An irreverent Wall Street Blog

FINRA Fines and Suspends Rep for Emailing Confidential Info Of 1,696 Plan Participants

April 3, 2019

In a recent FINRA regulatory settlement, we come across a case in which a registered rep didn't make a bad situation worse. Which isn't to say that he undid the bad situation. He didn't. It is to say that he seems to have renounced engaging in further bad actions, which, if nothing else, gave FINRA an excuse to pull its punches. Some might say that the rep stopped short because his broker-dealer caught him in the act. That may be true. On the other hand, whatever the motivation, the confidential information of 1,696 retirement-plan participants never got misused beyond being wrongfully downloaded into spreadsheets and emailed away from the firm. Other than that Mrs. Lincoln, did you at least enjoy the play?

Case In Point

For the purpose of proposing a settlement of rule violations alleged by the Financial Industry Regulatory Authority ("FINRA"), without admitting or denying the findings, prior to a regulatory hearing, and without an adjudication of any issue, Fabiano de Franco submitted a Letter of Acceptance, Waiver and Consent ("AWC"), which FINRA accepted. In the Matter of Fabiano de Franco, Respondent (FINRA AWC 2017054076501, April 2, 2019). 
http://www.finra.org/sites/default/files/fda_documents/2017054076501
%20Fabiano%20de%20Franco%20CRD%204528382%20AWC%20va.pdf

The AWC asserts that de Franco was first registered in 2002, and by 2010, he was registered with FINRA member firm ICMA-RC Services ("RC Services") and also an employee of IRC, an investment-advisor affiliate. IRC provided bookkeeping and administrative services to public-sector retirement plans; and RC Services provided educational services to participants in plans IRC administered.

FINRA Investigation

The AWC asserts that FINRA's investigation of de Franco's conduct was prompted by the self-regulatory-organization's receipt of a Uniform Termination Notice for Securities Industry Registration (the "Form U5) filed on April 27, 2017, by RC Services that disclosed de Franco had been terminated for violation of the firm's policies and procedures.

Before Leaving

During his seven-year tenure with RC Services and IRC, de Franco purportedly provided investor educational services to certain plan participants for which IRC provided administrative and recordkeeping services. The AWC asserts that de Franco had access to an IRC database containing certain confidential information of plan participants that he used pursuant to providing educational services. As set forth in part in the AWC: 

Before leaving the Firm to build his own outside retirement-planning business, de Franco generated spreadsheets from IRC's database that contained confidential information, including names, dates of birth, and account balances for 1,696 plan participants, including participants with whom de Franco had no prior relationship. Without the authority of the participants, the Firm or IRC, he emailed the spreadsheets from his RC Services email account to an email account that his outside business maintained and to which his wife, who was not affiliated with IRC or the Firm, had access. Neither the email nor the spreadsheets were encrypted, risking the possibility that if misdirected personal information of plan participants would fall into the hands of third parties. De Franco emailed the spreadsheets so that he could contact a subset of the plan participants on the spreadsheets for the purpose of selling them retirement-planning services through his outside business. The Firm discovered the April 4, 2017 email through routine surveillance, and terminated de Franco's registration. De Franco never used the information for any purpose.

FINRA Sanctions

FINRA deemed de Franco's cited conduct to constitute violations of FINRA Rule 2010. In accordance with the terms of the AWC, FINRA imposed upon de Franco a $5,000 fine and a 10-business-day suspension from associating with any FINRA member in all capacities 

When you get to Asheville
Send me an email
Tell me how you're doing
How its treating you
Did you find a new job . . .


Bill Singer's Comment

Compliments to FINRA on a nice, tight AWC. Similarly, taking into consideration the allegations, the 10-business-day suspension strikes me as reasonable and tailored to the unique circumstances at issue. 

No . . . there is nothing earth-shattering or particularly offensive about the underlying facts presented in the AWC. That being said, this FINRA regulatory settlement presents the perfect opportunity to remind registered reps of several issues to consider when transitioning from one firm to another. Accordingly, let's parse through the AWC:

Before leaving the Firm to build his own outside retirement-planning business, de Franco generated spreadsheets from IRC's database that contained confidential information . . .

