Protecting clients against rising cyber risks
With cybercriminals increasingly targeting the finance sector, Australian lenders and brokers are stepping up. Here’s how the industry is adopting innovative tactics to protect client information and uphold trust
More
WHEN IT it comes to cybersecurity, the Australian mortgage and finance sectors are facing unprecedented challenges. Earlier this year, the Australian Signals Directorate’s 2022–23 report saw one cybercrime reported every six minutes – a stark reminder to businesses to not underestimate the risk of cyberattacks. With most lenders now fully embracing digital platforms, sensitive financial information is a prime target for cybercriminals.
MPA spoke with the MFAA and Specialist Finance Group (SFG) to explore key cybersecurity threats, how industry leaders are responding and what brokers and finance professionals can do to safeguard both their businesses and clients.
continuously adapt its practices. According to Thomas, MFAA members are increasingly embracing strategies like the Australian Signals Directorate’s ‘Essential Eight’ to help mitigate risks. This involves utilising eight key mitigation strategies, including multi-factor authentication, regular backups and restriction of administrative privileges.
“Brokers want to understand how they can protect their business and clients from these threats, and what they [can] do in the event of a cyber incident,” Thomas says.
“To reduce their risks, brokers are increasingly reviewing what client data they collect, store and retain and ensuring they only keep what is necessary. It’s also about the basics – ensuring the use of multi-factor authentication, awareness of phishing and training their staff.”
Lockett emphasises the importance of keeping clients informed, advising brokers to “share best practices like verifying email authenticity, using strong passwords and enabling multi-factor authentication”. Transparent communication about security protocols and best practices not only helps protect clients but also fosters a sense of shared responsibility and trust.
As financial institutions are prime targets for cybercriminals, brokers should also scrutinise their third-party partners and platforms. Thomas recommends “conducting thorough due diligence”, which includes “reviewing their cybersecurity policies, data protection measures and compliance with industry standards” like the Essential Eight.
Smaller brokers may face challenges in implementing the same standards due to limited resources, but there are still affordable options out there. Thomas encourages smaller brokers to “implement
of ransomware attacks targeted backup repositories
APAC cyberattacks in numbers, 2024
According to Lockett, SFG members are also adopting enhanced security protocols, including multi-factor authentication and encryption, as well as conducting regular audits and penetration testing. He notes that regular, updated training is vital, as many attacks use social engineering tactics that an unaware employee might not easily recognise.
"Human error is often a significant factor in cyber incidents,” Lockett says. “Regular training on best practices can reduce its likelihood. Finance brokers should provide regular cybersecurity training for staff, focusing on recognising phishing emails, suspicious links and attachments. They should implement role-playing exercises to simulate real attacks.”
become a key issue for the finance and mortgage sector. Customers want reassurance that their personal and financial information is being safeguarded effectively. For mortgage brokers, this means not only implementing robust cybersecurity measures but also communicating these efforts transparently.
“Brokers should proactively discuss how seriously they take the protection of personal data and information with their clients,” says Thomas, noting that these discussions also provide brokers with the opportunity to highlight measures like “multi-factor authentication and data retention” policies.
The Mortgage & Finance Association of Australia (MFAA) is the peak professional body for finance and mortgage brokers across the country. The MFAA plays a crucial role in shaping the sector's landscape through advocacy, education and support for the association's members. Established in 1980, the MFAA has grown to represent over 14,500 members. The organisation contributes significantly to a competitive and healthy mortgage and finance industry. Through its operations, the MFAA aims to elevate the broking profession, foster innovation and ensure positive financial outcomes for Australians. This reflects its deep-rooted history and ongoing mission to empower its members and consumers alike.
Find out more
Specialist Finance Group is an Australian family-owned aggregator that has served Australian finance brokers for more than 30 years. SFG is Australia’s premium aggregator that provides next-generation systems, unparalleled support and a value proposition that empowers brokers through a strategic partnership that drives success. SFG has built a solid reputation for professional advice. The group operates from its headquarters in Perth and has offices in Sydney, Melbourne and Queensland.
Find out more
affordable measures such as multi-factor authentication, software patching and having in place clear communications and processes for your clients”. Similarly, Lockett suggests that smaller firms “use affordable security tools like encryption, multi-factor authentication, [while] regularly updating software, training staff on security practices and outsourcing to cybersecurity experts when needed”.
