Do Broker/Dealers Need to Offer Clients Better Protection from Data Theft?

The Securities and Exchange Commission (SEC) recently announced its plan to review 50 or more investment firms to learn how they protect their electronically stored data. As regulators look for ways to ensure better protection against data theft, firms can benefit from doing the same.

Below are a few things to consider when reviewing your firm’s data protection practices:

Find out what data protection methods your firm employs.  

You can instill confidence in clients who inquire about how their information is stored and protected by understanding the data protection methods used by your firm. If a client asks a question like, “What forms of identification are used to access my personal identifiable information?” you should be able to provide an answer.

Learn what compensation, if any, is available to clients who suffer a loss as a result of data theft.

Recent cyber breach reports may alarm customers, making them more concerned about what they can expect in the event of a breach. Be prepared for potential customer questions like: “Do you reimburse customers for losses related to data theft?”

Be aware of any fines or other regulatory actions against your firm related to data theft.

Even well protected corporations have suffered a cyber breach. If your firm has experienced a breach, be prepared to address this with customers who have concerns. If your firm has since improved its protections against data theft, consider explaining this to customers to relieve their concerns.

By evaluating data protection practices, firms can stay in compliance with regulators and instill confidence in customers. Even if Broker/Dealers don’t believe their firm will be subject to the SEC’s review, this can be an opportunity for firms to find out how their data protection methods measure up against industry peers.