According to FINRA, Dale Self was assessed a deferred fine of $5,000 and suspended from association with any FINRA member in all capacities for 15 business days on July 30, 2024, for improperly removing and retaining non-public customer personal information without his member firm's or the customers' consent.
In anticipation of joining an investment advisory firm, Self improperly removed and retained non-public customer personal information in contravention of the firm's procedures. The information, which included customer dates of birth, social security numbers, and financial account numbers, was disclosed to the investment advisory firm and used to populate new account forms and customer relationship software. Ultimately, Self returned the information to the brokerage firm at its request.
The protection of customer information is a critical responsibility for all securities professionals. Non-public personal information, particularly social security numbers and financial account numbers, can be used for identity theft and other fraudulent purposes if it falls into the wrong hands. Firms have policies and procedures in place to protect this information, and representatives are prohibited from removing such information without authorization.
While Self's intent may have been to facilitate his transition to a new firm and to serve customers at his new firm, the unauthorized removal of customer information violates firm policies and regulatory requirements designed to protect customer privacy and data security. Registered representatives who change firms must follow proper protocols for transitioning customer relationships, which do not include taking customer information without authorization.
The 15-business-day suspension, which was in effect from August 5, 2024, through August 23, 2024, reflects the violation while considering that Self ultimately returned the information when requested. Investors should be aware that their personal information should be protected by their brokerage firm and should not be removed or shared without proper authorization and security measures. Firms have an obligation to safeguard customer information and maintain policies to prevent unauthorized access or removal.
