The former president, national sales manager and chief compliance officer at GunnAllen Financial settled SEC charges they failed to protect confidential customer information.  The SEC found that, as GunnAllen was winding down its operations in 2010:

• Former President Frederick Kraus and former National Sales Manager David Levine improperly transferred customer records to another firm. 
• Former Chief Compliance Officer Mark Ellis failed to ensure that the firm’s pols and procedures were reasonably designed to safeguard confidential customer information.

Financial penalties were levied against each - Kraus and Levine each will pay a $20K penalty;  Ellis will pay a $15,000 penalty.  This is the 1st time that the SEC has assessed financial penalties against individuals charged solely with violations of Regulation S-P. 

        Detailed SEC Allegations.   Kraus apparently authorized Levine to take information from more than 16,000 GunnAllen accounts to his new employer as the firm wound down operations in April 2010.  Levine downloaded customer names and addresses, account numbers, and asset values to a portable thumb drive, and provided the records to his new employer after resigning from GunnAllen.  This record transfer violated Regulation S-P because account holders were only informed about it after the fact.

CCO Ellis allegedly maintained vague pols and procedures for privacy concerns - he essentially "cut and pasted" a provision of Regulation S-P, known as the Safeguard Rule, as his procedures.  Even in earlier years, the firm experienced several serious security breaches - from July 2005 to February 2009, including the theft of 3 laptop computers belonging to GunnAllen RR's and the unlawful access of its e-mail system by a terminated employee using stolen password credentials.  Despite the security breaches, Ellis failed to revise or supplement GunnAllen’s policies and procedures for safeguarding customer information.

SEC Miami Regional Office Staff Credits.   Sue Curtin and Teresa Verges did the investigation, while the examination was conducted by Debra Williamson, George Franceschini, Steven Bilezikjian, Anson Kwong, Michael Nakis, William Tudor and Nicholas Monaco.   [SEC Release 11-86, 4/7/11]