Industry insiders say asset managers must be more wary of manufacturers and transparency
Advisors are more scared of cybersecurity risks than they were a year ago, according to a new KPMG study.
Its Canadian Asset Management Industry Opportunities and Risks Report highlighted the leap in concern around data breaches and cyber threats. Cybersecurity wasn’t in the top-five risks for advisors last year but was the second biggest organizational concern (45%) and the number one perceived risk to the industry as a whole (55%) in 2018. Seventy-eight per cent of asset managers said they are planning to install cybersecurity systems.
James Loewen, asset management sector leader for Canada and co-author of the report, said it was clear that sentiment within the industry had changed.
He said: “It was always top of mind internally for people in their own organisations but when they looked across the industry they didn’t necessarily see it as a top industry risk and that’s definitely changed now.
“That might have been because of the regulators and the focus there but I think people are just more worried generally.”
The leading organizational risk was the increasing complexity and cost of compliance (58%) while fee pressure came in third (40%). However, report co-author Peter Hayes, national director, Canadian alternative investments practice, said that while all are key to earning clients’ trust and loyalty, there is a growing realization that a cybersecurity attack could be game-ending for an advisor and his or her firm.
He said: “As people have dug into the risk more deeply and realised just how damaging an incident can be, I think they are appreciating the severity of it. Years ago, when the regulators weren’t as focused on it, people’s initial response was, we’re going to buy insurance. Then it was ok, we need to have governance polices and procedure.
“Now, as everyone has evolved and started digging into it deeper, they have realised how critical it is and they are more scared of it then they were before.”
He added: “I think an advisor should definitely understand the manufacturers they are dealing with, and what processes they have in place to deal with cyberattacks – preventative, detective and so on. I would really want to understand that if I was an advisor.”
Joseph Micallef, co-author and national tax leader, financial services, said a recent personal experience when hackers breached the Air Canada portal and he had his credit card information stolen, was a real wake-up call.
“If that’s any indication as to why it could be a game-changer or something that puts people at unease or hurts a reputation, then I totally understand why.”
He added that advisors should be assessing transparency when it comes to manufacturers and the products they use. He said: “There’s still so much that people are unfortunately not able to deal with from cyber risks and ‘breachability’ of their system no matter how state-of-the-art and on top of it they are.
“What’s more important is how transparent it is and what remediation and safeguards they are trying to do to deal with those type of breaches. The criminals, unfortunately, are already one step ahead.”