Cybersecurity and digital development
Examining SFOs’ approach to digitalisation and security, the study found that 74 per cent of respondents said they had suffered a cyber breach in recent years, yet 72 per cent don't have a cyber incident plan and 61 per cent did not have processes in place for detecting IT breaches. Looking ahead, 81 per cent of respondents said they planned to act.
Questioned about broader risk management, only 49 per cent of SFO respondents said they were confident that they have processes in place to spot risks on the horizon, while 31 per cent agreed that decisions about risks facing their organisations were not taken at the highest levels.
Steven Shultz, EY Global Private Tax leader, said: “SFOs face a sobering mix of strategic, technological, regulatory and operational disruptions all amid unprecedented economic, social and geopolitical forces that are largely beyond their control. It is critical that their legacy is protected by supporting them to adapt to these trends.
“It’s clear that these changes present both challenges and opportunities, but in order to navigate them effectively, SFOs need to act now. The incredible pace of regulatory change in tax and beyond demands that SFOs learn to adapt quickly; and, in the face of rapid digitisation, they need to review their technology and their protection against cybercrime. With reputational risk an ever-increasing threat, SFOs need to look closely at their risk management practices to ensure they are robust; and, when it comes to strategy and governance, it’s hard to overstate the importance of taking into account nonfinancial metrics.”
Among recent developments worldwide, Singapore has introduced new rules affecting the behaviour of family offices. Each fund must be worth at least S$50 million ($35.93 million), and 10 per cent of it or S$10 million – whichever is the smaller amount – should be invested in Singapore. Depending on size, family offices must spend S$500,000 to S$1 million in the domestic economy each year, rising from S$200,000. Additionally, of the three investment figures which they are required to hire, at least one must be a non-family member, the rules state.
Attempts in the US to push for more regulatory oversight of single-family offices have met with resistance. See an example here.