Registered investment adviser (RIA) regulators at the state and federal level continue to make information and cyber security a regulatory focus area. However, compliance issues aside, RIA firms need to continue to establish the proper policies and procedures to help prevent cyber security related-issues as such issues pose an enormous business risk to all investment advisory firms. In particular, an RIA firm improperly sending a wire to an unauthorized third party posing as a client continues to pose a growing threat.
To address the growing threat of unauthorized wire transfers, we created a checklist that outlines some steps an RIA firm can take to reduce the risk of wire fraud. A few items addressed in the checklist include:
- Establishing policies and procedures that directly address the risk of wire fraud as part of the firm’s broader compliance policies and procedures.
- Educating and training staff and clients on how to identify and reduce the risk of identity fraud.
- Always verbally confirming all client wire requests.
- Establishing a “secret word” with each individual client to confirm a wire request.