FINRA dished out $14.4 million in fines to twelve firms for breaches pertaining to the retention of broker-dealers’ and clients’ electronic records, which the regulator says made the firms vulnerable to cybersecurity threats. The firms include Wells Fargo & Co. and RBC Capital networks, RBS Securities Inc., SunTrust Robinson Humphrey Inc., LPL Financial, Georgeson Securities Corp. and PNC Capital Markets. FINRA says they failed to maintain electronic records in a particular format designed to prevent alteration and destruction.
“These disciplinary actions are a result of FINRA’s focus on ensuring that firms maintain accurate, complete and adequately protected electronic records,” said Brad Bennett, FINRA’s chief of enforcement, who is stepping down early next year. “Ensuring the integrity of these records is critical to the investor protection function because they are a primary means by which regulators examine for misconduct in the securities industry.”
The massive fine is in accordance with FINRA’s wider crackdown on cybersecurity lapses, which it outlined earlier in 2016 as a regulatory and examination priority. Each of the twelve firms fined had “deficiencies” in their WORM (“write once, read many”) format affecting millions, in some cases hundreds of millions of “pivotal” records, according to FINRA. WORM format is required for business-related electronic records under federal securities laws and FINRA rules because it is meant to prevent alteration and destruction of those records.
“Increasingly aggressive attempts” by hackers to gain access to sensitive financial data pose a threat to “inadequately protected records,” according to the regulator.
Companies of Wells Fargo & Co. were hit with the largest aggregate penalties, a total $5.5 million. Wells Fargo Securities and Wells Fargo Prime Services were jointly fined $4 million, while Wells Fargo Advisors and Wells Fargo Advisors Financial Network were fined $1.5 million.If you or someone you know has lost money as a result of investing in any of the UDF REITs, please contact Richard Frankowski at 888-741-7503 to discuss your potential legal remedies or complete the contact form.