Legal and regulatory news update for the life and health insurance sector

27 Aug 2020 – FMA announced the appointment of Paul Gregory to the newly created role of Director of Investment Management.

27 Aug 2020 - RBNZ have issued advice to the financial services sector from the National Cyber Security Centre regarding recent cyber attacks that appear to be aimed at the financial services sector. The most high profile example has been the NZX experience. However, other companies may expect to be attacked.

Fidelity Life appoints new head of adviser distribution

Todd Allan has been appointed as the Head of Adviser Distribution. This promotion comes after the departure of Craig Winterburn, who was the General Manager Distribution. In his new role Todd will be focused on supporting advisers.

“A key focus for Allan and his team of business managers and business account managers will be supporting advisers through a period of change.

“The new financial advice regime, conduct and culture changes and, more recently, Covid-19 are all having an impact on our business, our distribution partners and the broader industry.” Click here to read more

In other news:

Adviser stops scam: Saves client $60,000 - and excellent example of a vulnerable client saved by good process

FSC webinar: Get In Shape Session 5: Hear directly from the Government and regulatory leaders delivering FSLAA

FSC webinar: FSC Connect - Insights from Journalists and the Media

FSC webinar: Get In Shape Session 6: An opportunity to redesign your advice process

Cyber Smart Week

Look we found a post about Cyber Smart Week that relates to insurance: AIA's Chief Technology Officer Shane Ohlin has put together this article showing the top 5 tips for being cyber smart. Of course, we all use technology and cloud services and this applies to all of us anyway. In an interesting social trend, 


Here are some other good resources:

  • CertNZ have this cyber security quiz you can take to check out how good your cyber security habits are, and then it provides tips to improve your online safety
  • The Economist has this piece on why so many people fall for financial scams
  • The FMA has this piece on cold-callers with share scams - just to ensure that you don't fall for the idea that all scams are online



Business Owners’ Increased Use of Technology Creates New Gateways for Cyber-Criminals

As digital regeneration of business gathers pace, cyber attack risks increase.

'Connected technologies like artificial intelligence, drones, robotics or wearable sensors have the potential to be game-changers. But business owners beware, connected technologies also increase the chances of a cyber attack because they give cyber-criminals new access points if not properly protected. Research shows that 91 percent of business owners use one of these technologies, but 48 percent are unconcerned they will increase the likelihood of a cyber-attack.'

Click here to read more. Once upon a time business premises in the real-world had to be significantly hardened due to the presence of cash in almost every shop, office, and factory. Today, that risk has shifted away (excepting high cash shops, and certain types of activity like bars) towards scams, phishing, ransomware, and more.

Boiler Rooms and Other Scams

The FMA has been warning consumers about boiler room scams, a worthy task. Apparently there has been a big increase in the number of complaints - and I guess that the number that actually complain is much smaller than the number that have been ripped off.

These scammers, confidence tricksters, or common thieves, will call you - at home, on your mobile, or contact you by email. They range from the laughably amateur, to the scarily slick. Get across it, read up a bit, have a chat to your family (including teenage kids, anyone that might actually answer the phone) and get hard: just hang up. They may call back. Hang up again!

Meanwhile, watch this guy, who gets high quality entertainment out of scams.  


Be careful! Recent phishing attacks in New Zealand

With a brief pause for thanks and a nod to fortune I have to say that we are pretty careful in our office. So when one of the team received an email that has been made to look like it was from me, but asked for details of how much money was at hand, and whether an urgent transfer could be made today, they immediately suspected it was a con. It was brought to my attention and will feature as a good example - we like to catch people doing things right, and celebrate them - in our next team meeting. It is also a reminder that even small businesses need good processes: the way our financial management is set up this kind of attack could not be successful, it did not rely solely on a human identifying the problem - we have systems. Systems can operate even with people being absent-minded, away, or replaced with an inexperienced person. 

Cyber Insurance - You Probably Need It

There has been an incredible increase in cyber attacks in New Zealand. An inflection point has passed with more than 100 businesses per week suffering the encryption - ransom attack. I hope that more effective counter measures can be develop and in the meantime suggest that you practice good general security, and read this: link

Five High Consequence Crime and Security Trends for 2016

Craig Richardson, CEO of Wynyard Group wrote this article on LinkedIn 'Five High Consequence Crime and Security Trends for 2016'. Richardson wrote a similar article in January of 2015 and uses this article to reflect on is assumption. 

Here are his list of high consequence crime mega-trends for 2016 (in more detail here):

  1. Decline of traditional crime in developed countries
  2. Growth of trans-national and serious organised crime
  3. Globalisation of new generation extremism
  4. Rise and proliferation cyber warfare
  5. The path to fifth generation warfare will be defined and exploited

It is easy to see these trends in action. Take a look in your spam email folder and you will see dozens, if not hundreds, of attempted frauds and scam attempts. Every few weeks we have one of those idiots phone our landline and offer "Windows Support". I have never reported to the Police a single attempt, yet if someone had broken a window in my home and run off when the alarm was tripped I would have done so. I therefore believe that only a fraction cyber crime (attempts) are actually reported, and many minor scams will go unreported too. 

But what about your business? The IT manager of a mid-sized adviser business said that they were subjected to an attack on their servers recently. It was amateurish and easily repulsed, but it is real. These attempts will get more sophisticated. We need to keep working on this issue across the industry. The banks and insurers that invest a lot more in security than smaller advice businesses in their value-chain could be sharing more information to help advisers make their systems more robust. 

Hat tip, Mark Solomon on LinkedIn for the article. 

Cyber Crime Costs and Financial Advice

According to the UK's Money Advice Service (MAS): 

UK consumers have lost more than one working day dealing with the fallout from online crime and nearly £134 per person, according to Norton Cybersecurity.

Here in New Zealand there is some dispute as to the number, this source reckons about $288 million a year, and this source says it is more like $463 million to $625 million. A rough average means that on a per adult basis we are experiencing similar levels of cyber crime to the UK. That makes sense, house-breaking is rarely international, but cyber crime is routinely international. 

But what really surprised me was what MAS had to say next

Despite this, 42% of us that have had our security compromised haven’t taken the time to change our account passwords afterwards.

Wow... so perhaps one of the most valuable things a financial planner can do for a client is probably really simple: to get them to change their passwords on all financial accounts accessed online. Insist they make them strong and unique, using an approach like this one