The regulator says many advisers underestimate the risk of data loss and fraud to their businesses and the impact it could have on consumers.
The warning follows its review of data security at 39 firms, including banks, building societies, insurance companies and advisers.
In an interview with Money Marketing, director of financial crime and intelligence Philip Robinson says adviser firms need to assess the risks in their businesses and implement procedural changes to combat them.
He says advisers should ensure that all hardcopy data is locked in a secure place, that access to computer data is limited and protected and that laptop computers are encrypted.
He says: “This is not a technological issue, it is a cultural issue and does not require big, complicated security systems. These are not expensive things to implement.”
Robinson says many small firms rely too much on compliance consultants to meet their regulatory obligations.
He says: “Many compliance consultants do not understand the importance of data security within firms and at the end of the day it is the firm’s responsibility to ensure that it has adequate systems and controls in place.”
Robinson says data security is a key priority for the FSA and it will visit a random sample of 200 firms to assess their security systems and ensure adequate measures are in place.
He says: “The FSA will publish a factsheet specifically for senior management at small adviser firms to help them understand their data security responsibilities.”