If I told you the story of Jan Lewan, you might think I was making it up.
Born in World War II-era Poland, Lewan emigrated to the United States and settled in rural Pennsylvania. Gregarious and musically gifted, Lewan soon achieved small-town fame as “The Polka King of Northeast Pennsylvania” and for decades delighted audiences at venues like the Allentown Fair. At one point he was even nominated for a Grammy, in the Polka category. He and his family seemed to lead a charmed life. But, Lewan did have a weakness: He was a poor financial manager, and after one particularly serious setback, Lewan began luring local community members into a financial fraud. By promising returns of up to 20 percent, Lewan was able to sell more than five million dollars in illegal promissory notes tied to his unprofitable businesses, including a sleepy strip-mall gift shop. In the end, Lewan served time in Federal prison for these crimes, which destroyed the retirement savings of hundreds of people across twenty-two states.
Your odds of running into a Jan Lewan are low, but unfortunately your odds of encountering other types of financial fraud may be somewhat higher. In fact, it was notable that, in a recent interview, the incoming CEO of mutual fund giant Vanguard stated that “Cybersecurity is at the top of my list.” He added that security is Vanguard’s “single largest investment every year.” With that in mind, here are some steps you can take to help ensure your own financial security:
Three components: The first thing to recognize is that there is no such thing as infallible security. For that reason, your personal cybersecurity program should include three components: First, you want to do everything you can to prevent an incident. Second, you want to put in place mechanisms to alert you if an incident does occur. Finally, you want to make a schedule to do periodic “audits.” For example, twice a year you might sit down with all of your accounts and think through the points of potential vulnerability. Below I provide examples of strategies to help with the first two of these steps. And, if you would like help with the third step, customizing an audit checklist for your household, just let me know.
Paper statements: Today, most financial firms prefer to send you statements electronically. Generally, this is a good thing. Nonetheless, I don’t think it hurts to print out and keep on paper the most recent statement for each of your financial accounts. On the off chance that criminals are able to tamper with client records at your bank or brokerage, it may help to have hard copy documentation of your most recent balance. Note: I am not predicting this and don’t mean to sow fear; I just think it is helpful to think through the range of things that could happen.
Two-factor authentication: Most financial institutions now offer two-factor authentication. If you’re not familiar with how this works, the idea is that it requires you to have more than just a username and password to access your account. Generally you would also need to supply a one-time code sent to you by text. If your bank and investment firm offer this feature, turn it on. And, if you have a joint account, be sure that you both turn it on. If your financial institutions don’t offer this feature, I would switch to another institution. It’s that important. Finally, make sure you also turn on two-factor authentication for your email. This is critically important because, if someone has access to your email, they’re in a good position to reset your passwords for other sites. So, treat the security of your email account with the same seriousness that you treat your financial accounts.
Verbal password: Another thing you can do to help lock down your financial accounts is to set up a verbal password. This provides another layer of security whenever you call in. As long as you make your verbal password completely unique to that account, this measure can stop an identity thief, even if he has your account number, Social Security number and other details that banks normally request to verify a customer’s identity. Mayport clients working with Charles Schwab have this option, and other institutions may offer it too. Please let me know if you would like help setting it up.
Text alerts: Your bank and credit card companies probably offer a variety of alert options. For example, you could set one up to text you whenever you make a credit card purchase in excess of a specified amount, or when you are approaching your credit limit. The idea is to get some early warning when something unusual is happening so you can stop it sooner rather than later.
Simplicity: Lastly, I would look for ways to simplify your financial life. These days, it is all too easy to end up with a variety of accounts scattered across different banks, brokerage firms and old employers’ 401(k) plans. But, I think you will improve your overall security if you consolidate redundant accounts and reduce the number of financial institutions at which you maintain accounts. It’s just that much easier to keep an eye on things when you have fewer points of potential vulnerability. As I recommended in a recent article, Six Ways to Diversify, I do think it makes sense to have accounts at two different financial institutions, but no more than that.
If a Polka singer on the outskirts of Scranton, Pennsylvania can bilk hundreds of people out of millions of dollars, surely today’s cyber-thieves can do far worse. I hope you find these suggestions helpful.