The Importance of Cybersecurity for the Family Office
Join Elisa Shevlin Rizzo, Head of Family Office Advisory, and Ileana van der Linde, Head of Cyber Advisory, as they explore the crucial topic of cybersecurity for family offices with insights from the Global Family Office Report.
From differentiating between technology and cybersecurity to implementing essential measures like multi-factor authentication and encryption, this session offers valuable guidance to help protect you from cyber threats.
Descriptive audio
This is intended for informational purposes only. Opinions expressed herein are those of the speakers and may differ from those of other JPMorgan employees and affiliates. Historical information and outlooks are not guarantees of future results. Any views and strategies described may not be appropriate for all participants and should not be intended as personal investment, financial, or other advice. As a reminder, investment products are not FDIC insured, do not have bank guarantee, and they may lose value.
Welcome, everyone, and thank you for joining us here today. My name is Elisa Shevlin Rizzo, and I am the head of Family Office Advisory here at JPMorgan Private Bank. Earlier this year, the Family Office practice published its Global Family Office Report, which includes a great deal of insights drawn from our single-family office clients from around the globe.
We asked specific questions about how family offices were allocating their investment portfolio, how they were fulfilling their investment needs, what kinds of services they were providing to Family Office clients, and how they were managing risk, governance, and succession planning issues. We also asked about key gaps in our clients' existing models, and 40% of our clients reported that cybersecurity was their number one cause of concern.
In this session, we'll be covering some of our clients' most pressing questions. We'll talk a little bit about cybersecurity and technology and how they are different. And then last, we'll turn to some of the steps that family offices can take to better protect themselves from the risk of hackers. To help me frame this conversation, I am joined here today by Ileana van der Linde, who is the head of our Cyber Advisory team here at JPMorgan Private Bank. Welcome, Ileana. It is so good to have you here today. Thank you.
Yes, it's a pleasure to be here with you.
So before we get started, why don't we talk a little bit about you and your team and how you can work with clients?
I head up the Global Cyber Advisory team. What we do is we meet with clients in one-on-one sessions, generally ultra-high net worth individuals, their families, as well as family offices and related businesses. What we do is we provide guidance, educational content, seminars, but we really are here to help our clients learn how they can be more secure, particularly, the family offices that control so much.
That's great to know. Cybersecurity is a key issue for everyone, and our Global Family Office Report really highlighted that effect. The potential impact of a cybersecurity event or breach on family offices is significant. About 40% of the family offices did report that cybersecurity was their number one concern, and about 25% of our family office respondents indicated that they had been subject to a cyberattack or other breach that they were aware of.
To JPMorgan, cyber is a huge priority. We spend about $15 billion a year on technology and about $700 million on cybersecurity annually. The two are not the same, and we'll get to that a little bit later. But we also work across technology, people, and processes to ensure that our clients' data, assets are secure.
But what we have seen is while we protect the perimeter here at JPMorgan, we also see that hackers go where it's easiest. And this is exactly why we developed this program many years ago, to help our clients understand their risk.
One thing that jumped out at me when I was going through the data in preparation for writing the report was that one in five family offices indicated that they do not have any cybersecurity measures in place. Does that surprise you?
Some of the numbers definitely surprise me. Some come up in cyber discussions with clients. What we know is that of all the cyberattacks that occur, 75% are directed to small and medium-sized businesses, and family offices are just that. They often don't have the operations, the infrastructure, and the multi-layers of defense that you need, whether you're a large organization or a small organization.
Only 39% of family offices actually educate their staff on cybersecurity or even create a culture of reporting things that they might see. 61% of family offices provide access to data on an as-needed basis, which means 40% have much too broad an access to all their data, another area that we shouldn't do. The one that really got me was only 18% of clients are encrypting their data, and so that means the vast majority are not.
And these are all things that are easily remediated and, I think, that we can get to. So one of the other areas is that 2/3 have an IT provider, but not necessarily a cyber provider. And this is, I think, a nuance that is often lost on a lot of our clients, that they think they're safe because,
I'm in the cloud, or I don't need cybersecurity. And this is a huge area where we work to come in and explain that you have to look at cybersecurity, really, from a people, process, and technology perspective, a much more comprehensive view, and not just think this is solved with technology only.
So let's talk a little bit about that because that does come up a lot in client conversations, I have technology, I'm using my company systems, what have you. Let's spend some time going through the differences between technology and what that does and cybersecurity and what that is.
