Proxy research firm settles charges with SEC over client breach

Share this article:

Institutional Shareholder Services (ISS), a research firm the advises clients on voting in proxy fights, must pay $300,000 to the U.S. Securities and Exchange Commission (SEC) to settle charges that it failed to protect client information due to access control shortfalls.

The breach happened after an ISS employer allegedly divulged sensitive information to a proxy solicitor, a person hired by shareholders to find proxy voters to replace shareholder votes, in exchange for gifts.

"An SEC investigation found that an employee at ISS provided a proxy solicitor with material, nonpublic information revealing how more than 100 ISS institutional shareholder advisory clients were voting their proxy ballots," the SEC said in a Thursday news release. "In exchange for voting information, the proxy solicitor provided the ISS employee with meals, expensive tickets to concerts and sporting events, and an airline ticket."

The ISS is a registered SEC investment adviser.

The breach, which had been ongoing from 2007 to 2012, was enabled by ISS failing "to establish or enforce written policies and procedures reasonably designed to prevent the misuse of material, nonpublic information by ISS employees. Specifically, ISS lacked sufficient controls over employee access to databases of confidential client vote information."

Share this article:

Sign up to our newsletters

More in News

Feds warn health care sector of looming cyber attacks

The FBI believes that the lax security systems that the health care industry has in place make it a prime target for cyber attacks.

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.