Morgan Stanley unit fined $35M for mishandling customer data
By 
Adrianne Appel2022-09-20T18:40:00
Morgan Stanley Smith Barney (MSSB) agreed to pay $35 million to settle Securities and Exchange Commission (SEC) charges it repeatedly disregarded the safeguarding of clients’ personal data.
The personally identifiable information of approximately 15 million MSSB customers was made vulnerable over a five-year period, beginning in 2015, because of failures by the firm to protect it, the SEC said in a press release Tuesday. MSSB is a wholly owned subsidiary of Morgan Stanley.
The trouble began when MSSB did not encrypt the personal data of customers stored on computer servers and hard drives, the SEC alleged. In 2016, the firm decommissioned two data centers and didn’t properly dispose of its computer servers and hard drives, the agency said.
Related articles
-
News BriefFINRA fines Morgan Stanley $1M for alleged documentation failures
The Financial Industry Regulatory Authority fined broker-dealer Morgan Stanley $1 million over alleged documentation failures related to risk management controls and supervisory procedures involving violations of the Market Access Rule.
-
News BriefSEC amends Reg S-P to require data breach notification within 30 days
The Securities and Exchange Commission will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days.
-
News BriefMorgan Stanley settles with states for $6.5M over mishandled data
Morgan Stanley agreed to pay $6.5 million as part of a settlement with six states requiring the firm to strengthen its data security after actions it took compromised the personal data of millions of customers.
More from Regulatory Enforcement
-
News BriefFTC complaint accuses LA Fitness parent companies of blocking easy membership exits
The Federal Trade Commission filed a complaint against LA Fitness’ parent companies, citing difficulties canceling memberships, a month after a court blocked the agency’s click-to-cancel rule.
-
ArticleJudge orders CVS to pay nearly $290M for Medicare false claims
CVS’s Caremark division knowingly overcharged Medicare for prescription drugs and must pay nearly $290 million, a Pennsylvania federal judge has ordered.
-
News BriefSEC charges duo in $275 million water vending machine Ponzi scheme
The owner of a water machine vending company and a portfolio manager were allegedly behind a Ponzi-like scheme that raised more than $275 million, according to the U.S. Securities and Exchange Commission.