Advisers arming themselves against cyberattacks

Ensuring all employees know the drill is key to avoiding a practice being compromised.
JAN 07, 2015
Financial advisers are changing their systems and procedures to protect clients and their own firms from the rising incidence of cybersecurity breaches. Advisers are taking such steps as verifying money requests, being more careful about passwords, banning client data from laptops and conducting annual cybersecurity audits to make sure they are protected from online criminals. Heron Financial Group has taken the aforementioned steps, and now its executives are working to make their customer relationship management system more secure. They also are looking to buy cybersecurity insurance, which increasingly is being offered by the same firms that provide advisers with errors and omissions policies. “We're never going to be 100% secure, but if you're at 99%, you're not the lowest hanging fruit,” said Dave Edwards, founder of Heron Financial Group. “Let hackers go after those firms.” ( 10 ways advisers can improve their cybersecurity) In two instances this year, someone took over a client's personal e-mail account, tracked emails from Heron Financial Group and then sent e-mails appearing to be from the client asking for funds to be wired. The firm's staff recognized something was off in the language of the e-mail and called the clients, foiling the fraud. “Cybersecurity has to be one of our top business issues because we could be out of business overnight if our systems are compromised,” Mr. Edwards said. In fact, cybersecurity has become a top business issue for many financial advisers as attacks against financial service firms are becoming more frequent and widespread. The Securities and Exchange Commission even stepped in four months ago issuing a detailed list of questions it may ask advisory firms when they are examined. Mr. Edwards commended the SEC for being proactive on this important issue and said the checklist is helpful to firms. “You'd be an idiot not to go down it,” he said. Compliance professionals are getting the message. Three-quarters of financial compliance professionals listed cybersecurity as one of the firm's top issues in 2014, according to a recent survey by the Investment Adviser Association, ACA Compliance Group and Old Mutual Asset Management. Only 14% feared cybersecurity issues in 2013. “If your business is not prepared to deal with potential cyber attacks, proprietary and other key information is at risk,” said David Tittsworth, chief executive of IAA. “And all firms, regardless of size or sophistication, must deal with potential cybersecurity threats resulting from employee behavior, whether deliberate or inadvertent.” Mr. Tittsworth believes many firms are still in the early stages of putting together programs to judge their risks and crafting the appropriate protocols to detect, respond and recover from cyber threats. Daniel Bernstein, director of research and development for compliance consultant MarketCounsel, said many advisers have had threats or heard about increasing problems this year and are being more vigilant about implementing the policies and procedures they already had in place to protect client data. “Phishing scams have become more sophisticated and advisers have found themselves being used as part of an identity theft program,” Mr. Bernstein said. “You don't want clients to think you could have been in a position to stop it.” It's important that advisers educate all their employees about cybersecurity procedures because the firm is only as safe as its weakest link, he said. “If one person gets that phone call or e-mail that's been compromised, and if they don't have knowledge of the steps the firm has in place, the firm's at risk,” Mr. Bernstein said.

Latest News

IRA assets swell to $19.2 trillion as 401(k) rollovers drive growth
IRA assets swell to $19.2 trillion as 401(k) rollovers drive growth

IRAs now hold nearly twice the assets of 401(k) plans — and most of that money didn't arrive through annual contributions.

Women feel confident about saving, but many still keep cash in low-yield accounts
Women feel confident about saving, but many still keep cash in low-yield accounts

A new survey finds that many women prioritize financial security but continue to leave savings in accounts that may not keep pace with inflation.

SEC seeks comment on prediction-market ETFs after May pause
SEC seeks comment on prediction-market ETFs after May pause

Roundhill, Bitwise and GraniteShares funds remain on hold while the agency weighs how novel ETFs should be regulated.

Dump investment banks, buy alternative asset managers, says Oppenheimer
Dump investment banks, buy alternative asset managers, says Oppenheimer

"Shares of alternative assets managers have lagged this year as investors grow wary of private-credit exposure."

TaxStatus rolls out rules-based tool to flag advice gaps
TaxStatus rolls out rules-based tool to flag advice gaps

The fintech platform is touting a new AI-free Planning Observations feature, which draws on IRS tax records to uncover opportunities for advisors.

SPONSORED Who builds the income when the pension disappears?

Dan Biagini of American Equity says the steady decline of pensions, longer lifespans and a reset in interest rates are rewriting how advisors build retirement income

SPONSORED Why direct indexing stopped being optional

Direct indexing is on pace to outgrow ETFs and mutual funds. Northern Trust's Ken Lassner explains why the advisors who get it wish they had started sooner.