Technology, really, is an important control that you can use in cybersecurity, but 80% of all cyberattacks today happen because they figure out people and process. So the vast majority, we want to up front and look at risk from a people and process perspective and change that mindset. When it comes to technology, you can have an IT provider-- a lot of tools today are plug and play-- but what you really also want to think about today is maybe two decades ago, that might have been sufficient.
We're in a very different landscape today. You typically want to look at a managed service provider that is going to basically ensure that your hardware and software are also set up securely. But you might also need a managed security service provider, an MSSP, which looks at monitoring the threats that are coming in. So it's almost like setting up your house secure but also putting a sentry outside to ensure that attacks aren't coming into that house.
And that MSSP--
Mm-hmm, yes.
--is that monitoring done on a continuous basis? Is it periodic? How does that occur?
Well, this is the thing. There isn't usually one vendor that does everything. Right now, in the landscape, things are very segregated, so you have different types of providers doing different things. But overall, you want to make sure that, yes, you might need your IT provider to provide you printers, laptops, things like that, but you need somebody to 24/7 ensure that your house is secure.
That extra monitoring that an MSSP or another vendor may also offer as part of their services is you want active monitoring because while you're asleep at 4:00 AM, there are plenty of bot traffic and things of that nature that are coming at your network.
What's five steps can clients take to protect themselves from cyberattack and reinforce some of the processes that they have in their family offices?
Well, I think what's really important to note is cyber criminals go where it's easiest, and they're usually after two things, money or information that leads to money. So those are the things that we most need to protect. And again, we want to look at this from a people, process, and technology perspective.
Let's start with people. One of the first and easiest things that you can do is educate your staff. Not even 40% are training their people. This is where you might be very good at identifying a phishing email, but you really need to educate everybody in the office to anomalies, be that in a phishing email, be that in a payment control, or be that on validating transactions, or even entry into a building. Creating a culture of vigilance is really important in this day and age.
The other thing that's very simple and is accessible to most is to conduct phishing testing for all members of staff. 50% of people who are not regularly tested will click on the real thing, so it's important to have that muscle regularly tested to identify anomalies.
We reduce the risk of human error?
Correct. We reduce that risk of human error. The second thing is when it comes to process, first and foremost, use multi-factor authentication wherever offered. If you are interested in cyber insurance, your insurance rates will immediately go down if you have multi-factor authentication in place because insurance companies are tired of paying out. So it is a great door stop to bad passwords and things, but using two-factor is so critical. So that's a first and foremost.
One, also reducing the access of data to everyone. It's also an easy fix that it just takes a little bit of review and assessment to say, why does everybody have access to all things? Because if a hacker gets into somebody that does, it's easy for them to pivot. Another area, particularly around-- that we saw, encryption is so infrequently used. Secure communications are vital.
In cyber, we talk about data at rest, data in use, and data in transit. When we're in an office, we have data in use or at rest, but when we press Send on something, it's in transit, and it's not guaranteed that it's encrypted there. So it's critical to have staff understand that they need to also encrypt the email themselves, particularly if they're sending personal identifiable information to family members, to attorneys, to banks.
Anywhere there is critical information in transit you should most certainly put encryption on. And this is available through most, even common, software tools, but educating staff that that is important is a big way to go. One of the last things on technology is you really need to understand that just being in the cloud is not going to do it. We're less worried about the cloud provider necessarily being hacked, but them hacking you is much more likely.
So get professional help. Make sure you're not going this alone and just assuming that your environment is secure. I would also say, conduct a cyber assessment. I say this in every session. When you ask yourself to be professionally hacked, you're also going to see that they're going to figure out not just is your network weak, but can they get into the building? Is there another way that they can get access into all your devices? So really critical. You're much better off spending maybe $10,000, $15,000 on a cyber assessment than paying ransomware later.
Absolutely.
And you'll then have a specific list of, these are the things I need to fix.
This has been incredibly insightful and a little bit frightening. I'll be honest. One topic that comes up frequently in client conversations, and I think we'd be remiss if we did not talk about it, is the potential role of AI in the family office and how it might be used and also what some of the risks might be.
Elisa, thank you for bringing that up because AI is something that comes up in every client meeting that we have. AI is going to change-- what I tell clients is, it's certainly going to change every industry that we work with, and it's important that people become familiar with these tools. A lot of people are thinking, well, I'm a little worried about using it, and that's a healthy regard to have.
But it's going to give-- it can give huge-potential productivity gains and things. It can help us be very creative. But we also have to understand that those tools are also building their own models. They're learning off what we input. So everything you input may also be used and ingested in a way that it learns more about you.
