Innocent mistake? Tribunal sides with FSP in confidentiality breach case

Posted on

Sharing an employer’s confidential information, even for supposedly innocent reasons, is a justifiable reason for an FSP to debar a representative on the grounds of lacking honesty and integrity as required by the FAIS Act.

This is the key take-away from a recent decision in which the Financial Services Tribunal (FST) ruled in favour an FSP that took regulatory action against a rep who shared its proprietary and confidential information with a competitor.

The rep, the applicant in the matter, said he sent the emails to a competitor’s email address in error. He forwarded the emails to his personal address because he wanted to retain a record of his work, to defend himself against imminent disciplinary action.

The applicant was employed by ASI Financial Services (Pty) Ltd as a business development manager until he was retrenched at the end of February this year. He was also a key individual.

A few days before the retrenchment took effect, ASI notified the applicant that it intended to debar him.

The FSP alleged that, earlier in February, the applicant sent six emails with attachments to his personal email address and to the work and personal email addresses of “KA”, who worked for Alexforbes, a competitor of ASI. It said the emails contained ASI’s proprietary intellectual information and the confidential information of its clients.

The applicant admitted to the Tribunal that of the six emails he was alleged to have sent to his and KA’s email addresses, four were work-related and the other two were his personal emails. He submitted his conduct was legitimate and should be condoned for two reasons.

First, his only purpose for using the emails was to keep a record of the work he performed for ASI because he expected to be charged with non-performance.

Second, he included KA’s work email address by mistake when he forwarded the emails. “The error occurred when I entered the names of recipients and typed ‘Karen’, inadvertently accepting the first email address that popped up.”

The applicant said he only intended to use the information to defend himself against imminent disciplinary action. Thereafter, he retained the information to negotiate the termination of his employment. He in no way intended to harm or compromise ASI’s interests.

These were not the only grounds on which the applicant challenged the substantive fairness of his debarment.

‘Breach of separation agreement’

He said that in terms of a mutual separation agreement (retrenchment settlement agreement), ASI agreed it would not bring any action to debar him. Its decision to proceed with the debarment process constituted a breach of the agreement.

In response, ASI said the agreement not to proceed with debarment was based on the information available at the time, which indicated that debarment was not appropriate at that stage. The agreement did not state that ASI would not pursue debarment in the future if valid grounds for debarment could be established.

The Tribunal agreed with ASI. It said section 14(1) of the FAIS Act makes it clear that debarment becomes mandatory once an FSP believes it has proof that a rep no longer meets the Fit and Proper Requirements or has materially contravened the Act.

Allegations of ulterior motives

The applicant also submitted that his debarment was substantively unfair because ASI abused the debarment process for ulterior motives that were unrelated to the conduct for which he was debarred.

He said ASI had embarked upon a preconceived strategy to terminate his employment and subsequently have him debarred. He submitted transcribed conversations in which the company’s officials apparently used threats of debarment to get him to sign the retrenchment settlement agreement, allegedly as part of a scheme to dismiss him unlawfully.

The Tribunal said it was clear there was a history of acrimony between the applicant and the respondent, which had attempted to debar him previously.

However, when the FST examined the evidence provided as proof that ASI had abused the debarment for ulterior motives, it noted that it related to disputes that arose before the conclusion of the agreement to terminate the applicant’s employment on 22 February 2024. “Beyond this period, we couldn’t find a direct connection between the allegations of the abuse of debarment process for ulterior motives.”

The Tribunal said ASI initiated the current debarment based on allegations that the applicant transferred its proprietary information without authorisation. It commenced the debarment process by issuing the notice of intention to debar on 26 February 2024. The disputes that arose before then were outside the ambit of the reconsideration application.

The Tribunal therefore rejected the contention that the debarment was tainted.

Other avenues were available

The nub of the applicant’s challenge to the substantive fairness of the debarment was his defence that “innocent motive” and “unintentional mistake” were sufficient to legitimatise breaching the Protection of Personal Information Act (POPIA), adherence to which formed part of his conditions of employment.

ASI submitted that both defences did not hold up.

It said a prudent person would either have requested authorisation directly from the FSP or removed the confidential and proprietary attachments. The email content alone would have sufficed to demonstrate the work completed. Alternatively, the applicant could have asked his boss or the human resources department to secure the emails on his behalf.

Addressing the “unintentional mistake” defence, ASI it was highly unlikely that a reasonable person would make the alleged mistake five times. Furthermore, by the third to sixth emails, the applicant was blind-copying KA, as well as his personal email address. It said this behaviour suggested a deliberate attempt to conceal the transmission of the emails.

The Tribunal agreed with ASI that the applicant had other avenues to secure the information he required to prove his collaboration at work.

Moreover, the FST said it could not find a connection between the applicant’s possessing ASI’s intellectual property and confidential information and his contention that it was required for proof of work and the impending disciplinary inquiry.

It said the applicant did not identify specific and relevant information in the emails that was intended to be used as proof that he worked, and how the information would have helped him to prove his case.

The Tribunal said was “remarkable” that even after the disciplinary charges were withdrawn on 22 February 2024 and the retrenchment settlement agreement was concluded, the applicant did not deem it fit to delete the emails. He only deleted them under pressure from ASI’s attorneys.

‘He should have known better’

The applicant stated he has a 12-year career in the financial services industry, of which seven were spent as a registered representative. The FST said it was therefore difficult to understand how the applicant was not aware of the POPIA obligations and the requirement to obtain consent from the clients.

There was no indication that the applicant requested authorisation to transmit the emails, nor did he seek to find another way of securing evidence without breaching POPIA.

The Tribunal drew attention to section 3(3) of the General Code of Conduct, which states that a provider (including a representative) may not disclose any confidential information acquired or obtained from a client or a product supplier in regard to such a client or supplier, unless the written consent of the client or product supplier has been obtained beforehand or disclosure of the information is required in the public interest or under any law.

It said that the applicant, with his experience, should have known or been aware of the provisions of section 3(3), “which he flouted with impunity”.

The Tribunal therefore agreed with ASI that the applicant’s explanation was neither plausible nor sustainable.

‘Indifference to wrongfulness of conduct’

The Tribunal did not accept the applicant’s defences, saying he sought to diminish the seriousness of being found in possession of sensitive information that should not have been transferred without ASI’s authorisation.

It said his attitude demonstrated an “indifference to the wrongfulness of his conduct”. The applicant did not fully grasp the wrongfulness of his actions, or the potential harm caused to ASI by the information falling into the hands of a major competitor.

Ultimately, the Tribunal said, the question should not be whether the applicant intended to share the information with ASI’s competitor, but whether he could be trusted with his employer’s sensitive information.

It was reasonable for ASI to infer from the facts that the applicant’s behaviour suggested “a deliberate attempt to conceal the transmission of the emails”. The “only reasonable inference” was that he intended to hide the emails’ dissemination so that KA and her employer could potentially use this information to ASI’s detriment, the Tribunal said.

It was beyond doubt that there was rational connection between the established facts and ASI’s decision to debar, the FST said.