Insights

Cyber governance.
In plain English.
For IFA directors.

Practical thinking on FCA operational resilience, Consumer Duty accountability and board-level cyber governance - written for managing directors, not IT teams.

Published in IFA Magazine

How and Why Cyber Risk is Becoming an Important Governance Issue for IFAs

Patrick Murphy, Chartered Financial Planner - GOIA Technologies

Read on IFA Magazine ↗
FCA Deadline March 2025
Regulatory - FCA Operational Resilience

The FCA's March 2025 deadline has passed. What it means for IFA managing directors right now.

Firms that have not documented their Important Business Services are in active breach. Here is what a non-compliant firm needs to do next.

Patrick MurphyPatrick Murphy
Read article →
The IT Provider Blind Spot
Governance - Independence

Why your IT provider cannot tell you how secure you are − and why that matters to your board.

Your IT provider manages systems. That is not the same as governance oversight. There is a structural reason they will never independently assess their own work.

Gerard OuattaraGerard Ouattara
Read article →
Consumer Duty and Cyber
Regulatory - Consumer Duty

Consumer Duty has a cyber dimension. Most IFA boards have not connected the two.

A cyber incident that disrupts client servicing is a Consumer Duty failure, not just an IT event. Here is how GOIA maps the governance bridge.

Patrick MurphyPatrick Murphy
Read article →
DMARC: The Zero-Cost Fix
Technical Governance - Email Security

DMARC: the email security configuration that costs nothing to fix and appears in almost every IFA firm assessment.

A DMARC record set to "none" means your firm's email domain can be impersonated. Fraudulent payment instructions can appear to come from your managing director.

Gerard OuattaraGerard Ouattara
Read article →
Insurance ROI
Commercial - Cyber Insurance

How one cyber insurance premium reduction paid for a governance review three times over.

The investment case for cyber governance framed in financial terms - how the Insurer Evidence Pack translates directly into premium outcomes at renewal.

Gerard OuattaraGerard Ouattara
Read article →
Incident Response Tabletop
Incident Response - Governance Retainer

What happens in GOIA's bi-annual incident response tabletop exercise − and why your board needs one.

A facilitated IR exercise is the fastest way to identify whether your board's theoretical IR plan would survive first contact with a real incident.

Gerard OuattaraGerard Ouattara
Read article →

Free Resource

Can't find what you need? Ask Patrick directly.

Ask Patrick - Cyber Clinic for IFAs is a free resource built by Patrick Murphy. Ask any question about FCA cyber expectations, operational resilience, or governance and get a plain-English answer.

Ask Patrick
Ask Patrick
Free Ebook

Defending the Digital Frontier

Gerard Ouattara's guide to cybersecurity strategies for SMEs in an AI world. A practical, plain-language resource for business leaders who need to understand the landscape.

You will receive the download link by email. No spam. Unsubscribe at any time.

Defending the Digital Frontier

Gerard Ouattara · GOIA Technologies

Free download via email

Stay Current

Regulatory updates and governance thinking, direct to your inbox.

One email per month. No marketing. FCA regulatory updates and practical governance thinking for IFA managing directors.

No spam. Unsubscribe at any time.