Finra slaps 12 firms with $14.4 million fine for cybersecurity issues

Companies of Wells Fargo & Co. received the largest of the penalties assessed by Finra, which has been pursuing a broader crackdown for cybersecurity failures

Dec 21, 2016 @ 12:03 pm

By Greg Iacurci

Finra handed down $14.4 million in fines to a dozen firms on Wednesday for breaches related to the retention of broker-dealers' and customers' electronic records, which the brokerage industry watchdog claims made the firms vulnerable to cybersecurity threats.

Finra claims the firms — which included companies in the Wells Fargo & Co. and RBC Capital networks, RBS Securities Inc., SunTrust Robinson Humphrey Inc., LPL Financial, Georgeson Securities Corp. and PNC Capital Markets — didn't keep electronic records in a particular format meant to prevent alteration and destruction.

The firms neither admitted nor denied the charges as part of the settlement reached with the Financial Industry Regulatory Authority Inc., the industry-funded broker-dealer regulator.

"These disciplinary actions are a result of Finra's focus on ensuring that firms maintain accurate, complete and adequately protected electronic records,” Brad Bennett, Finra's chief of enforcement, who is stepping down from his post early next year, said. “Ensuring the integrity of these records is critical to the investor protection function because they are a primary means by which regulators examine for misconduct in the securities industry."

The multimillion-dollar fine is in line with Finra's broader crackdown on cybersecurity lapses, which it outlined earlier this year as a regulatory and examination priority.

Each of the 12 firms fined had “deficiencies” in their WORM — or “write once, read many” — format affecting millions, in some cases hundreds of millions of “pivotal” records, according to Finra. WORM format is required for business-related electronic records under federal securities laws and Finra rules because it's meant to prevent alteration and destruction of those records.

“Increasingly aggressive attempts” by hackers to gain access to sensitive financial data pose a threat to “inadequately protected records,” according to Finra.

Companies of Wells Fargo & Co. were hit with the largest aggregate penalties, a total $5.5 million. Wells Fargo Securities and Wells Fargo Prime Services were jointly fined $4 million, while Wells Fargo Advisors and Wells Fargo Advisors Financial Network were fined $1.5 million.

“We take compliance with the records storage requirements very seriously. We self-reported these issues to Finra and continue to remediate as agreed,” said Wells Fargo spokeswoman Elise Wilkinson, who added the settlement doesn't include allegations of consumer harm or hacking.

Similarly, Sue Mallino, a spokeswoman for SunTrust Robinson Humphrey, which was fined $1.5 million, said the settlement didn't include findings that client assets were lost.

“We self-identified this matter and are already taking remedial action,” Ms. Mallino said.

RBC Capital Markets and RBC Capital Markets Arbitrage were jointly fined $3.5 million, while RBS Securities Inc. was fined $2 million. Spokespeople for both RBC and RBS declined to comment.

A spokesman for LPL, which was fined $750,000, didn't return a request for comment.

Of the remaining penalties, Georgeson received a fine of $650,000 and PNC a fine of $500,000.

Rachel Hamilton-Wilkes, a spokeswoman for Georgeson, said the firm was already addressing its WORM storage issue at the time Finra began its examination.

“We take all regulatory requirements extremely seriously and regret this error,” Ms. Hamilton-Wilkes said. “The remediation is now complete and all records requiring WORM-compliant storage are and will continue to be stored that way.”

PNC spokesman Frederick Solomon said the firm didn't find evidence that records were modified or lost. “PNC has addressed Finra's concerns regarding the manner of electronic storage in full,” he said.


What do you think?

View comments

Recommended for you

Sponsored financial news

B-D Data Center

Use InvestmentNews' B-D Data Center to find exclusive information and intelligence about the independent broker-dealer industry.

Rank Broker-dealers by

Upcoming Event

Apr 26


Cracking the Code: Making Sense of Alternative Investments

InvestmentNews Research estimates that $150 billion in alternative assets could be added to client portfolios among independent advisers over the next three years. Roughly 85% of all clients are now expressing interest in learning more... Learn more

Accepted for 1 CE Credit by the CFP Board. Pending by Investments & Wealth Institute for 1 credit towards the CIMA® and CPWA® certifications.

Featured video


Here's how we came up with our list of undiscovered talent in mutual funds

Senior columnist John Waggoner talks with assistant managing editor Susan Kelly about how hard work, curiosity and passion landed some fund managers on our list.

Latest news & opinion

SEC advice rule hearing updates

Commission says a lot of work ahead, public will have 90 days to comment.

SEC advice proposal unveiling: Here's what to expect

Chairman Jay Clayton will initiate momentous action Wednesday, as the commission meets to debate a rule on broker and adviser standards.

How active are the largest actively managed funds?

Active-share measures for the 15 largest actively traded mutual funds.

Morgan Stanley's success looks long in the tooth to analyst

Sanford C. Bernstein & Co. analyst Christian Bolu, concerned over stalled adviser growth and what it means for lending and deposit growth, believes the stock will "under perform."

Retirement coverage gap, 401(k) rollovers are big emerging threats for plan advisers

Proliferation of state retirement programs approaching the 'tipping point' where it will lead the federal government to step in.


Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting It'll help us continue to serve you.

Yes, show me how to whitelist

Ad blocker detected. Please whitelist us or give premium a try.


Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print