SEC accuses JP Morgan, UBS and TradeStation of impersonation schemes
The Securities and Exchange Commission billed JP Morgan Securities separately,
and TradeStation on alleged failures to adequately develop and implement written identity theft prevention programs.
The agency’s identity theft red flag rule, or S-ID rule, requires financial firms with “covered accounts” to have programs in place that detect, prevent and mitigate identity theft client.
“Covered accounts” include those that are primarily for personal, family or household purposes and allow for multiple payments or transactions, as well as other accounts where there is a foreseeable risk to customers or the institution in the event of identity theft, in accordance with regulations.
An investigation found that all three companies violated rule 201 of the regulations, the SEC said in a press release.
From January 2017 to at least October 2019, companies’ written identity theft prevention programs reportedly failed to include “reasonable policies and procedures to identify relevant red flags of identity theft as they relate to client accounts or to incorporate these red flags into their programs”. said the SEC.
“The S-ID regulations are designed to help protect investors against the risk of identity theft,” said Carolyn M. Welshhans, acting head of the SEC Enforcement Division’s Crypto Assets and Cyber Unit. in the press release. “These actions are a reminder that brokers and investment advisers should design and operate identity theft prevention programs appropriate to their businesses and keep them up to date.”
The companies neither admitted nor denied the findings, according to the statement. Each has agreed to cease and desist from committing future violations and paying penalties. JP Morgan will pay $1.2 million,
will pay $925,000 and TradeStation $425,000.
All three companies have taken substantial corrective action, including reviewing and auditing their identity theft prevention programs, the SEC said.
Veronica Navarro Espinosa, head of communications at JP Morgan Wealth Management, a unit of
said in an email that the company is in full compliance with regulatory requirements and has had no issues with customers.
“We are committed to protecting our customers against identity theft and fraud,” she said in the email. “The deficiencies described were corrected years ago and no impact on customers has been observed.”
UBS and TradeStation did not respond to requests for comment.
Write to [email protected]