How to protect your practice from fraudsters
You are an important link
With electronic communication between fund managers, platforms and financial advisors becoming more common, financial advisors are assuming an important responsibility for many of the fraud risk mitigation procedures.
Advisors fulfil a critical role in communicating and verifying clients’ personal details such as addresses, contact information and bank account details to product providers. Fraudsters looking to commit identity theft are increasingly targeting financial services providers (FSPs).
Know your staff
Criminal syndicates pay micro lenders for the personal details of borrowers who fall in arrears. Bank, mobile phone companies and FSPs employees are directly targeted to assist with ‘inside jobs’.
How? Be aware of the personal financial situation of your staff as recent fraud perpetrated within the industry highlighted that financial advisors’ administrative staff were being targeted.
Verify instructions from clients
Ensure that you authenticate all communication, especially when it is initiating a transaction and sent electronically, and that the bank details are correct.
How? It is good practice to have two different administrative staff members approve and process changes to clients’ personal details.
Minimise risk around passwords
Usernames and passwords used to access product provider’s websites are often similar and shared by administrative staff. When fraudsters hack one account, they can access others too.
How? Have unique usernames and passwords for each of your accounts.
Protect your client’s information
Emails are intercepted and fraudsters alter personal information, particularly banking details, in an email before it reaches the recipient.
How? Control access to your business premises, communication facilities, storage and filing systems, and introduce recording and monitoring of access, and use of all systems. Don’t send unprotected excel files with client details or forward copies of client statements to other third parties.
Lookout for high risk transactions
A common example is the submission of a redemption instruction shortly after changes to client contact and banking details.
How? These instructions should undergo enhanced due diligence processes by the financial advisor and the product provider to verify their authenticity. Be wary of any deviation from a client’s normal behaviour must be fully investigated to ensure early detection of any fraudulent activity.
Track transactions electronically
Use technology to keep a record of all transactions.
How? Modern technology, such as recorded telephone lines, system audit logs, one time password/two factor authentication, all are aimed to make it difficult for fraudsters.