Ex-GunnAllen employees charged with violating privacy rules.
The SEC has charged three former executives of the now defunct firm GunnAllen Financial for failing to safeguard confidential customer information.
It is the first time the federal regulator has charged individuals solely with violating rules that require financial firms to keep client data away from third parties unless customers grant consent otherwise, the commission says. The fines were slapped on former company president Frederick Kraus, former national sales manager David Levine and former chief compliance officer Mark Ellis.
According to the commission, in April last year Kraus gave Levine the authorization to transfer information on more than 16,000 accounts to his new company, National Securities Corp, which he joined after stepping down from GunnAllen. With that permission, Levine then downloaded names, asset values, addresses and account numbers to a thumb drive and passed the information to the new company.
The SEC says this unethical act was in violation of the agency’s Regulation S-P, commonly referred to as the ‘Safeguard Rule’, which requires financial firms to protect confidential customer information when they are not given notice and a chance to opt out.
Kraus and Levine have each agreed to pay a $20,000 fine while Ellis is set to pay a $15,000 fine after failing to ensure customer data was protected.
‘In the past, such charges have been part of larger cases of alleged wrongdoing,’ says Michael Wolensky, a partner in Atlanta-based law firm Schiff Hardin who specializes in the securities and futures regulation area.
‘For some time, the SEC has focused on these requirements in its examination and enforcement programs. It is no surprise where there are allegations involving a large number of client files that an administrative proceeding of this nature has been initiated.’
Gregg Breitbart, a lawyer for Levine, argues that ‘the transfers were approved by GunnAllen, and notices were sent to affected clients’, adding that his client was ‘pleased’ to settle the case.
The SEC also says that between July 2005 and February 2009, Tampa, Florida-based GunnAllen had ‘several serious security breaches’ including the theft of three laptop computers and the use of stolen passwords by a terminated employee to access company emails.
GunnAllen was shut down last year by FINRA for net capital violations.
Practical Law Company is an online know-how service that gives corporate secretaries and in-house counsel a better starting point. Covering corporate governance and all major business-related legal practice areas, Practical Law provides how-to guides, checklists, annotated model policies and contracts and more in an intuitive, easy-to-use interface. With Practical Law, you can create better first drafts and quickly update current policies, quickly respond to your board and clients with an increased level of confidence, and gain insight into how other companies are handling specific issues.
Social Media and the Securities Laws: Best Practices Checklist
Access this Practical Law checklist to get best practice guidance for navigating federal securities law restrictions when using social media.
Click here to download this checklist.
Our free weekly email newsletters are an essential bulletin of GRC updates, insight and information.
Our experienced journalists provide relevant, timely information and analysis that will keep you at the forefront of industry developments and best practice.
Sign-up to receive your copy when you register with the Corporate Secretary website for free.