Even prior to the pandemic, most businesses have become dependent upon a robust IT infrastructure incorporating a variety of front and back office systems to ensure that products/services are readily available and easily accessible for clients, customers and/or partners.
The tech revolution has proved invaluable in establishing new practices, generating additional revenue streams and supporting growth across a host of businesses. On a more negative note, opportunities have also emerged for the less scrupulous element of society to take advantage of any chinks in their tech armour. The frequency and severity of cyber-attacks and data breaches have risen significantly over the past few years and these are no longer recognised as just being IT issues. They have become key business risks and, within the new digitalised world, we all have to be fully aware of such threats and ensure that this topic remains high on everyone’s agenda throughout the mortgage market.
With this in mind, it was good to see the Financial Conduct Authority (FCA) reminding firms of their responsibilities towards cyber security and fraud. In a round-up of its approach to UK mortgage firms, the regulator said that it will “actively monitor” fraud risk and will contact individual firms if it believes it must do so. As well as the worries originally set out in its March 2019 Mortgage Market Study – which saw it discuss barriers to product innovation, procedures for execution-only borrowers and overpayment concerns – the FCA said that it expects firms to be able to spot the signs of fraud in payslips, accountant certificates, tax returns and bank statements.
The watchdog also suggested that firms should be aware of cyber risks, be able to defend themselves against these risks and make the FCA aware of any incidents that result in customer harm. It added that governance and oversight is another area of interest, and cited an example of firms increasing the number of advisers with a “corresponding increase in resources to ensure that adequate systems and controls are maintained”, as one of its expectations.
Given the sensitivity of information which the mortgage market is constantly dealing with, not to mention the large sums of money at stake, we are operating in an environment which – like it or not – is the perfect breeding ground for email fraudsters to try to target. This why we recently partnered with cyber security firm, Beyond Encryption, to use its Mailock secure email solution. This provides a date and time-stamped audit trail, security ‘nudges’ and a full revocation option when an email needs to be recalled.
It seems only right that we, as a business, have the very highest level of security in place when it comes to the communications we issue and those that come back to us. Suffice to say there is a greater expectation on intermediary firms of all shapes and sizes to ensure they are taking their fraud and cyber security issues seriously, and not think that this sits solely in the domain of lenders or larger service providers.
Data protection is a fundamental concern which no business can afford to ignore. Fortunately, it’s easier than ever to work with a range of tools or experts who can help combat these risks and taking decisive action when it comes to cyber security measures. And this additional support will not only help protect your business but also provide that all-important additional layer of reassurance for your clients.
David Jones is director of Click2Check
