There is now apparently a difference between taking customer information and taking too much customer information. Since I joined the securities business in 1983, brokers have moved from one firm to another with varying levels of difficulty and information. In the stone age (when we only had copiers), brokers would copy their holding pages (paper forms for those of you unfamiliar with the term) which had a whole host of customer information including social security numbers, birthdays, mother’s maiden name and other minute details of the customer’s life.
Brokerage firms litigated the heck out of the copied information and argued about what was proper and what was improper. Sometimes the firms used Regulation S-P as their weapon. This Regulation governs privacy of customer information. In broker recruiting, Regulation S-P appeared to be honored in its breach.
Along came the Protocol for Broker Recruiting. This changed things. Suddenly, the founders and the adopters of the Protocol agreed that certain limited categories of information were fair game to be moved from one firm to the other. The SEC and FINRA are aware of the Protocol. To describe their enforcement efforts in this area as “rare” would be an understatement.
About 4 years ago, Next Financial was found to have violated Regulation S-P by the SEC. As they say, bad facts make bad law and the facts in that case were pretty outrageous as they were described in the Initial Decision. This case was decided in June 2008 but was underway starting a year earlier. NEXT employees, according to the decision, took a broad range of information from the “losing” firm and also used the other firm’s employees’ usernames and password to access computer systems. Oops.
Fast forward to 2012. FINRA has joined the Regulation S-P game. In a recent decision, FINRA fined a member firm $65,000 for taking customer information and using it to start the account opening process on its own books before the customers had agreed and before the brokers had left their prior firm. FINRA alleges that the firm obtained “nonpublic confidential information included the customers’ social security numbers, account numbers, driver’s license numbers, dates of birth and financial information.” Apparently, names, addresses and phone numbers are fair game, as this is what is allowed by the Protocol, but those numbers, Social Security and Driver’s License, are off-limits.
The ironic part of this is that the questioned activity took place in December 2008, according to FINRA. Apparently this broker-dealer didn’t get the memo.
So what is the takeaway from this? Stick to protocol data. Aside from the fact that it should keep a broker out of hot water, it is also a good time to update all the vitals. Working from 10 year-old suitability information? Update it. Customer remarried and has a new job? Change your data. Maybe you’re a lucky one and your customer won the lottery. Change the financials. Moving is a good chance to do two things: Update customer data and weed out your book. It is not the time to see exactly how much data one can download from the current firm’s system.
That’s the view of one lawyer from Jupiter, Palm Beach County, Florida. I’m Marc Dobin.