Cybersecurity has emerged as a top issue for retirement specialist advisers as more customization is integrated into U.S. retirement plans, according to a recent report from Cerulli Associates.
Of the advisers surveyed, 80% rated data security/cybersecurity as very important, deeming it the single most important factor when evaluating record keepers, according to the report, U.S. Retirement Markets 2019: Looking Toward Holistic Solutions for Participants and Plan Sponsors.
Cybersecurity also represents a growing concern and significant expense for plan providers, particularly record keepers and third-party administrators, the report said. "In a digital age, these firms essentially double as technology companies, with plan sponsors and their consultants/advisers closely scrutinizing security procedures and policies," said Anastasia Krymkowski, associate director, retirement, at Cerulli, in a news release. "It is critical for providers to maintain accurate data representing participants' transactions while safeguarding their assets and confidential information."
More than 90% of record keepers surveyed now offer financial wellness programs that address topics ranging from budgeting and debt management to investing, college planning, Social Security optimization and retirement income, according to the report. As these initiatives evolve to become more comprehensive and personalized, enhancements to existing technology and privacy are critical, the report said.
Improvement to existing technology will enable greater customization, facilitate in-plan retirement income, and streamline the responsibilities of plan sponsors, the report said. Technology has "the potential to standardize recommendations, combat human biases, and at the very least alleviate some of the more time-intensive, computational aspects of portfolio management and financial planning," Ms. Krymkowski said.
The report noted that the evolution of technology in retirement planning and investing has prompted broad industry response, such as the SPARK Institute formulating its Data Security Oversight Board. That board subsequently released a set of best practices for reporting on cybersecurity capabilities in the industry.
Cerulli recommends that providers clearly articulate their procedures for maintaining confidentiality, and combat and correct fraudulent activity — not just to stand out in the request for proposal process, but also to instill confidence in investors, it said in the news release.