Financial advisors will need to rethink their strategies for protecting clients from fraud, according to a new report.
Increased brokerage and retirement account fraud "will require the development and adoption of next-generation fraud mitigation strategies,” according to Jim Johnson, president of payments and wealth, a division of fintech company FIS.
Johnson's warning came in a new
Incidents of brokerage account fraud increased to 10% of all non-credit card fraud last year, up from 7% in 2017, according to the study.
Retirement account fraud also jumped, from just 3% of non-card fraud in 2017 to 9% in 2018.
An increase in protective services such as two-factor encryption and biometric identification forced identity thieves away from the credit and banking industries into financial services, according to the report.
“Given the agility and tenacity demonstrated by fraudsters in 2018, financial institutions should assume that every account type will be under greater pressure going forward,” Johnson said.
Advisors should move away from short message service one-time passwords to access accounts said Jim Johnson, president of payments and wealth at FIS.
Retirement accounts, mortgages and other investment accounts were previously less prominent targets of fraud since they are difficult to monetize. The increasing manipulation and takeover of investment accounts leaves brokerage and retirement planners without the tools, tactics and personnel needed to address the threat, according to the study.
The new security assaults will require strategies such as two-factor identification or biometric validation, matching the security advancements in the banking and credit industries, Johnson said.
Javelin suggests advisors move away from short message service one-time passwords to access accounts, which are prevalent in the investment industry. This security feature is an increasingly surmountable barrier for fraudsters, who are applying what they’ve learned from hacking into credit and banking firms.
Peter Creedon, founder of Crystal Brook Advisors in Mt. Sinai, New York, has had clients become victims of identity theft, family interference, among other issues.
When notified of a client concern or incident, he puts an immediate alert on the affected accounts, and asks the victims to change their passwords. Often, these alerts require victims to call in and pass an enhanced authentication test.
“We’re always looking at increasing security,” Creedon says. “When dealing with other people’s money you have to be security conscious.”
Creedon says it’s essential for firms to have well-documented procedures of how to respond to fraudulent activity, as well as training for employees who handle sensitive information, above and beyond mandatory compliance guidelines. “In this day and age, everyone has to be concerned about cyber security.”
The brokerage industry is likely to follow credit companies in implementing enhanced encryption and authentication technologies, Creedon says.
Increased security will have limited affect in protecting retirement accounts, says Jon Ten Haagen of Ten Haagen Financial Group in Huntington, New York. The people who are generally targeted successfully are elderly, who may fall victim to primitive phishing scams, like phony calls purportedly from the IRS.
“Old people are lonely, and want to talk to anyone who calls, and may get wrapped up [in a scam] without knowing it,” he says.
Ten Haagen regularly forwards articles to clients about fraud, reminding them to remain diligent. He encourages his clients to call him whenever they are unsure about a request for sensitive information, and offers to “explain what’s wrong with this picture.”
However, Ten Haagen has observed that new manipulative techniques arise everyday, targeting investment accounts. Why? “What are the two biggest assets people have? Their retirement accounts and homes — that’s where the money is.”