Last week we met with a client to discuss security when setting up and running a family office (FO). Family offices are dedicated solutions for managing family wealth. It is a vehicle that supports the family in managing their affairs and strategy. By nature, FOs are discreet, often with reduced public profiles.
The number of family offices in the UK is difficult to determine. However, according to estimates, there are between 1,000-1,500. The number has increased recently as more wealthy families seek to establish family offices to manage assets and provide services to meet financial, investment, and personal needs. Criminals have become aware of what FOs are and how they operate, making them an attractive target for criminals.
Below is a selection of key points that should be considered and mitigated when setting up a family office.
- Cyber attack: 26% of family offices have experienced a cyberattack. Many FOs are classed as small/med enterprises. However, the value of their assets would fit a large org; therefore, they will need security at the forefront of their thinking.
- Physical security: FOs should ensure their premises are secure and that access controls are in place to prevent unauthorised access. With how we work in the modern world, this is not just the office but the residential property or home office.
- Cyber-enabled physical threats: stemming from increasingly interconnected devices (intelligent homes, vehicles, etc.) and from working remotely. Know where your data is and how it’s stored/accessed. Once you know this, you can formulate a plan to control/secure access.
- Insider threat: fraud perpetuated by ‘trusted insiders’. Family offices are not immune to this threat and must take measures to prevent and mitigate the risk. From processes/procedures to monitoring where data is stored and who can access it
- Electronic eavesdropping: needs to be considered, especially when handling sensitive info. Eavesdropping involves using covert devices/software to intercept/record conversations or data transmissions. The risk can be anywhere private conversations occur – at home, the office, or all forms of transport.
- Kidnap/ransom: although rare in the UK, family office members often travel extensively with their families and can become a target. Raising awareness of the risks of KRE and what to look for can be vital in lowering the risk.
- Exploit social media: from stalking and stealing personal images/info for blackmail/extortion purposes. Be aware of what you post. What seems innocent may be used against you.
- Reputation: can be damaged by various factors, including public scandals, negative media, and ethical lapses. Rehearse such scenarios so you can minimise the damage if an incident occurs.
Overall, family offices must remain vigilant/adaptable to evolving risks and take measures to protect their assets and reputation.
