SEC Proposes Data Security Enhancements to the CAT NMS Plan (SEC Release)Edward Jones Wins TRO Against Former Employee in Solicitation and Trade Secrets Case (BrokeAndBroker.com Blog)Update on the Consolidated Audit Trail: Data Security and Implementation Progress (SEC Release)Statement on Proposed Amendments to the National Market System Plan Governing the Consolidated Audit Trail to Enhance Data Security (SEC Commissioner Peirce)
Today's proposal seeks to accomplish a number of security-enhancing goals including: (1) providing greater oversight, consistency and transparency regarding the appropriate use of CAT data, (2) requiring use of secure analytic workspaces (SAWs) for the analysis of large data sets permitting exceptions only when non-SAW environments are subject to third party security assessments and monitoring, (3) incorporating specific restrictions for the access and analysis of customer and account information including required use of the SAW and a defined workflow, (4) removing sensitive PII from CAT reporting requirements in accordance with the March 2020 PII Exemption Order in order to bring greater certainty to market participants that CAT reporting requirements do not include social security numbers, account numbers and dates of birth, and (5) preserving and enhancing existing security requirements.
As I have said elsewhere, the CAT treats every American as a presumptive wrongdoer. The CAT will watch everything you do in the securities marketplace, record it for employees of the SEC and self-regulators to monitor, and store it in databases that hackers undoubtedly will attack. The discomfort we feel about similar monitoring in other marketplaces is something we should also feel when the government watches our every move in the financial markets.
Between 2009 and 2017, Hildebrandt altered approximately 90 documents, including new account forms, ACH transfer requests, and distribution forms. He then submitted those forms to the Firm. Hildebrandt falsified the documents by reusing signatures and using correction fluid to conceal information already entered, like signature dates. He also altered dollar amounts on distribution forms, and corrected or added information (e.g., account numbers and misspelled names) by use of correction fluid and/or ink. He did so as an accommodation to approximately 30 customers. The underlying transactions were all authorized.
From January 1, 2017 to August 17, 2018, Woitkoski placed approximately 900 discretionary trades in 17 separate customer accounts. Over the course of longstanding relationships, the customers gave authorization to Woitkoski to exercise discretion in their accounts. However, Woitkoski did not have written authority from the customers to exercise discretion in their accounts. Additionally, Woitkoski never requested or obtained approval from Raymond James to exercise discretion in the customers' accounts.
In May 2017, Woitkoski also completed a compliance questionnaire in which he inaccurately stated that he did not exercise discretion in any non-fee based accounts.
. . .
From January 1, 2017 to August 17, 2018, Woitkoski mismarked order tickets for approximately 120 trades as "unsolicited" when the trades were his idea. Woitkoski had no communication with the customer for at least a week prior to entering the subject trade orders.