GWFS Equities allegedly neglected to report three years of suspicious activities by ‘bad actors.’
GWFS Equities Inc., a Colorado-based broker/dealer (B/D) and affiliate of Great-West Life & Annuity Insurance, has settled charges from the Securities and Exchange Commission (SEC) that it failed to report attempts by external bad actors to gain access to plan participants’ retirement accounts. GWFS provides services to employer-sponsored retirement plans.
According to the SEC’s cease-and-desist order, GWFS was allegedly aware over the span of more than three years of increasing attempts by external bad actors to hack into the retirement accounts, but failed to file more than 100 suspicious activity reports (SARs) as required by law. The order alleges the firm was also aware that the hackers attempted or gained access by using improperly obtained personal information of the plan participants, and that they were often in possession of electronic login information, including usernames, email addresses, and passwords.