Tr?id=566623520170033&ev=PageView&noscript=1

ÍøÆØ³Ô¹Ï

FINRA Fines Osaic ÍøÆØ³Ô¹Ïalth and Securities America for Cybersecurity Failures

Posted on October 30th, 2024 at 11:01 AM
FINRA Fines Osaic ÍøÆØ³Ô¹Ïalth and Securities America for Cybersecurity Failures

From the desk of Jim Eccleston at ÍøÆØ³Ô¹Ï

The Financial Industry Regulatory Authority (FINRA) has fined and censured independent broker-dealers Osaic ÍøÆØ³Ô¹Ïalth and Securities America for cybersecurity lapses that exposed the private information of over 32,000 customers. According to InvestmentNews, each firm has agreed to pay $150,000 for failing to establish and maintain adequate written supervisory procedures to protect client records and information.

FINRA's settlement letter, known as an Acceptance, Waiver and Consent (“AWC”), highlights the firms' deficiencies, including the lack of multi-factor authentication for email accounts, inadequate encryption for outbound emails containing customer non-public information, and insufficient maintenance of email access logs. Between January 2021 and March 2023, unauthorized third parties accessed sensitive information—such as social security numbers, bank account details, and driver's license numbers—of approximately 28,000 Osaic customers and 4,640 Securities America clients.

FINRA noted that its examiners had previously warned both firms about their inadequate cybersecurity controls at branch offices. The broker-dealers, owned by a parent company also using the Osaic name, had relied on an enterprise-wide cybersecurity policy provided by the parent. This policy allowed each branch to develop its own cybersecurity and data loss prevention programs, leading to inconsistencies.

The firms self-reported the incidents to FINRA and have accepted the penalties without admitting or denying the allegations. Following the breaches, Osaic and Securities America informed affected customers and engaged outside consultants to assist with their response. Since March 2023, both firms have strengthened their multi-factor authentication requirements for all business-related email accounts, according to InvestmentNews.

 

ÍøÆØ³Ô¹Ï LLC represents investors and financial advisors nationwide in securities, employment, transition, regulatory, and disciplinary matters.

Tags: eccleston, eccleston law, finra

Return to Archive

TESTIMONIALS

Previous
Next
Quotes Bigger

Hiring ÍøÆØ³Ô¹Ï has been one of the best career decisions I have made and this "investment" to maintain my sterling regulatory record has been returned many times over.  If you are in a situation where you've been unfairly accused, don't hesitate to talk with ÍøÆØ³Ô¹Ï. They are the best.

Thomas C.

LATEST NEWS AND ARTICLES

1783615970 Law
July 9, 2026
FINRA Suspends Former Branch Manager for Supervisory Failures Linked to Excessive Trading and Churning

A former regional branch manager at a broker-dealer has agreed to Financial Industry Regulatory Authority (FINRA) sanctions after the regulator found that he failed to supervise registered representatives who engaged in excessive trading and churning of customer accounts.

1783525964 Law
July 8, 2026
SEC Sanctions David Lerner Associates for Regulation Best Interest Violations

David Lerner Associates has agreed to settle Securities and Exchange (SEC) charges alleging violations of Regulation Best Interest (Reg BI) that resulted in unnecessary costs to retail investors, according to InvestmentNews.

1783434190 Law
July 7, 2026
Private Credit Funds Face Mounting Redemption Pressure as Investor Sentiment Shifts

A surge in investor redemption requests has intensified pressure on private credit funds, raising concerns about liquidity and long-term stability across the asset class, as reported by The Wall Street Journal.