Financial advisers have been prepared for the latest wave of cyber attacks and were thus able to fend off the threat that engulfed the business world over the weekend, a number of the profession have told Professional Adviser.
From Friday and over the course of the weekend, several organisations in the UK including the NHS were hit by a security threat called ransomware, a software that locks a computer and demands payment before allowing access again.
But the country's financial advisers seem to have been prepared. Of the advisers and industry professionals Professional Adviser spoke to, nobody had been affected or heard of anybody else in the financial services industry who had been affected by the attack.
Last year, the Financial Conduct Authority said regulated firms, including advisers, needed to be aware that, where a third party delivers services on their behalf, it is considered outsourcing in the regulatory sense.
This meant that, all firms processing or storing data online need manage the operational risks associated with outsourcing by undertaking due-diligence on IT providers before agreeing to work with them.
Interface Financial Planning IFA Alan Moran said his firm had been attacked by ransomware last October, and had since taken steps to avoid another incident.
He said: "It's about putting in as many layers of security as you can and being aware of the possibility [of an attack]. This morning, I've had about half a dozen emails that I've looked at and simply deleted - if it looks suspicious, treat it as such."
Moran said his firm used experts to monitor its systems and a programme called Dropbox Business that was able to store documents indefinitely and mirror data from the business each hour, so in the event of an attack, the programme was able to simply roll back the clock and ensure only a limited amount of work was lost.
Similarly, Lamb and Associates partner Bill Marshall said: "My tech man regularly checks for malware. If he finds anything, he quarantines it.
"As a rule, we don't open attachments to emails that we receive where we don't know the sender. We also back up our system online daily, and we hardback it up once a week as well onto a hard drive. You've got to be diligent."
Meanwhile Chase de Vere certified financial planner Patrick Connolly said his firm had the Cyber Essentials accreditation, an approved accreditation that works alongside a government backed scheme where organisations are assessed for cyber security.
He said: "[Cyber security] is something we're seriously committed to. We've taken every possible step to assure we are protected and we have a well-resourced IT team who deal with all of this."
Half of advisers affected
According to a poll by Intelliflo carried out before the recent ransomware attack, almost half (44%) of financial advisers have had direct experience of cyber attacks, with almost a third (30%) experiencing them in their personal lives, and 14% in their business.
An additional 44% of the 220 respondents knew people who had been victims of attacks. Just 12% of advisers said they, or anyone they knew, had no experience of cyber attacks.
A separate poll by Intelliflo found four out of five (82%) consumers would fire their adviser if it became public that they had been hacked.
Business consultancy The Yardstick Agency said advisers should always check their outsourcing partners were sound.
Founder and director Phil Bray said: "The weekend's events show how important it is that advisers take data security seriously. That means, in the first instance, being confident that any third parties used were client data is potentially at risk, such as your back office and cashflow modelling systems, have robust defences against attack."
Joining London team
Previously at Old Mutual Wealth
Will introduce a cap on cost of care
Inertia has become a key policy mechanism