Broker-dealers deploying advanced cybersecurity measures

Tech experts are showing, not just telling, advisers that they are vulnerable to online threats

Oct 17, 2016 @ 11:57 am

By Liz Skinner

+ Zoom

The nation's large broker-dealers are helping to protect financial planners from the threat cyber criminals pose to their business, even as advisers themselves tend to underestimate the risk.

Firms are moving beyond the typical warnings of avoiding public Wi-Fi and changing passwords. Broker-dealers today are testing adviser reactions by sending them fake phishing scams, creating secure instant messaging systems and encouraging use of dual factor identification for clients' email, among other steps.

“The bad actors have gotten even better,” said Mukesh Mehta, chief information officer at Cetera Financial Group, at an InvestmentNews roundtable of broker-dealer technology professionals last Friday.

During the 90-minute discussion, technology executives from four broker-dealers said cybersecurity is one of the most immediate threats facing financial advisers, something echoed by other financial technology experts who worry advisers aren't grasping the severity of the threat.

A former Wells Fargo Advisors Financial Network broker earlier this month was fined $5,000 by the Financial Industry Regulatory Authority for failing to detect a phishing attack that stole $350,000 from a client. She was also fired by Wells Fargo and suspended from the industry for 30 days.

Part of the problem is the high adviser workload that demands multitasking.

Securities America is one of the firms that's sending random emails to its advisers, mimicking phishing scams where the fraudulent communications appear to come from legitimate sources.

Advisers say they get caught in these scams because they are doing eight things at once and they distractedly click, said Doreen Griffith, chief information officer of Securities America.

“By sending these fake phishing emails we hope to remind advisers that you have to pay attention to what you're doing online, and you can't just assume what's being sent to you is not something that you don't want it to be.”

Advisers who click on the tests will be given a short video to watch about the practices they should be following, she said.

Phishing emails are especially dangerous because they may be part of a greater attempt to gather information about a firm or client that can be used to manipulate advisers into believing a transfer request or other action is really from a client or other professional, so-called social engineering attacks.

(More: Verification key to halting cyber scams)

These fintech experts suggest using client vaults to share and store documents for clients, instead of sending them through email, is one way to help.

Commonwealth Financial Network is unrolling a secure instant messaging system within the next couple months for its advisers to use with clients.

“That will be a place to steer those conversations so they're not trapped in their sent mail and they're now over in another place that the bad guys hopefully won't be able to get to,” said Darren Tedesco, managing principal for innovation and strategy at Commonwealth.

It will be integrated with its client app and portal, he said.

Other firms also have such systems in the works, but some point out having the technology is one thing, while getting clients and advisers to use it is another.

“At the end of the day, it gets down to convenience and really that customer experience,” said Ryan Reineke, vice president of technology for Cambridge Investment Research. “Everybody is always on their phone, so unless that communication is easily accessible there's a barrier to adoption in a lot of instances.”

Mr. Tedesco also advocates clients using dual-factor identification — where access to an account is only given after two pieces of information are supplied — for their email systems. Each week Commonwealth tech professionals help about 15 clients because their emails have been hacked and not one of those cases have ever involved a client who was using this extra safety tool, Mr. Tedesco said.

The firms also employ hackers to test the veracity of their own systems and test the third-party contractors they use and integrate with, the tech professionals said.

Broker-dealer tech executives, who right now also are significantly tasked with helping to ease the way for advisers to abide by the pending Labor Department rule on best interest advice for retirement clients, recognize security must underlie every effort.

“Taking the philosophy that you are going to get hacked at some point is basically the only way to operate,” Mr. Reineke said.

0
Comments

What do you think?

View comments

Recommended for you

Sponsored financial news

Upcoming Event

Jun 27

Webcast

Emerging Market Debt: 5 Forces at Work

When it comes to emerging market debt, there are a series of forces that help you drive better results for your clients. In today's continually changing market environment, it is critical to know the forces at play to help keep your investment... Learn more

Accepted for 1 CE Credit from the CFP Board. Approved by IMCA for 1 CIMA®/CIMC®/CPWA® CE credit. Approved for 1 CFA Credit.

Featured video

Events

Pershing's Cirrotti: What's next for the fiduciary rule?

The Department of Labor's new fiduciary rule will have a lasting impact on this industry. Have we finally reached the finish line? Pershing's Rob Cirrotti explains what is to come.

Video Spotlight

Will It Last As Long As Your Clients Do?

Sponsored by Prudential

Video Spotlight

The Catalyst

Sponsored by Pershing

Latest news & opinion

Edward Jones is winning the Google search war

Brokerage firm's digital marketing investment helps land it at the top of local and overall search engine results, report finds.

Voya's win in 401(k) fee suit involving Financial Engines bodes well for other record keepers

Fidelity, Aon Hewitt and Xerox HR Solutions are currently defending against similar fiduciary-breach claims.

Collective investment trusts getting more attention from 401(k) advisers

The funds are catching on due largely to lower costs and more product availability, but come with some inherent drawbacks.

Vanguard rides robo-advice wave to $65B in assets

Personal Advisor Services, four times the size of its closest competitor, combines digital and human touch.

CFPs, including brokers, may have to adhere to a stricter fiduciary duty

CFP Board revises its standards and aims to beef up fiduciary requirements of certificants.

X

Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print