Since October is National Cybersecurity Awareness Month, this is a good time to reflect on the many high-profile security breaches that have made headlines this year.
Yahoo announced that the security breach it suffered back in August 2013 compromised every single one of its customer accounts. Up to 143 million Americans may have had their sensitive financial information compromised when Equifax was hacked. A detailed forensic analysis undertaken by the Securities and Exchange Commission (SEC) found that information was compromised when the regulator’s EDGAR system was hacked. The WannaCry cyber-attack caused global panic in May, and it was quickly followed by another international cyber-attack, which first hit computer systems in Ukraine and then spread to the U.S. and other countries.
That’s quite a list. In light of these jolting events, the most productive way for financial services and other highly regulated firms to observe National Cybersecurity Awareness Month is to ask themselves if they can answer “yes” to the question, “Are you doing all you can to protect your data properly?”
It’s no secret that cyber-attacks continue to become more sophisticated, and expansive. This past June, an international cyber-attack that first hit computer systems in Ukraine quickly spread to the U.S., Denmark, Australia, and other countries. That attack occurred only a month after the WannaCry cyber-attack caused panic around the world.
Colorado is on track to become the first U.S. state to mandate broker-dealers and fund managers to follow certain procedures to minimize the risk of data breaches by cyber-criminals. This development comes on the heels of New York’s cybersecurity requirements for banks, insurance companies, and other financial institutions regulated by the New York State Department of Financial Services, which went into effect this past March.
In light of the global WannaCry cyber-attack, the rising number of advisors breaking away from wirehouses need to place cybersecurity at the top of their list of priorities as they build their practices.
Approximately 65 advisory teams and individuals departed from wirehouses, established RIAs or independent broker-dealers last year, more than triple the number of breakaways in 2013, according to data from DeVoe and Company. The firm attributes this ongoing breakaway surge to the expiration of the many forgivable loans that wirehouses signed in order to retain or add advisors during the financial crisis of 2008-2009. Now that seven years has passed, and these loans are coming due, the advisors who were given these financial packages are considering their options.
Big banks are not the only ones taking a stronger interest in the cloud.
Cloud-based platforms are on the rise among both large banks and the financial departments of North American companies. Higher regulatory hurdles and staffing costs are a big factor, according to recent news reports. But so is a growing sense of comfort with the technology on the part of business leaders.
Successful bosses at RIAs and broker-dealers have been known to track technology trends unfolding at national and global corporations. In addition to gaining insights about innovative operational processes, wealth management leaders can strategize about how to adapt the most suitable of them for their firm’s needs.
Your firm’s cybersecurity deserves more than a trusting handshake and a blind eye.
Trust is the foundation of any worthwhile relationship, and wealth management is no exception. So it may feel odd to implement stringent controls over user-access permissions to your firm’s operating system. Instead, view this as a valuable method of protecting people you care about. It could save your firm from costly cyber breaches, embarrassing reputational scandals and onerous regulatory pressure in the future.
This blog post is for those advisors who are contemplating the big move, leaving the big institution behind, and setting up for themselves.
Perhaps you’re joining forces with a small band of like-minded associates, or maybe you’re going it alone. Whatever’s brought you to this point (frustrations with your employers inflexible business model, the limitations of their proprietary solutions, a wish for greater compensation or a better work/life balance) a common factor among entrepreneurial advisors is the desire to start with a clean slate. New RIAs invariably want their operations to be more personalized, more adaptable, and more efficient.
Still on the fence about whether it’s time to switch to a cloud-based IT solution? If you’re like most leaders at elite RIAs and broker-dealers, you want to use the technology that meets all the operational and financial needs of your business, while not putting your firm in security or compliance risk. However few financial experts are also technology experts, so deciding what your firm needs and how much your firm should spend on IT can be baffling.
We urge financial executives to do a thorough cost analysis of how building a robust IT solution in-house compares with outsourcing those needs to an elite provider of secure cloud computing. Look at current actual expenditures as well as those mandatory investments needed to be productive, secure and compliant over the course of six years. That’s how long the average in-house solution lasts before new technology emerges, at which point firms often conduct major IT overhauls.
On September 15th, the SEC issued a new Risk Alert that registered broker-dealers and investment advisors need to follow very closely, or face regulatory scrutiny.
The leaders of growing RIA practices cited “the need to work on and in the business simultaneously” among the leading threats to their business. In a survey conducted by WealthManagement.com, this challenge came out ahead of market competition, managing clients, pressure on fees, and losing staff.