Professional Cybersecurity Criminals Elevate the Stakes of Security in Fundraising Services

Avatar for Roger Woolman
By Roger Woolman Investor Services Industry Expert
June 15th 2023 | 3 minute read

Protecting your firm against cyberattack can be a thankless task – a role that consumes valuable resources and adds nothing to the bottom line. It is also one of the most important.

Like painting the Golden Gate Bridge, the cybersecurity job is never done. New threats are emerging all the time. The attacks are relentless and remorseless. And their sophistication is constantly growing.

Gone are the days of disaffected kids hacking into systems for the thrill of it. Today, cybercriminals are professional, motivated, well-resourced organisations that often collaborate together and are able to cause unprecedented damage – especially as the funds sector becomes progressively more data dependent. This is the cybercriminals’ job and they are exceptional at it. Firms that underestimate what they’re up against do so at their peril.

4 reasons cybersecurity excellence pays

For fund administrators, and the firms they service, the stakes are high and getting higher.

  1. Regulatory compliance

Legal obligations such as the General Data Protection Regulation (GDPR) already demand strong cybersecurity practices. Failure to meet the GDPR’s requirements can result in penalties of up to €20 million or 4% of global revenue. And the European Union is now upping the compliance ante with the Digital Operational Resilience Act (DORA), which is set to take effect in January 2025.

Worried that interdependencies between financial entities’, markets’ and market infrastructures’ information and communication technology (ICT) systems create systemic vulnerabilities, DORA introduces a common set of technology risk mitigation standards to ensure all key participants in the financial system can withstand cyberattacks and other risks. Firms with sub-standard operational frameworks can be fined up to 2% of their total annual worldwide turnover. Any security lapses or threat of regulatory action would also cause significant reputational damage.

  1. Fiduciary financial data protection duties

Fund administrators handle vast amounts of sensitive financial information, including end-investor account details, transaction data and asset valuations. Such high-value financial and personal data is gold dust for cybercriminals seeking to steal funds, commit identity theft or extort money from victims. Robust cybersecurity defences are essential in safeguarding clients’ information and preventing damaging data breaches.

  1. Trust and reputation

Trust is at the heart of fund administrators’ operating models. Clients entrust their administrator with monitoring and protecting investors’ assets and account information. Any hack or data leak will undermine that trust, and the confidence users have in the administrator’s services. Loss of trust and credibility can result in debilitating reputational damage and the potential loss of clients, with a concomitant hit to revenues.

Demonstrably robust cybersecurity practices can burnish a fund administrator’s reputation and instil confidence among its clients and prospects.

  1. Operational continuity

Fund administrators rely heavily on technology and digital interactions to perform their day-to-day fund accounting, transfer agency and reporting duties. A ransomware attack or system compromise can cause major disruption to those operations, preventing the administrator from servicing its clients.

Best practice cybersecurity protections such as regular backups, network monitoring and incident response plans help mitigate the disruption risk and ensure operational continuity.

Cybersecurity strategies

The financial services industry is in the crosshairs of the world’s cybercriminals. The financial stakes are high, on both sides, with much to win and lose.

Cybercriminals are constantly probing for opportunities, adapting their tactics to exploit vulnerabilities and gain access to valuable financial data. Fund administrators need to stay vigilant to defend against this barrage of attacks. Which means they cannot compromise on cybersecurity at any time.

Some strategies to help include:

  • Understand the evolving cybersecurity threat to your organisation. Keep informed about the latest tactics, weaknesses that can be exploited, and defences against them.
  • Quick detection makes all the difference, so if you suffer a breach act swiftly.
  • Maintain back-ups to minimise the damage that can be caused by breaches and ransomware attacks.
  • Have insurance in case of a ransomware attack.

And partner with infrastructure providers that continually invest in the latest, most robust cybersecurity protections.

ABOUT DEEP POOL
Deep Pool is the #1 investor servicing and compliance solutions supplier, providing cutting-edge software and consulting services to the world’s leading fund administrators and asset managers. Our flexible solution suite, developed by an experienced team of accountants, business analysts and software engineers, supports offshore and onshore hedge funds, partnerships, private equity vehicles, retail funds and regulated financial firms. Deep Pool is a global organisation with offices in Dublin, Ireland, the United States, the Cayman Islands and Slovakia. For more information, visit: www.deep-pool.com.

Roger Woolman
Roger has over 25 years of experience as a finance & technology exec. He co-founded Deep Pool/HWM Group in 2006 & rejoined in 2021 following his role as Director of Funds & Alternatives at SS&C Advent where he oversaw business development activities for their international fund management business.
Blog
5 Key Tests for Picking the Right Fund Administration System
Technology has become central to fund administrators’ service propositions and a key source of competitive advantage. As investment managers hive off non-core functions in an effort to boost their own competitiveness, partnering with outsourcing providers that can deliver the requisite speed, quality and reliability of service only gets more important. Stringent due diligence examinations to […]
READ MORE
Blog
AI Takes Cyberattacks, and Security, to the Next Level
Artificial intelligence is the Janus of cybersecurity: a dual-faced bringer of war and peace, of beginnings and endings, the opening and shutting of doors, with the power to both help and harm. PwC’s latest CEO survey captured the dilemma. While it found chief executives are increasingly looking to the transformative benefits of generative AI, almost […]
READ MORE
Blog
Cybersecurity Perils of M&A
In this continuing series on cybersecurity with Arnaud Wiehe, author of The Book on Cybersecurity and Emerging Tech, Emerging Threats, we explore the underappreciated cybersecurity risks that can arise any time firms engage in M&A activities. It’s a familiar story for any homebuyer. After intense scouting you find your ideal house. It’s the right size. […]
READ MORE
Blog
Cybersecurity Best Practices: How to be More Proactive in the Fight Against Cyberattack
In cybersecurity, as with medicine, prevention is better than cure. The news headlines are filled with tales of email hacks, phishing scams and ransomware attacks that leave firms scrambling for patches or ways to contain the damage. The fast-moving threat landscape often leaves financial organizations playing catch-up, in a whack-a-mole contest with sophisticated and well-resourced […]
READ MORE
Blog
What Does the EU Artificial Intelligence (AI) Act Mean for Financial Services?
The European Parliament last week approved the world’s first binding law to regulate the use of artificial intelligence (AI), in a move with wide implications for the financial services industry. AI technologies are powering a fast-expanding range of financial market functions, spanning everything from anti-money laundering and cybersecurity activities to customer interactions, tailoring wealth and […]
READ MORE

