Cyber Security Measures

As a client of WealthCo Advisory, the security of your personal information is paramount to us. We take a multi-layered approach covering insurance, governance frameworks, staff training, and secure technology systems to protect your data.

Cyber Insurance & Incident Response

Mont Partners (the Licensee) holds current cyber insurance with Emergence Insurance, an award-winning Australian insurer. This includes access to 24/7 specialist incident response teams in the event of a cyber security incident.

Cyber Security Frameworks & Governance

We operate in line with recognised cyber security frameworks to ensure strong controls and continuous improvement:

  • ASIC Essential 8 (E8): Developed by the Australian Cyber Security Centre (ACSC), this framework helps organisations protect against cyber threats. Mont Partners and WealthCo Advisory were independently advised to target E8 Maturity Level 1 based on our size and data profile, which we have successfully achieved (as of 2023).
  • SMB1001:2025: An internationally aligned cyber security standard for small to medium businesses. WealthCo Advisory has been independently audited and achieved Gold status, the highest available level (as of 2025).

Staff Training & Awareness

All staff undergo regular cyber security training to ensure ongoing awareness of risks, secure handling of data, and adherence to internal policies.

Systems, Data Storage & Security Controls

Your personal information is stored securely in two primary systems:

  • CRM System (Iress Ltd – ASX: IRE): A publicly listed Australian technology provider certified to ISO/IEC 27001 (international information security standard).
  • Microsoft SharePoint: Used for internal document storage. Data is encrypted, access is restricted to authorised staff only, and systems are protected by Microsoft Defender, which monitors for threats such as unauthorised access or data loss events. Regular backups are also maintained.

All systems we use are protected with multi-factor authentication (MFA) for all users.

Password Management Security

Where we manage access to systems and client-related information, we utilise LastPass, an industry-recognised password management platform. LastPass employs strong encryption protocols to securely store and manage login credentials, ensuring sensitive access information is protected and not stored in plain text. This helps safeguard both client data and internal systems from unauthorised access.

Payment Information Security

Where you provide banking or credit card details for advice fee payments, these are processed exclusively through Ezidebit, a PCI DSS Level 1 compliant provider. This is the highest security standard for organisations handling payment card data, ensuring your details are securely stored and processed.

Secure Communication & Email Policy

We do not send or receive sensitive personal information (PII) via unsecured email. Please see below section on “Secure Document Delivery with SendSafely” for more information.

Secure Document Delivery with SendSafely

Secure Document Delivery with SendSafely

At WealthCo Advisory, protecting your personal and financial information is a top priority. That’s why we are using SendSafely to securely deliver sensitive documents and information to you.

While most often used by us to send documents to you, SendSafely can also be used whenever you need to securely provide confidential information to us.

What is SendSafely?

SendSafely is a secure file transfer platform designed for sharing confidential information online. Traditional email was never intended for transmitting sensitive documents, which is why we have adopted a more secure alternative.

Whether we are sending you advice documents, reports and forms, or you are providing us with personal or financial information, SendSafely helps ensure your data remains private and protected.

How Does It Work?

When we send you documents via SendSafely, you will first receive a normal email from us containing a secure link. Clicking this link will take you to SendSafely’s secure portal, where you can safely view or download your documents.

Your files are encrypted before they are transmitted, remain encrypted while in transit and while stored, and can only be accessed by you as the intended recipient. If you need to send documents back to us, any files you upload are encrypted on your device before they leave it, providing the same high level of protection.

Importantly, not even SendSafely can access the contents of your files.

Why is it Safe?

SendSafely uses AES-256 encryption, the same standard trusted by governments, financial institutions, and security professionals worldwide. It also operates using a zero-knowledge architecture, meaning encryption keys are never stored alongside your data.

This means:

  • Your documents cannot be intercepted and read during transmission.
  • Your information is never stored in plain text.
  • Only the intended recipient can access your files.
  • Access is controlled, monitored, and fully auditable.

No Account Required

You do not need to create an account or install any software. Simply click the secure link we provide and follow the prompts to enter in your email address, and 2FA code received to your mobile phone.

Questions?

If you have any questions about using SendSafely or our information security practices, please contact our office.