Once you have decided to move on from your current firm, be aware that the whole "before leaving" period of time will come under scrutiny. The key point here is that you have decided to leave, as in you no longer have any intention of remaining at your current employer. That changed state of mind is a critical distinction, and one that a veteran industry lawyer will latch on to whether that lawyer is in the service of your former firm or part of a regulator's staff. Consequently, once you have decided that you're leaving, you have to be careful about accessing your current' firm's confidential databases. Careful as in the fact that you will inevitably leave a digital footprint of the date and time you logged on to the database and performed the data dump. In de Franco's case, his generation of spreadsheets from IRC's database became all the more troubling because he not only had decided to leave RC Services but he also was pursuing  "his own outside retirement-planning business." On top of that, it gets messy trying to distinguish between what de Franco did wrong at or to his FINRA member firm employer RC Services versus non-member-firm-affiliate IRC.

de Franco generated spreadsheets from IRC's database that contained confidential information, including names, dates of birth, and account balances for 1,696 plan participants, including participants with whom de Franco had no prior relationship. 

If de Franco had merely used the confidential information of plan participants with whom he had a prior, ongoing relationship, that still would not have been okay -- but it would have been less bad than what he did by accessing the confidential data of 1,696 plan participants, "including participants with whom de Franco had no prior relationship."  It doesn't look right a couple of years later and it likely rankled IRC when the conduct was of a more contemporaneous vintage. You may be thinking that if de Franco had asked for permission to download the data that the BD and RIA might both have declined the request. You may be right. You may be wrong. Regardless, he didn't ask -- and that's the only thing that matters at this point.

Without the authority of the participants, the Firm or IRC, he emailed the spreadsheets from his RC Services email account to an email account that his outside business maintained and to which his wife, who was not affiliated with IRC or the Firm, had access. Neither the email nor the spreadsheets were encrypted, risking the possibility that if misdirected personal information of plan participants would fall into the hands of third parties. 

It's easy to see in hindsight how de Franco's simple decision to create spreadsheets and then email them to his outside business was a huge mistake. At the time, as is often the case, it likely seemed harmless (or perhaps a "who's gonna find out?"). It may well have been that de Franco felt that he had invested some seven years at RC Services and IRC and, well, you know how these things get rationalized, he may have figured it was "his" business and he had access to the data anyway as part of his job and . . . and . . . and. The problem with de Franco's conduct is that he sent confidential customer information away from his firm, which was entrusted with securing that information and protecting the participants. Worse, by transmitting the confidential files without encryption and to "his outside business,"  de Franco created a troubling scenario that invited his former firm's Form U5 narrative and the scrutiny of FINRA. Yes, I know, we all send all sorts of stuff by email. On the other hand, how did that work out for de Franco?

The Firm discovered the April 4, 2017 email through routine surveillance, and terminated de Franco's registration. 

As an industry lawyer, among the more common things I hear from clients is how they never, ever thought that those idiots in Compliance would ever find out that they had logged on to the firm's computer system and downloaded X or copied Y or altered the contact information for their clients. Did you notice how RC Services fired de Franco after the firm "discovered the April 4, 2017 email through routine surveillance?" So, maybe those folks in Compliance ain't the dumb shits that you think they are?  And, while we're doing some soul searching, maybe you're not as clever as you think you are?

De Franco never used the information for any purpose.

The fact that "De Franco never used the information for any purpose," may have moved FINRA's regulatory needle from a multi-week or multi-month suspension to a more temperate 10-business-days. Keep that in mind should you find yourself under FINRA's scrutiny for similar misconduct. For whatever reason de Franco didn't exacerbate a bad situation by actually using the data to solicit customers or to harm his former firm. If he had pursued such actions, I'm certain that his suspension would have been for a more lengthy period.


