Wedbush Securities has agreed to pay $350,000 to settle allegations related to a hacking incident that regulators say resulted in the theft of millions of dollars of client assets.
In early 2021, Wedbush approved four wire request transfers submitted by a hacker who had gained access to the email account of a registered representative at a firm with which Wedbush did business, according to a settlement letter published by brokerage industry self-regulator Finra.
Over a nine-day period, Wedbush moved more than $6.6 million from a joint brokerage account to two third parties at the hacker’s direction, according to the settlement letter.
Wedbush settled the matter without admitting or denying the allegations. A spokeswoman for the Los Angeles-based firm declined to comment.
The settlement letter alleges that Wedbush “failed to reasonably investigate red flags” associated with the requests.
Advertisement – Scroll to Continue
The wire requests “were for large and increasing amounts in a short period of time, and the wires were being sent to third-party recipients (both of whom were located in foreign countries) who lacked any connection to the customers,” Finra says, also alleging that Wedbush didn’t attempt to contact the representative whose email account had been hacked by phone.
“Instead, the firm approved the four wires after only sending questions to the hacker who was using the compromised email account,” Finra says.
Wedbush has faced numerous disciplinary actions from regulators in recent years. Last November, for instance, Finra fined the firm $850,000 for allegedly failing to have systems in place to ensure the accuracy of its account statements. As a result, clients received statements that errantly showed that their bonds were making interest payments when they were actually in default.
Advertisement – Scroll to Continue
Other recent actions against Wedbush include $16 million in fines related to employees conducting business on unapproved communications channels in August, and a $975,000 settlement with Finra in January to resolve allegations that the firm didn’t adequately police trading activity it facilitated to prevent market manipulation.
For the hacking incident, Finra noted that Wedbush and its partner firm that was the target of the cyberattack reimbursed their clients for the funds that had been stolen. In addition to the fine, Wedbush accepted a censure and committed to retooling its supervisory procedures.
Write to advisor.editors@barrons.com
——————————————————–
