In Regulatory Notice 12-05, the Financial Industry Regulatory Authority (FINRA) noted an increasing number of reports of customer funds stolen due to e-mail instructions received from compromised customer e-mail accounts. The Notice highlights risks associated with non-genuine instructions to transmit or withdraw funds via e-mail.
The Notice includes a requirement of the implementation of policies and procedures to verify that e-mails are in fact legitimate and genuine and were in fact sent by the customer, as opposed to a bogus third party, referring also to Regulatory Notice 09-64.