As a registered investment advisor, Affinity Wealth Management, Inc. ® must comply with SEC Regulation S-P, which requires registered advisors to adopt policies and procedures to protect the nonpublic personal information of a natural person consumers and clients and to disclose to such persons policies and procedures for protecting that information. In addition, our firm's policy, to the extent applicable, is to comply with the FTC's Red Flag Rule which requires covered entities to develop and maintain an effective client identity theft prevention program.
The purpose of these Reg S-P requirements and privacy policies and procedures is to provide administrative, technical and physical safeguards which assist employees in maintaining the confidentiality of nonpublic personal information ("NPI") collected from the consumers and customers of an investment adviser. All NPI, whether relating to an adviser's current or former clients, is subject to these privacy policies and procedures. Any doubts about the confidentiality of client information must be resolved in favor of confidentiality.
For Reg S-P purposes, NPI includes nonpublic "personally identifiable financial information" plus any list, description or grouping of customers that is derived from nonpublic personally identifiable financial information. Such information may include personal financial and account information, information relating to services performed for or transactions entered into on behalf of clients, advice provided by Affinity Wealth Management, Inc.® to clients, and data or analyses derived from such NPI.
Red Flags Rule
The Federal Trade Commission's ("FTC") FACT Act / Red Flags Rule, which became effective 1/1/2008, covers "financial institutions" and "creditors." The Rule defines "financial institution" as any state or federal bank or any person that directly or indirectly holds a "transaction account" belonging to a consumer. A "creditor" includes a broad category of businesses or organizations that regularly defer payment for goods or services which are billed later. The FTC has clarified that any person that provides a product or service for which the consumer pays after delivery is a creditor under the Red Flags Rule.
Accordingly, an adviser who bills for advisory services in arrears is deemed to be a creditor and is, therefore, a "covered entity" under the Red Flags Rule. The FACT Act / Red Flags Rule requires covered entities to develop and maintain written identity theft prevention programs.
In October 2009, the FTC, at the request of Congress, extended for the fourth time the Fact Act/Red Flags Rule compliance date, from 1/1/2010 to 6/1/2010. Affinity Wealth Management, Inc.®
Once again, the FTC announced that it has further delayed the compliance date for implementation of the Red Flags Rule pursuant to the request of "Members of Congress," while Congress considers legislation that would affect the scope of the entities covered by the Rule. Accordingly, the revised compliance date is now December 31, 2010. Consistent with prior compliance date delays, the FTC indicated that the postponement is limited to the Rule. The deferment of the compliance date does not affect other federal agencies ongoing enforcement of corresponding identity theft program regulations.
On December 9, 2010, Congress sent the President the "Red Flag Program Clarification Act of 2010," excluding certain providers that deliver service before payment. On December 18, President Obama signed the bill into law. The legislation amends the Fair Credit Reporting Act (which the FACTA amended, and which states the penalties under the Red Flag rules) to redefine the term "creditor." Because the definition now includes one who uses or reports to consumer reporting agencies in connection with its transactions, and excludes one who "advances funds... for expenses incidental to a service provided by the creditor to that person," the definition is narrower and excludes many professionals, including most investment advisers.
Effective July 21, 2011, authority for the Red Flags Rule was transferred from the FTC to the SEC for firms over which the SEC has enforcement jurisdiction. While this change in authority has no immediate impact, the SEC has stated that at some future date it intends to conduct rulemaking that will set forth how the Red Flags Rule may apply to the SEC-registered investment advisers and other firms subject to its enforcement authority.
Victoria M. Alexitch is responsible for reviewing, maintaining and enforcing these policies and procedures to ensure meeting Affinity Wealth Management, Inc.’s® client privacy goals and objectives while at a minimum ensuring compliance with applicable federal and state laws and regulations. Victoria M. Alexitch may recommend to the President any disciplinary or other action as appropriate.
Affinity Wealth Management, Inc.® has adopted various procedures to implement the firm’s policy and reviews to monitor and insure the firm’s policy is observed, implemented properly and amended or updated, as appropriate, which include the following:
Non-Disclosure of Client Information
Affinity Wealth Management, Inc.® maintains safeguards to comply with federal and state standards to guard each client’s nonpublic personal information. Affinity Wealth Management, Inc.® does not share any nonpublic personal information with any nonaffiliated third parties, except in the following circumstances:
As necessary to provide the service that the client has requested or authorized, or to maintain and service the client’s account;
As required by regulatory authorities or law enforcement officials who have Affinity Wealth Management, Inc. ®
Jurisdiction over Affinity Wealth Management, Inc. ®, or as otherwise required by any applicable law; and
To the extent reasonably necessary to prevent fraud and unauthorized transactions.
Employees are prohibited, either during or after termination of their employment, from disclosing nonpublic personal information to any person or entity outside Affinity Wealth Management, Inc. ®, including family members, except under the circumstances described above. An employee is permitted to disclose nonpublic personal information only to such other employees who need to have access to such information to deliver our services to the client.
Security of Client Information
Affinity Wealth Management, Inc.® restricts access to nonpublic personal information to those employees who need to know such information to provide services to our clients.
Any employee who is authorized to have access to nonpublic personal information is required to keep such information in a secure compartment or receptacle on a daily basis as of the close of business each day. All electronic or computer files containing such information shall be password secured and firewall protected from access by unauthorized persons. Any conversations involving nonpublic personal information, if appropriate at all, must be conducted by employees in private, and care must be taken to avoid any unauthorized persons overhearing or intercepting such conversations.
Safeguarding standards encompass all aspects of Affinity Wealth Management that affect security. This includes not just computer security standards but also such areas as physical security and personnel procedures. Any employee who is authorized to possess client/consumer information for a business purpose is required to take reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal.
Affinity Wealth Management, Inc. ® will provide each natural person client with initial notice of the firm’s current policy when the client relationship is established. Affinity Wealth Management, Inc. ® shall also provide each such client with a new notice of the firm’s current privacy policies at least annually.
If Affinity Wealth Management, Inc. ® shares nonpublic personal information relating to a California consumer with an affiliated company under circumstances not covered by an exception under SB1, the firm will deliver to each affected consumer an opportunity to opt out of such information sharing.
If, at any time, Affinity Wealth Management, Inc. ® adopts material changes to its privacy policies, the firm shall provide each such client with a revised notice reflecting the new privacy policies. Victoria Alexitch is responsible for ensuring that required notices are distributed to the Affinity Wealth Management, Inc.’s ® consumers and customers.
Changes to this policy