Protecting the Confidentiality of Client Information
Confidential Client Information
In the course of investment advisory activities of Wyatt O’Rourke, the Firm gains access to nonpublic information about its clients. Such information may include a person’s status as a client, personal financial and account information, the allocation of assets in a client portfolio, the composition of investments in any client portfolio, information relating to services performed for or transactions entered into on behalf of clients, advice provided by Wyatt O’Rourke to clients, and data or analyses derived from such non-public personal information (collectively referred to as ‘Confidential Client Information’). All Confidential Client Information, whether relating to Wyatt O’Rourke’s current or former clients, is subject to the Code’s policies and procedures. Any doubts about the confidentiality of information must be resolved in favor of confidentiality.
Non-Disclosure Of Confidential Client Information
All information regarding Wyatt O’Rourke’s clients is confidential. Information may only be disclosed when the disclosure is consistent with the Firm’s policy and the client’s direction. Wyatt O’Rourke does not share Confidential Client Information with any third parties, except in the following circumstances:
as necessary to provide service(s) that the client requested or authorized, or to maintain and service the client’s account. Wyatt O’Rourke shall require that any financial intermediary, agent or other service provider utilized by Wyatt O’Rourke (such as broker-dealers or sub-advisers) comply with substantially similar standards for non-disclosure and protection of Confidential Client Information and use the information provided by Wyatt O’Rourke only for the performance of the specific service requested by Wyatt O’Rourke;
as required by regulatory authorities or law enforcement officials who have jurisdiction over Wyatt O’Rourke, or as otherwise required by any applicable law. In the event Wyatt O’Rourke is compelled to disclose Confidential Client Information, the Firm shall provide prompt notice to the clients affected, so that the clients may seek a protective order or other appropriate remedy. If no protective order or other appropriate remedy is obtained, Wyatt O’Rourke shall disclose only such information, and only in such detail, as is legally required; and
to the extent reasonably necessary to prevent fraud, unauthorized transactions or liability.
Employee Responsibilities
All supervised persons are prohibited, either during or after the termination of their employment with Wyatt O’Rourke, from disclosing Confidential Client Information to any person or entity outside the Firm, including family members, except under the circumstances described above. A supervised person is permitted to disclose Confidential Client Information only to such other supervised persons who need to have access to such information to deliver the Wyatt O’Rourke’s services to the client.
Supervised persons are also prohibited from making unauthorized copies of any documents or files containing Confidential Client Information and, upon termination of their employment with Wyatt O’Rourke, must return all such documents to Wyatt O’Rourke.
Any supervised person who violates the non-disclosure policy described above shall be subject to disciplinary action, including possible termination, whether or not he or she benefited from the disclosed information.
Security Of Confidential Personal Information
Wyatt O’Rourke enforces the following policies and procedures to protect the security of Confidential Client Information:
- the Firm restricts access to Confidential Client Information to those supervised persons who need to know such information to provide Wyatt O’Rourke’s services to clients;
- any supervised person who is authorized to have access to Confidential Client Information in connection with the performance of such person’s duties and responsibilities is required to keep such information in a secure compartment, file or receptacle on a daily basis as of the close of each business day;
- all electronic or computer files containing any Confidential Client Information shall be password secured and firewall protected from access by unauthorized persons; and
- any conversations involving Confidential Client Information, if appropriate at all, must be conducted by supervised persons in private, and care must be taken to avoid any unauthorized persons overhearing or intercepting such conversations.
Privacy Policy
As a registered investment adviser, Wyatt O’Rourke and all supervised persons, must comply with SEC Regulation S-P, which requires investment advisers to adopt policies and procedures to protect the ‘nonpublic personal information’ of natural person clients. ‘Nonpublic information,’ under Regulation S-P, includes personally identifiable financial information and any list, description, or grouping that is derived from personally identifiable financial information. Personally identifiable financial information is defined to include information supplied by individual clients, information resulting from transactions, any information obtained in providing products or services. Pursuant to Regulation S-P Wyatt O’Rourke has adopted policies and procedures to safeguard the information of natural person clients.
Furthermore and pursuant to the SEC’s adoption of Regulation S-ID: Identity Theft Red Flag Rules, all ‘financial institutions’ and ‘creditors’ (as those terms are defined under the Fair Credit Reporting Act (FCRA)) must develop and implement a written identity theft prevention program designed to detect, prevent, and mitigate identity theft in connection with certain existing accounts or the opening of new accounts (“covered accounts”). Wyatt O’Rourke has conducted an initial assessment of its obligations under Regulation S-ID and to the extent such rules are applicable, has incorporated appropriate policies and procedures in compliance with the Red Flags regulations.
Enforcement and Review of Confidentiality and Privacy Policies
Wyatt O’Rourke is responsible for reviewing, maintaining and enforcing Wyatt O’Rourke’s confidentiality and privacy policies and is also responsible for conducting appropriate employee training to ensure adherence to these policies. Any exception to this policy requires the written approval of Wyatt O’Rourke.
Furthermore and pursuant to the SEC’s adoption of Regulation S-ID: Identity Theft Red Flag Rules, all ‘financial institutions’ and ‘creditors’ (as those terms are defined under the Fair Credit Reporting Act (FCRA)) must develop and implement a written identity theft prevention program designed to detect, prevent, and mitigate identity theft in connection with certain existing accounts or the opening of new accounts (“covered accounts”). Wyatt O’Rourke has conducted an initial assessment of its obligations under Regulation S-ID and to the extent such rules are applicable, has incorporated appropriate policies and procedures in compliance with the Red Flags regulations.