small-logo
ProfessionalsCapabilitiesInsights & NewsCareersLocations
About UsAlumniOpportunity & InclusionPro BonoCorporate Social Responsibility
Stay Connected:
facebookinstagramlinkedintwitteryoutube
  1. Privacy & Data Security

Blog

FINRA Imposes Second Data Security Fine on Lincoln Financial

  • PDFPDF
    • Email
    • LinkedIn
    • Facebook
    • Twitter
    Share this page
  • PDFPDF
    • Email
    • LinkedIn
    • Facebook
    • Twitter
    Share this page

Blog

FINRA Imposes Second Data Security Fine on Lincoln Financial

  • PDFPDF
    • Email
    • LinkedIn
    • Facebook
    • Twitter
    Share this page

1 Min Read

Author

Alessandra Swanson

Related Locations

Chicago

Related Topics

Financial Privacy

Related Capabilities

Privacy & Data Security

Related Regions

North America

December 1, 2016

The Financial Industry Regulatory Authority (FINRA) recently imposed a $650,000 fine on Lincoln Financial Securities Corporation (Lincoln) for its failure, in relevant part, to secure its customers’ confidential information. According to FINRA, Lincoln failed to adopt written supervisory procedures to instruct its representatives how to adequately protect customer confidential information. FINRA cited Lincoln’s data security policy as an example of such a failure, as it instructed Lincoln’s representatives to use firewalls, but did not provide any specific guidance as to how to install the firewall or what type of firewall was appropriate to protect the information. FINRA found the policy insufficient to adequately protect Lincoln’s information, since the representatives lacked technical expertise and could not be expected to understand how to obtain and install the proper firewall mechanism.

According to FINRA, Lincoln’s failures constituted violations of FINRA Rules 2010 and 3110. In particular, FINRA Rule 3110 requires FINRA members to maintain systems to supervise its registered representatives that is reasonably designed to achieve compliance with applicable securities laws and regulations. FINRA cited Rule 30 of Regulation S-P, requiring appropriate safeguards for customer information, as the securities regulation at issue.

This was FINRA’s second such action against Lincoln. In 2011, Lincoln paid a $450,000 fine after FINRA alleged that Lincoln had similarly failed to establish procedures to protect confidential customer information on the computers of Lincoln’s registered representatives.

TIP: This case provides insight into FINRA’s expectations as to the content of written supervisory procedures. FINRA members may be well-served to review their procedures to ensure that the content provides instructions sufficient to protect customer information.

Related Professionals

Related Professionals

Alessandra Swanson

Alessandra Swanson

This entry has been created for information and planning purposes. It is not intended to be, nor should it be substituted for, legal advice, which turns on specific facts.

Logo
facebookinstagramlinkedintwitteryoutube

Copyright © 2025. Winston & Strawn LLP

AlumniCorporate Transparency Act Task ForceDEI Compliance Task ForceEqual Rights AmendmentLaw GlossaryThe Oval UpdateWinston MinutePrivacy PolicyCookie PolicyFraud & Scam AlertsNoticesSubscribeAttorney Advertising