With electronic communication between fund managers, platforms and financial advisors becoming more common, financial advisors are assuming an important responsibility for many of the fraud risk mitigation procedures.
Advisors fulfil a critical role in communicating and verifying clients’ personal details such as addresses, contact information and bank account details to product providers. Fraudsters looking to commit identity theft are increasingly targeting financial services providers (FSPs).
Criminal syndicates pay micro lenders for the personal details of borrowers who fall in arrears. Bank, mobile phone companies and FSPs employees are directly targeted to assist with ‘inside jobs’.
How? Be aware of the personal financial situation of your staff as recent fraud perpetrated within the industry highlighted that financial advisors’ administrative staff were being targeted.
Ensure that you authenticate all communication, especially when it is initiating a transaction and sent electronically, and that the bank details are correct.
How? It is good practice to have two different administrative staff members approve and process changes to clients’ personal details. Telephonically verify any change in bank details.
Usernames and passwords used to access product provider’s websites are often similar and shared by administrative staff. When fraudsters hack one account, they can access others too.
How? Have unique usernames and passwords for each of your accounts.
Emails are intercepted and fraudsters alter personal information, particularly banking details, in an email before it reaches the recipient.
How? Control access to your business premises, communication facilities, storage and filing systems, and introduce recording and monitoring of access, and use of all systems. Don’t send unprotected excel files with client details or forward copies of client statements to other third parties.
A common example is the submission of a redemption instruction shortly after changes to client contact and banking details.
How? These instructions should undergo enhanced due diligence processes by the financial advisor and the product provider to verify their authenticity. Be wary of any deviation from a client’s normal behaviour must be fully investigated to ensure early detection of any fraudulent activity.
Use technology to keep a record of all transactions.
How? Modern technology, such as recorded telephone lines, system audit logs, one time password/two factor authentication, all are aimed to make it difficult for fraudsters.
Use our Sign Online feature to request and obtain client approval.
How? Sign Online uses multi-factor authentication to verify that only the right person can see and approve transactions. The email does not contain any sensitve information and a OTP is required to view and approve – protecting you and your client should their email be intercepted.