FINRA Fines Osaic Wealth and Securities America for Cybersecurity Failures

Posted on October 30th, 2024 at 11:01 AM
FINRA Fines Osaic Wealth and Securities America for Cybersecurity Failures

From the desk of Jim Eccleston at Eccleston Law

The Financial Industry Regulatory Authority (FINRA) has fined and censured independent broker-dealers Osaic Wealth and Securities America for cybersecurity lapses that exposed the private information of over 32,000 customers. According to InvestmentNews, each firm has agreed to pay $150,000 for failing to establish and maintain adequate written supervisory procedures to protect client records and information.

FINRA's settlement letter, known as an Acceptance, Waiver and Consent (“AWC”), highlights the firms' deficiencies, including the lack of multi-factor authentication for email accounts, inadequate encryption for outbound emails containing customer non-public information, and insufficient maintenance of email access logs. Between January 2021 and March 2023, unauthorized third parties accessed sensitive information—such as social security numbers, bank account details, and driver's license numbers—of approximately 28,000 Osaic customers and 4,640 Securities America clients.

FINRA noted that its examiners had previously warned both firms about their inadequate cybersecurity controls at branch offices. The broker-dealers, owned by a parent company also using the Osaic name, had relied on an enterprise-wide cybersecurity policy provided by the parent. This policy allowed each branch to develop its own cybersecurity and data loss prevention programs, leading to inconsistencies.

The firms self-reported the incidents to FINRA and have accepted the penalties without admitting or denying the allegations. Following the breaches, Osaic and Securities America informed affected customers and engaged outside consultants to assist with their response. Since March 2023, both firms have strengthened their multi-factor authentication requirements for all business-related email accounts, according to InvestmentNews.

 

Eccleston Law LLC represents investors and financial advisors nationwide in securities, employment, transition, regulatory, and disciplinary matters.

Tags: eccleston, eccleston law, finra

Return to Archive

TESTIMONIALS

Previous
Next

Jim, Stephany and the whole team were a God send.  We felt like we were put into a situation where we had no advocate. Jim’s team came in with a strong, well laid out strategy on how to get our story heard. Where our outside compliance company had no ability to help, our Broker Dealer was impenitent, and the regulators were aggressive pursuing vague rules, Jim came like a barricade against an assault we did not understand. Though you pay member dues to be affiliated with FINRA and a B/D, you have no voice. The only thing that is truly heard in this un-level playing field is a bulldog’s bark like Jim’s. I would encourage anyone to call Jim and his team to find a real ally in the tough and complicated world of securities regulation. They are truly the best.

Greg P.

LATEST NEWS AND ARTICLES

November 20, 2024
Hightower Drops Claims Against Former Advisor Amid Non-Compete Dispute

Hightower, a Chicago-based RIA firm, recently dropped its lawsuit against former advisor Lars Knudsen just days before a federal judge in Illinois was set to rule on the firm’s injunction request.

November 19, 2024
Osaic Services Fined $250,000 for Supervisory Failures in Options Trading

Osaic Services, formerly SagePoint Financial, recently agreed to pay a $250,000 fine and accept censure for failures in supervising excessive and unsuitable options trading from June 2018 to August 2019.

November 18, 2024
Wahed Invest Settles SEC Charges Over Undisclosed Endorsements and Ad Rule Violations

The SEC recently settled charges with Wahed Invest, a faith-based robo-advisor that markets itself to Muslim clients, over violations of the SEC’s marketing rule.