May 2019 Compliance Bulletin
PRIVACY AND REGULATION S-P: WHY SHOULD YOU CARE?
In April of 2019, the SEC Office of Compliance Inspections and Examinations issued a risk alert regarding Regulation S-P. To refresh everyone’s memory around this regulation and what it means for you as advisors, we have put together this quick summary. If you have any specific questions that aren’t addressed in this article, please feel free to reach out to RegulationSP@principal.com.
What is Regulation S-P?
Regulation S-P is the main privacy law governing the securities industry. Generally, the regulation has three main requirements relevant to dealing with customers: (1) provide a clear notice about privacy policies and practices no later than when a customer relationship is established, (2) provide this same notice on an annual basis during the continuation of the customer relationship, and (3) provide a clear notice explaining the right to opt out of certain disclosures of personal information about the customer to non-affiliated third parties and abide by that decision.
How does this affect me as a registered representative?
Regulation S-P affects registered representatives who write business in two main ways.
First, as you write business for certain products, you will be required to provide the Principal Securities privacy notice at the time of account opening. Principal Securities handles the creation of the notice and sends the notice annually.
Second, if you leave Principal Securities, you become a non-affiliated third party. This means that customers get to decide whether or not to share their information with you. If you leave the firm, you are prohibited under Reg S-P from taking information about clients that have opted out.
What can I do to make sure I’m compliant?
- Make sure you know how to access Principal Securities’ privacy notice. It is publicly available on the Principal website privacy page as well as in virtual supply (EE11865PSI-1).
- Ensure you are complying with your notice obligations at the time you create a customer relationship. For example – for all Principal Mutual Funds and all non-prop business, the individual registered representative is responsible for providing the privacy notice to the client during the account opening.
- If you are planning on leaving the firm, make sure that you request to take client data with you prior to transferring electronic information or taking physical files. We’ll review the request and check for clients that have opted out. This will help ensure you don’t violate Reg S-P and are only taking information you are legally allowed to take. You can submit these requests to your supervisory personnel or to RegulationSP@principal.com
- If you have come to Principal Securities from another firm, ensure that you are honoring any privacy commitments and requirements that you may have with the previous firm. This can include not importing information on customers that have opted out, as well as complying with applicable non-solicitation or non-compete agreements.
If you don’t understand your obligations or the rights of your customers, reach out! The Principal Securities privacy team is an available resource for any questions you may have.