Security

Securing your investments and your personal information

Beaufort places great emphasis on the security of the financial assets and personal information we manage on behalf of our clients. We are regulated by the Financial Conduct Authority (FCA) and our obliged to ensure that all our systems and practices meet industry requirements. We also operate additional security procedures of our own, so you can rest assured of our commitment to your safety and security.

Protecting Client Money

All of the client money managed by Beaufort is held on deposit in trust accounts with a number of regulated banks. As a result any creditors of Beaufort would have no legal right over your money. In addition we cannot use any of your money to cover our own obligations.

We have a robust policy for choosing banks with the security of your money being the primary consideration. We regularly monitor all of the banks we use to ensure we are able to safeguard your money. We consider the capital, credit rating and the level of risk in the investment and loan activities undertaken by each bank. We also take in to account any recent adverse news.

We currently distribute money between 5 approved banks to ensure there is sufficient diversification of risk should the unlikely event occur that one of these instructions were to default.

How we protect your assets

In compliance with FCA Client Asset Rules, investors’ assets are held on trust in accounts segregated from Beaufort’s own assets. Therefore, in the unlikely event of default by Beaufort, investors’ assets would be allocated to the beneficial owner. These assets would not be considered as belonging to Beaufort and therefore would not be used to repay Beaufort’s creditors in the event of liquidation.

All UK Assets are held by Beaufort Nominees Limited, a non-trading company fully controlled by Beaufort Asset Clearing Services Limited. Beaufort Asset Clearing Services Limited accepts full liability for any default by our nominee company. We maintain detailed records of all of your assets of which you will remain the beneficial owner, these records are reconciled on a daily basis to ensure your statement is accurate and current.

For those assets that can not be held within our nominee company we use a number of carefully selected third party custodians. We have an active due diligence process in place to continually monitor our appointed custodians. We consider the expertise and market reputation of the custodians, their capital or financial resources, their credit rating, the arrangements that the custodian has in place for holding and safeguarding the safe custody asset and any other activities undertaken by the custodian and, if relevant, any affiliated company.

Once assets have been lodged with a custodian, we monitor their performance and the quality of the services they provide to us to ensure it is of the high standards that we expect.

Beaufort Asset Clearing Services Limited does not enter and does not intend to enter into any arrangements for securities financing transactions in respect of custody assets held by it on behalf of a client or otherwise use such custody assets for its own account or the account of another client of the group. In addition Beaufort Asset Clearing Services Limited does not trade in a principle capacity.

Oversight

Beaufort Asset Clearing Services Limited has a dedicated team to ensure that your money and assets are protected above and beyond those required within the rules put in place by the Financial Conduct Authority (FCA). We are annually audited on our client money and asset processes, procedures and controls with the resultant report being submitted to the FCA.

Financial Services Compensation Scheme

The Financial Services Compensation Scheme (FSCS) is backed by the government and protects your deposits up to £85,000 should a bank, building society or credit union default. Your individual protection will depend on the aggregate balances held by that institution. In addition the FSCS can award up to £50,000 in compensation to you where they decide that an investment business is in default and is unable to satisfy any claims against it. Further information is available on the FSCS website (www.fscs.org.uk) or you can contact them on 020 7741 4100 or 0800 678 1100.

Additional protections

As well as having the above measures in place we also use other methods to protect your account and the assets held within it:

• As we do not act as a bank we have no exposure to any under-performing assets, including sub-prime
• Our business is managed with rigorous internal controls and audit procedures
• All operational activities are subject to ongoing monitoring by our compliance department. This independent check is backed up by periodic review by our external auditors. We also submit detailed monthly reports on stock and cash positions to the FCA
• We reconcile all client stock and cash positions against an external record on a daily basis and in line with industry standards and regulatory rules
• We do not lend any stock held in your account
• As a FCA regulated firm we are required to maintain a minimum capital balance determined by the size and type of activities we undertake. Beaufort Securities maintains a capital surplus above these minimum requirements.

Frequently Asked Questions

Q – What should I do if I receive a suspicious email?

A– Never open suspicous emails and always delete them. The e-mail or a website quoted within it could contain a Trojan or virus and we strongly recommend that you run your anti-virus software to combat this. We also suggest that you ensure your anti-virus software is up to date before running the scan. If you have opened an email you believe to be bogus, run your anti-virus and anti-spyware software to ensure no malicious software has been activated.

Knowing what to look out for is the best way to protect yourself from these ‘phishing’ attempts. Below are the key points to remember if you are concerned about an email you have received:

• Beaufort Securities will never ask you for your username or PIN in an email.

Be aware of the way the email or website looks. Never click on a link or log in to a page that looks unusual in any way. Just by clicking a link within a phishing email could potentially download a harmful virus. Things to look out for include: Page layout – does it look different? URL – is it spelt correctly?

If you have even the slightest doubt about an email you have received from Beaufort please call us on 020 7382 8300, or you can forward it to [email protected] and we can confirm if the correspondence is legitimate.

The safest way to log in to your account is by typing www.beaufortsecurities.com directly into your browser. If you are concerned that you may have divulged any details of accounts held with us please call our Customer Services Team immediately on 020 7382 8300.

Visit our Help Centre to find answers to other Frequently Asked Questions

Keeping your data safe

Our obligations as a regulated firm

As a company regulated by the Financial Conduct Authority we ensure all our systems and practices meet industry requirements. These measures, together with our own security practices, are in place to help ensure the safety of your account, including from any unauthorised access.

How we are protecting you from attack

The security of your account is paramount to us and we are fully committed to giving you the best protection. This includes using the latest and most appropriate technology to ensure that our online services are provided in a safe and secure environment. This includes:

Encrypted data

We use the latest encryption technology on the trading services sections of our site to stop anyone from seeing your details, payment card details or transaction information.

