HOW WILL CYBER THREATS AFFECT THE FINANCIAL ADVICE INDUSTRY

DISCLAIMER This presentation is for adviser, dealer group and institution use only and must not be made available to any client. This presentation is given by a representative of Colonial First State Investments Limited AFS Licence 232468, ABN 98 002 348 352 (Colonial First State). Colonial First State Investments Limited ABN 98 002 348 352, AFS Licence 232468 (Colonial First State) is the issuer of super, pension and investment products. This is general advice only. It is not legal advice. It does not take into account any person’s individual objectives, financial situation or needs. This presentation is based on Colonial First State’s understanding, current regulatory requirements and laws as at July 2017. You should read the relevant Product Disclosure Statement (PDS) before making any recommendations. Clients should read the PDS before making an investment decision and consider talking to a financial adviser. FirstChoice PDSs can be obtained from colonialfirststate.com.au or by calling 13 13 36 and FirstWrap PDSs are available from colonialfirststate.com.au or by calling 1300 769 619. While all care has been taken in the preparation of this document (using sources believed to be reliable and accurate), to the maximum extent permitted by law, no person including Colonial First State or any member of the Commonwealth Bank Group of companies, accepts responsibility for any loss suffered by any person arising from reliance on this information. This presentation cannot be used or copied in whole or part without our express written consent. © Colonial First State Investments Limited 2017.

AGENDA WHAT YOU NEED TO KNOW WHAT YOU NEED TO DO TO HELP PROTECT YOUR ADVICE BUSINESS STAYING SECURE WITH CFS

AGENDA WHAT YOU NEED TO KNOW WHAT YOU NEED TO DO TO HELP PROTECT YOUR ADVICE BUSINESS STAYING SECURE WITH CFS

FRAUD OR NOT?

PERCEPTION vs REALITY

AUSTRALIAN SUPERANNUATION LANDSCAPE OVER $2.146 T IN SUPER 80% AUSTRALIAN BUSINESS HAVE NEVER CARRIED OUT A FRAUD RISK ASSESSMENT 75.9 MILLION OF REPORTED LOSSES IN FINANCIAL PLANNING 19% OF AUSTRALIAN BUSINESS HAVE PROPER PASSWORD POLICIES 95% AUSTRALIANS WERE TARGETED BY A SCAMMER IN THE PAST 12 MONTHS 7% OF AUSTRALIAN BUSINESSES HAVE APPROPRIATE INTERNET POLICIES 51% OF ALL SMRs ARE ATTRIBUTED TO CYBER-ENABLED FRAUD 75% OF AUSTRALIAN SUPERANNUATION PROVIDERS REPORTED A CYBER INCIDENT TO EXECUTIVE MANAGEMENT IN 2016

“ ” CYBER-ENABLED FRAUD 2% 5% 21% 20% 1% 51% SUSPICIOUS MATTER REPORTING BY SUSPECTED OFFENCE TYPE Cyber-enabled fraud Other fraud Money laundering Welfare fraud Tax evasion Terrorism financing 51% 20% 21% 5% 2% 1% Financial planners are particularly vulnerable to cyber-enabled fraud attacks when acting as a gateway between customers and financial institutions or product issuers. - AUSTRAC 10 January 2017 “ ” Source: Financial Planning Risk Assessment – Austrac - 10 January 2017

Types of Cybercrime CYBER-ENABLED FRAUD ONLINE SCHEMES IDENTITY FRAUD Schemes that seek to take advantage of individuals by presenting a solicitous offer (such as a free or cheap holiday) that turns out to be dishonest or non-existent IDENTITY FRAUD Illegally accessing an individual’s information and using this information to steal money or other benefits BULLYING AND HARASSMENT Using technology to conduct behaviour that is intended to make a person feel fearful, uncomfortable or offended PHISHING An email pretending to be from a legitimate, trusted company (such as a bank or other service provider) that attempts to trick an individual into providing their personal or financial information MALWARE AND RANSOMWARE Malicious software designed to gain unauthorised access to an individual's computer system. Typically used to steal data, destroy data, or to prevent the user from being able to access their files, holding them to 'ransom'

INDICATORS OF CYBER-ENABLED FRAUD Has different tone/language to customer’s usual communications Has poor grammar, spelling mistakes or uncommon terminology A CUSTOMER EMAIL Usually contacts by telephone, then suddenly makes contact by email Changes bank details soon after changing other details, such as contact address or phone number Customer emails express urgency: Requests for the financial planner to complete application forms on the customer’s behalf, then to send back to customer for signing, and/or Email requests to send funds overseas THE CUSTOMER

CASE STUDY SCENARIO HOW THIS FRAUD WORKS PREVENTING THIS TYPE OF CYBER FRAUD

WHAT YOU WHAT YOU AGENDA WHAT YOU NEED TO KNOW WHAT YOU NEED TO DO TO HELP PROTECT YOUR ADVICE BUSINESS STAYING SECURE WITH CFS

WHAT ACTIONS CAN YOU TAKE? DON'T DIVULGE PERSONAL INFORMATION WHEN REQUESTED VIA EMAIL INVEST IN BASIC ANTIVIRUS PROTECTION BE VIGILANT KEEP UP-TO-DATE CHOOSE A STRONG PASSWORD RESTRICT USE OF PUBLIC Wi-Fi TO WEB BROWSING REGULARLY UPDATE SOFTWARE IF IN DOUBT, CALL THE CLIENT GET YOUR BUSINESS HYGIENE RIGHT BEWARE OF EMAILS ASKING FOR FINANCIAL INFORMATION KNOW YOUR CLIENT

commbank.com.au/personal/support/security CLIENTS HAVE A ROLE TO PLAY SECURITY DEPENDS ON YOUR CLIENTS TOO Be aware of cyber security Back-up regularly Keep your anti-virus software current and consider using OpenDNS at home Keep software up-to-date Don’t re-use passwords Protect your email account   commbank.com.au/personal/support/security

AGENDA WHAT YOU NEED TO KNOW WHAT YOU NEED TO DO TO HELP PROTECT YOUR ADVICE BUSINESS STAYING SECURE WITH CFS

STAY SECURE WITH CFS Continuous improvement Data analytics - transaction monitoring capability Dedicated CFS Operational Security Team Encryption technology Proof of identity screening Ongoing monitoring and blocking suspicious matters Masking certain information when we communicate with you

DEDICATED FOCUS It’s now part of how we operate… all day, everyday 5K+ MONTHLY DATA ANALYTICS TRANSACTION MONITORING CAPABILITY DEDICATED CFS OPERATIONAL SECURITY TEAM CONTINUOUS PROCESS IMPROVEMENT

QUESTIONS?

Tony Powell 0417 564 556• tony.powell@colonialfirststate.com.au