Virtually every week, it seems, Americans hear about data breaches and mass identity theft.
In an era when many advisory practices rely on technology to efficiently manage client relationships, clients are therefore concerned about risking their private information.
“Most clients allow us to use virtual vaults or portals to transmit information to them, as well as account aggregation to efficiently manage their financial information,” says Leslie Thompson, managing principal at Spectrum Management Group Inc., a wealth management firm in Indianapolis.
“We are confident in the level of control relative to risk that our third-party providers have secured, but no system is immune to a breach. Therefore, we provide our clients with information about the security controls that we and our third-party providers maintain,” Thompson says.
“Ultimately, the choice to relay information electronically is the decision of each client,” she says.
ON CLIENTS' MINDS
Robert A. Brooks, a certified financial planner and the vice president and relationship manager at Cleary Gull, a Milwaukee-based wealth manager, has guided seminars for clients on cybersecurity, and knows what most concerns clients.
“Clients often know someone whose information has been compromised, including their own. They ask if any information source is immune, who can they trust to protect their identity?” Brooks says.
“We have taken a very conservative approach for that reason. Our recommendation is to sign up for identity protection and computer virus services and use good common sense when it comes to password management,” Brooks says.
“The noise in our industry around cybersecurity is ramping up every day,” he says. “Our clients have had concerns but they are relieved by the steps that we’ve taken to protect their information and identity.” On a long list of actions taken by his firm, Brooks includes hiring a managed security service provider to review network traffic, simulated email phishing tests, and third-party risk assessments.
Advisors should continually update their clients and staff about cybersecurity, as new risks are always surfacing, Thompson says.
“Education can include the actions clients can take and tools they can use to remedy those risks, such as using a password manager. For example, we have told clients about BillGuard, an app that monitors merchants or companies that have disclosed being hacked,” Thompson says.
“BillGuard immediately notifies you if you shopped at any of them during the time period in which customer data was stolen,” she says. “In addition, the app monitors accounts for suspicious transactions and allows individuals to report the transaction or contact the merchant from within the app.”
Cybersecurity notices can also alert clients about lesser-known threats.
“For example, we recently warned clients to shred their airline boarding passes rather than throw them in the trash. There is a surprising amount of personal information that crooks can access from the barcode on the pass,” Thompson says.
Simple steps such as shredding, for instance, may save a lot of stress.
Donald Jay Korn is a New York-based financial writer who contributes to Financial Planning and On Wall Street.
This story is part of a 30-day series on leading tech trends for advisors.