A broker-dealer and investment adviser agreed to a $1 million settlement with the Securities and Exchange Commission (SEC) after investigators found that a data breach could have been avoided had it not been for faulty cybersecurity policies and procedures.
This was the SEC’s first time invoking its Dodd-Frank authority to enforce the Identity Theft Red Flags Rule.
Read on to learn more about the enforcement action.