How brokers can protect their clients’ privacy

The aggregator has flagged that the Office of the Australian Information Commissioner (OAIC) has welcomed reforms aimed to strengthen the country’s privacy framework.

In an example provided by Connective, the aggregator has advised brokers to be cautious to not share client sensitive personal information with lenders when discussing scenarios.

“Without a signed privacy declaration, lenders should not receive personal identifying information,” Connective stated.

“When ordering valuations, valuers should only receive the information necessary to complete their valuations. Lenders are reporting privacy incidents to aggregators when valuers receive documents such as client identification or other personal identifying information.”

Additionally, the aggregator stated brokers must provide explanations when in possession of personal identifying information of individuals not directly involved with the loan transaction, which includes instances where more than one individual initially inquired about a loan, but proceed with only one party.

This came off the heels of Connective observing that brokers and their clients have become increasingly targeted by cyber criminals after the slew of high-profile data breaches in Australia last year.

According to the aggregator, there had been a 50 per cent increase in cyber criminal attempts on brokers and clients.

Commenting at the time, Connective group counsel Daniel Oh urged brokers to be on high alert and “look beyond protecting data and systems to mitigate cyber threats”.

Mr Oh stated: “Threat actors pose a significant risk in our industry due to the highly sensitive data we capture, hold, and send on a regular basis. Even the smallest cyber security incident can have devastating impacts on both the business and clients.”

Speaking to The Adviser on protecting client privacy, founder and broker of Success Financial Solutions, Sarcha Sagisaka, said the biggest threat to client privacy at the moment is hackers.

“Even the smallest broker as a one-man band now needs an IT company to put safeguards in place,” Ms Sagisaka said.

“Fortunately, a number of IT companies have risen to the challenge to meet this need with fit for purpose and budget-friendly products.

“Staff training is a must, and also keeping email inboxes cleared. Email is generally the weakest link, I have been told.”

She added that brokers should “be mindful of instances where consent to share information is withdrawn”.

“I have also had an increase in financial separations of late and in some instances, one party doesn’t want the other knowing their new financial situation,” she said.

[RELATED: 50% increase in cyber criminal attempts on brokers: Connective]