U.S. Attorney's Office Settles Disability Discrimination Allegations Related to the CPA Exam (DOJ Release)

FINRA Fines and Suspends Rep for Emailing Confidential Info Of 1,696 Plan Participants 
(BrokeAndBroker.com Blog)

SEC Charges Former CEO of Silicon Valley Startup With Defrauding Investors (SEC Release)

The Founder and Chairman of a Multinational Investment Company, a Company Consultant and Two North Carolina Political Figures are Charged with Public Corruption and Bribery (DOJ Release)

FIH, LLC, Plaintiff/Appellant, v. Foundation Capital Parnters LLC, FKA Foundation Managing Member LLC, Dean Barr, Joseph Meehan, Thomas Ward, and Joseph Elmlinger, Defendants/Appellees (Opinion, 18-CV-357, United States Court of Appeals for the Second Circuit)

SEC Charges College Official for Fraudulently Concealing Financial Troubles from Municipal Bond Investors (SEC Release)

SEC Obtains Final Judgment Against New York Broker Charged with Stealing from Investors (SEC Release)

Permalink

Search BrokeAndBroker

Related Topics

Previous Entries

No Headlines Found

Tag Cloud

Bill Singer BrokeAndBroker FINRA Arbitration AWC SEC BrokerAndBroker Expungement Guest Blog Guest Blogger Aegis Frumento OBA Wells Fargo U5 BrokeAndBroker CRD InSecurities OHO Email Morgan Stanley Defamation U4 NAC ALJ Merrill Lynch BrokerCheck PST Supervision Whistleblower Statutory Disqualification Securities Industry Commentator Rule 3270 Suitability DOJ SDNY Promissory Note Rule 2080 Elderly Rule 2010 Willful WSP OIP Form U4 Wire Fraud Pro Se Rule 8210 EFL UBS Expenses RIA Form U5 Dodd Frank Stephen Kohn Business Expenses TRO Discretion Rule 1122 Bar Willfulness IRS Bank JP Morgan Fraud Discovery Wife Trump Ameriprise Husband NASD Bill SInger FAA Rule 3240 Borrowing Small Firm Conversion Supreme Court Rule 3280 Crypto Edward Jones Margin Wrongful Termination IRA Raymond James CCO Insurance 2Cir Estate Frumento Corrective Action Statement Outside Business Activities Stay Rule 12206 Mail Fraud Schwab arbitration Punitive Damages Tax LPL Promissory Notes Customer Bankruptcy Beneficiary Explained Decision TD Ameritrade Felony COVID Remand Citigroup Motion to Dismiss Options BrokeAndBroker.com Commissions Settlement Trust Case In Point OWB Injunction CFTC ACQ Board DCCir Rule 4511 OTR Initial Decision Retaliation Blockchain Sanctions Rule 3040 Tax Liens Ponzi Rule 2510 Wall Street Motion to Vacate Burris Due Diligence Forgery Spouses 9Cir Rule 4530 Discrimination Jurisdiction Eligibility Rule Unauthorized Discretion Reg SP Personal Expenses Unsuitability Offer of Settlement Rule 12200 Solicitation Outside Business Activity FBI Mandatory Arbitration SRO Insider Trading Bank of America Rule 3010 Compliance Failure to Supervise Checks NYSE Barclays Annuities Manifest Disregard ETF CRS Goldman Sachs Private Securities Transaction Divorce Disgorgement Loan Dissent FINRA Board Rule 3110 10Cir Class Action Cease And Desist PCAOB Fiduciary Conspiracy email Trustee Board of Governors Impersonation Power of Attorney Reimbursement Rule 9552 Credit Card IAR expungement VA Broker Protocol Unfair Competition Spoofing Spouse Cryptocurrency Customer Complaint Liens AML Zipper Emails Annuity Away Account T&P Tax Lien JPMorgan Complaint Indemnification Retirement Wey Disclosure Lucia SDFL Kokesh Due Process POA BD Breach of Contract Appeal MC-400 4Cir Lien Bitcoin Rule 12904 Willfully Coronavirus Public Interest Unauthorized Trading Postponement Racism BOP Severance REIT 3Cir Indictment Elder Abuse Securities Fraud Vacatur Fees Antitrust HFT Brummer Exhaustion of Administrative Remedies Dakota Securities Rule 12805 CMA Net Capital Test Motion to Confirm Rule 2111 Signature Covid Hilton Weiner Whistleblowers Wire Rule 3050 