The Securities and Exchange Commission (SEC) in the US has penalised brokerage units of JPMorgan Chase & Co. and UBS Group for not maintaining proper measures to prevent customer identity theft.

The brokerages, which did not admit or deny the allegations, agreed to pay a combined $2.1m in penalties, reported Bloomberg News.

The SEC said that the firms’ identity theft prevention programs did not include enough procedures or policies in place to detect identity theft linked to client accounts from at least January 2017 to October 2019.

Additionally, the firms did not have sufficient procedures to respond appropriately to detected red flags of identity theft and failed to update their programmes to reflect changes to identity theft risks to customers.

This violated regulations that lay out requirements for financial firms’ prevention programmes, it added.

SEC Enforcement Division Crypto Assets and Cyber Unit acting chief Carolyn Welshhans said: “Today’s actions are reminders that broker-dealers and investment advisers must design and operate identity theft prevention programs that are appropriately tailored to their businesses and update them in response to the increased threat and changing nature of identity theft.”

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

JPMorgan will pay $1.2m and UBS $925,000 to settle the cases.

UBS said in a statement to the news agency: “Protecting the privacy and security of our client data is of the utmost importance to UBS.

“The SEC did not find that any clients were impacted and acknowledged that UBS had made substantial enhancements to its program.”

A spokesperson for JPMorgan told the news agency that the bank is committed to protecting clients from identity theft and fraud.

The person added: “The deficiencies described today were addressed years ago and there was no finding of client impact. The firm is in full compliance with regulatory requirements.”