Close Close
Popular Financial Topics Discover relevant content from across the suite of ALM legal publications From the Industry More content from ThinkAdvisor and select sponsors Investment Advisor Issue Gallery Read digital editions of Investment Advisor Magazine Tax Facts Get clear, current, and reliable answers to pressing tax questions
Luminaries Awards

Practice Management > Building Your Business

Alternative Asset Firms Lack Protections From Identity Theft, Analysis Finds

Your article was successfully shared with the contacts you provided.

Many hedge funds and other alternative investment firms are ill-prepared to protect their investors from identity theft. This was the conclusion after a year-long analysis by Richard Fleischman & Associates (RFA), which provides outsourced technology and IT services to more than 400 alternative asset firms.

The analysis was based on a review of more than two dozen RFA Due Diligence Assessments that identified compliance vulnerabilities and business process deficiencies for alternative asset firms. The analysis found several areas of concern, including little creation and enforcement of IT policy and code of conduct, workstations that weren’t password-protected to preserve the confidentiality of client information, and a lack of business continuity planning in case of a disaster.

Don Previti, director of business development at RFA, commenting on the report in an e-mail message, “You wouldn’t give your Social Security number to someone on the street, but that’s in essence exactly what you are doing if the investment firm you do business with does not perform employee background checks or take proper precautions for protection of investor information.”

Previti said his firm’s risk assessment would help prevent, among other things, pilfering of confidential information by obvious sources, like a disgruntled employee or unvetted vendor, but sources that were frequently missed by investment firms.

“Investment firms don’t realize that most security threats come from within the firm, not from the outside. The risk assessment we perform clearly outlines these vulnerabilities and deficiencies but, more importantly, it becomes a baseline where known risks can be tracked and closed.”

To read more about protecting your wealth management clients and their children, please read Andy McElwee in the archives of here.

To read more about the role of identity theft in RIA compliance from the archives of, please click here.

To read about protecting against individual identity theft, please click here for a story from the archives of The New York Times.


© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.