Guardians
of Wealth
CYBERSECURITY
in Banking, Finance,
and WealthManagemen
The realms of banking, finance, and wealth management are interconnected domains that play vital roles in the functioning of modern economies. Banking serves as the foundational structure for financial transactions, while finance provides the necessary tools for resource allocation and investment. Wealth management, with its emphasis on personalized financial strategies, ensures that individuals can navigate the complexities of managing their assets effectively. Together, these elements not only contribute to individual financial well-being but also enhance overall economic stability and growth, highlighting their indispensable roles in contemporary society.
When we think of heroes, our minds often go to DC Comics’ Justice League, Aquaman, or Marvel’s characters like Spiderman, The Avengers, Black Panther, or the antihero Deadpool. All come to us fully equipped in muscle-padded, tightfitting power suits with superhuman abilities. It’s common knowledge that the Godfathers of superheroes, Batman and Superman, are the benchmark for all other superheroes. They all have one thing in common. Protecting our universe and fighting evil forces.
But that’s for the comic books and blockbuster movies. What about reality? Who’s got our backs on a daily basis? Yes, we have policemen, firemen, EMTs, and doctors. But even these heroes need protection too.
Enter the superhero who is working diligently behind the scenes, undercover, and stealthily safeguarding us from (SFX: deafening screams) CYBER ATTACKS. These are the real heroes in today’s digital age.
Cybersecurity has become a critical aspect of the banking, finance, and wealth management sectors. When financial transactions and sensitive data are predominantly conducted online, the protection of financial institutions and customer data from cyber threats is paramount to maintaining trust and stability within the industry. The regulatory frameworks, technologies, and tools utilized, and the importance of human factors are crucial in ensuring a robust cybersecurity posture. By delving into these key aspects, we can gain a comprehensive understanding of the challenges and strategies involved in safeguarding wealth in the digital realm.
Cyber-attacks in the banking and finance sector have been a persistent threat, with notable incidents serving as cautionary tales for the industry. One such case is the 2016 Bangladesh Bank heist, where hackers attempted to steal nearly $1 billion from the central bank’s account at the Federal Reserve Bank of New York. The perpetrators managed to compromise Bangladesh Bank’s computer network, observe how transfers were done, and were able to gain access to the bank’s credentials for payment transfers. They used these credentials to authorize about three dozen requests to the Federal Reserve Bank of New York. These requests were made to transfer funds to accounts in the Philippines and Sri Lanka.
This incident highlighted vulnerabilities in the global financial system and underscored the importance of secure payment messaging systems. Lessons learned from this and other incidents emphasize the need for continuous monitoring, swift incident response protocols, and enhanced authentication mechanisms to prevent unauthorized access to financial systems.
Smaller companies, such as those that offer bookkeeping, payroll, and small businessaccounting, are also at risk. Sensitive financial information is increasingly targeted by cybercriminals. The accounting industry relies heavily on accurate and secure data management, making it a prime target for hackers. Accounting firms, like CFO ProSolutions in Shreveport, with their wealth of sensitive financial data, are prime targets for cyber-attacks. Phishing, ransomware, and other types of cyber threats can lead to devastating consequences. “We have managed services with an IT company. They manage everything in our network. They require that I carry cyber insurance as well. They have protocols through our e-mails set up that prevent unsafe documents from being opened. Every file is password-protected. We also have a software called Share File. I can send a link to a client to upload their information securely,” owner Missy Fussell said. CFO has had several incidences where criminals have hacked into their client’s emails, assumed their identity, and attempted to steal an identity. “We utilize the internal controls checklist used by CPA’s. We send this 11-page checklist to our clients to ensure a system of checks and balances.” Missy also strives to establish a relationship with her clients. It’s good business and it also helps recognize any red flags.
Accountants play a critical role in safeguarding sensitive financial data. By implementing robust security measures, staying current with industry best practices, and fostering a culture of cybersecurity awareness, accountants can help protect their clients’ informationand maintain trust in their services. It is crucial when creating a cybersecurity plan to implement a checklist of best practices.
- Assess current cybersecurity posture. Conduct a risk assessment, review access controls, and conduct regular updates to stay ahead of the threat.
- Educate clients on the dangers of a cyber attack
- Implement a strong password policy. Use multifactor authentication.
- Secure networks and devices
- Regularly update software and apply patches
- Encrypt sensitive data
- Establish a comprehensive data backup and recovery plan
The role of the cyber security hero for wealth management is even more comprehensive. We sat down with the Lyons Group at Raymond James for an in-depth discussion on how Raymond James is able to maintain “constant vigilance” where our privacy is concerned.
“We have built a massive technology infrastructure that takes an active approach in not only addressing issues but anticipating them,” said Jeff Lyons. “At our Raymond James home office in Saint Petersburg, Florida, we have a ‘war room’ that is the center of our Raymond James security. This room has many monitors and screens that watch over 200 applications and can even detect when systems slow down by even 500 milliseconds.”
Jeff went on to say that 1.5 million fraudulent and phishing emails are blocked in a single day. They can see where the threats are coming 12 SEP 2024 | SBMAG.NET $ from and where they are going in real-time. The Raymond James cyber security team has also partnered with the NSA and other government agencies to protect their clients. Jeff, a certified CFP (Certified Financial Professional – only 5% of the financial advisors in the world are CFPs), is held to an even higher standard when it comes to doing what is best for his clients. As a Wealth Management Professional, it’s his job to stay on top of technology and the security systems that Raymond James has in place.
Jonathan Terry, a Lyons group junior partner, is currently working on his CFP. He provided us with a list of key notes on the Raymond James security protocols. One that stood out was the Business Continuity Management Group (BCM). This dedicated team works closely with the Information Technology department “to employ a standardized framework for building, maintaining, and testing business continuity plans.” The BCM team will help businesses design a plan that allows that business to continue operations should something happen. This includes providing clients with prompt access to their funds and securities.
We may not understand how hackers can kidnap our emails, but it happens every day. Even our text messages are unsafe from these predators. Chelsea Grissom, Senior Registered Client Services Associate with the Lyons Group, said, “I always call a client back to get verbal confirmation of any emailed request for trades or funds transfer, including wire transfers. I will offer to send or receive documents via the ‘client vault’ instead of email. With Artificial Intelligence’s ability to mimic our voices, scams are everywhere. “I encourage our clients to have a Trusted Contact listed in the event of a suspicious phone call,” said Chelsea. This is a person she can call and ask a series of pre-arranged questions that only the client would have the answer to. This is another example of the layer upon layer of security Raymond James and other wealth management teams adhere to.
As technology continues to advance, the future of cybersecurity in banking, finance, and wealth management is marked by both challenges and opportunities. Emerging technologies such as blockchain, quantum cryptography, and biometrics are shaping the landscape of cybersecurity, offering new ways to secure financial transactions and data. However, the adoption of these advanced cybersecurity measures also presents challenges in terms of compatibility, scalability, and cost. Financial institutions must navigate these complexities while also staying ahead of evolving cyber threats such as AI-driven attacks and supply chain vulnerabilities.
The realm of cybersecurity is dynamic and ever evolving, driven by the constant interplay between threat actors and defenders. We’ve just investigated the tip of the iceberg when it comes to the various aspects shaping cybersecurity practices in the financial sector. From the importance of regulatory frameworks and technological tools to the critical role of human factors in maintaining a strong security posture, financial institutions must prioritize cybersecurity as a fundamental aspect of their operations, adapt to changing threats, and collaborate with industry partners to enhance the resilience of the financial ecosystem.
