Cybercrime most rampant in financial services industry

Nearly half of reported cases of cybercrime are within the financial services industry, new research from PricewaterhouseCoopers reveals.

More than half of New Zealand organisations are still unprepared for cybercrime incidents, according to PwC’s 2016 Global Economic Crime Survey released today.

And worryingly for advisers, about 48% of reported cybercrime cases occur in the financial services industry. 

The survey found that 55% of New Zealand organisations either don’t have an incident response plan for cybercrime or have one but it’s not yet operational, even though 40% actually expect to experience cybercrime at some point over the next two years. 

The Professional Advisers Association (PAA) CEO Rod Severn told NZ Adviser he is surprised that the figure isn’t higher for those without a response plan in place. 

He says advisers in particular may think they are not in the danger zone because their business wouldn’t be an appealing target for cyberattacks as they are small and the big banks, insurance companies and government would be more at risk.













Source: 2016 PricewaterhouseCoopers New Zealand

“But this is so wrong,” says Severn. “The average adviser is a goldmine for a cyberattack because of the information they have on peoples’ wealth, on tax and bank account numbers, on their health - because when they are sitting in front of a client filling out application forms, all that information is sitting on a laptop.”

There are also risks beyond financial loss with the report stating the true cost of fraud is long-lasting damage totreputation, employee morale and external relationships.

This especially applies to advisers who rely on establishing trust with their clients to grow their business.

“Advisers spend a lot of time developing trust with their client base,” says Severn. “It only takes one issue to lose that data and their trust is shot.”

He urges advisers to approach their local IT expert to find out what type of products are available that would suit their business best against cyberattacks.

“While business confidence is high, fraud is an unfortunate downside for businesses and corporate detection methods are not keeping pace”, says PwC Forensic Services Partner Eric Lucas. 



























Source: 2016 PricewaterhouseCoopers New Zealand

“This points to a potentially worrying trend. Eighteen per cent of all economic crimes detected in New Zealand were by accident and there is too much being left to chance. Today more than ever before, a passive approach to economic crime is a recipe for disaster.”

Lucas told NZ Adviser advisers need to seek IT security advice and find out what critical data needs to be protected most, where possible attacks could come from and what to do if one does happen. 

“I think it may be the pace of change,” Lucas says of the high percentage of organisations without a response plan to cyberattacks. 

“If you think back a few years, people used to have their system and it used to be quite self-contained.” 

This contrasts with today where information is stored in the Cloud, sensitive data is interchanged electronically and staff access websites day-to-day.

“We’re probably quicker to move with the positive side of digitization of businesses and opportunities – it’s like making your car go faster but we’re not fixing the brakes.”