Settlement agents (aka Conveyancers) are the unsung heroes of the real estate industry, responsible for ensuring that all the documents, funds, and other important details related to a property transaction are in order before closing. However, as the world becomes more interconnected and technology-dependent, settlement agents find themselves facing a growing risk of cyber-attacks that could compromise the security of their clients and cause significant financial damage to both them and their clients.
One of the main reasons that settlement agents are such attractive targets for cybercriminals is because of the vast amount of sensitive personal and financial information they collect, store, and transmit. Not to mention the significant volumes of money transacted as part of the property settlement. In many cases, settlement agents use outdated technology and processes, making them more vulnerable to cyber-attacks. The current lack of guidance and inconsistent views on how Personally Identifiable Information (PII) is collected only adds to the confusion and the risk of data breaches.
Moreover, cybercriminals can use a wide range of tactics to target settlement agents, including social engineering attacks, in this case, phishing attacks, designed to trick people into revealing their personal and financial information. Settlement agents can unwittingly compromise the entire transaction if they fall victim to a phishing scam. For instance, in April 2022, a purchaser in Western Australia lost a whopping $732,000 due to their email account being hijacked and used to compromise the transaction process.
The situation is not all doom and gloom, however. Settlement agents can take proactive steps to protect themselves and their clients against cyber threats. For instance, implementing multi-factor authentication, encrypting sensitive data, and keeping software up to date can go a long way in mitigating cyber risks. However, even with these technical controls in place, settlement agents must also address the PEOPLE and PROCESS elements, which make up over 80% of the organisation when it comes to dealing with information assets. Any flaws in human actions or processes regarding information will result in significant losses and in potential data breaches, exposing the organisation from a reputation and financial perspective.
Another significant measure is investing in cybersecurity insurance. While some insurance underwriters negotiate with the industry to provide a group policy for settlement agents, it may not be enough. Cybersecurity insurance can help cover the financial losses and reputational damage that can result from a cyber-attack. It can also provide coverage for statutory penalties if ever imposed for not reporting cyber incidents correctly. At present, a Master Policy Agreement exists for settlement agents in WA, however, this should be reviewed by each settlement agent to ensure it covers their business adequately within the bounds of their risk appetite. As always, as a settlement agent, you should get independent advice for your business.
Settlement agents play a critical role in the buying and selling of real estate properties, handling vast amounts of sensitive personal and financial information. Cybercriminals, on the other hand, are constantly on the lookout for valuable data they can use to commit fraud or sell on the dark web. It is, therefore, vital for settlement agents to take proactive steps to protect themselves and their clients against cyber threats, including investing in cybersecurity insurance. Failure to do so could result in devastating financial losses and reputational damage.
Kommentare