Misuse of Customer Data on Flash Drive Crashes Stockbroker's Career

September 22, 2011

For the purpose of settling alleged rule violations by the Financial Industry Regulatory Authority ("FINRA") but without admitting or denying the findings, Nicholas C. Dito submitted a Letter of Acceptance, Waiver and Consent ("AWC"), which FINRA accepted. In the Matter of Nicholas C. Dito, Respondent (AWC/20090204321, July 29, 2011).


Dito first became registered in 2006 and joined John Thomas Financial ("JTF") on March 14, 2008, where he remained until his resignation on March 11, 2010.

Flash Drive

The AWC alleged that in July 2008, Dito obtained possession of a computer flash drive (the "Flash Drive"), which contained non-public customer account information, which is described as including, among other data, approximately 350 account statements of customers from another FINRA member firm. Each of the customer account statements on the Flash Drive displayed non-public financial information including customer names, addresses, account numbers, financial positions, broker identification numbers and account values.

It's not explained in the AWC how Dito obtained the Flash Drive - I don't know whether he found it, bought it, stole it, etc. As such, we'll just go with the fact that one day Dito didn't have the storage device and the next day he did.

The AWC states that "Dito took the flash drive to his parents' home, and uploaded the contents of the Flash Drive to his parents' home computer."

He took it to mom and dad's home? What, Dito didn't have his own computer? Or maybe he was being clever - figuring that there wouldn't be any trace of uploading or downloading on his own computers. Again, the AWC doesn't explain any of this, so fill in the blanks as you wish.

The AWC alleges that once Dito opened the contents of the Flash Drive, he saw that it contained nonpublic customer information, which he subsequently copied. Dito sent two emails containing the Flash Drive customer data to his JTF email address. The first email, sent on July 3, 2008, contained about 300 customer names and addresses, which Dito allegedly intended to use to facilitate his cold-calling efforts. A second email, sent on the same day, contained the equity stock positions with valuations in a public customer's securities account at another brokerage (apparently for the period December 31, 2003 through January 20, 2004).

NASD Rule 2110 provides that "[a] member, in the conduct of his business, shall observe high standards of commercial honor and just and equitable principles of trade." The AWC alleged that Dito failed to observe high standards of commercial honor and just and equitable principles of trade in violation of NASD Rule 2110 by viewing non-public customer information contained in the Flash Drive and mining out selected excerpts for his own use by e-mailing the information to his JTF email address.


On April 27, 2010 and February 17, 2011, Dito appeared at FINRA subject to a demand to provide On-The-Record testimony ("OTR") in connection with the self-regualtory organization's investigation of his conduct. During both OTRs, FINRA admonished Dito to answer questions to the full extent of his knowledge and truthfully, and that a failure to abide by those obligations could lead to disciplinary action, including a bar. Notwithstanding, Dito refused to answer any further questions during the February 17th OTR.


Pursuant to the AWC, FINRA imposed a Bar upon Dito for his viewing and use of the non-public customer information contained on the Flash Drive, in violation of NASD Rule 2110; and for his refusal to answer questions and complete his OTR, in violation FINRA Rules 8210 and 2010.