Protecting client data from identity fraud and cyber crime


Keeping client data safe from hackers, verifying identification, whether to use password managers and the risks of using public Wi-Fi are among the cyber security topics that financial advisers should be mindful of.

Jason Brown, Head of Platforms Distribution, BT

Here are five key themes that can help small and large practices protect important information.

1. Train advice teams to be vigilant about risks, especially fraudulent activity

Advice practices should conduct a regular review of their risks and controls, and keep up to date with cyber trends. The Australian Cyber Security Centre's Exercise in a Box is a handy reference and includes tutorials and simulation exercises.

Fraudulent activities online come in varying levels of complexity, and can include phishing emails and texts, as well as hacking of websites and the publication of fake websites that replicate banking and payment sites.

Training advice staff on IT security and fraud awareness is strongly recommended by BT. Simulations on phishing can help advice teams become familiar with what to look out for, such as whether an email that appears to be from a client is in fact from a slightly different email address, vs

2. Have robust processes in place for checking identification documents

The Commonwealth Attorney-General's Department estimates that identity crime costs Australia upwards of $1.6 billion per year, with the majority lost by individuals through credit card fraud, identity theft and scams.

In the superannuation sector, identity fraud is the most common type of fraud, according to AUSTRAC.

Even if only a small amount of personal information is obtained, for example, from stolen mail such as a superannuation fund statement, perpetrators often use 'open source' information to piece together other information such as date of birth and contact details. Social media is often targeted by criminals for this additional data, so they can impersonate their victim and access accounts.

When verifying clients' identification, advisers should ensure they are capturing accurate customer details - for example, their name should match the ID document exactly, including middle names.

Red flags include multiple changes to a client's profile within a short period. Advisers should watch out for irregularities in ID documents such as different fonts and font sizes, spelling errors, and borders or lines where there should be none.

Photos should also be checked diligently; for example, ensure that the photo in the ID document lines up correctly and does not look out of place.

3. Use biometrics to log into apps on your mobile and other devices

BT's cyber experts encourage the use of biometrics across all devices, where available, especially mobile phones. On the BT Panorama mobile app, advisers and clients can log in by using face ID or fingerprint verification or a passcode.

Two-factor authentication (2FA) is another measure implemented by businesses to increase security. 2FA requires users to provide two factors, such as biometrics plus a password.

BT Panorama requires 2FA for important steps such as to register to use the platform, use the forgotten password process view, update personal details, add billers, link bank accounts and pay anyone.

In addition, adviser notifications, behavioural pattern analysis and robust bank-grade security measures help to protect advisers and their clients, and BT continues to focus and invest in this space.

Advisers may also wish to consider talking to customers about cyber security and keeping their systems or devices protected. It may help to explain that biometrics and/or 2FA can keep their account and identity more secure, compared to using a password alone.

4. Do not postpone system security updates

Advisers are encouraged to keep security programs up-to-date. Every time new malware or a trojan is discovered, security firms put out a patch that users need to download and install. It's incumbent upon users to update their programs.

5. Avoid connecting to public Wi-Fi, but if you must use a VPN

BT's experts warn that using public Wi-Fi is a cyber security breach waiting to happen. Using a Virtual Private Network (VPN) while on a public Wi-Fi connection allows you to access the internet through a private network, so that your browsing is protected and that nobody can see what you're doing.

6. A password manager is not a panacea

Password managers are targets for hackers, and a few have suffered from data breaches in recent years. It's best to remember your passwords - one way to do this is by writing down clues. In regard to the password itself, don't share it, don't write it down, and don't capture it anywhere in your system.

Take the next steps

  • Explore BT Panorama
    Increase efficiency and client value with online consent, our award winning mobile app and more.

It’s a quiet week for domestic data this week, providing a moment of calm before the March quarter inflation report is dropped next week. This release has the potential to cause some disruption in markets as the inflation print will likely be the deciding factor in the Reserve Bank’s (RBA) May policy decision. Markets are currently pricing little chance of another hike in May, meaning an upside surprise to inflation could prompt some outsized moves in market pricing.
The Hon Dr Jim Chalmers MP, Treasurer has handed down the new 2023-24 Federal Budget. BT Technical Services team have analysed the budget announcements and have produced briefing documents outlining the major changes impacting financial advisers and their clients.
The Australian labour market has consistently been one of the standout performers in the economy through this cycle. This strength continued in March, as 53k people were added to the labour force in the month. Strong labour demand has been met by a surge in labour supply, as migration has rocketed to its highest levels on record. But what about the future labour market outlook? And what will the RBA make of this strength?


This document has been created by Westpac Financial Services Limited (ABN 20 000 241 127, AFSL 233716). It provides an overview or summary only and it should not be considered a comprehensive statement on any matter or relied upon as such. This information has been prepared without taking account of your objectives, financial situation or needs. Because of this, you should, before acting on this information, consider its appropriateness, having regard to your objectives, financial situation and needs. Projections given above are predicative in character. Whilst every effort has been taken to ensure that the assumptions on which the projections are based are reasonable, the projections may be based on incorrect assumptions or may not consider known or unknown risks and uncertainties. The results ultimately achieved may differ materially from these projections. This document may contain material provided by third parties derived from sources believed to be accurate at its issue date. While such material is published with necessary permission, Westpac Financial Services Limited does not accept any responsibility for the accuracy or completeness of or endorses any such material. Except where contrary to law, Westpac Financial Services Limited intends by this notice to exclude liability for this material. Information current as at 10 December 2021. © Westpac Financial Services Limited 2021.