Fidelity fined after ex-employee stole $750K from stock-plan clients, FINRA says

Fidelity Brokerage Services has agreed to pay a $600,000 fine and accept a censure after regulators concluded the firm failed to adequately supervise an employee who misappropriated roughly $750,000 from stock plan participant accounts over nearly eight years, according to FINRA’s settlement and industry reports. Fidelity has reimbursed affected customers and terminated the employee. The firm neither admitted nor denied the findings in settling the case.

What regulators found

• Timeframe and scope: FINRA said the misconduct spanned from December 2012 to October 2020 and affected 37 plan participants, predominantly linked to international Stock Plan Services (SPS) accounts. The conversion totaled around $750,000.
• Methods used: The employee allegedly exploited data-access permissions to alter participant records, impersonate clients through Fidelity’s SPS portal, liquidate positions, and move cash to accounts he controlled.
  • 83 unauthorized checks were issued, totaling approximately $380,000.
  • 183 unauthorized wire transfers were executed, totaling about $378,000.
    Combined, these transactions siphoned roughly $750,000 from victim accounts.
• Supervision gaps: FINRA said Fidelity’s system and written supervisory procedures (WSPs) were not reasonably designed to:
  • Limit or monitor employee access to SPS data to job-necessary use.
  • Require that all SPS data changes be logged, tracked, and reviewed in the firm’s workflow tool.
  • Include outgoing money movements from international SPS accounts within any active surveillance program. As a result, checks and wires from these accounts were not reviewed in real time.

How the scheme worked

According to the findings, the associate’s access to SPS data allowed him to adjust participant details—such as names and contact information—without those changes being properly recorded in the required workflow system. With altered records in place, he could pose as participants via the portal, liquidate holdings, and direct funds through checks and wires to accounts he controlled. The absence of coverage for international SPS transactions within Fidelity’s surveillance tools meant those movements weren’t flagged or escalated for review at the time, allowing the scheme to persist for years.

Discovery, customer restitution, and internal response

The misconduct surfaced after an affected participant noticed irregular transfers. Fidelity opened an internal investigation, notified FINRA, terminated the employee, and reimbursed all impacted clients. Following the incident, the firm reported strengthening controls, including tighter access restrictions, more robust logging and audit requirements for data changes, and enhanced quality-control reviews. AdvisorHub, ThinkAdvisor

The regulatory framework at issue

FINRA cited Rule 3110 (and predecessor NASD Rules 3010 and 3012), which require broker-dealers to maintain supervision systems and written procedures tailored to their business, investigate red flags, and validate critical changes such as customer address updates. Violations of these provisions can also constitute violations of FINRA Rule 2010, which requires high standards of commercial honor and just principles of trade. FINRA concluded Fidelity’s policies and systems for SPS data access and money-movement surveillance—particularly for international SPS accounts—were not reasonably designed during the period in question. ABA Banking Journal

Sanctions and final resolution

• Sanctions: $600,000 fine and a censure. Fidelity resolved the matter without admitting or denying FINRA’s allegations.
• Remediation steps: Post-incident enhancements reportedly include access restrictions, stricter logging, and upgraded quality-control checks around SPS data and transactions.

Why this case matters

• Specialized accounts can be blind spots: The lack of surveillance for international SPS accounts shows how niche product lines or platforms can fall outside standard monitoring, even at large firms.
• Access governance is critical: Role-based controls, segregation of duties, and enforced logging for sensitive data changes are essential to deter and detect insider abuse.
• End-to-end coverage of money movement: Surveillance should encompass all outbound channels—checks, wires, and transfers across all account types and geographies—to ensure anomalous patterns are surfaced and reviewed.

Investor takeaways

• Review communications and alerts: Ensure your broker-dealer has current contact information and multi-factor authentication for account access. Watch for unexpected address or email change notices.
• Monitor transaction history: Regularly check statements and recent activity, particularly around corporate equity compensation or SPS accounts, where transactions may occur outside your primary brokerage account view.
• Report anomalies promptly: Escalate any unexplained changes or transactions immediately to the firm and, if needed, to regulators.

The bottom line

FINRA’s action highlights that even sophisticated institutions can harbor supervisory gaps that allow insider misconduct to go undetected. In this case, weak coverage around data-access logging and international SPS money movements enabled an employee to misappropriate nearly $750,000 over years. The firm has repaid customers, disciplined the individual, and strengthened controls, while accepting a $600,000 fine and censure to close the matter.

Recover Your Investment Losses.

Haselkorn & Thibaut, InvestmentFraudLawyers.com, helps investors nationwide recover funds lost to financial fraud and broker misconduct. Get the experienced legal representation you deserve.

Speak with an attorney: +1 888-885-7162
Learn more: InvestmentFraudLawyers.com

Sources: AdvisorHub, ThinkAdvisor, ABA Banking Journal