In its first enforcement of the Identity Theft Red Flags Rule, the SEC fined Voya Financial Advisors one million dollars for insufficient security policies to protect confidential personal data.
Will LaSala, Director Security Solutions, Security Evangelist at OneSpan:
“This is another big indicator along with the increase in the size of fines that other corporations are seeing—Uber this week announced it’s paying a massive amount in fines to cover up a data breach from 2016. Regulatory bodies are starting to takeonline privacy seriously. The enforcement of the “Identity Theft Red Flag Rule” by the SEC is a very large step in the right direction and could have a trickle-down effect into other markets, such as the FFIEC guidance, that up until now has been weakly enforced and monitored. The size of the fines is another indicator that the law and regulatory bodies have had enough and are ready to start to push back on companies that are failing to put the basic safe guards in place for identity protection. It will only be a matter of time before we start to see bigger fines and more of them, as the government attempts to crack down and stop the wild west of the internet.”