WSPs insecurities guest blogger guest blog aegis frumento Rule 2150 Employment Sexism Whistleblowing Statute of Limitations Marijuana PNC RR Suspension Gensler NASDAQ Deceased Widow Private Securities Transactions Examination Bureau of Prisons Money Laundering OIG BrokeAndBroker.com Blog Robinhood Stifel Nicolaus Sanction Guidelines Deutsche Bank PIABA Loans Bonus Rule 2081 Apple Stifel Signatures DNJ Non Solicitation Audit Will DOL Puts Bonds Leggett Puerto Rico Rule 13200 Preliminary Injunction Confidential Information Enforcement 11Cir Botkin Rule 4513 Misdemeanor Charles Schwab Self Regulation Great Recession OSHA Elder Fraud Mortgage TOD Absolute Immunity JPMS Margin Call Unjust Enrichment Mutual Funds CPA Membership Continuance Credit Suisse Statutory Disqualification Committee Hacking Registration Commission Unsuitable Small Firm Governor NoCA Website Rationale Diversity 1Cir supervision NDCA TheBlot Exam Pennystocks Standing Appointments Clause Arbitraiton Undisclosed Settlement ADA JPM Test Center Passcode BrokeAndbroker Inability to Pay RBC money laundering Mother IPO Finra Election Away Accounts Scottrade Immunity Rule 2210 Testimony Real Estate Robert Cook Annual Compliance Questionnaire AAA TCR Feigenbaum Spoliation Cannabis Statement of Corrective Action WB-APP Rule 13805 Waiver 6Cir Trade Secrets Written Supervisory Procedures 9/11 securities industry commentator State Actor E*Trade Rule 12504 Concentration Reg S-P Bandimere BrokeandBroker Extraordinary Cooperation Rule 9554 CEO Excessive Trading Sexist Affiliate Variable Annuities Michael King Biden Variable Annuity Hurry Sarbanes Oxley Form ADV brokeandbroker FINOP Compensation Imposter Michael King Associates Tortious Interference Solicited Irreparable Harm Restitution Johnny Burris Newman Superior Court FMLA Unsolicited DMD NRF Wachovia Facebook Star Wars Series 7 Medical Condition BrokeAndBroker Bill Singer FINRA Small Firm Rule 12212 Termination Fidelity Hester Peirce DDC Churning Conflict of Interest EDNY Ethereum Administrative Remedies Circuit Court Taxes Confidentiality Trading Platform Customer Information Non-Solicitation Subpoena Default Motion to Compel Sharemaster Financial Professionals Coalition Beneficiaries Research Sexual Discrimination ICO Talman Harris High Frequency Trading Pennystock Self Reporting Constitution Continuing Education Life Insurance Scottsdale 10b-5 Customers McDuff Self Directed PAQ Kon Social Media Marines Vietnam Marine Corps Honorarium Whitman Relevant Disciplinary History Consent Order Ride the Thunder Employment Agreement VIX IM Mutual Fund Service Hugh Hewitt Funds Rule 3030 Wanger Extraordinary Circumstances Stipulated Award Internet Rule 3310 Flash Crash Boycott Saad RMBS Hearing Sexual Harassment Government Accountability Project Information NSF SunTrust Cheating Check Kiting Guitron Obstruction RICO Lawyers Debit Card Wedbush Yesenia Guitron Testing ATM 5Cir Probate Respondeat Superior Privilege FNMA FINRA AWC Private Placement Dementia Scholander Interactive Brokers FOCUS Layering Nondisclosure Annual Audit Falsification 17a-5 Check JP Morgan Securities Guest Bloggers EEOC Lawyer Morgan Stanely Federal Reserve Chevron Son Revocation Capital Gains securities fraud Conflict SP Pension Prudential Oral Discretion Shah Gilani Slander Charity Penalty OWWP Hedge Fund Confirm Disciplinary History wire fraud Attorneys Fees WBAPP GameStop mail fraud Amazon Client Information Gamification Regulation SP Outside Counsel Fiduciary Duty Rory Flynn Acosta DCO Rule 1210 Blackbook Forex Executor Relevant Transamerica Liquidation NY Life Res Judicata Offset Puerto Rico Bonds Permanent Bar ARS Form TCR CDO SD FCI Rule 13504 Death Peirce ACH Joint Account Over Concentration WhatsApp