drive that was then provided to another firm.  This broker dealer also had at least four breaches that involved customer data, stolen laptops and corporate email using stolen credentials.

 

These fines could have been avoided, and this brokerage dealer might have still been in business, if they had followed the IT compliance regulations. 

Read more on this case:

http://www.informationweek.com/security/attacks/exclusive-anatomy-of-a-brokerage-it-melt/240008569?pgno=1

Comments (0)

Write comment

You must be logged in to post a comment. Please register if you do not have an account yet.

busy