Morgan Stanley decided to settle the case by paying the clients without accepting or denying the allegations.
Morgan Stanley will pay $35 million to resolve claims made by the US Securities and Exchange Commission that one of its units failed to protect the personal information of millions of customers when replacing company hard drives and servers.
According to the SEC, banks improperly disposed of thousands of devices and some were auctioned off online without checking that customer data they contained had been deleted. Over a five-year period starting 2015, about 15 million clients’ details were compromised.
Morgan Stanley later said in a statement that it was pleased to have resolved the matter. “We have previously notified applicable clients regarding these matters, which occurred several years ago, and have not detected any unauthorised access to, or misuse of, personal client information,” the company said.
Morgan Stanley decided to settle the case by paying the clients without accepting or denying the allegations.
The firm hired a moving and storage company without any prior experience in data destruction, and failed to properly oversee the company's work, according to the SEC, which led to the violations. Some of the devices, which contained tens of thousands of pieces of unencrypted customer data, were recovered by Morgan Stanley. According to the regulator, the vast majority of devices were not discovered.
Director of the SEC’s enforcement division, Gurbir Grewal called the findings ‘astonishing’. Grewal added that “customers entrust their personal information to financial professionals with the understanding and expectation that it will be protected.”
The brokerage's failure to properly discard customer and consumer report information as part of a larger hardware refresh programme, during which the company discovered that 42 servers were missing, is also a factor in the fine imposed on Tuesday. The SEC claimed that the device's encryption software was not activated by the unit.
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
 "Representational Image")
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
)
){kind=small}
){kind=small}
)
)
)
)
)
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}