Mortgage & Property

New Insurance Professional

Family Office Bulletin

Mortgage Property

Insurance Professional

Family Office

Securing the digital age – Origo’s Rafferty highlights why advice firms must have robust cyber security protection in place

Balancing adoption of digital processes and protecting against cybercrime are going to be key areas for financial advice businesses in 2021, says Anthony Rafferty, CEO, Origo

News that the FCA had suffered over 80,000 unsolicited emails a month in the last quarter of 2020, included phishing emails and malware attacks, should have set alarm bells ringing across the financial services industry – if they weren’t doing so already.

Cybercrime attacks have increased substantially since the onset of the coronavirus crisis, as cybercriminals have been taking advantage of the necessity for firms to implement home working as well as the general increased use of online services, to put out a flood of phishing and scam emails, looking to capture individuals’ personal and financial details as well as penetrate companies’ security systems.

Cybercrime is now big business and criminals know that it is easier to get an individual to make a mistake when reading an email than it is to hack a company’s software. Furthermore, the odds are stacked in the cybercriminals’ favour, as they only have to get lucky once to access someone’s email or a business’s system, whereas individuals and companies have to be constantly vigilant against these attacks.

Once a criminal has access to someone’s email they can use it to obtain confidential information and attempt identity fraud. A recent Financial Ombudsman Service (FOS) ruling on an identity fraud is a case in point and serves to highlight the need for advice firms to put in place robust cyber security protection.

The FOS ordered the advice firm in question to reimburse a client who had lost money transferred from her SIPP by the firm, following receipt of an email seemingly from the client but in fact from a fraudster impersonating the client.

Be vigilant

While this case dates back to late 2018, attempts at this type of fraud are now not uncommon in the financial advice market. There is plenty of anecdotal evidence of advice firms receiving emails from clients requesting money to be transferred which on investigation are discovered to be an attempt at fraud. More often this is enabled by the criminal gaining access to unsecured emails which often gives them all the information they need to perpetrate a fraud attempt.

Take action

A first, simple and effective way for firms to protect themselves and their clients when communicating on financial transactions and confidential information, is to employ robust email encryption.

In the type of case ruled on by the Ombudsman, as an example, a firm using encrypted email with a challenge question known only to the client, first could have helped prevent hacking of emails between the client and the firm – which provided the criminal with the details they needed to perpetrate the fraud – and second, would have ensured that the person communicating with the firm was the client.

At the same time and against this backdrop, there is a very real need for the industry to move forward with digitisation of its processes if it is to be able to deliver the level and quality of service expected by consumers in the age of Amazon Prime.

As this occurs, advice firms are likely to be amongst the first to benefit, as they will not only be able to deliver a faster more efficient service for clients but also achieve cost savings within their businesses.

Arguably, one of the positive effects of the Coronavirus pandemic for many financial services businesses has been to confirm the viability of remote working. The potential to increase efficiencies, reduce costs, increase profitability and improve the wellbeing of employees, has not been lost on leading companies.

Similarly, reducing time-consuming administration tasks through efficient use of technology, as well as reducing costs for a business also allows staff to be employed in the elements of the business that technology cannot deliver, those that require the human touch. Currently, people buy from people, rather than machines.

Greater integration of systems

Which is why one of the key advances I believe we will definitely see this year is the greater integration between the systems of platforms, asset managers, pension providers, adviser back-offices and software, enabling the more effective processing of data between them. We can expect that pre-population of details, account opening, valuations and remuneration, amongst others, will increasingly be things that happen in the background with little or no human intervention, with audited tracking where appropriate, allowing adviser firm staff to focus on delivering quality service to clients.

Review your processes

Another aspect the pandemic has thrown into sharp relief, is where the industry’s processes are lagging behind the times. This was brought home to me personally in the past year when instructing a new financial adviser and going through the very manual, inconsistent and paper-based Letter of Authority process.

For the industry to develop and better serve its end customers, it has to embrace more openly digital processes – and sooner rather than later. Digital Letters of Authority and digital signatures are easy examples of where things could and are being improved, for instance in the greater adoption of digital signatures by platforms and providers during the pandemic.

There is an imperative here. As an industry and as businesses we need to be using technology more effectively to help improve our efficiencies and profitability, whilst employing sensible precautions to protect against those who seek to exploit our vulnerabilities – human and technological – for criminal gain. The good news is that there are solutions coming to or already in the market that make both readily achievable.

In summary

There are three steps advice firms can take to help mitigate cybercrime:

  1. The first step is to understand the risks and where the risks lie in the value chain – is it between providers and advice firms, i.e. are providers and platforms still insisting that advisers send client details in an unsecure manner; or is it between the adviser and the client, such as via unencrypted email?
  2. Put in place appropriate controls, particularly for inward and outward communications, which will include technology solutions such as system protection and encrypted emails, formal processes and procedures, staff awareness and training.
  3. Finally, think ahead and be prepared. Have a written policy and instructions for staff to follow where fraud is detected or to manage an attack.




This Week’s Most Read

  • Sir Keir Starmer in pub brawl?

    Predictions of scuffles in pubs came true today, with a landlord being ejected from his own pub by interlopers. Sir Keir Starmer had been listening

  • Class of 2021 retirees at risk of running pension pots dry

    Two thirds (66%) of 2021 retirees risk not having the pension savings to sustain their planned retirement income, according to a new report launched today

  • Sir Keir Starmer, pubs and COVID – taking the piss, not taking a piss..

    We thought you weren’t allowed into pubs these days? Incredible scenes erupted today outside the Raven Pub in Bath, as Sir Keir Starmer was confronted

  • New financial advice service from Vanguard aimed at retirement savers

    Designed for investors saving for retirement, Vanguard Personal Financial Planning launches on the award-winning Vanguard UK Personal Investor platform – vanguardinvestor.co.uk/financial-advice. The service offers personalised

  • The Coming Decade for Climate Solutions

    Randeep Somel, Fund Manager, M&G Climate Solutions Fund, is finding reasons to be cheerful as he uncovers some of the powerful drivers of change which

  • Deepbridge achieves record EIS fundraising levels

      Record £29 million deployed across 37 growth companies Deepbridge attributes success to intermediary relationships and sector focus Venture capital investment manager Deepbridge Capital today

  • A Positive Charge

    Ben Constable-Maxwell, Head of Impact Investing at M&G Investments, is one of the driving forces behind the move to integrate ESG, sustainability and impact investing

  • The Superbia Group commits to accountability and living its core values with the formation of a new independent ESG Advisory Board

    The Superbia Group has today signalled its intent to live its values by announcing the appointment of a new independent ESG Advisory Board. The new

  • Advice firm highlights how growing reputation boosts referrals amid pandemic

    National financial advice firm, Tenet&You, which opened its new offices at Haddington in December last year, has reported an increase in new business since the

  • A SPAC-tacular surge

    Written by Christopher Butcher, Momentum Global Investment Management During a period of extreme volatility and a global pandemic, the initial public offering (IPO) market had

IFA Magazine

Keep updated on the most important financial events 

Make sure you are an informed

wealth professional..

Adblock Blocker

We have detected that you are using

adblocking plugin in your browser. 

IFA Magazine