Home News FINRA Fines Kestra for Violating Customer Privacy

FINRA Fines Kestra for Violating Customer Privacy

The Financial Industry Regulatory Authority has censured and fined Kestra Investment Services $125,000 for purportedly helping certain recruited brokers take nonpublic personal customer information from their former firms and disclose it to a third-party vendor.

The Financial Industry Regulatory Authority has censured and fined Kestra Investment Services $125,000 for purportedly helping certain recruited brokers take nonpublic personal customer information from their former firms and disclose it to a third-party vendor that assisted the representatives with their transition to the broker-dealer, without the other broker-dealers’ or the customers’ knowledge or consent.

According to a letter of acceptance, waiver and consent issued by FINRA, Kestra allegedly violated the Securities and Exchange Commission’s Regulation S-P, which prohibits financial institutions from disclosing nonpublic personal information about a customer without proper notice and an opportunity to opt out.

From approximately November 2017 until February 2019, Kestra contracted with a third-party vendor to provide assistance to recruited registered representatives who had agreed to join the firm.

FINRA claims that Kestra worked with the vendor to create a template spreadsheet to collect information about the recruited brokers’ customers, including their social security numbers, driver’s license numbers, and birth dates, as well as their account numbers, annual incomes, and net worth.

Kestra’s arrangement with the vendor resulted in 68 recruited representatives taking the customer information from their broker-dealers and disclosing it to the vendor, causing the other broker-dealers to also violate Regulation S-P.

In addition, in some instances, FINRA claims that Kestra employees arranged and participated in conference calls between the vendor and the recruited representatives to provide guidance on how to complete the spreadsheet.

FINRA indicated that Kestra’s employees did not receive copies of the spreadsheet or have access to the personal information provided to the vendor. Once a recruited representative became registered through Kestra, the vendor used the spreadsheet to automatically pre-populate new account forms, which the vendor sent to customers who agreed to open accounts. The broker-dealer typically reimbursed its recruited representatives for the fees charged by the vendor to generate the new account documents, FINRA said.

“Kestra failed to take any steps to inquire whether the recruited representatives or their broker-dealers at the time had notified customers about the disclosure of their nonpublic personal information, nor did Kestra take any steps to inquire whether customers had been given an opportunity to opt-out of having their information disclosed,” FINRA said in the AWC letter. “Kestra also failed to provide any guidance to the recruited representatives concerning the disclosure of customers’ nonpublic personal information to the vendor.”

Kestra, which has 678 branch offices and approximately 1,846 registered representatives, signed the AWC letter without admitting or denying the allegations. The broker-dealer does not have any relevant disciplinary history with the SEC, any state securities regulators, FINRA, or any other self-regulatory organization.

Click here to visit The DI Wire directory sponsor page.