Finra slaps fines on Osaic and Securities America for cybersecurity

March 17, 2024
1 min read

TLDR:

  • Finra fined Osaic Wealth Inc. and Securities America Inc. $150,000 each for cybersecurity failures.
  • The firms were cited for violations of Regulation S-P related to client information protection.

The Financial Industry Regulatory Authority Inc. fined Osaic Wealth Inc. and Securities America Inc. $150,000 each for failures in protecting private client information and cybersecurity gaffes. The firms, part of the Osaic network of broker-dealers, were found to lack basic cybersecurity controls such as multi-factor authentication and encryption for outbound emails with clients’ information. Both firms experienced cyber intrusions leading to exposure of sensitive information. Despite following incident response policies and engaging cybersecurity consultants, they did not enhance their cybersecurity requirements until March 2023. The violations of Regulation S-P highlight the importance of implementing robust cybersecurity measures in financial services firms to protect client data.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and