Failure to Protect Confidential Customer Information

US FINRA recently imposed fines of $450,000 against Lincoln Financial Securities, Inc. (LFS) and $150,000 against an affiliated firm, Lincoln Financial Advisors Corporation (LFA), for failure to adequately protect non-public customer information. In addition, LFS failed to require brokers working remotely to install security application software on their own personal computers used to conduct the firm's securities business.

SEC and FINRA rules require every broker-dealer to adopt written policies and procedures that address safeguards for the protection of customer records and information. FINRA found that for extended periods of time – seven years for LFS and approximately two years for LFA – certain current and former employees were able to access customer account records through any Internet browser by using shared login credentials. From 2002 through 2009, between the two firms, more than 1 million customer account records were accessed through the use of shared user names and passwords. Since neither firm had policies or procedures to monitor the distribution of the shared user names and passwords, they were not able to track how many or which employees gained access to the site during this period of time. As a result of the weaknesses in access controls to the firms' system, confidential customer records including names, addresses, social security numbers, account numbers, account balances, birth dates, email addresses and transaction details were at risk.

The Web-based system both firms used combined non-public customer account information from various sources and allowed employees to view the customer account information within a single site. Home office personnel from both firms could access the system either by clicking on a link on the firm's website or could gain access through any Internet browser by going directly to the system's website and logging in with one of the shared user names and passwords.

FINRA also found that LFS and LFA did not have procedures to disable or change the shared user names and passwords on a recurring basis even after a home office employee had been terminated. Many individuals left the two firms during the relevant time period, yet the shared user names and passwords were never changed, and the firms had no way of determining whether former employees continued to access confidential customer information using those same user names and passwords.

In assessing sanctions, FINRA took into consideration the firms' efforts to notify all customers whose account information was or had been potentially exposed on the firms' Web-based system, and offered those customers credit monitoring and restoration services for a period of one year.

Jack: The affected clients in this horrible case were almost naked!  Should the IT Head (if any) be held liable?

Library Resources for Financial Education

US FINRA Investor Education Foundation and the American Library Association (ALA) have announced $1.4 million in grants to 20 recipients as a part of the Smart investing@your library® initiative.

Smart investing@your library is administered jointly by the Reference and User Services Association – a division of ALA – and the FINRA Investor Education Foundation. The program funds library efforts to provide patrons with effective, unbiased financial education resources. Now in its fourth year, the program has awarded a total of more than $4.6 million to public libraries and library networks nationwide.

The new grant recipients will use the funds to implement a variety of programs designed to increase patrons' access to and understanding of financial information. The grants target a diverse group of library patrons – among them youth, seniors, English-language learners, local employment counselors, members of the military and their spouses, and low-income families. Participating libraries will use a variety of technologies and outreach strategies to connect library users to the best financial education and information available. These strategies include gaming, online learning, classroom formats, one-on-one clinics, storytelling and staff training.

The grantees will partner with community organizations, schools, universities and local governments to expand the impact of the services and resources the grants enable. Library patrons will be empowered to make educated financial choices for both long-term investing and day-to-day money matters.

The grantees, which serve urban, suburban and rural communities across the country, will receive one to two years of funding, in addition to assistance with program marketing, outreach and evaluation provided by ALA. For more information about Smart investing@your library®, visit www.smartinvesting.ala.org.

Jack's comment: Providing more financial education to the society is equally important as regulating the financial industry.

Expert Network Insider Trading Scheme

US SEC just charged a New York-based hedge fund and four hedge fund portfolio managers and analysts who illegally traded on confidential information obtained from technology company employees moonlighting as expert network consultants. The scheme netted more than $30 million from trades based on material, nonpublic information about such companies as AMD, Seagate Technology, Western Digital, Fairchild Semiconductor, and Marvell.


The charges are the first against traders in SEC's ongoing investigation of insider trading involving expert networks. SEC filed its initial charges in the case last week against technology company employees who illegally tipped hedge funds and other investors with material nonpublic information about their companies in return for hundreds of thousands of dollars in sham consulting fees.


In its amended complaint filed today in federal court in Manhattan, SEC alleges that four hedge fund portfolio managers and analysts received illegal tips from the expert network consultants and then caused their hedge funds to trade on the inside information.


SEC's ongoing investigation is focusing on the activities of expert networks that purportedly provide professional investment research to their clients. While it is legal to obtain expert advice and analysis through expert networking arrangements, it is illegal to trade on material nonpublic information obtained in violation of a duty to keep that information confidential.


The technology company insiders who tipped the confidential information were expert network consultants to the firm Primary Global Research LLC (PGR).


Jack's comment: This case can be the blueprint for a commercial firm!

Gray Areas in Jobs After an SEC Ban

(Source: WSJ 2011.01.28)


Jason Galanis describes his job as doing "M&A work" for a subsidiary of Gerova Financial Group Ltd., where he is chief executive. The insurer has a stock-market value of about $600 million and trades on the New York Stock Exchange.


The 40-year-old Mr. Galanis, who also is a manager of the unit called Gerova Advisors LLC, agreed in 2007 with another person accused of accounting fraud related to a false quarterly report to a five-year ban by the Securities and Exchange Commission from "serving as officers or directors of public companies."


