Late last month the Securities and Exchange Commission (“SEC”) charged JP Morgan, UBS and Trade Station with violations of Regulation S-ID based on a range of inadequacies in their identity theft red flag policies and procedures. https://www.sec.gov/news/press-release/2022-131 The violations at issue might seem less than critical, such as not updating policies, merely copying over examples of red flags from Reg S-ID’s Appendix A, not incorporating specific policies into the red flag program, covering all accounts instead of conducting specific account assessments, and not providing sufficient detail in board reports. Although the SEC did not note any failure by these broker-dealers and investment advisors to actually detect and respond to identity theft red flags, the resulting orders and fines (up to $1.2 million), underline the SEC’s seriousness about protecting investors from cybercrime by requiring broker dealers and investment advisors to up their game and focus on the details.
About MVA White Collar Defense, Investigations, and Regulatory Advice Blog
As government authorities around the world conduct overlapping investigations and bring parallel proceedings in evolving regulatory environments, companies face challenging regulatory and criminal enforcement dynamics. We help keep our clients up to date in these fast-moving areas and to serve as a thought leader.
The latest from MVA White Collar Defense, Investigations, and Regulatory Advice Blog
- Corporate Transparency Act Reporting Obligations Remain Paused Despite Supreme Court Order
- Developments in National Bank Act (NBA) preemption: Illinois’ Interchange Fee Prohibition Act is held preempted by the NBA; Ninth Circuit to Reconsider NBA Preemption of California’s interest on escrow law
- Fifth Circuit Panel Reinstates District Court’s Nationwide Stay on the CTA
- Fifth Circuit Stays District Court’s Nationwide CTA Injunction; entities once again required to report