Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
The Financial Industry Regulatory Authority has seen a “proliferation” of complaints about cybersecurity breaches at broker-dealer firms, a FINRA official said June 17 at an event hosted by the Insured Retirement Institute in Washington.
“It's a pretty big issue for us,” said Daniel Sibears, FINRA executive vice president for member regulation. “There are many dozens of complaints where there's been [a] compromise of customer information, particularly information that is needed to get into online accounts and to execute transactions and move money.”
According to Sibears, the typical scenario of a breach involves individuals who hack into the private email accounts of FINRA members' customers, gaining access to the clients' correspondence with the firms. Posing as the customer, Sibears said, the hackers then tell the firm there has been an emergency and seek to move thousands of dollars worth of cash or securities.
Because everything looks legitimate from the firm's perspective, the company wires out the money into an account that the customer had never used, he said. The result, Sibears said, has been a “fair amount of harm” to the firm's customers.
“I think the good news is that firms are generally making customers 100 percent whole … but it's an issue for firms to be focused on,” Sibears added.
FINRA, he said, has sent out letters to firms in an effort “to get our arms around what's happening in this space.” From a compliance standpoint, Sibears explained, the firms wire the money to the hackers either because the customer validation procedures are inadequate or because the firm employees are in a hurry to assist the client.
According to Willie Davis, examination manager at the Securities and Exchange Commission Chicago office, cybersecurity issues have not been a high priority for SEC exams so far.
“From the examination program perspective, [I] can't say it's been a high priority yet, but we definitely understand that the issue's out there,” said Davis, who spoke alongside Sibears. “I think it will probably … be a focus area for the upcoming year.”
Davis advised that firms should keep cybersecurity on their “radar.” The SEC official said he spoke his about own views, which did not necessarily reflect those of the commission or staff.
For state regulators, cybersecurity issues are a top area of focus. According to Bruce Ramge, director of the Nebraska Department of Insurance, cybersecurity is currently the No. 1 risk management issue.
“The costs associated with a breach are tremendous,” said Ramge, who also spoke on the panel.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to firstname.lastname@example.org.
Put me on standing order
Notify me when new releases are available (no standing order will be created)