Compliance Examiner Breached Own SEC Database for an Equity Firm, Then That Firm Hired Him as Their Compliance Officer

File this one under detecting insider threats: high-trust government employee accessed an investigations databases without authorization to undermine the investigations, and use that for leverage to get himself hired to a company being investigated.

When Cohn left the SEC to join GPB, he left with more than his own career ambitions. The proprietary information he allegedly retrieved—from databases he wasn’t authorized to access—included compromising information about a GPB investigation and sensitive details related to the same.

…as a Securities Compliance Examiner and Industry Specialist in the SEC’s Enforcement Division, where he assisted investigations into violations of securities laws. In approximately October 2018, Cohn left the SEC to join GPB, a private equity firm based in Manhattan and Garden City, New York, that manages over $1.5 billion in assets. However, prior to leaving the SEC, Cohn accessed information on SEC servers relating to an Enforcement Division investigation into GPB. Cohn was not authorized to access this highly sensitive material, which included confidential information, privileged attorney-client work product and contacts with law enforcement and other regulatory agencies. During discussions with GPB personnel about obtaining a job there, Cohn advised them that he had inside information about the SEC’s investigation, and on several occasions he disclosed information to members of GPB’s senior management about that investigation.

That interview process sounds like GPB has some very serious deficiencies in the department of information security let alone HR.

The SEC also reported a database breach in 2016.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.