A Strategia team of Iain Pickard and Tim Watts presented to a forum run by the Chartered Institute of Securities and Investments (CISI) to 120 Heads of Compliance at asset managers – ranging from large institutional investors to Hedge Funds – on the rapidly emerging cyber threat to the industry. Tim is a former British Army Signal Officer in Chief and keeps close links with the UK Govt agencies – so knows his subject.
The digitisation of the industry is key to its future success, but is exposing new vulnerabilities at the same time – block chain security was one issue that came up. As we always do at Strategia, we emphasised the need for an integrated approach; it’s too important to be left to the ‘techies’ alone! An effective response needs to be many layered – starting, above all, with a good governance, risk management and a controls regime that is ‘owned’ at Board level – and with Compliance providing the critical ‘second line of defence’. To do this, however, the Compliance monitoring plan needs to be ‘risk based’ – to ensure the issue is getting the required attention in line with its assessed importance compared with other risks. Also that the Compliance team has got access to the skills needed – either internally or externally – including access to independent expert advice – including ‘red teaming’.
We had excellent feedback from the audience – they particularly liked the ‘14 questions for a Board member’ slide – and all were clear that it was a threat that needed to be taken very seriously indeed, especially with GDPR coming over the horizon.