COMPLY-Snagging too much information lands broker in hotseat
April 2 (Reuters) - Taking too much client data when leaving one brokerage firm for another can lead to legal disputes for advisers, although few of those run-ins involve regulators.
But one former manager who worked for a credit union affiliated with Raymond James Financial Services Inc is feeling the sting of a $10,000 fine and 10-day suspension.
The Financial Industry Regulatory Authority (FINRA), Wall Street's industry-funded watchdog, sanctioned Steven Robert Tomlinson after jeopardizing the privacy of 2,000 customers whose confidential information he brought to his new firm, Wachovia Securities, which he joined to manage a branch in Elmira, New York. The firm is now part of Wells Fargo Advisors, a unit of Wells Fargo & Co.
Lawsuits and arbitration cases stemming from disputes over client information are not uncommon. Brokerages often accuse their ex-brokers and managers of taking client data that belongs to the firm. Those cases can end with the old firm getting compensation from the departing employees and the other firm for lost business. Brokers, in some cases, may not be allowed to contact their former clients for a certain period, such as a year. Regulatory sanctions against them, however, are rare, say lawyers.
FINRA's ruling against Tomlinson, whom regulators say downloaded details such as account numbers, net worth figures, and social security numbers - way more information than industry standards typically allow - is a cautionary tale for brokers and others switching firms.
"There's no way that FINRA could have allowed this to go without a sanction because it is behavior that is abnormal," said Tom Lewis, a securities lawyer in Lawrenceville, New Jersey who represents brokers transitioning between firms.
Tomlinson, while planning his move, downloaded information onto his personal laptop and to a flashdrive that was not password-protected, according to a FINRA hearing panel decision on March 21. About 60 percent of the customers whose information he took were not Tomlinson's, according to the ruling.
He testified that he did not intend to do wrong, but "just didn't think at the time," according to the ruling. Tomlinson used only a small portion of the information he downloaded and for the limited purpose of sending announcements to clients.
Tomlinson's lawyer and a Raymond James spokeswoman declined to comment. Wells Fargo is aware of the decision and reviewing the matter, a spokeswoman said in a statement. Tomlinson is still employed by Wells Fargo, according to regulatory filings.
RULES AT PLAY
Brokers are subject to a range of restrictions about taking information when switching firms, including brokerage compliance policies and promises they make in employment contracts.
Brokerages often have two concerns: protecting their turf from competition and not running afoul of securities industry privacy regulations that require brokers and their firms to protect customer information and records.
An industry agreement intended to minimize legal disputes when advisers switch firms, known as the Protocol for Broker Recruiting, allows brokers to bring very limited information when switching firms, provided the two firms participate in the agreement. Those details typically include client names, addresses, telephone numbers and email addresses.
Raymond James Financial Services Inc did not participate in the protocol in 2008, when Tomlinson downloaded the data. Even so, it is unlikely that he would have incurred the wrath of regulators if he downloaded only that limited scope of data about his clients, said Marc Dobin, a securities lawyer in Jupiter, Florida who represents brokers. At most, his former firm would have filed a lawsuit or arbitration in an effort to stop him from using the information, Dobin said.
Tomlinson, however, committed an even more serious violation: allowing disclosure of a range of clients' personal information to an outside party without the customers' permission, according to FINRA. Among his slip-ups: He gave the flash-drive to a Wachovia assistant, who used it at a computer in a public reception area at her office.
Wachovia had notified Tomlinson not to bring client social security numbers and other non-public information from his former firm.
Tomlinson, like many advisers, wanted to take information about clients from his old firm so he could alert them to his new whereabouts. He acknowledged that he did not need all the details he took, such as account balances. Much of the downloading occurred in the days prior to Tomlinson's departure, sometimes late at night, when it was easier to avoid being caught, FINRA wrote.
The credit union investigated after learning of a mailing he sent to a customer. Tomlinson began deleting files when he learned of the investigation.
His case echoes another in 2010 involving a broker who downloaded details for about 36,000 customers of a former Bank of America Corp unit before leaving the firm. FINRA did not buy the broker's excuse that he downloaded the files in error. It imposed a 10-day suspension and $10,000 fine. The U.S. Securities and Exchange Commission upheld the sanctions in January.
It is unclear whether Tomlinson will appeal the ruling. If he does not, his ten-day suspension will begin on May 20, according to FINRA.
- Target holiday cyber breach hits 40 million payment cards
- UPDATE 3-Saab wins Brazil jet deal after NSA spying sours Boeing bid
- Zuckerberg to sell Facebook shares worth about $2.3 billion
- Special Report: Why Ukraine spurned the EU and embraced Russia
- Facebook, Zuckerberg, banks must face IPO lawsuit: judge