Morgan Stanley will pay $35 million to settle Securities and Exchange Commission allegations that one of its units failed to secure the personal data of millions of customers when replacing company hard drives and servers.
The bank improperly disposed of thousands of devices, and some were auctioned off online without checking that customer data they contained had been deleted, according to the SEC. About 15 million clients’ details were compromised over a five-year period starting 2015.
Following the announcement by the SEC, Morgan Stanley said in a statement that it was pleased to have resolved the matter. “We have previously notified applicable clients regarding these matters, which occurred several years ago, and have not detected any unauthorized access to, or misuse of, personal client information,” the firm said.
The SEC said that the firm had violated “safeguards and disposal rules.”
“Customers entrust their personal information to financial professionals with the understanding and expectation that it will be protected,” Gurbir Grewal, director of the SEC’s enforcement division, said in a statement. He called the findings “astonishing.”
Morgan Stanley agreed to pay the penalty and settle the case without admitting or denying the allegations, according to the SEC.
The violation occurred because the firm hired a moving and storage company with no experience in data destruction and then failed to properly monitor the company’s work, the SEC said. Morgan Stanley recovered some of the devices, which had thousands of pieces of unencrypted customer data. The vast majority of devices were not found, the regulator said.
Tuesday’s penalty is also related to the brokerage’s failure to properly dispose of customer and consumer report information as part of a broader hardware refresh program, during which the firm found that 42 servers were missing. The unit didn’t activate available encryption programs that were available on the devices, the SEC said.
By listening for what truly matters and where clients want to make a difference, advisors can avoid politics and help build more personal strategies.
JPMorgan and RBC have also welcomed ex-UBS advisors in Texas, while Steward Partners and SpirePoint make new additions in the Sun Belt.
Counsel representing Lisa Cook argued the president's pattern of publicly blasting the Fed calls the foundation for her firing into question.
The two firms violated the Advisers Act and Reg BI by making misleading statements and failing to disclose conflicts to retail and retirement plan investors, according to the regulator.
Elsewhere, two breakaway teams from Morgan Stanley and Merrill unite to form a $2 billion RIA, while a Texas-based independent merges with a Bay Area advisory practice.
Orion's Tom Wilson on delivering coordinated, high-touch service in a world where returns alone no longer set you apart.
Barely a decade old, registered index-linked annuities have quickly surged in popularity, thanks to their unique blend of protection and growth potential—an appealing option for investors looking to chart a steadier course through today's choppy market waters, says Myles Lambert, Brighthouse Financial.
