SMSF trustees and advisers are highly exposed to the threat of cyberattacks and must stay vigilant, as well as implement cybersecurity risk management practices, SuperAuditors director Shelley Banton has said.
“With average assets per SMSF of $1.1 million, SMSF trustees and their advisers should be on high alert as a target for fraudulent activity,” Banton said.
“Specific areas of concern for SMSFs include forged emails, online identity theft, use of internet banking to transfer funds, advertisements promoting early access to super, offers to ‘take control’ of your super, offers of quick and easy ways to access or unlock super, and unsolicited calls from unlicensed operators.”
Her comments follow the recent release of the Australian Prudential Regulation Authority’s (APRA) “2016 Cyber Security Survey”, which suggested the frequency and potential impact of cybersecurity incidents would only continue to increase.
While the study focused on APRA-regulated entities, the findings could have implications for SMSF trustees and advisers, Banton said.
The survey identified that the superannuation industry respondents reported a higher occurrence of cybersecurity incidents, 75 per cent compared to the average of 51 per cent, that warranted reporting compared to other industries.
A possible explanation was that the super industry was a more attractive target for perpetrators due to higher customer balances.
Banton said an important outcome from the APRA survey was the identification of a set of cybersecurity risk management practices that could have a practical application for SMSFs and their advisers.
The measures include governance, preparedness, scope, strategy and funding, capabilities and resourcing, situational awareness, incident response, assurance and collaboration.
Banton said it was imperative to remember there was no “finish line” for cybersecurity risk, adding APRA recommended constant vigilance and investment were required to ensure cyber-risks continued to be detected, prevented and responded to in a proactive manner.
“For SMSFs, ignoring the risks of cybersecurity may come at a high cost,” she warned.
“SMSF trustees and their advisers should continue to regularly monitor fund bank accounts to ensure the preservation of retirement benefits for their members.
“No one is immune from the risk of hackers and scammers – even the Australian Securities Exchange, currently testing a newly adapted blockchain technology platform, is expected to become a target for hackers.
“They will combat this menace by employing the highest level of security available from government agencies.”
