Why work with us
Offerings for RIAs
- Technology & Platforms
- Investing & Wealth Management
- Business Solutions & Support
- Contact us
11 tips to keep clients safe from fraud
Bryan Baas, 11/02/2017
Managing Director, Institutional Oversight & Control, TD Ameritrade Institutional
Regulators are focused on how registered investment advisors protect client information as part of their overall fiduciary responsibility.
Cybersecurity risks have prompted the Securities and Exchange Commission (SEC) and state regulators to increase oversight and enforcement of advisor security measures. Regulators are focused on how registered investment advisors protect client information as part of their overall fiduciary responsibility.
Here are 11 ways to help protect your clients while meeting today’s higher regulatory standards:
|1.||Go old school||Since your email system is one of your firm’s most vulnerable access points, the safest way to communicate with clients is on the telephone. If you receive an email request for account information or a funds dispersal, call the client at the phone number you have on record. Don’t just trust your Caller ID—make the call yourself!|
|2.||Establish a verbal password with each client.||Explain that you will not release information or make changes to an account over the phone or without that password. Never use that password in an email.|
|3.||Know your clients’ online habits.||If it’s unusual for a client to email you, simply pick up the phone and call them.|
|4.||Reinforce your firewall.||Make sure the security software on all your computers and mobile devices is updated regularly, including antivirus and antispyware protection.|
|5.||Use encryption software.||Encryption software is commonly used to protect databases, but you should also use it for everything from email to texts. Encryption usually is an “add-on” for most email systems, so you may need to specifically request it from your Internet service provider or your software vendor.|
|6.||Secure your backup files.||Whether you manage your own backups from a secondary location or use a cloud-based vendor, test backups to make sure they are encrypted. If you use a third party, ask for regular reports on the vendor’s testing procedures.|
|7.||Keep track of systems.||Inventory all devices and software that either store or access client data.|
|8.||Have a written firm-wide information security policy.||Define where and how information is stored, which employees are allowed to retrieve data, and protocols designated for regularly testing security. Assign the role of Information Security Officer to someone in the office to oversee and manage these efforts.|
|9.||Conduct regular security assessments.||Cybersecurity audits can help identify potential threats and pinpoint internal vulnerabilities.|
|10.||Be careful outside the office.||Be wary of public Wi-Fi networks, and take advantage of the security features on your smartphone or tablet. Then go to the specialists at your local electronics store to find out what other types of protection you can install.|
|11.||Field potential complaints.||Clients may be frustrated by these added security measures, so be ready to explain why they are in place.|
Content provided is for educational purposes only and is not intended to be advice for any firm.
Call 800-934-6124 and talk to one of our experienced consultants today.
Complete this form
And we'll reach out to start the conversation.
Thank you for your interest. We treat each inquiry with the highest confidentiality. We're getting your question into the right hands and someone will be in touch with you shortly. We look forward to helping you.