So this is one where it's really important that before you start using a public tool or even an enterprise-licensed tool, you have to understand how it's going to access your data, which data it's going to access and ingest, and what it might send out. So make sure that this is set up very securely. So again, embrace it. It's coming. It's here. But use it securely.
The other thing I do want to add is also I think what a lot of our clients are concerned about, certainly, what's in the news a lot, are deep fakes. And deep fakes is a concern for us in cybersecurity because the ability to manipulate people is really underlying all that. What I challenge family offices to do is look at your processes when it comes to deep fakes. Could your payment processes withstand a deep fake?
Do you have maker checker processes? Do you validate payments via another channel? There was a case recently where somebody transferred large amounts of money because of a deep fake on video calls. And this is where we need to make sure that that could not happen to our own family offices. So I challenge people to really look at their people, process, and not just the technology when it comes to cybersecurity.
Ileana, this has been incredibly helpful, and you've shared a great deal of information with all of us. I want to remind clients that Ileana and her team are available to help your bankers, your advisors, and all of you with thinking through some of these issues, to educate you on some of the steps you can take, and again, to help you find the right providers to help support your current infrastructure.
And then our Family Office team is also available to help you think through what your family office might look like, help you think through succession planning issues, how you might be able to manage your services for the family office, and to help you with your investment portfolio, and other needs as well. Thank you for joining us today.
Prior to making financial or investment decisions, you should speak with a qualified professional in your JPMorgan team.
[MUSIC PLAYING]
(SPEECH)
This
(DESCRIPTION)
Title card: PLEASE NOTE: This session is closed to the press. The views and strategies described herein may not be suitable for all clients and are subject to investment risks. Certain opinions, estimates, investment strategies and views expressed in this document constitute our judgment based on current market conditions and are subject to change without notice. This material should not be regarded as research or as a J.P. Morgan research report. The information contained herein should not be relied upon in isolation for the purpose of making an investment decision. More complete information is available, including product profiles, which discuss risks, benefits, liquidity and other matters of interest. For more information on any of the investment ideas and products illustrated herein, please contact your J.P. Morgan representative. Investors may get back less than they invested, and past performance is not a reliable indicator of future results. This information is provided for informational purposes only. We believe the information contained in this video to be reliable; however we do not represent or warrant its accuracy, reliability or completeness, or accept any liability for any loss or damage arising out of the use of any information in this video. The views expressed herein are those of the speakers and may differ from those of other J.P. Morgan employees and are subject to change without notice. Nothing in this video is intended to constitute a representation that any product or strategy is suitable for you. Nothing in this document shall be regarded as an offer, solicitation, recommendation or advice (whether financial, accounting, legal, tax or other) given by J.P. Morgan and/or its officers or employees to you. You should consult your independent professional advisors concerning accounting, legal or tax matters. Contact your J.P. Morgan representative for additional information and guidance concerning your personal investment goals. INVESTMENT AND INSURANCE PRODUCTS: NOT A DEPOSIT, NOT FDIC INSURED, NOT INSURED BY ANY FEDERAL GOVERNMENT AGENCY, NO BANK GUARANTEE, MAY LOSE VALUE.
(SPEECH)
is intended for informational purposes only. Opinions expressed herein are those of the speakers and may differ from those of other JPMorgan employees and affiliates. Historical information and outlooks are not guarantees of future results. Any views and strategies described may not be appropriate for all participants and should not be intended as personal investment, financial, or other advice. As a reminder, investment products are not FDIC insured, do not have bank guarantee, and they may lose value.
(DESCRIPTION)
Logo: J.P. Morgan, Private Bank. Text: The importance of cyber security for the family office. Elisa Shevlin Rizzo, head of family office advisory. Ileana Vander Linde, Head of global cyber advisory. Profile pictures of the speakers.
(SPEECH)
Welcome, everyone, and thank you for joining us here today. My name is Elisa Shevlin Rizzo, and I am the head of Family Office Advisory here at JPMorgan Private Bank.
(DESCRIPTION)
Text: Elisa Shevlin Rizzo, head of family office advisory. Elisa has shoulder length blonde hair and is wearing a white blazer. She sits at a table with Eliana Vander Linde. In the background there are vertical strips of grey soundproof material. There is the phrase JP Morgan in a calligraphy style on the wall behind the two speakers.
(SPEECH)
Earlier this year, the Family Office practice published its Global Family Office Report, which includes a great deal of insights drawn from our single-family office clients from around the globe.
We
(DESCRIPTION)
Slide, 2024, Global Family Office Report.
