Issue 3 March 2015
WMA JOURNAL In this issue
Financial Crime Technology The EU Managing Change
1
Financial Crime Conference 2015 The Wealth Management Association held its annual Financial Crime Conference on Wednesday 28th January at the Willis Building. Over 70 delegates from more than 50 member and associate member firms registered to attend the conference, to hear financial crime updates and information from key parts of the industry. As a response to the current, and increasing, global concerns about cybercrime and cyber security, a number of talks focused on this area in relation to the wealth management industry.
Donald Toon, from the National Crime Agency (NCA), set out the Economic Crime Command’s priorities for 2015-16; these included a focus on money laundering, in particular ensuring international perceptions of the UK being a safe place to do business. He also highlighted that the NCA endeavours to gain a deep understanding of the way individual companies operate and a desire to build and strengthen relationships between the Agency and Wealth Management industry, utilising WMA as a key hub.
The 2015 WMA Financial Crime Conference was divided into two parts: a discussion of legal and regulatory concerns in the area of financial crime, and an overview of cybercrime and cyber security.
Key messages from the morning session include: • The FCA expects senior management engagement in the prevention of financial crime within wealth management firms • A relationship between the NCA and the WMA has been instigated, to further the Agency’s knowledge of the industry
Legal and Regulatory Concerns James London from the FCA gave an insight into the regulator’s expectations of the industry in 2015 and emphasised that combatting financial crime has been a key part of the FCA’s work over its two year history. Of particular importance, although London recognised improvements, is that the FCA expect to see senior management engagement and responsibility in this area, setting a “tone from the top”. He also warned that derisking is an area of focus, emphasising the FCA position: “Who firms do business with is ultimately a commercial decision; but we are clear that risk avoidance does not constitute adequate risk management.” In a presentation from law firm Herbert Smith Freehills, Susannah Cogman and Karen Anderson delivered an insightful update on key European financial crime regulation, coinciding with European Data Protection Day 2015. Delegates were able to gain extremely up-todate information on the 4th Money Laundering Directive, Market Abuse and General Data Protection Regulation.
2
@WMA_UK
Cybercrime and Cyber Security Focusing on cybercrime and cyber security, Jeremy Smith from Zurich and John Collier from Willis emphasised the significance of the issue stating that cybercrime costs the world economy hundreds of billions of dollars a year, with 61% of breaches being data breaches, which is of particular importance to WMA member firms. They also provided food for thought on risk factors that firms should be considering, and which should be covered under firms’ indemnity cover. Mark Johnson, from the Risk Management Group, gave a fascinating insight into the range of forms of cybercrime and cyber attacks, recommending the GCHQ 10 step model to enhance the cyber security of firms. Johnson also mentioned that social media is one of the biggest risk areas in terms of cybercrime in
today’s society, stating that firms need to have robust policies on areas such as social media – even extending to the security settings on employee social media profiles where there is any mention of the company, as well as providing information on steps individuals should take to lower the risk of being a target of cybercrime. The significance of cybercrime was further highlighted by Mathew Martindale from KPMG, who stated that cyber-attacks have been recently declared one of the top ten global economic risks at the World Economic Forum. Martindale suggested that firms should adopt a risk-based approach to protect themselves from cybercrime, and not rely solely on FCA guidance.
Key messages from the cybercrime sessions include: • Fascinating, but shocking, statistics and facts about the level of cybercrime and its impact • The numerous steps that both firms and individuals can take to protect themselves as much as possible from becoming victims of cybercrime
Cybercrime Quick Facts: The cost of cybercrime to the global economy is greater than the drugs trade. 10% of people worldwide have had their details breached (~800mn people). At least 2.5% of Facebook profiles are malicious fakes. For fi ms, in order to understand the cyber threats that they face, they should ask themselves three vital questions:
Firms should also consider the following “10 steps to cyber maturity”: 1. 2. 3. 4. 5. 6. 7. 8. 9. 10.
Home and mobile networking Removable media controls Network security Managing user privileges Malware protection Incident management Secure configuration User education and awareness Monitoring Information risk management regime
Important steps for individuals to take, to protect themselves and the firm they work for from cybercrime activity, include:
1. Ensuring social media profiles are as secure and private as possible 2. Being aware of blackmail and data theft via social media and other cyber networks The WMA Financial Crime Conference was an extremely successful event; engaging speakers discussing a range of topics and issues ensured that attendees rated it 4 out of 5 (5 being excellent) in terms of the overall day.
Following the conference, the WMA will be putting together an information document on cybercrime to help our member firms better deal with this significant and growing issue, and we will also be pursuing a relationship with the NCA. Member Firms are able to view the presentation slides of the various speakers on the WMA website. EMMA BIRD, PR & COMMUNICATIONS ASSISTANT, WMA
1. What are we trying to protect? 2. Who would target us and why? 3. What will this mean and how will it impact our business? 3