Summit Equities will pay $100 million tied to the mishandling of private client information in Massachusetts.
According to a consent order recently issued by the state’s securities division, Parsippany, New Jersey-based Summit Equities failed to supervise four registered agents, who no longer are employed with it and one of whom was fired, from January 2013 to February 2018.
These individuals and a sales assistant entered clients’ personal information into third-party customer relations management systems, which violated the broker-dealer’s privacy and security policies.
Summit had no access or control over the information — including Social Security numbers, account and insurance details — when its agents stopped working for the firm. It had measures in place to delete client information from agents’ devices but not for third-party systems, such as Redtail’s Tailwag CRM.
“The security of personal information is a very serious issue for me and my office,” according to Secretary of the Commonwealth William Galvin. “It is more important than ever that companies gathering personal information keep that information as secure as possible.”
In addition to paying the fine, Summit will report what corrective steps it has taken and let all its clients in Massachusetts know about the potential compromise of their private data.
A request for comment from Summit was not received as of press time. Also, according to FINRA Brokercheck, the broker-dealer submitted a form to end its registrati
—Related on ThinkAdvisor
- FINRA Issues Report on Best Cybersecurity Practices
- LPL Hit With $2.75M FINRA Fine Over Cyber Infractions
on in October.