(SPEECH)
asked specific questions about how family offices were allocating their investment portfolio, how they were fulfilling their investment needs, what kinds of services they were providing to Family Office clients, and how they were managing risk, governance, and succession planning issues. We also asked about key gaps in our clients' existing models, and 40% of our clients reported that cybersecurity was their number one cause of concern.
In
(DESCRIPTION)
Slide, In this session. A bullet point list.
(SPEECH)
this session, we'll be covering some of our clients' most pressing questions. We'll talk a little bit about cybersecurity and technology and how they are different. And then last, we'll turn to some of the steps that family offices can take to better protect themselves from the risk of hackers. To help me frame this conversation, I am joined here today by Ileana van der Linde, who is the head of our Cyber Advisory team here at JPMorgan Private Bank. Welcome, Ileana. It is so good to have you here today. Thank you.
Yes,
(DESCRIPTION)
Text: Ileana Vander Linde, Head of global cyber advisory. Ileana has shoulder length dark brown hair and is wearing a red blazer over a black top.
(SPEECH)
it's a pleasure to be here with you.
So before we get started, why don't we talk a little bit about you and your team and how you can work with clients?
I head up the Global Cyber Advisory team. What we do is we meet with clients in one-on-one sessions, generally ultra-high net worth individuals, their families, as well as family offices and related businesses. What we do is we provide guidance, educational content, seminars, but we really are here to help our clients learn how they can be more secure, particularly, the family offices that control so much.
That's great to know. Cybersecurity is a key issue for everyone, and our Global Family Office Report really highlighted that effect. The potential impact of a cybersecurity event or breach on family offices is significant. About 40% of the family offices did report that cybersecurity was their number one concern, and about 25% of our family office respondents indicated that they had been subject to a cyberattack or other breach that they were aware of.
To JPMorgan, cyber is a huge priority. We spend about $15 billion a year on technology and about $700 million on cybersecurity annually. The two are not the same, and we'll get to that a little bit later. But we also work across technology, people, and processes to ensure that our clients' data, assets are secure.
But what we have seen is while we protect the perimeter here at JPMorgan, we also see that hackers go where it's easiest. And this is exactly why we developed this program many years ago, to help our clients understand their risk.
One thing that jumped out at me when I was going through the data in preparation for writing the report was that one in five family offices indicated that they do not have any cybersecurity measures in place. Does that surprise you?
Some of the numbers definitely surprise me. Some come up in cyber discussions with clients. What we know is that of all the cyberattacks that occur, 75% are directed to small and medium-sized businesses, and family offices are just that. They often don't have the operations, the infrastructure, and the multi-layers of defense that you need, whether you're a large organization or a small organization.
Only 39% of family offices actually educate their staff on cybersecurity or even create a culture of reporting things that they might see. 61% of family offices provide access to data on an as-needed basis, which means 40% have much too broad an access to all their data, another area that we shouldn't do. The one that really got me was only 18% of clients are encrypting their data, and so that means the vast majority are not.
And these are all things that are easily remediated and, I think, that we can get to. So one of the other areas is that 2/3 have an IT provider, but not necessarily a cyber provider. And this is, I think, a nuance that is often lost on a lot of our clients, that they think they're safe because,
I'm in the cloud, or I don't need cybersecurity. And this is a huge area where we work to come in and explain that you have to look at cybersecurity, really, from a people, process, and technology perspective, a much more comprehensive view, and not just think this is solved with technology only.
So let's talk a little bit about that because that does come up a lot in client conversations, I have technology, I'm using my company systems, what have you. Let's spend some time going through the differences between technology and what that does and cybersecurity and what that is.
Technology, really, is an important control that you can use in cybersecurity, but 80% of all cyberattacks today happen because they figure out people and process. So the vast majority, we want to up front and look at risk from a people and process perspective and change that mindset. When it comes to technology, you can have an IT provider-- a lot of tools today are plug and play-- but what you really also want to think about today is maybe two decades ago, that might have been sufficient.
We're in a very different landscape today. You typically want to look at a managed service provider that is going to basically ensure that your hardware and software are also set up securely. But you might also need a managed security service provider, an MSSP, which looks at monitoring the threats that are coming in. So it's almost like setting up your house secure but also putting a sentry outside to ensure that attacks aren't coming into that house.
And that MSSP--
Mm-hmm, yes.
--is that monitoring done on a continuous basis? Is it periodic? How does that occur?
Well, this is the thing. There isn't usually one vendor that does everything. Right now, in the landscape, things are very segregated, so you have different types of providers doing different things. But overall, you want to make sure that, yes, you might need your IT provider to provide you printers, laptops, things like that, but you need somebody to 24/7 ensure that your house is secure.
