020 7608 4900
Contact us
Advisers

Cyber Security Guidance for Advisers

As an adviser, you handle sensitive personal and financial information every day. That makes you and your firm a potential target for cyber criminals. This guidance is here to help you strengthen your own defences and reduce the chances of something going wrong for your business, your clients, and your peace of mind.

What we do to protect your data

Platform Security

Multi-factor Authentication (MFA)

MFA is a control that provides an extra layer of security to your account. After entering your password, you’ll need to confirm your identity using a second factor, such as a code sent via SMS, email, or an authenticator app (e. g. Microsoft or Google Authenticator). While all methods improve your security, we strongly recommend using an authenticator app. Unlike SMS or email, which can be intercepted or compromised, authenticator apps generate time-based codes directly on your device, making them more secure and reliable. Even if someone obtains your password, they can’t log in without the second factor. MFA helps keep your account and your clients’ data safe from unauthorised access.

Penetration Test
A Penetration Test is like hiring ethical hackers to try and break into our system, not to cause harm, but to help us find and fix security gaps before real attackers can. It’s a smart, proactive way to test our defences, protect your and your clients’ sensitive financial data, and stay one step ahead of cyber threats.

Secure Development Practices
Secure development practices are the security rules and habits our developers follow when building and updating the platform. It means we write code designed to block hackers, regularly test for weaknesses and keep systems updated and secure from day one.

What you can do to protect your data

We’ve built strong security measures into our platform, but your own approach to cyber security plays a big part in keeping things safe. The way you manage access, protect devices, and respond to risks can make all the difference. Cyber security can seem complicated, but by following these 4 simple measures below, you can significantly strengthen your defences.

4 Simple Measures

Actions to take

Use Multi-factor Authentication (MFA)

  • Always enable MFA where it’s available, including on the platform, email accounts, and any systems used to store or access client data.
  • MFA provides an extra layer of security even if a password is compromised.

Set strong passwords

  • Use long, complex passwords that are unique to each system or service.
  • Avoid reusing passwords across platforms.
  • Consider using a reputable password manager to keep track of them securely.

 

Behaviours to implement

Stay alert to suspicious emails

  • Be cautious with emails asking you to click links, open attachments, or confirm login details.
  • Check sender addresses carefully; they’re often disguised to look legitimate.
  • If something doesn’t seem right, don’t respond or click, verify it by phone or another trusted method.

Be careful on public or unsecured networks

  • Avoid using public Wi-Fi when accessing the platform or handling client information.
  • If working remotely, use a secure internet connection or a VPN.
4 Advanced Measures
  • If you receive a login alert you don’t recognise, change your password straight away. If possible, review your access logs or speak to your IT support team to investigate further.
  • If you’re asked to change a client’s bank details by email, always confirm directly with the client over the phone or face to face. Never rely solely on email, even if the message appears to come from the client.
  • If an email from a colleague, client or provider doesn’t look quite right, check the sender’s address carefully. Look out for unusual wording or unexpected requests. If something feels off, call the person directly to confirm.
  • If someone asks for your login details, don’t share them. Access to systems should always be personal and secure. If someone needs access, they should have their own authorised account.

When Using the Transact Platform

  • Use MFA every time you log in.
  • Log out after use, especially on shared or public devices.
  • Do not save login credentials in shared browsers or devices.
  • Ensure your device is running up-to-date security software.

Need Help?
If you have questions or think your account may have been compromised, contact the Cyber Security Team at cybersecurity@integrafin.co.uk.

 

Responsibility and Disclaimer
The security of your firm’s devices, networks, and internal processes remains your responsibility. This guidance is offered as general best practice and does not constitute legal advice or imply any liability on our part for cyber-related incidents affecting your firm. Each firm should carry out its own risk assessments and, where necessary, seek professional cyber security advice.
This website is designed to be used by financial advisers, their clients and professionals. It is intended as general guidance only and should not be viewed as a recommendation to use or rely on any features mentioned. The information is not advice, nor is it a substitute for advice.
Contact Information
  • 4th Floor, 2 Gresham Street, London, EC2V 7AD
  • 020 7608 4900
  • Find us on social media
Quick Links
Our Other Sites

© 2026 Integrated Financial Arrangements Ltd
"Transact" is operated by Integrated Financial Arrangements Ltd. 4th Floor, 2 Gresham Street, London, EC2V 7AD. Tel: 020 7608 4900 Fax: 020 7608 5300. (Registered office: as above; Registered in England and Wales under number: 03727592). Authorised and regulated by the Financial Conduct Authority (entered on the Financial Services Register; no. 190856).