“Brokers are increasingly reviewing what client data they collect, store and retain and ensuring they only keep what is necessary. It’s also about the basics – ensuring the use of multi-factor authentication, awareness of phishing, etc.”
Evan Thomas,
MFAA
In Partnership with
As the mortgage and finance sectors embrace new technologies, cybersecurity will continue to be a focal point. With vigilant efforts by industry bodies and brokers alike, the sector can strive to stay ahead of cyber threats while maintaining client trust.
“Finance brokers must prioritise cybersecurity to protect their clients and maintain trust in their services,” Lockett concludes.
Thomas adds: “We encourage brokers to follow the guidance and processes provided by their aggregators, attend PD events and webinars that specifically cover cybersecurity to increase your knowledge, and engage with other brokers in their network to share insights and key learnings.”
“A lack of in-house cybersecurity expertise leaves firms more vulnerable to attacks. It’s essential for companies today to keep their staff fully trained and aware of cybersecurity risk”
Will Lockett,
SFG
managing director at SFG, both stress the increasing threat posed by cybercriminals targeting the finance industry.
Thomas notes that the most significant cybersecurity threats the sector faces today include data breaches, phishing attacks and ransomware. These attacks have become particularly common due to the high-value data handled by brokers.
Industry experts
Darren McLeod
Beyond Bank
Fernando Lemos
Bank Australia
Industry experts
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Tellus in penatibus condimentum malesuada ante vulputate nisi, arcu leo. Amet urna sapien purus vestibulum fermentum a. Cursus metus massa donec sed varius. Nunc enim sit morbi lacus, molestie et nunc. Nullam sed facilisi id malesuada. Ante purus velit, quam scelerisque ultrices scelerisque donec.
Velit egestas vel ornare pellentesque ridiculus. Mauris tempor augue quis mattis suspendisse feugiat commodo posuere. Faucibus massa adipiscing nullam elit, ac vel accumsan. Phasellus eget ac dignissim fermentum ac placerat elit, metus. Nulla porttitor ante egestas molestie quis quam. Pharetra magna sit mauris tellus gravida rutrum libero sit. Justo orci cras euismod proin massa lorem ut. In non tellus phasellus faucibus ullamcorper nullam odio dui et.
Bank Australia
Fernando Lemos
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Tellus in penatibus condimentum malesuada ante vulputate nisi, arcu leo. Amet urna sapien purus vestibulum fermentum a. Cursus metus massa donec sed varius. Nunc enim sit morbi lacus, molestie et nunc. Nullam sed facilisi id malesuada. Ante purus velit, quam scelerisque ultrices scelerisque donec.
Velit egestas vel ornare pellentesque ridiculus. Mauris tempor augue quis mattis suspendisse feugiat commodo posuere. Faucibus massa adipiscing nullam elit, ac vel accumsan. Phasellus eget ac dignissim fermentum ac placerat elit, metus. Nulla porttitor ante egestas molestie quis quam. Pharetra magna sit mauris tellus gravida rutrum libero sit. Justo orci cras euismod proin massa lorem ut. In non tellus phasellus faucibus ullamcorper nullam odio dui et.
Beyond Bank
Darren McLeod
Darren McLeod
Beyond Bank
Fernando Lemos
Bank Australia
Industry experts
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Tellus in penatibus condimentum malesuada ante vulputate nisi, arcu leo. Amet urna sapien purus vestibulum fermentum a. Cursus metus massa donec sed varius. Nunc enim sit morbi lacus, molestie et nunc. Nullam sed facilisi id malesuada. Ante purus velit, quam scelerisque ultrices scelerisque donec.
Velit egestas vel ornare pellentesque ridiculus. Mauris tempor augue quis mattis suspendisse feugiat commodo posuere. Faucibus massa adipiscing nullam elit, ac vel accumsan. Phasellus eget ac dignissim fermentum ac placerat elit, metus. Nulla porttitor ante egestas molestie quis quam. Pharetra magna sit mauris tellus gravida rutrum libero sit. Justo orci cras euismod proin massa lorem ut. In non tellus phasellus faucibus ullamcorper nullam odio dui et.
Bank Australia
Fernando Lemos
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Tellus in penatibus condimentum malesuada ante vulputate nisi, arcu leo. Amet urna sapien purus vestibulum fermentum a. Cursus metus massa donec sed varius. Nunc enim sit morbi lacus, molestie et nunc. Nullam sed facilisi id malesuada. Ante purus velit, quam scelerisque ultrices scelerisque donec.
