Advisers at ‘Forefront’ of Digital Fraud Detection, Prevention

A FINRA conference panel discussed how timely notification of fraudulent activity can protect targeted clients and advisory firms.

Cybercrime is an increasing threat in the U.S., with losses totaling $20.8 billion in 2025—more than twice the 2022 total of $10.3 billion—according to the FBI’s latest Internet Crime Report, released last month. Speaking during a recent panel at the Financial Industry Regulatory Authority 2026 Annual Conference, Heith Janke, assistant director of the FBI’s Criminal Division, said that more than 1 million cybercrime incidents were reported nationwide last year.

“[From 2024 to 2025,] we had a 26% increase in reporting,” Janke said. “We also had a 26% increase in the [fraud] loss amount. We’re losing there.”

Want the latest retirement plan adviser news and insights? Sign up for PLANADVISER newsletters.

Last year’s costliest source of financial cybercrime was online “investment clubs” that offer false financial advice, often involving small-cap stocks or initial public offerings; according to the FBI report, these schemes accounted for $8.6 billion in losses last year. The next costliest sources of cybercrime were business email compromises ($3 billion in losses), fake tech or customer support ($2.1 billion in losses) and personal data breaches ($1.3 billion in losses).

As FINRA and other regulatory agencies try to prevent cybercrime affecting advisory firms, they rely heavily on the information they receive from advisers and other financial professionals about activities and threats, according to panelist Dan McClain, FINRA’s vice president of surveillance and market intelligence.

“The intelligence that you provide to FINRA, that you see in real time … we are able to then aggregate the information that we have from trading data, other sources,” McClain said. “[We] push guidance out to firms about emerging schemes but also feed the [Securities and Exchange Commission] … and law enforcement, so they can take expedited action to try to disrupt these schemes.”

Suspicious Activity

Both large and small advisory firms are susceptible to cybercrime, according to Samantha Larew, the chief compliance officer at Manning & Napier Investor Services Inc., who spoke on the panel. Small firms are often used by fraudsters to test social engineering tactics or targeted due to their weaker security systems, Larew said.

Advisers may be among the first at a firm to notice warning signs that a cyberattack is underway. Potential signals include an increase in password resets in client portals, suspicious login activity, clients receiving or forwarding unusual messages, or communication from a contact with unauthorized information, according to Larew.

On the client side, advisers should look for sudden large withdrawals or liquidations; requests tied to urgent investment opportunities; or assets moved to crypto platforms or unknown accounts. Clients may come to advisers after being enticed by a confidence scheme, in which case advisers may need to debunk false “advice” quickly and clearly.

Adding to the confusion, artificial intelligence can create convincing impersonations of advisers or clients. Advisers’ identities can be co-opted through realistic phishing emails, voice cloning or even deepfake videos. Larew recalled an incident in which multiple senior investors and a retirement management adviser at her company separately noticed a scam involving a WhatsApp contact using the name of a real adviser. After escalating their concerns internally, the clients and her firm coordinated to alert FINRA’s senior tip line.

“We were able to share our facts and get a bigger picture together,” Larew said. “We got our lawyers involved, and we filed an [internet crime complaint] with the FBI.”

The panelists said cybercrime is underreported and that timely and thorough reporting of incidents helps FINRA alert firms that may use the same vendors or trading systems.

Authorities, when notified in real time, can sometimes reverse financial damage. While digital money transfers are too instantaneous to prevent, wire transfers can be potentially stopped within 72 hours, according to Janke.

Gaining Awareness

Training can raise advisers’ awareness about cybercrime. Larew said her company practices information technology “microlearning,” in which annual compliance training is divided into three to five shorter sessions spread through the year, featuring brief instructional videos.

FINRA members can access the agency’s Financial Intelligence Fusion Center, which launched in March and provides guidance for establishing cybersecurity programs and for identifying and combatting scams.

Janke said advisory firms should also become familiar with their nearest FBI field office, including the office’s private sector coordinator and crime squads covering cybercrime and white-collar crime.

“You never want to meet during a crisis,” Janke said. “As something is bubbling up or you’ve got questions, you can pick up the phone and make that direct connection.”

«