The cost of financial crime and building resilience – key topics at leading industry conference
26th January 2018
The global cost of cybercrime will reach two trillion dollars by 2019, a threefold increase from 2015 predicts Global Cyber Alliance
After a welcoming address from Giulia Lupato – PIMFA’s Senior Policy Adviser and chair for the day – the 2018 financial crime conference began with an address from Robin Jones, Head of FCA Technology – Resilience & Cyber Specialist Supervision. Robin spoke about cyber resilience, contingency planning, moving cyber security considerations beyond the remit of a company’s IT department to its Board and creating a security culture in firms.
Giving some background, he told the packed out event with over 100 delegates that, over the last 3 years, there have been around 600 ‘significant’ cyberattacks in the UK and that, over the last 3 months, these are currently happening at the rate of around 10 per week. As an example, the netpetcher attack last year took 19 minutes to infect 10,000 connected systems globally, prompting an analogy to a domestic fire – “If you had 90 minutes which items would you save first?”
Whilst there is no ‘one size fits all’ solution to the problem of cybercrime, firms improving their resilience by learning the lessons from recent attacks is critical, as is education and training for staff and Board members alike.
As with most problems in life, prevention is better than cure. Basic cyber hygiene is therefore a first-position tool to help system protection. The FCA, who look after over 56,000 firms in this respect, last year released a joint-authority infographic affectionately known as the ‘ghostbuster guide’ to know who to contact if attacked.
Next up was Paul Hoare, Senior Manager – Protect and Prevent from the National Crime Agency, who began by sharing interesting key facts such as cybercrime is now regarded as a Level 1 threat by the UK Government – with one eighth of UK’s GDP reliant on the web and over 47% of reported crime having a cyber element. He also reported that 92% of cybercrime is enabled through phishing and that 68% of large businesses reported attempted attacks.
As previously highlighted by the FCA speech, Paul emphasised that company training from the ground up is critical for corporate protection. He highlighted this by saying that C-Suite members are usually the ones who are the primary targets of a criminals ‘phishing test’ which can leave firms open to the larger threat of network intrusion.
He finished his speech with the warning that severe cyberattacks can result in firms gong out of business and the incoming GDPR rules in May will further focus minds in this regard.
Next on stage was Terry Wilson from the Global Cyber Alliance, who reiterated the importance of the ‘4 P’s’ – Pursue, Prevent, Protect and Prepare. He made clear that in his view, a major cyberattack on the UK is a case of ‘when’, not an ‘if’, and that many firms are woefully unprepared across all business sectors.
Alongside this he highlighted the myriad of free tools available for firms use from collective international efforts from combined agency work to confront, address, & prevent malicious cyber activity. Once such example is ‘DMARC’ – a quarantine software that has already been mandated for use by the UK Government across all departments – with the US Government shortly following suit.
He ended by asking if the assembled company had taken all reasonable steps in respect of being compliant with the looming introduction of GDPR and by stating that, whilst the UK is reasonably advanced in cyber security, we are behind in respect of sharing our experience and knowledge within the sector, calling for more sharing of best practice and less selfishness.
The day then went on to discuss other key aspect for the financial crime arena such as the Financial Action Task Force on money laundering, upcoming regulations that firms should be preparing for alongside experiences of a ‘skilled person’ related to the undertaking of S166 and also the ten top tips for whistleblowing considerations.
Notes for Editors
About PIMFA – the Personal Investment Management & Financial Advice Association
- PIMFA is the UK’s leading trade association for firms that provide investment management and financial advice to everyone from individuals and families to charities, pension funds, trusts and companies.
- PIMFA represents both full and associate member firms.
Full members provide a range of financial solutions including financial advice, portfolio management, as well as investment and execution services. They assist everyone from individuals and families, to charities and pension funds, all the way to trusts and companies.
Associate members provide professional services to the PIMFA community.
- PIMFA leads the debate on policy and regulatory recommendations to ensure that the UK remains a global centre of excellence in the wealth management, investment advice and financial planning arena. Our mission is to create an optimal operating environment so that its member firms can focus on delivering the best service to clients, providing responsible stewardship for their long-term savings and investments.
- PIMFA was created in June 2017 as the outcome of the merger between the Association of Professional Financial Advisers (APFA) and Wealth Management Association (WMA) – read more.
For further information on this release or other press matters please contact: