IFAs unprepared for mandatory breach reporting

Financial advisers must make compliance with incoming mandatory data breach reporting laws their top priority for 2018, according to cyber security firm Kamino.

In a statement, Kamino and Midwinter managing director Julian Plummer cautioned that many advisers, particularly IFAs, have not taken appropriate action ahead of the introduction of the new laws in February 2018.

After the introduction of the laws, Mr Plummer said, advisers will be required to report every eligible data breach to both the Office of the Australian Information Commissioner and affected clients.

“This means that if at any point you experience a data breach – you will automatically be increasing the risk of loss of confidence in your business from a client’s point of view, as you are now obliged to tell them directly when and if a breach occurs,” Mr Plummer said.


“This is a result of increased digitisation into financial planning. Securing your data will secure your business.”

Mr Plummer said advisers should start taking steps to make sure they understand their legal responsibilities, and ensure all staff are aware of and comply with IT policies and procedures, and added that it “may be a good time” to review cyber insurance policies.

partner features

“Cyber insurance offsets many of the costs of potential IT breaches, however we recommend doing adequate due diligence as one size does not fit all,” he said.

IFAs unprepared for mandatory breach reporting
ifa logo

Subscribe to the ifa bulletin

Receive daily online news,analysis, reports and business strategies
By signing up you agree to our Terms of Use and Privacy Policy

Website Notifications

Get notifications in real time and stay up to date with content that matters to you.