ASIC urges cyber security to be ‘top of mind’
ASIC chair Joe Longo has told AFSLs that cyber protection should be “top of mind” for them as they manage their businesses, and flagged the weaknesses demonstrated by RI Advice.
Appearing before the standing committee on economics to discuss ASIC’s FY24 annual report on 25 October, Longo said the regulator had received 600 responses to its Cyber Pulse Survey, including 120 financial advisers.
These covered the management of critical cyber capabilities by firms, including their incident response plans.
Four areas of improvement were flagged including supply chain risk management, data security, consequence management and adoption of cyber security standards.
Longo said firms and directors are all facing challenges, but cyber security should not be neglected.
“Most firms will be victims of some attack and they need to be able to respond to that. I would remind directors that they have to take these issues seriously. They are under legal obligations to manage this risk and put in place systems and processes.”
In the financial advice space, he flagged the case of RI Advice.
The Federal Court found RI Advice had breached its licence obligations to act efficiently and fairly when it failed to have adequate risk management systems to manage its cyber security risks.
A significant number of cyber incidents occurred at authorised representatives of RI Advice between June 2014 and May 2020. In one instance, an unknown malicious agent obtained, through a brute force attack, unauthorised access to an authorised representative’s file server from December 2017 to April 2018 before being detected, resulting in the potential compromise of confidential and sensitive personal information of several thousands of clients and other persons.
He said: “We ran a case a few years ago against an AFSL, RI Advice, where the court found the arrangements in place were deficient. ASIC continues to look at these issues. We have a couple of matters under investigation as we speak.
“The efforts of that business were so poor and disproportionate to the risk they were facing that it was something we needed to take to court.
“We understand directors are grappling with lots of different challenges in running a business, but this is one that should be top of mind.”
AUTHOR
Laura Dew
Recommended for you
ASIC has said it is exploring whether there are concerns regarding Macquarie and Equity Trustees for hosting platforms where investors rolled over their superannuation into the Shield Master Fund.
Superannuation fund Cbus has announced it will offer a financial advice offering for its members and their partners called Advice Essentials Plus.
ASIC’s relief measures enabling advisers to rely on website disclosure information instead of providing a Financial Services Guide has been welcomed by the industry association.
Rhombus Advisory and WT Financial Group are among the AFSLs seeing adviser declines this week, as only three new entrants join the profession.
