In April 2016, 11.5 million documents were leaked from the database of the Panamanian law firm Mossack Fonseca. The Panama Papers, as the ignominious leak came to be known, was not the only such incident. The Paradise Papers offered more information, including details of Queen Elizabeth’s private estate, as did the Pandora Papers.
Each of these highlights the power of individuals to divulge confidential information. In the case of the Panama Papers, one source, styling themselves as “John Doe,” contacted a German newspaper, offered to hand over the data, and the deed was done.
The takeaway: Even if an organization rigorously protects against hackers, a data leak from the inside remains possible.
Family offices of all types and sizes and institutions that serve them are particularly vulnerable to inside jobs. Their clients are often high-profile and there may be media appetite for their data. So when partnering with technology providers, it’s natural for family offices and institutions that serve them to think: Our vendor might protect client data from external parties, but what about the vendor itself?
At Masttro, we think that’s a valid—and smart—worry. The solution is to select a WealthTech platform that takes the most stringent precautions, including controls like these:
- Automated data transfer. With some WealthTech solutions, data is automatically transmitted from the financial institution to the secure platform without intervention or interference from the vendor. This means the data visibility, quality, and control are not compromised by vendor screen scraping or manipulation.
- Audited data management where necessary. In cases where automated data transfer is impossible, the best WealthTech platforms provide users with an alternative data management and workflow functionality that has audit controls, thereby obviating the need for the technology vendor to see names, locations, figures, and documents.
- Double encryption. To store and transmit information securely, some WealthTech vendors encrypt the data at transit, at rest, and in use. A second layer of protection for each individual client is added through multi-factor authentication (MFA) and private encryption keys that prevent others, including the vendor, from seeing their clients’ data.
- Centralized storage. When documents are encrypted and stored in a centralized location like a digital vault, there are no hard copies and email attachments floating about at risk of being leaked.
Many family offices have already embraced technology solutions. Others are more hesitant, held back by gnawing security concerns. At Masttro, we believe that aside from the improvements in efficiency that WealthTech brings—and those are many—digital processes also afford a level of security that manual processes could never provide. That’s especially the case with WealthTech platforms that protect client data not only from malevolent actors—but from themselves.