Is Your Financial Adviser Risking Your Cyber Security? – National Seniors

Is your financial adviser risking your cyber security? – National Seniors

National Seniors Members earn a rate of 2.70% p.a. interest on a 12-month term.
Financial advisors are entrusted with a lot of our personal and sensitive information. Are they doing enough to protect it from cyber-attack?
Sign up for the Connect newsletter
Australian financial services are on notice to do more to protect client information and confidentiality against surging cyber-attacks.

It comes after an Australian financial advising firm was found to have failed to risk manage increasing cybersecurity attacks, exposing thousands of clients confidential and sensitive personal information.

The decision by the Federal Court is an Australian first. The court found financial advice firm, RI Advice, breached its license obligations to act efficiently and fairly in managing cybersecurity risks.

The cyber incidents occurred between June 2014 and May 2020 and included an unknown malicious agent obtaining, through a “brute force attack”, unauthorised access to an authorised representative’s file server before being detected.
“These cyber-attacks were significant events that allowed third parties to gain unauthorised access to sensitive personal information,” says Australian Securities and Investment Commission (ASIC) Deputy Chair, Sarah Court.

ASIC is warning the sector of a “heightened cyber-threat environment” and is urging financial agencies, including financial advisers, to have adequate cybersecurity systems in place to protect against unauthorised access.

The Court ordered RI Advice to engage a cybersecurity expert to identify and implement further measures, as necessary, to adequately manage cybersecurity risks across the firm’s authorised representative network.

When handing down judgement, Justice Rofe made it clear that cybersecurity should be front of mind for all licensees, stating, “Cybersecurity risk forms a significant risk connected with the conduct of the business and provision of financial services. It is not possible to reduce cybersecurity risk to zero, but it is possible to materially reduce cybersecurity risk through adequate cybersecurity documentation and controls to an acceptable level.”

Justice Rofe further stated that the declarations ordered in the matter should serve to record the Court’s disapproval of the conduct and should deter other Australian Financial Services licensees from engaging in similar conduct.
RI Advice has been ordered to pay $750,000 towards ASIC’s costs.

Source: ASIC

For more articles like this, subscribe to our free Connect newsletter
With National Seniors, you're voice is valued. Discover how we campaign for change on your behalf.
Learn more
Copyright © 2022 National Seniors Australia. Website by
National Seniors Australia acknowledges Traditional Owners of Country throughout Australia and recognises the continuing connection to lands, waters and communities. We pay our respects to Elders both past and present.


Leave a Comment

Leave a Reply

Your email address will not be published.

Four Essential Cybersecurity Services Every SMB Should Know – Spiceworks News and Insights

Instagram Fined $405M for Child Privacy Violations – TechGenix

The Health Resources and Services Administration Should Improve Its Oversight of the Cybersecurity of the Organ Procurement and Transplantation Network – Office of Inspector General

How AI and cybersecurity complement each other – Help Net Security