If you run a family office, the client assets you manage these days carry as much risk as they do reward, says a new study from Boston Private, a wealth management, trust and private banking company.
According to the study, many family offices need to re-examine how they handle various risks, including the threat of cyberattacks, investment trouble and health threats to family members, especially during the Covid crisis.
The study, called “Surveying the Risk and Threat Landscape to Family Offices,” was written by Edward V. Marshall, managing director of Boston Private’s private banking, wealth and trust business.
The research included a survey of more than 200 family office executives. Nearly half of those surveyed (47%) underestimated threat levels or become complacent about risks (41%). Standing in their way, Boston Private said, are limited staff and an emphasis on cost and convenience.
Over a quarter of the respondents (26%) said they have suffered a cyberattack, and in almost two-thirds of those cases, it happened within the last 12 months.
One respondent recounted a recent scam perpetrated on his firm.
“The most serious cyberattack we experienced was when someone posed as one of the principals and asked for a bank transfer to an overseas account,” said one unidentified respondent. “What made it worse was that the principal concerned was traveling at the time and the hacker sent an email from what appeared to be the principal’s account. However, because we employ multiple checks on all payments, we managed to detect the cyberattack and prevent it from succeeding.”
Another respondent described an even more aggressive attempt to exact payment of monies, this time through blackmail.
“We experienced a sophisticated cyberattack from hackers based overseas,” the unidentified respondent said. “They accessed family office data through a server we shared with the operating company, which was also hacked. The hackers wanted us to pay a ransom, or they would release confidential data to cybercriminals. We refused to pay a ransom and stopped the security breach.”
One-third of family offices (29%) said they did not have a business continuity plan in place before the Covid-19 pandemic, and over a quarter (27%) said implementing secure remote working protocols was one of their top risk management challenges.