Page 39 - P&P11-05-2020-with-FAQ-JR
P. 39

39



               Theft Prevention

               Policy
               It is Cornerstone’s policy to prevent theft in various forms, whether electronic or actual, information or items with
               intrinsic value.

               Responsibility
               Each person employed by Cornerstone is responsible for obeying all applicable laws regarding theft. The CCO has
               the responsibility for the implementation and monitoring the security of client information, data and value. Each
               employee is responsible for the implementation of and the adherence to the security rules.

               Procedure
               CIS has adopted various procedures to implement the firm's policy and reviews to monitor and ensure the firm's
               policy is observed, implemented properly and amended or updated, as appropriate, which include the following:
                   •   Cornerstone uses a third party custodian so that no client deposit checks are made out to Cornerstone
                       Investment Services. This gives investors an added layer of security. Any check for deposit that is made
                       out to Cornerstone is immediately voided and returned to the client. All checks for deposit are made out
                       to the custodian.
                   •   Checks and securities for deposit are immediately sent to the custodian and a log is kept to track the
                       incoming checks and securities.
                   •   To protect client information, Cornerstone’s files cabinets are to be kept locked when not in use.
                   •   To protect client information, Cornerstone and all IAR’s computers are to be encrypted and password
                       protected.
                   •   Changes in client addresses need a Letter of Authorization (LOA) and are executed by the operations staff.
                   •   Third party checks, wires and ACHs cannot be sent out from a client’s account without an LOA.
                   •   Cornerstone receives an notice from the custodian on the same day of any movement of money out of a
                       client’s account.
                   •   Cornerstone’s relationship with the custodian gives it an extra set of eyes to watch over the accounts and
                       look for ways to protect the accounts.
                   •   Exception reports can generate red flags due to activity in an account that can alert us to review an
                       account.
                   •   Cornerstone regularly reminds IARs of the importance of keeping client information secure and any
                       checks and/or securities that they may be given by a client need to be brought to the office immediately.
   34   35   36   37   38   39   40   41   42   43   44