Apr. 12, 2023
Dear Sir or Madame, I have conducted a thorough review of the public comment letters from 2008, and I would like to provide my opinion on the matter while summarizing the general themes. The protection of investors is one of the key missions of the SEC, and as a household investor, I believe that there should be an official policy on protecting data and information regarding data breaches. It is imperative that customers feel secure and protected, and informed when a data breach occurs. While it is important for representatives to own the client relationship, it should not come at the cost of the client's best interests. Additionally, data retention rules should be established to protect against regulatory investigations and ensure compliance. Protecting data is of critical importance, and it is essential that each institution adheres to a clear policy regarding privacy protection, shredding, data breaches, and other related issues. The current fines imposed by the SEC are inadequate and do not serve as effective deterrents. This is exemplified by the five-year-long failure of Morgan Stanley Smith Barney LLC to protect the personal identifying information of approximately 15 million customers, which resulted in a mere $35 million penalty. Furthermore, the fact that 16 firms were fined for record-keeping failures highlights the lack of trust that can be placed in financial entities to police themselves. This contradicts a fair market. I believe that financial institutions, including independent representatives, broker-dealers, and transfer agents, should inform customers of any data breaches, and that independent advisors should align the length of time that data is retained with SEC policy. This will ensure that independent advisors remain in regulatory compliance and support investigations even after they change employers. While small firms may be impacted by increased costs, this should not come at the expense of customer protection. In fact, it is my belief that driving competition towards better protection will ultimately benefit customers and promote a healthier market. In summary, the SEC must approach this policy through the lens of protecting household investors. It is crucial that customers feel their data is secure and protected, and that financial institutions adhere to a clear policy on privacy protection, shredding, data breaches, and related issues. Fines must be increased to effectively serve as deterrents, and the SEC should establish clear rules and guidelines for institutions to follow. Thank you for your consideration and time in this matter Lars Wohlfahrt