WASHINGTON — The Securities and Exchange Commission yesterday took an enforcement action against LPL Financial Corp. for failing to adopt policies and procedures to safeguard 10,000 of its customers' personal information following a series of hacking incidents involving the broker-dealer's online trading platform.
According to the SEC's order, LPL experienced multiple hacking incidents between July 2007 and early 2008, and unauthorized persons gained access to the online trading platform LPL provided for its registered representatives. The perpetrators placed or attempted to place 209 unauthorized securities trades worth more than $700,000 combined in 68 customer accounts, the SEC said.
The SEC found that the firm conducted an internal audit in mid-2006 that identified inadequate security controls to safeguard customer information at its branch offices. LPL's audit specifically identified the risk from hacking. The commission said LPL failed to take timely corrective action because, by the time that hacking incidents began in July 2007, the firm had not implemented increased security measures in response to the identified weaknesses.
Recommended For You
LPL agreed to pay a $275,000 penalty to settle the SEC's enforcement action without admitting or denying the findings, according to the commission.
LPL, considered to be the country's largest independent broker-dealer with more than 800 clients and $235 billion in assets under management, counts credit unions among its clients.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
