Since advisory firms left their offices in mid-March for an indefinite period of working remotely, industry regulators and cybersecurity experts have been warning about a potential uptick in fraudulent activity and network attacks.
While all firms need to be vigilant about new threats in a time of video meetings and living room offices, the 2020 InvestmentNews Adviser Technology Study presents several findings that underscore the particular vulnerabilities of smaller firms.
The annual study is based on a survey of hundreds of advisory firms that was completed just as most US cities began pandemic-related lockdowns, providing a snapshot of technology in the industry as it entered a new normal. Among other things, the study examines technology policies and practices at firms in different size cohorts.
Unsurprisingly, larger firms were more likely to report having fallen victim to a cyberattack. Twenty-nine percent of the largest firms in the study – those with multiple professionals and more than $10 million in annual revenue – said they had experienced a data breach in their history, compared with only 2% of practices revolving around a single professional. Not only are these firms more lucrative targets; larger staffs also give scammers more points of attack.
That may be why the largest firms seem more attuned to the risk. Although about 90% of firms of all sizes had general cybersecurity procedures in place, the biggest firms were more detailed in their documented policies. Most crucially for the new remote work environment, only 43% of solo firms had policies on the use of nonbusiness devices for work, compared with 83% of the largest firms. Although the gaps were not as significant, large firms were also more likely to have encryption on all devices and continuity-of-business plans in place.
Smaller firms have been less likely to experience a breach of client or firm-level information in the past, but experts caution that increased electronic communication and hastily arranged remote work environments have led to a surge in all categories of cyberattacks. For some of these firms, the financial and reputational fallout from a data breach could mean the end of their business. Fewer than half of solo firms have E&O insurance that covers cybersecurity liability without a sublimit, and only 26% own supplemental insurance policies, compared with 75% of the largest firms.
To be sure, a volatile market and an unprecedented disruption to business will make it harder than ever to focus on new technology investments, especially for smaller firms with already limited budgets. But with scammers casting a wider net, every firm will be a target. Every firm, regardless of size or prominence, should be prepared.
For more information on adviser technology, download the 2020 InvestmentNews Adviser Technology Study If you have any input or ideas for upcoming research, please contact the IN Research team at [email protected].
Nearly half of single Americans think their net worth shapes their fate in dating, but the biggest financial green flags tell a different story.
The hybrid RIA is the latest firm to face allegations that it enriched itself at customers' expense by paying unfairly low interest rates in its cash sweep programs.
Installed after Dan Arnold's abrupt termination, the new leader at LPL Financial is highlighting the firm's refocusing on the individual advisor.
The clearing and custody giant is kicking the tires on new cash sweep plan with broker-dealer clients.
LPL Financial welcomes a $345 million investment and planning team from Ameriprise as RayJay's employee advisor arm adds a seasoned Well Fargo breakaway.
From 'no clients' to reshaping wealth management, Farther blends tech and trust to deliver family-office experience at scale.
Blue Vault features expert strategies to harness for maximum client advantage.