Wells Fargo & Co.<\/a>, already in the regulatory spotlight because of last year\u2019s fake-account scandal<\/a>, is drawing renewed scrutiny after a lawyer\u2019s unauthorized release of sensitive client details for tens of thousands of accounts belonging to wealthy customers of its brokerage unit.<\/p>\n Regulators have started asking questions about the breach,\u00a0according to a person with knowledge of the matter, after the data was mistakenly provided<\/a> to an attorney as part of a lawsuit involving two brothers, one a Wells Fargo employee and the other a former employee. A person briefed on the matter said Wells Fargo has determined the accounts were all from one brokerage branch in the Northeast.<\/p>\n Representatives of the Financial Industry Regulatory Authority informally contacted at least one of the attorneys involved in the dispute for information about how the breach occurred and how Wells Fargo failed to detect it, said the person, who asked not to be identified because the matter isn\u2019t public. Lawyers for the bank are taking steps to contact regulators about the data breach, according to another person with knowledge of the matter. The person didn\u2019t specify which agencies.<\/p>\n Ray Pellecchia, a spokesman for Finra,\u00a0which licenses and supervises Wall Street workers including financial advisers, didn\u2019t have an immediate comment.\u00a0Judith Burns, a spokeswoman for the Securities and Exchange Commission, declined to comment. Representatives for the Consumer Financial Protection Bureau and the Office of the Comptroller of the Currency didn\u2019t immediately respond to messages seeking comment.<\/p>\n While this latest black eye may not rise to the level of the retail-bank debacle, it further calls into question Wells Fargo\u2019s ability to manage its people and information.<\/p>\n \u201cWells Fargo takes the security and privacy of our customers\u2019 information very seriously,” the bank said in a statement. “We are currently taking legal action to ensure the additional data is not disseminated, and we are requesting its rapid return.\u00a0We continue to thoroughly investigate this matter and will take the proper steps, including corrective action, based on the outcome of our investigation.\u201d<\/p>\n The bank\u2019s latest troubles come just 10 months after\u00a0regulators disclosed that Wells Fargo employees had been opening potentially millions<\/a> of accounts in its retail banking division without customers\u2019 permission over a half decade. The bank\u2019s stock valuation and reputation were tarnished, and Wells Fargo has spent at least $520 million on fines, remediation, consultants and civil litigation since then, including a near-final<\/a> $142 million to consumers who accused the bank of creating bogus accounts.<\/p>\n The OCC, the bank\u2019s main regulator, said in September Wells Fargo had “failed to provide sufficient oversight” of its sales programs and didn\u2019t adequately monitor employees in its retail bank. Part of the consent order the OCC forced the bank to carry out afterward included beefing up internal controls and risk management.<\/p>\n The recent data breach began with a financial spat between a pair of brothers over less than $1 million. Gary Sinderbrand, a former managing director at Wells Fargo Advisors, is engaged in two legal actions against his older brother Steven\u00a0Sinderbrand<\/a>,\u00a0a managing director at the bank, one in New York and one in New Jersey.<\/p>\n Lawyers for Gary Sinderbrand received client names, Social Security numbers and account balances earlier this month for 50,000\u00a0Wells Fargo accounts, the New York Times first reported, including one file with details on the holdings of a “well-known hedge fund billionaire” with at least $23 million invested.<\/p>\n The trove of confidential client data was sent by attorney Angela A. Turiano of law firm Bressler, Amery & Ross, who\u2019s representing Wells Fargo in both of the disputes. Turiano sent the information without a protective order or confidentiality agreement between the parties.<\/p>\n Turiano, who indicated that an outside vendor was involved in the information breach, asked the information be returned when Gary Sinderbrand\u2019s attorneys informed her of the breach this week, the New York Times reported. Turiano didn\u2019t return messages for comment on Saturday.<\/p>\n\u2018Thoroughly Investigate\u2019<\/h3>\n
Insufficient Oversight<\/h3>\n
Protective Order<\/h3>\n