Maintaining a wealthy family’s desire for discretion and a private life is a key responsibility of a family office, one that has become tougher to carry out in an increasingly digital world.
On Thursday, Citi Private Bank released a white paper that focuses on threats to ultra-high-net-worth families’ privacy, and explains how they and their family offices can identify, manage and diminish those risks.
A study late last year showed that 28% of international families, family offices and family businesses had been targets of cyberattacks.
“Without a global standard for privacy protection in a progressively digital world, it is becoming increasingly complex for our clients to safeguard the privacy of wealthy families,” the white paper’s author Edward Marshall, director of Citi Private Bank’s global family office group, said in a statement.
“Many times, our clients’ daily activities can make them vulnerable to privacy breaches. We aim to provide family offices with simple but meaningful precautionary measures to address these risks and avoid reputational impacts,”
Why the focus on privacy? The paper lays out several reasons, including a family’s “fundamental right intrinsically linked to personal autonomy and dignity” that requires no justification.
Beyond that is the inherent link between privacy and a family’s reputation, which requires protection of private truths as well as a defense against falsehoods.
In addition, loss of privacy can lead to loss of freedom of expression, whereby some family members would feel constrained in what they shared about themselves. And — no surprise — many families want to keep private certain things that could embarrass or shame them if made public.
The paper notes that at a time when huge amounts of personal and business information can be hacked and sold, wealthy families and their family offices are potentially exposed to identify theft, fraud and safety risks.
The paper lays out a three-step framework–Audit, Assess, Action–family offices can take to protect families’ privacy.
The first step is to conduct a privacy audit of a family’s potential risk areas, mapping every person, asset and activity connected with the family. The family office can then identify private information that could be made public, and the way which that could happen.
Next, the family office should evaluate the likelihood of a family’s privacy being breached. A potential threat involves these considerations:
- How close the family or family office is to the potential risk
- The potential risks of a particular family member or family office employee involved in the threat, given his or her track record and history
- How sensitive the threat topic is and the general societal mood and wider context
Such an assessment, regularly updated, enables the family office to identify where families may be vulnerable, which in turn will allow it to take a more nuanced approach that may also be less intrusive and more cost effective.
Acting on the results of the assessment is the final step. This often involves simple measures, such as pre-emptive briefings with family office staff and the use of nondisclosure agreements. Other privacy risks will require more robust interventions.
— Related on ThinkAdvisor: