Defendant Name: KMS Financial Services, Inc.

Defendant Type: Subsidiary of Public Company

Document Reference: 2021-169

Document Details

Legal Case Name In the Matter of KMS Financial Services, Inc.
Document Name SEC Announces Three Actions Charging Deficient Cybersecurity Procedures
Document Date 30-Aug-2021
Document Format Administrative Proceeding
File Number 3-20495
Allegation Type Investment Advisers/Investment Companies
Document Summary The SEC stated that: "between September 2018 and December 2019, cloud-based email accounts of 15 KMS financial advisers or their assistants were taken over by unauthorized third parties, resulting in the PII exposure of approximately 4,900 KMS customers and clients."

Disgorgement & Penalty Information

Resolutions
Cease and Desist Order
Censured
Monetary Penalties:

Civil Penalty

Individual:     $200,000.00 Shared:    

Related Documents:

34-92807 30-Aug-2021 Administrative Proceeding
Order Instituting Administrative and Cease-and-Desist Proceedings Pursuant to Sections 15(b) and 21C of the Securities Exchange Act of 1934 and Sections 203(e) and 203(k) of the Investment Advisers Act of 1940, Making Findings, and Imposing Remedial Sanctions and a Cease-and-Desist Order
On August 30, 2021, the SEC instituted settled administrative and cease-and-desist proceedings against KMS Financial Services, Inc. stating: "These proceedings arise out of KMS’s failure to adopt written policies and procedures reasonably designed to safeguard customer records and information, in violation of Rule 30(a) of Regulation S-P (17 C.F.R. § 248.30(a))."