Many hedge funds and other alternative investment firms are ill-prepared to protect their investors from identity theft. This was the conclusion after a year-long analysis by Richard Fleischman & Associates (RFA), which provides outsourced technology and IT services to more than 400 alternative asset firms.
The analysis was based on a review of more than two dozen RFA Due Diligence Assessments that identified compliance vulnerabilities and business process deficiencies for alternative asset firms. The analysis found several areas of concern, including little creation and enforcement of IT policy and code of conduct, workstations that weren’t password-protected to preserve the confidentiality of client information, and a lack of business continuity planning in case of a disaster.
Don Previti, director of business development at RFA, commenting on the report in an e-mail message, “You wouldn’t give your Social Security number to someone on the street, but that’s in essence exactly what you are doing if the investment firm you do business with does not perform employee background checks or take proper precautions for protection of investor information.”
Previti said his firm’s risk assessment would help prevent, among other things, pilfering of confidential information by obvious sources, like a disgruntled employee or unvetted vendor, but sources that were frequently missed by investment firms.
“Investment firms don’t realize that most security threats come from within the firm, not from the outside. The risk assessment we perform clearly outlines these vulnerabilities and deficiencies but, more importantly, it becomes a baseline where known risks can be tracked and closed.”
To read more about protecting your wealth management clients and their children, please read Andy McElwee in the archives of WealthManagerWeb.com here.
To read more about the role of identity theft in RIA compliance from the archives of InvestmentAdisor.com, please click here.
To read about protecting against individual identity theft, please click here for a story from the archives of The New York Times.