While attending the recent NIBA conference, we learned about new rules affecting our industry. Brokers will no longer be able to email client documents to their customers, clearing relationships, or service providers without being highly aware of their duty to protect client information from would-be hackers. This is big adjustment for the industry. Just as we adapt to the fluctuating Chicago seasons, in time, we will learn to adjust to these new rules as well.
At Midland, we provide administrative and custodial services for futures accounts for individuals that are using IRA money to invest in these products. As the administrator, we require documents to setup and fund these investments: account statements, FCM paperwork, CTA disclosures, letter of direction, and so on, depending on the nature of the product. For the past many years, documents have been sent primarily by email, fax, and regular mail.
In the digital age, no one is immune to cyber fraud, and the NFA is headed in the right direction by asking us to evaluate how we relay information and communicate with our customers. Every day, we hear about another successful cyber attack where consumer information has yet again been stolen. Retail giants like Sony, JP Morgan Chase, and Experian are feeling the pain of cyber-attacks against even the most sophisticated lines of defense. In all of these cases, unencrypted emails were used as a way to gain access to personal client information.
In the wake of these breaches, we are continuously looking at ways to improve the security of our clients’ personal information. One method we currently offer is the ability for clients and their authorized parties to upload documents within their online access. By utilizing this delivery method, the documents are far less exposed to the dangers of less reliable and less secure methods, such as your standard email server. Additionally, for professionals without login access to Midland’s online system, we expect to have a solution available by December 2015 where third parties may securely upload sensitive documents directly through our website.
Moving forward, it is important for us to continually evaluate our security practices and not get too comfortable. The reality is, most companies are going to have a security breach, but that by continuously monitoring and improving our security, over time, we hope to reduce our risk of fraud. As a client, it is important that you ask the service providers you are working with pointed questions about the security of your personal information. Any company that is serious about protecting your personal and financial information will openly communicate about their lines of defense against cyber threats.