InvestmentsSep 19 2018

Nucleus boss blasts adviser attitudes to cyber security

twitter-iconfacebook-iconlinkedin-iconmail-iconprint-icon
Search supported by
Nucleus boss blasts adviser attitudes to cyber security

The biggest risk faced by platforms trying to avoid being hacked comes from the inadequate processes of some advisers, according to David Ferguson, chief executive of Nucleus.

Speaking at the Altus event 'Giving your platform wings' in London this morning (19 September) Mr Ferguson said all fraud activity he has come across so far has started with advisers.

Mr Ferguson said: "Since we started Nucleus, there have been four fraud attempts, and all of them came as a result of the adviser’s email being hacked. The adviser was taking instructions from clients via email, and I don’t think advisers should ever accept instructions via email.

"Advisers need to realise that the biggest wide open door for hackers is through them, through the advisers.

"Because of the way platforms developed, they tend to be quite institutionally minded in a way that some of the smaller IFAs cannot be, and that is what advisers need to bear in mind." 

Nucleus floated on the London Stock Exchange in July with a value of £150m.

Giving a business update, Mr Ferguson said he does not expect to hire more people in any area of his business in the near future except in product development.

He said his business has won some new clients from platforms such as Aviva and Aegon in light of those platforms' recent replatforming issues.

Paul Stocks, financial services director at Dobson and Hodge in Doncaster, said: "We would not simply act on email instructions without a verbal confirmation or discussion at the very least.

"Depending on the work we may seek client confirmation in writing but, for example, [with] a client seeking a withdrawal urgently we’d chat, form our advice and would act on emailed confirmation of our advice as required."

However, he added: "Things like change of address, change of bank details etc would not be actioned solely on email given the obvious security and fraud risk."

david.thorpe@ft.com