SIMILAR RESOURCES

Blog
5 Key Tests for Picking the Right Fund Administration System
Technology has become central to fund administrators’ service propositions and a key source of competitive advantage. As investment managers hive off non-core functions in an effort to boost their own competitiveness, partnering with outsourcing providers that can deliver the requisite speed, quality and reliability of service only gets more important. Stringent due diligence examinations to […]
READ MORE
Blog
AI Takes Cyberattacks, and Security, to the Next Level
Artificial intelligence is the Janus of cybersecurity: a dual-faced bringer of war and peace, of beginnings and endings, the opening and shutting of doors, with the power to both help and harm. PwC’s latest CEO survey captured the dilemma. While it found chief executives are increasingly looking to the transformative benefits of generative AI, almost […]
READ MORE
Blog
Cybersecurity Perils of M&A
In this continuing series on cybersecurity with Arnaud Wiehe, author of The Book on Cybersecurity and Emerging Tech, Emerging Threats, we explore the underappreciated cybersecurity risks that can arise any time firms engage in M&A activities. It’s a familiar story for any homebuyer. After intense scouting you find your ideal house. It’s the right size. […]
READ MORE
Blog
Cybersecurity Best Practices: How to be More Proactive in the Fight Against Cyberattack
In cybersecurity, as with medicine, prevention is better than cure. The news headlines are filled with tales of email hacks, phishing scams and ransomware attacks that leave firms scrambling for patches or ways to contain the damage. The fast-moving threat landscape often leaves financial organizations playing catch-up, in a whack-a-mole contest with sophisticated and well-resourced […]
READ MORE
Blog
What Does the EU Artificial Intelligence (AI) Act Mean for Financial Services?
The European Parliament last week approved the world’s first binding law to regulate the use of artificial intelligence (AI), in a move with wide implications for the financial services industry. AI technologies are powering a fast-expanding range of financial market functions, spanning everything from anti-money laundering and cybersecurity activities to customer interactions, tailoring wealth and […]
READ MORE
Blog
Cybersecurity Best Practices from the Man Who Wrote the Book
If cybercriminals can hack the corporate email accounts of Microsoft’s senior leadership team, what could they do to your cybersecurity defences? Cybersecurity was once again the top concern for European banking Chief Risk Officers surveyed by EY and the Institute of International Finance, with 82% ranking cybersecurity risk as the biggest threat to their business […]
READ MORE
Blog
ESG: The Next Growth Area in Fund Administration
The US Securities and Exchange Commission’s decision to pare back its long-awaited climate-risk disclosure rules suggest the blowback against the environmental, social and governance (ESG) movement is gathering strength. The reality is ESG reporting demands are only growing. For many investment managers, the obvious answer is to turn to their fund administrator for help … […]
READ MORE
Blog
Do We Need AI, and Does AI Need Us?
In conversation with The Dark Money Files’ Graham Barrow Are we interceding with artificial intelligence too often and too quickly? asks The Dark Money Files director and anti-money laundering expert Graham Barrow. A week after chip giant Nvidia reported blowout earnings on frenzied customer AI hardware spending and forecast excellent conditions for continued growth, questions […]
READ MORE
Blog
AI in Investment Management: 3 Areas Ripe for Change
How much of a role will artificial intelligence realistically play in the investment management industry? As we discussed in a previous blog, implementing more traditional automation initiatives, to get the foundations right before adding AI complexity and data demands on top, should be firms’ initial priority. But then what? While the potential is seemingly limitless, […]
READ MORE
Blog
Forget AI, Prioritise The Low-Hanging Automation Fruit
If ever there was a case of shiny object syndrome today, then artificial intelligence is it. The release of ChatGPT in November 2022 and subsequent “AI boom” has sparked fevered speculation of where AI can be applied and what it could do for the financial services industry. The latest PwC CEO Survey captures the mood. […]
READ MORE
Blog
UK Banks Feel Pain of Iran Sanctions Evasion Lapses
The Financial Times headline is damaging enough by itself: “Iran used Lloyds and Santander accounts to evade sanctions”. This is exactly the sort of high-profile publicity nightmare financial institutions are desperate to avoid. The reputational risk from such revelations – especially when they’re disseminated by a globally-renowned publication like the Financial Times – can have […]
READ MORE
Blog
ESG at a Crossroads: What Next For 2024 and Beyond?
Environmental, social and governance (ESG) aligned funds were, until recently, a one-way bet for the investment industry. The future looks less assured. ESG has turned into a highly sensitised issue, LSEG Global Head of Research Robert Jenkins noted in a recent article. “The term ESG has become near toxic and arguably weaponized in the U.S.” […]
READ MORE
VIEW ALL RESOURCES
REQUEST A DEMO
© 2021 DEEP POOL Financial Solutions Limited | All Rights Reserved | Privacy Policy
RHD