Velit egestas vel ornare pellentesque ridiculus. Mauris tempor augue quis mattis suspendisse feugiat commodo posuere. Faucibus massa adipiscing nullam elit, ac vel accumsan. Phasellus eget ac dignissim fermentum ac placerat elit, metus. Nulla porttitor ante egestas molestie quis quam. Pharetra magna sit mauris tellus gravida rutrum libero sit. Justo orci cras euismod proin massa lorem ut. In non tellus phasellus faucibus ullamcorper nullam odio dui et.
Beyond Bank
Darren McLeod
Share
Share
Cybersecurity: Staying one step ahead
Share
Evan Thomas
MFAA
Will Lockett
Specialist Finance Group
Will Lockett joined Specialist Finance Group (SFG) as managing director in 2002 and has played an instrumental role in the group’s leadership, growth and development. Lockett takes a relationship-based approach to doing business, ensuring that trust and communication are at the forefront of all SFG’s dealings with its members and business partners.
Specialist Finance Group
Will Lockett
Evan Thomas joined the Mortgage & Finance Association of Australia as chief operating officer in 2015 and has been integral to driving industry reforms and member engagement through a challenging period for the mortgage and financial broking industry. He has over 30 years’ experience in corporate services, including business development, sales, operations and information technology.
MFAA
Evan Thomas
Maintaining trust in a digital era
Published 18 Nov 2024
96%
were able to recover data without paying a ransom
16%
of organisations that paid a ransom were still unable to recover their data
29%
Source: 2024 Ransomware Trends Report
of Australians have had their data compromised via attacks on major companies
38%
Source: NAB
The threat landscape in Australia
of consumers have experienced a cybersecurity event
63%
have experienced more than one event
44%
Evan Thomas, chief operating officer at the MFAA, and Will Lockett,
“Brokers are extremely busy managing their clients’ needs and securing loans, but it’s critical to stay vigilant about the growing cyber threats by maintaining awareness and implementing basic controls to protect both their business and client data,” Thomas explains.
Lockett highlights other risks that brokers should be aware of, such as the vulnerabilities of third-party service providers and the mismanagement of cloud-based platforms and security. Both can expose your entire ecosystem to attacks, and staying on top of this requires strong security measures, compliance and ongoing training.
“Part of the issue lies in a skills gap,” Lockett adds. “A lack of in-house cybersecurity expertise leaves firms more vulnerable to attacks. It’s essential for companies today to keep their staff fully trained and aware of cybersecurity risk.”
Rising threats in the financial sector
With threats constantly evolving, the finance industry has to
A unified industry response
Both the MFAA and SFG are committed to supporting brokers with resources and education to navigate these cybersecurity challenges. The MFAA currently offers a free ‘Cyber Wardens’ online training program to equip brokers with the knowledge and skills to defend against cyber threats.
“The online program educates brokers and their teams about cyber threats, helping them to protect their business against cyber threats and to recover from a cyberattack,” says Thomas.
Similarly, SFG provides its members with access to secure platforms, regular updates on emerging cybersecurity risks and best practice guidelines. “SFG supports our SFG members by providing cybersecurity training, best practice guidelines and access to secure platforms. We also offer tools like data encryption and multi-factor authentication, and regular updates on emerging threats to help brokers stay protected,” explains Lockett.
Companies
People
Newsletter
About us
Authors
Privacy Policy
Conditions of Use
Terms & Conditions
Contact Us
Sitemap
RSS
Copyright © 1996-2024 KM Business Information Australia Pty Ltd.
Resources
TV
News
Specialty
Best in Mortgage
Mortgage Industry
US
CA
AU
NZ
UK
In the wake of several high-profile attacks across industries, trust has
Companies
People
Newsletter
About us
Authors
Privacy Policy
Conditions of Use
Terms & Conditions
Contact Us
Sitemap
RSS
Copyright © 1996-2024 KM Business Information Australia Pty Ltd.
News
MORTGAGE INDUSTRY
BEST IN MORTGAGE
SPECIALTY
TV
Resources
US
CA
AU
NZ
UK
Companies
People
Newsletter
About us
Authors
Privacy Policy
Conditions of Use
Terms & Conditions
Contact Us
Sitemap
RSS
Copyright © 1996-2024 KM Business Information Australia Pty Ltd.
News
MORTGAGE INDUSTRY
BEST IN MORTGAGE
SPECIALTY
TV
Resources
US
CA
AU
NZ
UK