Tesla FCI Beaumont FAP Zoom Texting Newport Coast Securities LLC Jennifer Tarr Obstruction of Justice Christian Stanley Rule 21F Arbitration Civil Rights Unauthorized Practice of Law Taft Correctional Institution Cold Spring Advisory Group Reverse Life Insurance Lehman Third Party Vendor Deferred Compensation Bear Stearns Oppenheimer Rule 13104 MSSB Elder Law 40 Act Withdrawals Rule 2430 Expert Witness Leveraged ETF Google OCIE Crime Embezzlement Control Person Non Solicit Securities America Libel Pruco Time And Price Commodities Fraud Verbal Discretion For Cause Book of Business First Amendment fraud NYG Capital Turnover EDPA bill singer Counterclaim Subject Matter Jurisdiction Tennis Court Mistake Trade Practices Oilpro Charge Rule 13904 Rule 12104 Calls Cantor Fitzgerald Allocation Compliance Questionnaire Trading Jay Clayton Retired Woman With Cane 10b-10 Constructive Discharge Rule 3210 Johnson Purshe Kaplan DAO Powell wrongful termination AWC. FINRA FINRA Arbitration Teleconference Finder\'s Fee Rule 12203 Hotel Jarkesy Nationwide ESOP Kierkegaard Motion Reason for Termination LIBOR AXA YouTube Administrative Process SDOH Non-Disclosure ESG CE Fernandez Trader Tax Advice Pham Panama Telephone Vungarala Cherry Picking Expulsion Lorenzo Nicolas Corcione Fundacion Nicor Ten Commandments Credit Cards SDCA Retroactive Bar Collateral Bar Municipal Advisor Fine Financial Disclosure Retroactive Pershing GME FNI Media sexism NRSRO DRS NFT Section 1332 Exception Reports Schottenstein Bartko FINRA Foundation Negligence Private Placements ALJ Grimes Third Party Beneficiary Transparency JOBS Act Last Known Address QuadrigaCX Mantar GAP Rule 21F-17 In House Counsel CD NYAG Communications Undertaking expenses Promoter SLUSA Accounting JAMS In Connection With Deceased Customer MAP reimbursement TSSB HSBC false statements AMC Rule 13206 Reg SHO DMCA Gross Ruder Task Force Confidential Audit Committee Sharing Agreement Books and Records Kiting Rule 144 VXX Corporate Governance Motion to Compel Arbitration Back Dated Equity ACT! Tysk Altered Apartment Particularity Declaratory Judgment Rule 13212 Lek Rule 13201 Ethics Court of Appeal Orders Daspin Rule 2140 APA Title VII Motion to Exclude Section 206 PSRO Joint Production Discharge Exception Report Salman Stephen A. Kohn Self Regulatory Organization Investment Advisers Act Kent Transitional Bonus UIT MSPB Ruemmler Production Bonus Burden of Proof Notice Alcoholism Jury Instructions Harris finra Confirmation NPI Sterne Agee ALJ Foelak NMS Covid-19 Shotgun Pleading Risk Romer Article V Motiion to Acquit Fraudulent Inducement Grievance LOA annuities Wires Crowdfunding Hacker Confidential Customer Information defamation Rule 12511 Bob Dylan Data Meals Office of Special Counsel Escrow Clearing Firm Bill singer Unauthorized Trades Stipulation Reasonable SIFMA S&P Microcap elderly Motion to Postpone Electronic Communications Fidelity Brokerage Services Public Arbitrator Dostoevsky Bezos Municipal Bonds Berthel Fisher ETFs Expert EDVA FOREX Currency CNBC Income Capitalism No Show Series 79 Guardian Punitive Cryptocurrencies PN Exotic ETF Clayton Lexicon Reg D Ecuador Production Hayden Newbridge MDLA Daughter Witness Tampering JPMorgan Chase NYLIFE Non-Solicit Rule 420 Voya Principal Quasi Governmental Exemption Non Compete College Solomon Day Trading Disability Regulation Elon Musk Restaurant Private Actor Disparate Treatment Abstention AI Chief Compliance Officer Willfull Nietzsche Bequest Rule 2330 Rule 9216 Unregistered Fee Conflicts Rule 1031 Game of Thrones whistleblower Initials Perjury Investment Adviser Howey Harassment Vaccarelli Led Zeppelin Broke And Broker Judgments Traders Exhaustion Doctrine SIE Success Fee TradeStation ADR