Since advisory firms left their offices in mid-March for an indefinite period of working remotely, industry regulators and cybersecurity experts have been warning about a potential uptick in fraudulent activity and network attacks.
While all firms need to be vigilant about new threats in a time of video meetings and living room offices, the 2020 InvestmentNews Adviser Technology Study presents several findings that underscore the particular vulnerabilities of smaller firms.
The annual study is based on a survey of hundreds of advisory firms that was completed just as most US cities began pandemic-related lockdowns, providing a snapshot of technology in the industry as it entered a new normal. Among other things, the study examines technology policies and practices at firms in different size cohorts.
Unsurprisingly, larger firms were more likely to report having fallen victim to a cyberattack. Twenty-nine percent of the largest firms in the study – those with multiple professionals and more than $10 million in annual revenue – said they had experienced a data breach in their history, compared with only 2% of practices revolving around a single professional. Not only are these firms more lucrative targets; larger staffs also give scammers more points of attack.
That may be why the largest firms seem more attuned to the risk. Although about 90% of firms of all sizes had general cybersecurity procedures in place, the biggest firms were more detailed in their documented policies. Most crucially for the new remote work environment, only 43% of solo firms had policies on the use of nonbusiness devices for work, compared with 83% of the largest firms. Although the gaps were not as significant, large firms were also more likely to have encryption on all devices and continuity-of-business plans in place.
Smaller firms have been less likely to experience a breach of client or firm-level information in the past, but experts caution that increased electronic communication and hastily arranged remote work environments have led to a surge in all categories of cyberattacks. For some of these firms, the financial and reputational fallout from a data breach could mean the end of their business. Fewer than half of solo firms have E&O insurance that covers cybersecurity liability without a sublimit, and only 26% own supplemental insurance policies, compared with 75% of the largest firms.
To be sure, a volatile market and an unprecedented disruption to business will make it harder than ever to focus on new technology investments, especially for smaller firms with already limited budgets. But with scammers casting a wider net, every firm will be a target. Every firm, regardless of size or prominence, should be prepared.
For more information on adviser technology, download the 2020 InvestmentNews Adviser Technology Study If you have any input or ideas for upcoming research, please contact the IN Research team at [email protected].
The Charity Parity Act would eliminate a costly IRA rollover requirement that blocks direct charitable transfers from workplace retirement plans.
A last-minute court filing ends a case against the federal tax-collecting agency that had drawn unprecedented conflict-of-interest questions from Democratic critics.
Advisors discuss their use of AI now and how it will change going forward
Medicare scam, pandemic benefit theft, offshore tax evasion — federal prosecutors are casting a wide net.
Report finds that pension income acts as a financial lifeline for retirees facing late-life shocks and raises urgent questions about the DC-only future.
As technical expertise becomes increasingly commoditized, advisors who can integrate strategy, relationships, and specialized expertise into a cohesive client experience will define the next era of wealth management
Growth may get the headlines, but in my experience, longevity is earned through structure, culture, and discipline