That extra monitoring that an MSSP or another vendor may also offer as part of their services is you want active monitoring because while you're asleep at 4:00 AM, there are plenty of bot traffic and things of that nature that are coming at your network.
What's five steps can clients take to protect themselves from cyberattack and reinforce some of the processes that they have in their family offices?
Well, I think what's really important to note is cyber criminals go where it's easiest, and they're usually after two things, money or information that leads to money. So those are the things that we most need to protect. And again, we want to look at this from a people, process, and technology perspective.
Let's start with people. One of the first and easiest things that you can do is educate your staff. Not even 40% are training their people. This is where you might be very good at identifying a phishing email, but you really need to educate everybody in the office to anomalies, be that in a phishing email, be that in a payment control, or be that on validating transactions, or even entry into a building. Creating a culture of vigilance is really important in this day and age.
The other thing that's very simple and is accessible to most is to conduct phishing testing for all members of staff. 50% of people who are not regularly tested will click on the real thing, so it's important to have that muscle regularly tested to identify anomalies.
We reduce the risk of human error?
Correct. We reduce that risk of human error. The second thing is when it comes to process, first and foremost, use multi-factor authentication wherever offered. If you are interested in cyber insurance, your insurance rates will immediately go down if you have multi-factor authentication in place because insurance companies are tired of paying out. So it is a great door stop to bad passwords and things, but using two-factor is so critical. So that's a first and foremost.
One, also reducing the access of data to everyone. It's also an easy fix that it just takes a little bit of review and assessment to say, why does everybody have access to all things? Because if a hacker gets into somebody that does, it's easy for them to pivot. Another area, particularly around-- that we saw, encryption is so infrequently used. Secure communications are vital.
In cyber, we talk about data at rest, data in use, and data in transit. When we're in an office, we have data in use or at rest, but when we press Send on something, it's in transit, and it's not guaranteed that it's encrypted there. So it's critical to have staff understand that they need to also encrypt the email themselves, particularly if they're sending personal identifiable information to family members, to attorneys, to banks.
Anywhere there is critical information in transit you should most certainly put encryption on. And this is available through most, even common, software tools, but educating staff that that is important is a big way to go. One of the last things on technology is you really need to understand that just being in the cloud is not going to do it. We're less worried about the cloud provider necessarily being hacked, but them hacking you is much more likely.
So get professional help. Make sure you're not going this alone and just assuming that your environment is secure. I would also say, conduct a cyber assessment. I say this in every session. When you ask yourself to be professionally hacked, you're also going to see that they're going to figure out not just is your network weak, but can they get into the building? Is there another way that they can get access into all your devices? So really critical. You're much better off spending maybe $10,000, $15,000 on a cyber assessment than paying ransomware later.
Absolutely.
And you'll then have a specific list of, these are the things I need to fix.
This has been incredibly insightful and a little bit frightening. I'll be honest. One topic that comes up frequently in client conversations, and I think we'd be remiss if we did not talk about it, is the potential role of AI in the family office and how it might be used and also what some of the risks might be.
Elisa, thank you for bringing that up because AI is something that comes up in every client meeting that we have. AI is going to change-- what I tell clients is, it's certainly going to change every industry that we work with, and it's important that people become familiar with these tools. A lot of people are thinking, well, I'm a little worried about using it, and that's a healthy regard to have.
But it's going to give-- it can give huge-potential productivity gains and things. It can help us be very creative. But we also have to understand that those tools are also building their own models. They're learning off what we input. So everything you input may also be used and ingested in a way that it learns more about you.
So this is one where it's really important that before you start using a public tool or even an enterprise-licensed tool, you have to understand how it's going to access your data, which data it's going to access and ingest, and what it might send out. So make sure that this is set up very securely. So again, embrace it. It's coming. It's here. But use it securely.
The other thing I do want to add is also I think what a lot of our clients are concerned about, certainly, what's in the news a lot, are deep fakes. And deep fakes is a concern for us in cybersecurity because the ability to manipulate people is really underlying all that. What I challenge family offices to do is look at your processes when it comes to deep fakes. Could your payment processes withstand a deep fake?
Do you have maker checker processes? Do you validate payments via another channel? There was a case recently where somebody transferred large amounts of money because of a deep fake on video calls. And this is where we need to make sure that that could not happen to our own family offices. So I challenge people to really look at their people, process, and not just the technology when it comes to cybersecurity.
Ileana, this has been incredibly helpful, and you've shared a great deal of information with all of us. I want to remind clients that Ileana and her team are available to help your bankers, your advisors, and all of you with thinking through some of these issues, to educate you on some of the steps you can take, and again, to help you find the right providers to help support your current infrastructure.
