FINRA fines Wedbush for hacking wire transfer
Wedbush Securities Inc Agrees to Pay $350,000 Penalty as Part of Settlement With Financial Industry Regulatory Authority (FINRA)。
Wedbush Securities Inc agrees to pay $350,000 fine as part of settlement with Financial Industry Regulatory Authority (FINRA)。
Between January 27, 2021 and February 4, 2021, Wedbush received and approved four fraudulent wire transfer requests from a hacker, but did not take reasonable steps to confirm whether the requests were genuine.。
The hacker accessed an email account belonging to a registered representative of one of Wedbush's agencies and asked Wedbush to send four wire transfers totaling more than $6.6 million to two third parties from a joint brokerage account held by two clients.。
In approving these requests, Wedbush did not reasonably investigate whether these wire transfer requests were fraudulent, including the large amount of wire transfer and increasing in a short period of time, and the wire transfer was sent to a third-party payee who had no contact with the customer (both were located abroad)。
Wedbush did not take reasonable steps to confirm the authenticity of the wire transfer request, such as contacting an authorized representative of the correspondent bank by telephone。Instead, the company approved the four wire transfers only by sending questions to the hackers who used the leaked email accounts.。
After Wedbush's agent notified Wedbush of the fraud, Wedbush and the agent compensated the customer for the loss.。
In February 2021, Wedbush revised its written oversight procedures for processing power of attorney, including requiring company personnel to call an agent's "eminent person" at a known phone number before approving a wire transfer in excess of a certain amount.。
Because the company failed to reasonably monitor the transfer of customer funds to third parties, it violated Financial Industry Regulatory Authority rules 3110 and 2010.。
The company also agreed to accept the reprimand and undertook that a registered head in its senior management would certify in writing that the company had rectified the problems and that it had implemented a system of oversight, including a written oversight procedure that was reasonably designed to achieve compliance with Rule 3110.。
Disclaimer: The views in this article are from the original author and do not represent the views or position of Hawk Insight. The content of the article is for reference, communication and learning only, and does not constitute investment advice. If it involves copyright issues, please contact us for deletion.
