Despite the SEC’s adoption of Regulation S-P back in 2000, some reps still mistakenly believe that client accounts belong to them and that they are free to take them, including any information about the client, when they depart one firm for another. And whether by bringing improper recruiting practices or misuse of client information enforcement cases, FINRA and the SEC keep reminding reps and their firms that this is not the case.
Under Regulation S-P, any information given by consumers or customers to broker-dealers to obtain a product or service is generally considered to be nonpublic financial information. The regulation mandates that financial firms safeguard customer confidential information and prevent its release to unaffiliated third parties without the customer’s authorization.
In a recent case, the SEC announced that it sustained FINRA’s sanctioning of a former Banc of America Investment Services, Inc. (“BAIS”) rep fining him $10,000 and suspended him from FINRA membership for ten business days for having downloaded confidential nonpublic information about approximately 36,000 customers and providing that information to a competing firm that he joined. In rejecting the rep’s claim that the FINRA sanctions for his violations were excessive or oppressive, the SEC found that FINRA’s fine and sanction were not excessive or oppressive, and that the rep’s conduct was unethical, and violated NASD Conduct Rule 2110. (Rel. 34-66113; File No. 3-14195).
The essential facts leading to the SEC’s decision were that FINRA found that the rep breached his duty of confidentiality when he “surreptitiously” downloaded BAIS’s customers’ confidential nonpublic information, including account numbers and net worth figures, and transmitted that information to his future branch manager at a competitor firm.
Quoting Regulation S-P, the SEC found that the rep’s conduct prevented BAIS from giving its customers proper notice and an opportunity to opt out of the disclosures, as required by Regulation S-P. The SEC held that the rep’s violation caused his new employer to improperly receive BAIS’s customers’ “nonpublic personal information.”