And then our Family Office team is also available to help you think through what your family office might look like, help you think through succession planning issues, how you might be able to manage your services for the family office, and to help you with your investment portfolio, and other needs as well. Thank you for joining us today.
Prior to making financial or investment decisions, you should speak with a qualified professional in your JPMorgan team.
[MUSIC PLAYING]
(DESCRIPTION)
Logo: J.P. Morgan. Disclosures. Key risks. This material is for information purposes only, and may inform you of certain products and services offered by private banking businesses, part of JPMorgan Chase & Co. ("JPM"). Products and services described, as well as associated fees, charges and interest rates, are subject to change in accordance with the applicable account agreements and may differ among geographic locations. Not all products and services are offered at all locations. If you are a person with a disability and need additional support accessing this material, please contact your J.P. Morgan team or email us at accessibility.support@jpmorgan.com for assistance. Please read all Important Information. GENERAL RISKS & CONSIDERATIONS Any views, strategies or products discussed in this material may not be appropriate for all individuals and are subject to risks. Investors may get back less than they invested, and past performance is not a reliable indicator of future results. Asset allocation/diversification does not guarantee a profit or protect against loss. Nothing in this material should be relied upon in isolation for the purpose of making an investment decision. You are urged to consider carefully whether the services, products, asset classes (e.g. equities, fixed income, alternative investments, commodities, etc.) or strategies discussed are suitable to your needs. You must also consider the objectives, risks, charges, and expenses associated with an investment service, product or strategy prior to making an investment decision. For this and more complete information, including discussion of your goals/situation, contact your J.P. Morgan team.
NON-RELIANCE Certain information contained in this material is believed to be reliable; however, JPM does not represent or warrant its accuracy, reliability or completeness, or accept any liability for any loss or damage (whether direct or indirect) arising out of the use of all or any part of this material. No representation or warranty should be made with regard to any computations, graphs, tables, diagrams or commentary in this material, which are provided for illustration/ reference purposes only. The views, opinions, estimates and strategies expressed in this material constitute our judgment based on current market conditions and are subject to change without notice. JPM assumes no duty to update any information in this material in the event that such information changes. Views, opinions, estimates and strategies expressed herein may differ from those expressed by other areas of JPM, views expressed for other purposes or in other contexts, and this material should not be regarded as a research report. Any projected results and risks are based solely on hypothetical examples cited, and actual results and risks will vary depending on specific circumstances. Forward-looking statements should not be considered as guarantees or predictions of future events. Nothing in this document shall be construed as giving rise to any duty of care owed to, or advisory relationship with, you or any third party. Nothing in this document shall be regarded as an offer, solicitation, recommendation or advice (whether financial, accounting, legal, tax or other) given by J.P. Morgan and/or its officers or employees, irrespective of whether or not such communication was given at your request. J.P. Morgan and its affiliates and employees do not provide tax, legal or accounting advice. You should consult your own tax, legal and accounting advisors before engaging in any financial transactions.
Your investments and potential conflicts of interest. Conflicts of interest will arise whenever JPMorgan Chase Bank, N.A. or any of its affiliates (together, "J.P. Morgan") have an actual or perceived economic or other incentive in its management of our clients' portfolios to act in a way that benefits J.P. Morgan. Conflicts will result, for example (to the extent the following activities are permitted in your account): (1) when J.P. Morgan invests in an investment product, such as a mutual fund, structured product, separately managed account or hedge fund issued or managed by JPMorgan Chase Bank, N.A. or an affiliate, such as J.P. Morgan Investment Management Inc.; (2) when a J.P. Morgan entity obtains services, including trade execution and trade clearing, from an affiliate; (3) when J.P. Morgan receives payment as a result of purchasing an investment product for a client's account; or (4) when J.P. Morgan receives payment for providing services (including shareholder servicing, recordkeeping or custody) with respect to investment products purchased for a client's portfolio. Other conflicts will result because of relationships that J.P. Morgan has with other clients or when J.P. Morgan acts for its own account. Investment strategies are selected from both J.P. Morgan and third-party asset managers and are subject to a review process by our manager research teams. From this pool of strategies, our portfolio construction teams select those strategies we believe fit our asset allocation goals and forward-looking views in order to meet the portfolio's investment objective. As a general matter, we prefer J.P. Morgan managed strategies. We expect the proportion of J.P. Morgan managed strategies will be high (in fact, up to 100 percent) in strategies such as, for example, cash and high-quality fixed income, subject to applicable law and any account-specific considerations.
