Written by Amanda Jackson, head of technology at Equilibrium Financial Planning
In an age defined by rapid digital advancements, many aspects of finance now transpire online. Whilst clients’ ability to manage their money with the click of a button enables greater autonomy and efficiency, this digital dominance comes with intensified vulnerabilities.
Financial institutions have implemented rigorous processes to protect clients’ assets, but cyber criminals are continuously evolving their tactics as the systems underpinning the finance sector grow more complex. With these developments causing an unprecedented surge in cyber threats, financial planning firms now have a responsibility to raise awareness and encourage good practice.
Below, we’ll discuss why educating clients on emerging cyber security threats now forms an integral part of the profession.
Client losses
Cyber-attacks are constantly evolving and criminals are becoming more sophisticated in their approach, so it is more important than ever for financial advisers to stay informed on emerging threats and technologies that could compromise their clients’ financial wellbeing and stability. Without passing on knowledge of recent phishing scams and malware attacks, advisers are failing to fulfil their obligation to promote clients’ overall wellbeing.
In practice, clients who are not familiar with the use of technology or online services are at a disadvantage and are increasingly vulnerable to having substantial sums of money drained from their accounts or having their personal information compromised.
However, it isn’t only direct financial losses clients may experience. There are also the potential legal fees and time taken to recover lost funds, missed investment opportunities, and the resulting financial stress that clients must contend with.
Reputational damage
A lack of cyber education can have severe and far-reaching consequences for clients, but the same is true for advisers. Failure to promote secure online habits that prevent account infiltration could significantly erode the trust on which adviser-client relationships are founded. Clients may feel the adviser has failed in their duty of care, with the loss of goodwill and trust causing them to seek financial guidance elsewhere.
More broadly, negative perceptions around cyber security readiness could damage the adviser’s reputation. Other potential clients may see someone who has neglected their duty to educate in a crucial area of financial management, limiting business growth for the company at large. If client data or assets are compromised in a breach, financial advisers may also face regulatory penalties and investigations for failing to follow cyber security best practices and protocols around data protection.
Mitigating threats
The consequences of cyber attacks are clear, so which measures should advisers share with clients to mitigate these threats?
Firstly, understanding the hallmarks of phishing attempts is key to avoiding scams designed to steal personal information. These commonly arrive as emails mimicking banks or government agencies that convince clients to click malicious links granting access to their devices. Clients should always be informed about the intentions of these schemes and advised to immediately delete the messages. Equally, having a dedicated client portal with robust security means clients can be confident when communicating with their financial planning firm and avoid the vulnerability of email interactions.
Advisers must reiterate to clients that they should avoid using public WiFi when accessing online accounts and instead use mobile data or wait for a secure WiFi.
They should also recommend using secure websites, denoted by https:// and padlock icons. Similarly, clients should be encouraged to create complex passwords with multiple character types. Enabling two-factor authentication adds another layer of user validation beyond just passwords, while password managers can store multiple unique logins safely, rather than writing them down.
Exercising discretion around sharing documentation or information online limits opportunities for clients to fall victim to cybercrime. Additionally, downloadable antivirus software and firewalls add supplementary barriers against malware and hacking.
Accounting for digital risks
Attackers are constantly innovating more ingenious scams, so maintaining an open dialogue with clients around these emerging threats is paramount to preserving their financial health. Beyond reactive warnings, advisers might also proactively demonstrate useful tools, like virtual private networks or encrypting sensitive data.
Ultimately, for advisers to demonstrate truly holistic management of client interests, it is now essential to account for digital risks alongside traditional portfolio guidance. Helping clients to establish careful online habits not only helps to preserve their hard-earned savings, but it also upholds the relationship between advisers and clients who place their trust and future security in advisers’ hands. By respecting this responsibility, advisers can empower clients to protect themselves and avoid the potential breakdown of credibility, reputation, and regulatory compliance.
