February 5, 2021
Supreme Alliance LLC, a brokerage firm headquartered in Germany, recently submitted a Letter of Acceptance, Waiver and Consent (AWC) to the Financial Industry Regulatory Authority (FINRA) Department of Enforcement to resolve allegations that it failed to develop and implement a written Identity Theft Prevention Program. Supreme Alliance has five branch offices, including four in the United States that employ approximately 50 registered representatives.
According to the AWC accepted by FINRA on December 18, 2020, Supreme Alliance failed to implement a written Identity Theft Prevention Program reasonably designed to detect, prevent, and mitigate identity theft in connection with opening or maintaining customer accounts and for suspected identity theft unrelated to its business. Further, Supreme Alliance failed to implement procedures in place to mitigate the risk of identity theft for its customers after learning of an email security breach. Between February 28, 2018 and August 30, 2018, approximately 17,000 emails were blind copied from the CEO and CCO’s firm email account to an unauthorized external email address. Approximately 200 of those emails had information relating to firm customers, including social security numbers, account numbers, dates of birth and driver’s license numbers.
Based on the foregoing, Supreme Alliance violated Regulation S-ID of the Securities Exchange act of 1934 (a/k/a Identity Theft Red Flags Rule) and FINRA Rule 2010. Without admitting or denying the allegations made against it, Supreme Alliance consented to a censure, $65,000 fine, and take actions to notify its customers of the email security breach and take steps to enhance its email security systems.
"*" indicates required fields