The Intermediary –- June 2026 - Flipbook - Page 43
Protection tech
and cyber risk
AMMer MOHAMMeD, FOuNDer OF PrOtectiX
tectiX
AI
-powered tools can
information can be lost, copied or accessed
permissions, secure authentication, data
help firms work faster
by multiple individuals without knowing
retention, routine monitoring, and clear
and make information
who, when and from where.
recovery plans if something goes wrong, all
easier to document and
present, but they also
Fraud is becoming harder to spot, because
fake communication is becoming more
from a legal and regulatory perspective.
It also means being honest about what
carry new data handling responsibilities and
convincing given the rapid advancement
the tech does and does not do. Tools
create considerable complexities.
of AI. A fake email can now sound like a
should support better workflows, not create
real colleague or client. A fake document
false confidence and simply pass on the
information is being entered, who can see it,
can look professionally crafted. A fake voice
operational risk.
how long it is kept, and whether it is really
message can appear urgent and entirely
needed in the first place. The safest data is
believable. That matters because many firms
will not only be about who has the best
often the data you never need to collect.
still rely on whether something 'looks right'
features. It will be about who can be trusted.
Firms must think carefully about what
Adviser tech should make workflows
Firms will increasingly want to know
or 'feels normal'.
Payment changes, document amendments,
simpler without encouraging poor data
For protection technology, the next stage
how the system handles data and how
habits. The danger is not AI itself, but using
urgent client instructions and unusual
outputs are produced, see transparency
tools without clear-cut rules and guidance.
provider requests should be double-checked
regarding controls and accessibility, and
through a separate route.
understand whether the technology helps
If users are simply copying sensitive
client information into systems without
If a request arrives by email, verify it by
knowing where it goes, who has access or
phone. If it arrives by phone, confirm it via
whether it can be retrieved later, they’re
security questions and always file a note of
creating significant compliance and
the discussion.
Collecting and sharing data that involves
complex and highly sensitive personal
somewhere else.
At Protectix, this is a core pillar in how we
deliver our technology.
Unquestionably, the more realistic fraud
regulatory risk.
reduce risk rather than simply moving it
Efficiency matters, but it is not enough
becomes, the more important repeatable,
on its own. The real value comes when
documented checks are required.
technology can not only help firms work
There is a natural pressure to make
faster but also handle information more
care, diligence and safety using robust
adviser tools faster, smarter and easier to
carefully and explain their process and
systems and controls.
use. That is positive, but speed cannot come
thinking with greater confidence.
information must be handled with utmost
Too many firms still rely on traditional
Cybersecurity is becoming a commercial
at the expense of control.
Technology providers must build with
data housing methods, believing they’re as
differentiator because trust has become a
secure as they once were – such as email
security in mind from the start and find
commercial differentiator. The tech providers
attachments, desktop folders and external
the right balance between innovation,
and firms that understand this early will be
hard drives. These may feel normal, but
efficiency and operational resilience. That
better placed than those that only react after
each one creates another data point where
means prioritising access controls, clear user
something goes wrong.
“Cloud-native architecture makes that possible
the industry's response cannot simply be to slow
in a way that legacy systems cannot match,
down innovation. Instead, it must ensure that
because changes to policy and access controls
resilience evolves alongside it.
can be pushed across an entire estate at once
"Ultimately, those firms best positioned
rather than managed site by site.”
to succeed are unlikely to be those with
Security by design
demonstrating that innovation and resilience
While the mortgage market is transforming
can evolve together.
itself through technology – automated
the most technology, but those capable of
Howes concludes: “Cloud platforms and
verification, cloud-based systems and AI-powered
APIs have made intermediary businesses more
tools creating faster, more efficient customer
efficient and more capable of serving clients
journeys – this advancement has also brought
well, but they have also expanded the ‘threat
new challenges into play. The same systems that
landscape’ significantly. The firms that manage
enable convenience also create opportunities
this best treat cybersecurity as a continuous
for fraudsters. As fraud becomes more prevalent,
process, not a one-off compliance exercise.”
June 2026 | The Intermediary
41
