Edit Content

Log in here for full access to all our great content

 

Please log in below with your username (which is your email address), using all lower-case letters.

 

Forgotten your password?
No problem, simply tell us you have forgotten your password to receive instructions instantly via email.

Having problems logging in?
If you are a current member but are unable to login, please first make sure you are using all lower-case letters for your username/email address. If you still have difficulties, please contact us via email at info@a-m-i.org.uk so we can rectify your problem.

Not a member?
Learn more about the benefits of becoming a member or apply online and we will be in touch.

In this digital age it can feel like there is not only an individual pressure to keep up to date with tech but to also commercially stay ahead of the game with a fear of losing out to competitors.  But the increased reliance on technology has its downsides.  Cyber attacks continue to increase in quantity and their sophistication.  Action Fraud reported that the number of social media and email hacking offences had increased by 48% over the last year.  And the FCA has said there’s been an 18% increase in firms reporting incidents in the last 12 months.  While it might be assumed that cyber crime is carried out only by those with technical expertise, the National Cyber Security Centre reported that pre-packaged malware is being sold on the dark web for as little as £7.  It is therefore accessible to anyone who wants to attack a firm to steal data and/or money.  It is not surprising that financial services is particularly attractive to criminals, including those who might want exact revenge on a company for bad service or a disgruntled employee simply engineering a denial of service attack.

I return to the subject of cyber security due to its continued focus, most recently shown in ombudsman decisions, FCA enforcement action and government investigations.  In October the FCA fined Tesco Bank £16.4m for its failure to exercise due skill, care and diligence in protecting customers against a 2016 cyber attack.  Last month the Treasury Select Committee launched an inquiry into IT failures in the financial services sector.

Government and regulators are expecting firms, regardless of size and sector, to prioritise cyber and data security.  The FCA recently spoke about how firms should understand not only their own recovery plans but also those of outsourced third parties.  Firms should therefore be continually reviewing their strategies and making sure that they engage with staff at all levels, from directors to trainee advisers.  The conundrum for firms is how to compete in an ever more “tech” based world with a regulator more firmly focused on the need for firms to evidence the steps they are taking to ensure operational resilience.

Aileen Lees
Head of Policy

December 2018

X

Forgot Password?

Join Us