BD to Pay for Customers’ Credit Monitoring as Remedy for Reg S-P Violations
A broker-dealer was censured by FINRA for violating Regulation S-P and FINRA rules because its inadequate firewall and password procedure allowed access to its fax server which contained confidential personal information. As a result, a third party was able to conduct a phishing scam utilizing the fax server. According to FINRA, the BD compounded the problem by misleading clients about the scope and severity of the problem. In addition to a fine, the BD agreed to provide complete notification to affected customers and to reimburse all customers for one year of free credit monitoring.
OUR TAKE: The obvious lesson here it to assess the computer firewalls protecting nonpublic personal information. The remedy here – paying for a year of credit monitoring – could be significant depending on the number of customers involved.