Please be aware of scammers falsely impersonating HUB24 representatives. HUB24 will never contact you regarding potential investment opportunities. Please click here for more information.
Following the release of ASIC’s findings on a high-profile case involving a large licensee a few years ago, Centrepoint Alliance ramped up its focus on cybersecurity.
According to Group Executive for Technology Solutions, Tanya Seale, the case made it clear that licensees are responsible for the cybersecurity for their advisers.
“If you go through the judgement, you can see you can’t just have standards and leave it up to advisers to implement it. You have to have some form of oversight.”
This case together with a business email compromise a few years earlier, prompted Centrepoint Alliance to set internal standards and to mandate cyber requirements for its adviser network.
It established a cyber standard which included ten mandated measures its adviser network was required to adopt within a 12-month period. The cyber standard included measures ranging from patching to multi-factor authentication and mail and web content filtering.
The measures included a third-party external review of practices to confirm they had met the minimum standards. New firms joining Centrepoint Licensees have 12 months to implement the mandatory measures.
Seale said as a licensee, you are very aware of the fine balance that needs to be walked with advisers when mandating these changes, but said it was met with relief by some advisers.
“A lot of financial planning businesses tend to be smaller businesses. They’re juggling 150 balls in the air and being a cyber expert probably isn’t one of them. They said, ‘I’m glad you’ve just told us what to do because I can give this to my IT person because I don’t know what to do’.”
Tanya Seale
Group Executive for Technology Solutions
Centrepoint Alliance
Learn more about our all-in-one secure client portal
Two decades ago, important documents were sent in the mail and stayed in our letter box until we collected it, but this has been replaced with email and cluttered inboxes, leaving it prone to cyber security threats.
Cybercrime involves activities such as compromising emails and online banking fraud, which according to the Australian Government’s Australian Signals Directorate (ASD), currently make up the top three cybercrime types for business.
Although the Australian Investment and Securities Commission’s (ASICs) does not prescribe technical standards on cybersecurity, there is an expectation for licensees to address cyber risk as part of their AFS licence obligations, including risk management.
With cyber now listed as a major risk for the company, client portals have enabled Centrepoint Alliance’s adviser network to meet its mandated cyber standard and to facilitate client engagement and security.
Two decades ago, important documents were sent in the mail and stayed in our letter box until we collected it, but this has been replaced with email and cluttered inboxes, leaving it prone to cyber security threats.
Cyber threats – Current response from financial professionals
Despite financial professional’s concern over cyberthreats, most have not acted fast enough and taken advantage of the appetite for change and the tail winds provided by government websites, cyber campaigns and media coverage.
Over the past decade, Government and regulators have built a framework of governance for businesses to provide them with a structured approach to cyber-incidents and accountability.
Developing a cyber risk management plan takes some time, but there are some strategies that financial professionals can put in place while it does this, including multi-factor authentication and protecting domain names.
Trends from the US – What does this mean for your business?
Research in the US by Adviser 360 has found advice businesses that fail to invest in technology solutions to be more productive and better able to satisfy their clients, run the risk of being left behind.
Consolidated logins where customers use one login to access a range of services is now the norm and they have become a common way for people to engage with their service providers, setting the standard on client experience.
It’s time to transition to client portals – A case study
With cyber now listed as a major risk for the company, client portals have enabled Centrepoint Alliance’s adviser network to meet its mandated cyber standard and to facilitate client engagement and security.
Whole of wealth approach with client portals – A case study
An early adopter of client portals, Sherlock Wealth’s Owner and CEO, Andrew Sherlock, said it’s an integral piece of technology that his business uses with many of its clients.
Break the reliance on email – Together, we can make a difference
Financial professionals, as trusted advisers, can take a leadership position in ensuring data security with their clients, leveraging client engagement to provide them with a reason to do it.
