Cybersecurity Best Practices: 6 Tips

Security experts say it's now crucial for advisors to understand that the fraud landscape has changed: Planners and their clients are both targets, and new federal rules (and custodians' policies) make advisors primarily responsible for fraud prevention. 

Advisors and other experts recommend a number of techniques for keeping clients safe:
Use multiple sign-offs. To ensure no one has cut any corners, require that multiple people approve a disbursement. “Any request for money gets looked at by several people in our firm,” says Roger Pine, a partner at Briaud Financial Advisors. “On one of the fraud attempts we caught last year, a couple of employees were fooled, but the main advisor on that client was not.” 

Be cautious about email. Planner should think twice before sending sensitive information via email. “Either don’t send private information over email, or consider encrypting the information,” says Justin Kam of National Compliance Services. One state — Massachusetts — even requires that planners encrypt personal information sent by email. A secure Web portal, a program that encrypts and password-protects emails, or even registered U.S. mail can help avoid information leaks.

Teach clients electronic hygiene. Advisors are eager to adopt anti-fraud practices, says William R. French of Fidelity Investments. “The bigger challenge is getting customers engaged, to make them understand that there are threats out there and that there are things they can do to protect themselves,” he says. Send password-protected emails and ask clients to either follow suit or mail documents back to you. And remind clients that, if they don’t recognize an email, they shouldn’t open it or click on an enclosed link.

Secure your own electronic office. Throw old emails away. Keep documents offline or behind a firewall. Though scams tend to originate in hacked client email, rather than through online financial dashboards or planners’ electronic records, it’s still wise to look out for cyberviruses.

Secure your physical office, too. Though it’s less common than electronic prying, physical theft is a concern for planners who keep clients’ paper records. Many firms have burglar alarms. Pine insists that no staff members go home until their desks are cleared off and locked. “We want it to be inconvenient to get to our most valuable property, which is our client information,” he says. If someone breaks in, his system lets him know what the burglar has and which clients he should alert to change account passwords or email providers.

Expect criminals to evolve. The fraud preventatives that work now probably won’t work forever. “As criminals continue to hone their skills, it’s vital for anybody in the financial services industry to continuously review their internal measures to prevent fraud,” says Spraker Wealth Management advisor John M. West III. “Things change quickly.”

Ingrid Case, a Financial Planning contributing writer in Minneapolis, is a former editor at Bloomberg News and author of Your Own Two Feet (and How to Stand on Them): Surviving and Thriving After Graduation.

Read more:

For reprint and licensing requests for this article, click here.
Practice management Financial planning Client strategies Technology
MORE FROM FINANCIAL PLANNING