Recently, the state of Texas securities regulators fined and reprimanded a Chicago based securities dealer for violating its RIA compliance procedures when it failed to verify three signatures on a wire distribution request with the client before transferring money from the client’s account.
RIA Compliance Procedures
In three separate transactions, the chief compliance officer wired a total of $91,560 from an Individual Retirement Account (IRA) of a Texas client of the firm, who had not made any requests for funds to be transferred from his account.
The emails had several warning signals including in the subject line of the first email requesting a transfer of funds, it included the word [SPAM]. The second email asked that the cash balance be emailed. And, finally, the client was unrelated to the recipients of the wire transfers and had never wired money to them before.
Cybersecurity
The requests were sent from the client’s email account that had been compromised. According to the Securities Commissioner in Texas, electronic mail is the most likely way for a client’s account with a securities firm to be compromised.
Cyber-fraud is on the rise and state registered investment advisors need to establish up to date RIA compliance procedures to assess the risks of access to their client’s information.
Financial Crimes Enforcement Network
Last year, the Financial Crimes Enforcement Network, a division of the Department of the Treasury issued an advisory to financial institutions to provide guidance on instituting procedures to help stop fraudulent transfers of customer funds.
Before accepting wiring instructions from a ‘client’, call the client first for confirmation! Make this a part of your RIA compliance Procedures.