While our internally managed strategies generally align well with our forward-looking views, and we are familiar with the investment processes as well as the risk and compliance philosophy of the firm, it is important to note that J.P. Morgan receives more overall fees when internally managed strategies are included. We offer the option of choosing to exclude J.P. Morgan managed strategies (other than cash and liquidity products) in certain portfolios. The Six Circles Funds are U.S.-registered mutual funds managed by J.P. Morgan and sub-advised by third parties. Although considered internally managed strategies, JPMC does not retain a fee for fund management or other fund services.
Legal entity brand and regulatory information. In the United States, bank deposit accounts and related services, such as checking, savings and bank lending, are offered by JPMorgan Chase Bank, N.A. Member FDIC. JPMorgan Chase Bank, N.A. and its affiliates (collectively "JPMCB*) offer investment products, which may include bank managed investment accounts and custody, as part of its trust and fiduciary services. Other investment products and services, such as brokerage and advisory accounts, are offered through J.P. Morgan Securities LLC ("JPMS"), a member of FINRA and SIPC, Insurance products are made available through Chase Insurance Agency, Inc. (CIA), a licensed insurance agency, doing business as Chase Insurance Agency Services, Inc. in Florida. JPMCB, JPMS and CIA are affiliated companies under the common control of JPM. Products not available in all states.
In Germany, this material is issued by J.P. Morgan SE, with its registered office at Taunustor 1 (Taunus Turm), 60310 Frankfurt am Main, Germany, authorized by the Bundesanstalt für Finanzienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB). In Luxembourg, this material is issued by J.P. Morgan SE - Luxembourg Branch, with registered office at European Bank and Business Centre, 6 route de Treves, L-2633, Senningerberg, Luxembourg, authorized by the Bundesanstalt für Finanzienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB); J.P. Morgan SE - Luxembourg Branch is also supervised by the Commission de Surveillance du Secteur Financier (CSSF): registered under R.C.S Luxembourg B255938. In the United Kingdom, this material is issued by J.P. Morgan SE - London Branch, registered office at 25 Bank Street, Canary Wharf, London E14 5JP, authorized by the Bundesanstalt für Finanzienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB); J.P. Morgan SE - London Branch is also supervised by the Financial Conduct Authority and Prudential Regulation Authority.
In Spain, this material is distributed by J.P. Morgan SE, Sucursal en España, with registered office at Paseo de la Castellana, 31, 28046 Madrid, Spain, authorized by the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB); J.P. Morgan SE, Sucursal en España is also supervised by the Spanish Securities Market Commission (CNMV); registered with Bank of Spain as a branch of J.P. Morgan SE under code 1567. In Italy, this material is distributed by J.P. Morgan SE - Milan Branch, with its registered office at Via Cordusio, n.3, Milan 20123, Italy, authorized by the Bundesanstalt für Finanzienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB); J.P. Morgan SE - Milan Branch is also supervised by Bank of Italy and the Commissione Nazionale per le Società e la Borsa (CONSOB); registered with Bank of Italy as a branch of J.P. Morgan SE under code 8076; Milan Chamber of Commerce Registered Number: REA MI 2536325.
In the Netherlands, this material is distributed by J.P. Morgan SE - Amsterdam Branch, with registered office at World Trade Centre, Tower B, Strawinskylaan 1135, 1077 XX, Amsterdam, The Netherlands, authorized by the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB); J.P. Morgan SE - Amsterdam Branch is also supervised by De Nederlandsche Bank (DNB) and the Autoriteit Financiele Markten (AFM) in the Netherlands. Registered with the Kamer van Koophandel as a branch of J.P. Morgan SE under registration number 72610220. In Denmark, this material is distributed by J.P. Morgan SE - Copenhagen Branch, filial af J.P. Morgan SE, Tyskland, with registered office at Kalvebod Brygge 39-41, 1560 Kebenhavn V, Denmark, authorized by the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB); J.P. Morgan SE - Copenhagen Branch, filial af J.P. Morgan SE, Tyskland is also supervised by Finanstilsynet (Danish FSA) and is registered with Finanstilsynet as a branch of J.P. Morgan SE under code 29010. In Sweden, this material is distributed by J.P. Morgan SE - Stockholm Bankfilial, with registered office at Hamngatan 15, Stockholm, 11147, Sweden, authorized by the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB); J.P. Morgan SE - Stockholm Bankfilial is also supervised by Finansinspektionen (Swedish FSA); registered with Finansinspektionen as a branch of J.P. Morgan SE. In Belgium, this material is distributed by J.P. Morgan SE - Brussels Branch with registered office at 35 Boulevard du Régent, 1000, Brussels, Belgium, authorized by the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB); J.P. Morgan SE Brussels Branch is also supervised by the National Bank of Belgium (NBB) and the Financial Services and Markets Authority (FSMA) in Belgium; registered with the NBB under registration number 0715.622.844. In Greece, this material is distributed by J.P. Morgan SE - Athens Branch, with its registered office at 3 Haritos Street, Athens, 10675, Greece, authorized by the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB); J.P. Morgan SE - Athens Branch is also supervised by Bank of Greece; registered with Bank of Greece as a branch of J.P. Morgan SE under code 124; Athens Chamber of Commerce Registered Number 158683760001; VAT Number 99676577.
