Cyber threats include privacy breaches
Australian financial services licensees (AFSLs) and digital advice licensees should be aware that cyber security threats or incidents could encompass privacy breaches as per new legislation tabled to introduce mandatory data breach reporting.
Such was the warning from law firm, Holley Nethercote, which referred to the Privacy Amendment (Notifiable Data Breaches) Bill 2016 and ‘Regulatory Guide 255: Providing digital financial product advice to retail clients' released by the corporate regulator to warn licensees they should implement a cyber resilience program that would be linked with their privacy policies.
The law firm's partner, Paul Derham, said: "All I'm saying is the law around privacy is gaining momentum and what licensees need to realise is when they have a cyber security incident, that triggers a possible privacy incident and a possible contravention of Australian Privacy Principle 11, which is the obligation to keep information secure".
In addition, Derham, and commercial and financial services lawyer, Matthew Twomey, said RG255 was the first regulatory guide that highlighted that the threat of cyber security went beyond just digital advice providers.
The Australian Securities and Investments Commission (ASIC) provided industry specific guidance but emphasised that it applied across the board to all licensees as everyone used software, platforms, and servers in their businesses, they said.
"ASIC is pinning that back to what we call the 10 commandments in section 912A of the Corporations Act, one of them being having the obligation on a licensee to have adequate risk management systems, and adequate IT resources is another obligation," Derham said.
These stipulated obligations, combined with the magnitude of cyber security issues facing AFSLs and digital advice licensees, indicated that ASIC was justifiably escalating its focus in this area, he said.
AUTHOR
Malavika Santhebennur
Recommended for you
Sequoia Financial Group has declined by five financial advisers in the past week, four of whom have opened up a new AFSL, according to Wealth Data.
Insignia Financial chief executive Scott Hartley has detailed whether the firm will be selecting an exclusive bidder for the second phase of due diligence as it awaits revised bids from three private equity players.
Insignia Financial has reported a statutory net loss after tax of $17 million in its first half results, although the firm has noted cost optimisation means this is an improvement from a $50 million loss last year.
With alternative funds being described as “impossible” for fund managers to target towards advisers without the support of BDMs for education, Money Management explores the evolving nature of the distribution role.
