SEC charges JPMorgan, two others for inadequate identity theft protections

The Register reports the U.S. Securities and Exchange Commission has charged JPMorgan Securities, TradeStation Securities, and UBS Financial Services for failing to adequately bolster their identity theft prevention systems, putting their customers at increased risk of compromise. Policies and procedures for detecting identity theft and other red flags, as well as determining and curbing identity theft risk were lacking in the three firms' identity theft prevention programs from January 2017 to October 2019, according to the SEC. Aside from failing to detail service provider arrangements, JPMorgan did not implement training for the program. Employee training was also absent for UBS, which along with TradeStation did not include their respective boards of directors in identity theft prevention program development and adoption. JPMorgan, UBS, and TradeStation have been fined $1.2 million, $925,000, and $425,000, respectively, without any admission of liability. "Today's actions are reminders that broker-dealers and investment advisers must design and operate identity theft prevention programs that are appropriately tailored to their businesses and update them in response to the increased threat and changing nature of identity theft," said SEC Division of Enforcement Associate Director Carolyn Welshhans.