In France, this material is distributed by J.P. Morgan SE - Paris Branch, with its registered office at 14, Place Vendome 75001 Paris, France, authorized by the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) and jointly supervised by the BaFin, the German Central Bank (Deutsche Bundesbank) and the European Central Bank (ECB) under code 842 422 972; J.P. Morgan SE - Paris Branch is also supervised by the French banking authorities the Autorité de Contrôle Prudentiel et de Résolution (ACPR) and the Autorité des Marchés Financiers (AMF). In Switzerland, this material is distributed by J.P. Morgan (Suisse) SA, with registered address at rue du Rhône, 35, 1204, Geneva, Switzerland, which is authorised and supervised by the Swiss Financial Market Supervisory Authority (FINMA) as a bank and a securities dealer in Switzerland.
This communication is an advertisement for the purposes of the Markets in Financial Instruments Directive (MIFID II) and the Swiss Financial Services Act (FINSA). Investors should not subscribe for or purchase any financial instruments referred to in this advertisement except on the basis of information contained is any applicable legal documentation which is or shall be made available in the relevant jurisdictions (as required).
This communication is an advertisement for the purposes of the Markets in Financial Instruments Directive (MIFID II) and the Swiss Financial Services Act (FINSA). Investors should not subscribe for or purchase any financial instruments referred to in this advertisement except on the basis of information contained is any applicable legal documentation which is or shall be made available in the relevant jurisdictions (as required).
LEGAL ENTITY, BRAND & REGULATORY INFORMATION, JPMorgan Chase Bank, N.A. (JPMCBNA) (ABN 43 074 112 011/AFS Licence No: 238367) is regulated by the Australian Securities and Investment Commission and the Australian Prudential Regulation Authority. Material provided by JPMCBNA in Australia is to "wholesale clients" only. For the purposes of this paragraph the term "wholesale client" has the meaning given in section 761G of the Corporations Act 2001 (Cth). Please inform us if you are not a Wholesale Client now or if you cease to be a Wholesale Client at any time in the future. JPMS is a registered foreign company (overseas) (ARBN 109293610) incorporated in Delaware, U.S.A. Under Australian financial services licensing requirements, carrying on a financial services business in Australia requires a financial service provider, such as J.P. Morgan Securities LLC (JPMS), to hold an Australian Financial Services Licence (AFSL), unless an exemption applies. JPMS is exempt from the requirement to hold an AFSL under the Corporations Act 2001 (Cth) (Act) in respect of financial services it provides to you, and is regulated by the SEC, FINRA and CFTC under US laws, which differ from Australian laws. Material provided by JPMS in Australia is to "wholesale clients" only. The information provided in this material is not intended to be, and must not be, distributed or passed on, directly or indirectly, to any other class of persons in Australia. For the purposes of this paragraph the term "wholesale client has the meaning given in section 761G of the Act. Please inform us immediately if you are not a Wholesale Client now or if you cease to be a Wholesale Client at any time in the future. This material has not been prepared specifically for Australian investors. It: • may contain references to dollar amounts which are not Australian dollars; • may contain financial information which is not prepared in accordance with Australian law or practices; • may not address risks associated with investment in foreign currency denominated investments; and • does not address Australian tax issues.
LEGAL ENTITY, BRAND & REGULATORY INFORMATION, References to "J.P. Morgan" are to JPM, its subsidiaries and affiliates worldwide. "J.P. Morgan Private Bank" is the brand name for the private banking business conducted by JPM. This material is intended for your personal use and should not be circulated to or used by any other person, or duplicated for non-personal use, without our permission. If you have any questions or no longer wish to receive these communications, please contact your J.P. Morgan team. © 2024 JPMorgan Chase & Co. All rights reserved.
Learn practical steps to better enhance you and your family office’s digital security.
Published Jul 31, 2024
In this article
In this article
you may also like