Secure login

Our secure account login process requires you to authenticate yourself with your username and PIN. If we detect repeated incorrect attempts to login we will lock your account – it can only be reactivated by you calling our Client Services department and being taken through our security procedures.

Secure, time-limited online sessions

All your trading activity is done within a secure session. If you leave your account without activity for a period of time, we will automatically log you out.

Secure transfer of data

We store personal data securely on internal networks. These are not directly accessible from the internet. We will never ask for your account details to be sent by email.

What you can do help prevent attacks

We do everything we can to protect your account and we encourage you to do the same. It helps to be aware of the different types of attacks you may be vulnerable to. As well as online attempts to undermine your account or financial information, some fraudsters operate illegal shares sales, known as ‘boiler room’ schemes, by phone or post. We’ve outlined below the main types of attack to be aware of and what you can do to protect yourself and your account.

‘Boiler room’ investment or share sales

What is it?
The term ‘boiler room’ is used to describe illegal, aggressive misselling of shares that are worthless, vastly overpriced or ones traded in very limited volumes/markets. The purpose of the sales pitch is to defraud investors and it is typically done with a high-pressure approach. Unfortunately there has been an increase in boiler room scams in recent years. See more information on Unsolicited Calls.

Identity theft

What is it?
Identity theft is when someone uses your personal details to pretend to be you, often using them for financial gain. You can be vulnerable to identity theft on social networking sites and when using other online services, as well as in the real world.

What happens?
Once an identity fraudster has your personal details they can access some or several of your accounts, removing money or buying services or goods which you are charged for but, never see.

What you can do to protect yourself
There are a number of precautions you can take, both online and offline, to make sure no one gets hold of your personal details.

Protecting yourself online and on the phone

• Create strong passwords and usernames – with numbers and lower and upper case letters
• Use different details for different account logins and never disclose them to anyone
• Verify who you’re speaking to on the phone or online
• Check your bank and trading statements regularly and report any transactions you don’t recognise
• Don’t be afraid to say ‘no’ if you think someone is trying to trick you out of information
• Avoid using the auto-complete option when filling in forms online – your browser stores your details to do this and that information is easy for thieves to access.
• Don’t post personal details on chat rooms, forums or social networking sites
• If you use internet cafes, make sure no one can see any screens showing personal details, and always log off from accounts if you move away from your computer

Password Management

• Create strong passwords and usernames – with numbers and lower and upper case letters.
• Don’t choose words or dates obviously associated with you – people can often find out a lot about you online – such as your date of birth.
• Don’t rely on words that can be found in a dictionary – hacking algorithms usually use dictionary entries as the first line of attack.
• Use a mixture of unusual characters – you can use a word or phrase that you can easily remember but with replaced characters like !, $ or &.
• Have different passwords for different sites and systems – if one account gets compromised, this does not give automatic access to all your other accounts.
• Keep your passwords safe – writing them down can be highly insecure.
• Where possibly, consider changing your passwords on a regular basis.

Protecting yourself offline

• Read your bank statement as soon as you receive it and report any transactions you don’t recognise.
• Check any statements carefully and securely store statements, bills and confidential letters.
• Shred personal information you want to throw away – a common way fraudsters get hold of people’s details isn’t online, but by going through their rubbish.
• Redirect your post using the Royal Mail Redirection Service if you move home.
• Shield your PIN when using Cashpoints or in shops
• Don’t use a cashpoint if you suspect it’s been tampered with – signs include anything sticking out of, or a sticky substance around, the card slot.
• Consider obtaining credit reference reports from providers such as Experian

Malware

What is it?
Malware is the term used for any kind of software that is designed to be used by attackers to gather your personal information (for malicious intent) or cause disruption to your computer or systems in some way. Even with anti-virus software and firewalls, malware can sometimes get through to cause damage to your computer, track what you do online and give criminals access to your security details. Types of malware include:

• computer viruses,
• trojans,
• spyware,
• scareware.

Computer viruses

Computer viruses are mostly a threat if you don’t have anti-virus software, which is specifically designed to protect your computer against them.

What are they?
Computer viruses are software programmes that have the potential to damage your computer and, in some cases, track what you do online and pass back information, including your security details, to hackers.

You might notice you have a virus on your computer if it starts performing uncharacteristically – or you notices changes you can’t account for. For example it may slow down significantly, you may notice that files have been changed or deleted. Or you may even see messages and pop ups being displayed (or even music playing on its own) that you haven’t initiated.

Other types of malware include Trojans, Spyware and adware and scareware.

Trojans – are software programmes that pretend to be something they are not. Essentially they are harmful programs, often disguised as downloadable files such as screensavers, tools or applications.

Spyware – secretly tracks what you do online to get information about your browsing habits, and might display unwanted advertising, while Adware installs pop-ups and advertising on your computer. Spyware and adware can be relatively harmless, but they can scan your hard disk to get your personal details and can slow down your computer.

Scareware is designed to trick you into installing malware software. Typically it does this by delivering pop ups which tell you your computer has been infected and inviting you to buy software that remove the issue. Whereas, the software you buy is likely to contain malware.

What you can do to protect yourself
To project you from any type of computer virus you should always be cautious about sites you visit, links you click on, and be extremely cautious about any files you download or install – especially if you haven’t requested them.

• Ensure you have up-to-date anti-virus software installed
• Use the latest version of any software you use, such as your internet browser
• Avoid clicking on links or downloading files from sources you don’t know, haven’t requested or aren’t confident about
• Only buy software from sources you trust

Useful contacts

• FCA consumer helpline – 0845 606 1234
• FCA Register
• FCA website – Boiler Rooms Guidance
• FCA website – Register of Authorised firms and person