A whistleblower who was fired last year after publicly criticizing customer security measures at The Vanguard Group has sued the mutual fund giant in federal court in Philadelphia, citing violations of whistleblower provisions of the Dodd-Frank Wall Street Reform and Consumer Protection Act.
In a complaint filed on Dec. 2, former stockbroker Karen Brock, who detailed deficiencies in Vanguard's customer security to TheStreet in an article published Aug. 10, 2015, accused the firm of infliction of emotional distress and wrongful termination of a whistleblower.
The suit says that Malvern, Pennsylvania-based Vanguard filed false information with securities regulators that has effectively barred Brock from getting a job in the securities industry. It asks for unspecified compensatory and punitive damages and non-economic losses, counsel fees and costs with interest.
"I'm having an impossible time finding a job in the industry," Brock said in a telephone interview from McCordsville, Indiana, on Friday.
Vanguard's media relations officials declined to comment.
TheStreet's 2015 story said that Brock had filed a whistleblower complaint with the Securities and Exchange Commission and that several officials in the agency's whistleblower office interviewed her for nearly two hours in January 2015. Seventeen days after the article was published, Vanguard fired her on Aug. 27 while she was on family medical leave.
Vanguard on that day added information to a regulatory database available to securities firms saying she had been discharged for "violation of Vanguard's Professional Conduct Policy."
In an interview in 2015, Vanguard spokeswoman Arianna Stefanoni Sherlock told me that the firm had investigated Brock's claims and remained "confident in our security practices and our efforts to keep our clients' information and their assets safe."
In her complaint, Brock says that Vanguard knew that the information it posted in her regulatory record, known as the Central Registration Depository, "would effectively bar" her from obtaining employment in the industry. There are no customer complaints on Brock's record.
Brock told TheStreet that she repeatedly tried to get management at Vanguard to address what she considered threats to the security of Vanguard's 20 million customers.
She said, for example, that Vanguard had known for several years that investors could log in to their accounts even after entering typographical errors in their personal security answers. After entering typos in my own Vanguard account, I learned that her accusations were true.
Brock detailed other security lapses at the firm. In 2014, at a training session for the firm's Personal Advisor Services money management product, Brock says she pointed out to an instructor that names, email addresses, phone numbers and account numbers of several current or prospective clients remained in the 97-page hard-copy manual even after the redaction process.
Brock gave me a copy of the manual so that I could verify the missed redactions.
Vanguard subsequently asked me to return the manual, which I'd referred to in the 2015 article and held up to the camera during a live interview on CNBC -- with post-it notes attached to the pages where Vanguard had failed to delete personal information. On Aug. 26, I emailed the firm to say that TheStreet would not return it. Brock's regulatory records indicate that Vanguard fired her the next day.
Brock, 57, had worked for Vanguard since 2011 as a client relationship administrator in the firm's Scottsdale, Ariz., office. She recently moved from Arizona to Indiana, where her family lives. In her complaint, she said that she has been "obliged to seek financial support from family and friends" as a result of her job loss.
Asked if she would still blow the whistle on Vanguard if she had it to do over again, she said she would. But, with her voice cracking, she added, "This has taken such a toll on me."