Ian McKenna: Protecting clients from ‘Friday afternoon fraud’

Friday afternoon fraud” is an increasingly worrying development for all professional firms. Hardly a week goes by without a news story emerging of a solicitor, hedge fund or some other organisation that has suffered major fraud in this way. Losses are regularly being reported amounting to hundreds of thousands, if not millions, of pounds.

For anyone who has not come across this very worrying phenomenon, let me explain. Though there are many variations on the theme, such frauds typically take place when a professional firm requests funds from a client.

Take this example: a solicitor is seeking requested funds for completion of a house purchase by email, indicating the amount needed and the account to which it should be transferred. Almost instantly the client receives a further email saying there was an error in the previous one and requests the funds be transferred to another account.

The second email originates from an email address that is virtually identical to the original. But the second email and bank account are operated by fraudsters, and because the individual has sent the money themselves, banks invariably deny liability under the online banking guarantee.

In the financial advice arena the obvious parallel is requests from clients for withdrawals from platforms and other investment products. It is hard to believe no financial adviser, investment management company or life office has yet to suffer such a loss. It is probably just a case that so far none have been made public.

To put this into context, True Potential recently told me it has prevented three attempts at this type of fraud in just the last few weeks. In each instance it received an email purporting to be from one of its clients seeking to give instructions to withdraw significant funds.

Standard practice within True Potential Wealth Management now is that any online instructions from clients must be received via its secure client app, which is provided to all its customers as part of its service.

Equally, any withdrawal instruction from advisers must also come from within True Potential’s secure systems. Enforcing these requirements identified the transactions were indeed attempts at fraud.

It is quite normal now for adviser software suppliers to provide some form of client portal with a secure communications capability. Ideally, these are best delivered as dedicated mobile apps or fully responsive websites. For example, similar secure services  are also included in Intelliflo’s new Personal Finance Portal within the standard system cost.

For those advisers whose software suppliers are not yet able to offer such capability, another option worth considering is the BeSecureMail.com platform. Offered by Webline founder Paul Holland, it is designed to provide secure communication between advisers and their clients as well as platforms and life companies.

Many advisers have been reluctant to encourage clients to communicate with them using mobile apps. At the same time, concerns about online security are a major anxiety for all consumers. It is almost impossible to pick up a newspaper today without finding a horror story on the subject. Consumers are losing eye-watering amounts of money and finding they have no protection against fraud as they initiated the transaction.

In this context, offering secure communication mechanisms to protect clients’ money is something most would welcome and, in practice, they would be likely to applaud advisers taking steps to protect their money in such ways.

With so many software providers now offering this option within their standard pricing it makes sense for all advisers to use it with all clients.

Ian McKenna is director of Finance & Technology Research Centre