If financial advisers don’t start securing customer communication channels, then the regulator is likely to make an example of them, according to experts.

Speaking at the Empowering Advice Through Technology conference yesterday, Origo Services managing director Anthony Rafferty pointed out that more than half of the Financial Conduct Authority’s most recent Business Plan for the industry made reference to cyber security measures.

“The FCA is clearly taking this stuff seriously, so I expect that if they find firms that aren’t encrypting emails to and from customers and providers, they’ll be looking to make an example of them,” he commented.

“Aside from potential fines, I think consumers are increasingly discerning about their data and may well vote with their feet if they don’t feel secure.”

Paul Holland, chief executive at Beyond Encryption, said that while the problem of identity substitution fraud was not new - referencing warnings made by the regulator 11 years ago - the scale of the threat is now much greater.

Moderator and Financial Technology Research Centre director Ian McKenna cited a recent FBI report suggesting that cyber criminals were increasingly targeting financial services firms and noted that customers long-term savings and pensions were potentially a much bigger prize than their current accounts.

He also said that he’s heard of several pension and investment providers which actually do not accept encrypted messages from advisers, arguing that the poor security practices are not just an adviser problem.

“As someone said earlier, sending unsecured email is akin to sending customer documents on the back of a postcard,” McKenna added.

Share Story: