A client recently asked me how to protect his invested assets in case someone steals his identity. Most of us probably know of people who have had their credit cards used and maybe even individuals who have had their bank accounts hacked. Not many of us have had the experience of losing our life savings, but this was a very timely question as we are all at risk in this cyber-age.
Fortunately, most of us have the lion’s share of our savings in employer-based retirement plans and taking money out of those is like getting money out of Fort Knox. There are only certain times that we qualify to redeem funds and then we have to go to the Human Resources Department for appropriate forms. Those get forwarded to the Pension Plan Administrator who, after properly vetting the documents, forwards them to the Investment Company. There they are processed through a couple of departments and finally a check is either mailed to our employer, to us as the participant, or wired to our bank.
Unfortunately, getting money out of our personal investment accounts is not nearly as difficult. It is not difficult for a professional cyber pickpocket to get our name, address, social security number, date of birth and other information needed to access our accounts. For our convenience many of us have accounts that are accessible online and / or by phone, but does that open us up to cyber-crime? Imagine an unscrupulous person pretending to be us electronically or telephonically. The redemption check will be sent to our latest address on record with the investment company, but how hard is it for a professional thief to be near our mailbox on the days that our money may be arriving?
If a check is redeemed at our bank without proper authorization that financial institution should be held accountable, but what hassle and stress for us to prove our case. And what if the money is wired directly into our bank account and shortly after wired back out? Do we have the ability to track the cyber steps and prove our loss?
Does this mean we should simply keep our money in a hole somewhere in our backyard? Certainly not.
First, we should guard our identity even more vigilantly than we already do. Shredding statements and printed documents that contain our private information is the first step. Second, we should not divulge our social security numbers unless absolutely necessary. Our full names, dates of births and addresses are more valuable than many of us realize.
But the main step we can take is to not allow funds to be withdrawn from our accounts by phone or on the internet. It is very convenient to have this access, but at what cost? Reverting to paper forms which need to be signature guaranteed is more of a hassle, but not nearly the heartache we will face if our accounts are cleaned out. Is it worth maintaining a benefit we rarely use to put ourselves at risk for all the problems presented when we need to get our money back?