GDPR to force fund companies to reveal extent of cyber attacks

0
138

Andreas Utermann of Allianz Global Investors is under attack. “I’m being impersonated every day,” said the chief executive of the €513bn fund house. “The CFO and board members get emails asking for money which are designed to look [as if] they’re from me. It happens all the time. We’re wise to it and we have procedures to deal with it but it’s clearly a concern.”

Mr Utermann is one of the many financial services executives who are targeted or whose name is used by cyber criminals.

In this case, crime pays — hackers net more than $600bn a year, says McAfee, the cyber security specialist.

Fund companies, which collectively manage trillions of dollars and hold oceans of data on customers, are logical targets. Now regulators are forcing fund managers to face up to how exposed they are.

The EU-wide General Data Protection Regulation, which came into force on Friday, requires companies to report any breach of personal data to the authorities within 72 hours. Failure to comply could lead to fines of up to €20m or 4 per cent of global turnover, whichever is greater.

“This legislation is game-changing,” said Matthew Martindale, head of investment…

Read More…