The ban has resurfaced in a war of words between the insurer and some investors who are betting against the company's share price. But it isn't clear if Mr. Galanis's current job duties violate the settlement. SEC spokesman John Nester declined to comment, and the language in Mr. Galanis's settlement and a related court filing are murky, with no reference to subsidiaries of public companies.


Earlier this month, research and investment firm Dalrymple Finance asserted in a report about the insurer that it was "likely fraudulent," contending its assets were overvalued. Mr. Galanis's past also was cited as a red flag because of the SEC enforcement action.


Dalrymple has an incentive to criticize Mr. Galanis, saying in the report that it is shorting Gerova shares, meaning it would make money if they fell.

Mr. Galanis said the SEC charges against him were "clearly regrettable" and "a black eye. It's embarrassing." He also paid a $60,000 fine to end the agency's civil lawsuit alleging he "prepared and filed" a false quarterly report for magazine publisher Penthouse International Inc. Penthouse, which didn't admit or deny wrongdoing, settled the case by promising not to violate securities laws.


In an interview, Mr. Galanis said his current job is clearly allowed under the settlement because Gerova Advisors isn't a public company. Gerova Financial Group said in a statement that he is a "valuable employee," adding that his "responsibilities to the company are clearly defined" and his duties "limited." Mr. Galanis isn't a member of the parent company's board.


The court filing signed by Mr. Galanis includes his promise to avoid "acting as an officer or director of any issuer that has a class of securities registered" with the SEC or "that is required to file" financial reports with the agency. The five-year ban is to end in May 2012. Some securities lawyers say his job raises questions about the effectiveness of bans, an important tool used by regulators to protect investors.


In the past five years, the SEC has sought to bar more than 500 people from being officers or directors of a public company. Most of those efforts succeeded, often as a result of settlements with defendants in civil lawsuits filed by the SEC, though the agency couldn't provide exact figures.


Jacob Frenkel, a former SEC enforcement lawyer who now is a partner at law firm Shulman Rogers Gandal Pordy & Ecker in Potomac, Md., said comebacks following such bans occur "with great frequency," adding that being a director or officer of a unit of a public company is a grey legal area.


The question of whether a comeback by someone booted out of the securities industry or barred from being an officer or director of a public company crosses the line has long been controversial.


In 1998, Michael Milken, the former junk-bond king who spent nearly two years in prison for securities-law violations, agreed to pay $47 million to settle SEC charges that he violated a lifetime ban from the securities business. Mr. Milken didn't admit or deny wrongdoing. The SEC claimed Mr. Milken violated the ban by acting as a consultant in two transactions.

In November, financier Steven Rattner agreed as part of a settlement with the SEC over alleged influence-peddling at New York's flagship pension fund to not associate with any investment adviser or broker dealer for two years. Mr. Rattner didn't admit or deny wrongdoing. A December agreement with then-New York Attorney General Andrew Cuomo bans Mr. Rattner from appearing "in any capacity" before New York pension funds for five years.


Barry Goldsmith, a partner at law firm Gibson, Dunn & Crutcher LLP who was the SEC's chief litigation counsel from 1993 to 1996, said it is "unusual" for someone barred from running a public company to work as a director of a wholly owned subsidiary of a public company, as Mr. Galanis said he is doing.


Mr. Galanis got a Ferrari when he was 16 years old. Two years later, his father, John Peter Galanis, went to federal prison after being convicted of racketeering, tax-fraud, bank-fraud and securities-fraud charges. The five-year ban agreed to by the younger Mr. Galanis came when he owned about an 8% stake in Penthouse. The SEC said the alleged fraud boosted revenue and made a quarterly loss look like a profit. He didn't admit or deny wrongdoing.


Deal-making is a major part of the parent company's growth strategy. Launched in 2007 as a "blank check" operation to make acquisitions, Gerova has gobbled up loans and insurance assets. Last month, the company announced plans to buy Seymour Pierce Holdings Ltd., a London brokerage firm with roots dating back to 1803, and New York brokerage firm Ticonderoga Securities LLC.


Gerova said it will change its name to Seymour Pierce when the London deal is completed. The takeovers must be approved by U.S. and U.K. regulators.


The Dalrymple report claimed the company is vastly overvaluing its real-estate assets, which investors can't fully assess because Gerova hasn't filed financial statements since it became a public company last year.


A May 2010 company spreadsheet reviewed by The Wall Street Journal calculates that Gerova's real-estate holdings are worth 41% less than their stated book value of $274 million. The analysis of more than 30 investments includes a high-rise condominium in West Palm Beach, Fla., and 253 single-family homes in Ohio.


Jack Doueck, a Gerova director, said the document was an informal estimate that was "rife with errors." The book values are out of date, and "there is no $112 million discrepancy," he said. And as a "foreign private issuer," Gerova is required to disclose results only annually, Mr. Doueck added. The annual report for 2010 is due by June.


Gerova said earlier this month that it hired investigative firm Kroll, a unit of Altegrity Inc., to probe "possible market manipulation and collusion aimed at driving down the price" of Gerova shares. The company accused Dalrymple, the research firm that questioned Mr. Galanis's role at the insurer, of using "materially false information" to support a "series of speculative and unsupported conclusions."


Keith Dalrymple, managing director of Dalrymple, declined to comment.

Jack's comment: When there is a regulation, there are lots of loopholes.