Cost of advice for transferring out of a DB scheme

agarnett

dunstonh wrote: »

Do you only read headlines? You should read the content. The Daily Mail confirmed that whilst the data seller mentioned Sesame, the data he supplied was verified independently not to be from Sesame and was therefore a lie.

Only one person has alleged that data was from Sesame. He is being positioned as a criminal. You are now the second person that is making that allegation. If you have the evidence, to support your allegation then you should perhaps contact the police or the Daily Mail. Or you should perhaps withdraw the allegation which could be considered libel.

Oh why so touchy ? I didn't make any allegation - I merely pointed to one reported by a national newspaper ! Sounds like you know far more about it than most of us, but why did you not even name Sesame ? Conflict of interest ? I suffer no such burdens. I did read however that Sesame was borne out of Misys and that Misys was the market leading insurance intermediary software house (for intermediaries outside the City). And having had dealings with insurance intermediary software houses, I am very aware of the risks of how enormous databases can be snaffled in minutes. And in any event, in that MSE thread on pensions data sold to criminals, I myself suggested that HMRC was most likely the real source of the data leak ! I do like to keep discussions balanced when I can!

Aviva are a perfectly fine company to do business with. They have some very suitable products available as you would expect from the only UK insurer left that does business in virtually every area.

They absolutely are not perfectly fine. They snaffled billions from with-profits funds (as did Friends Life) which you no doubt described when you sold such products as "perfectly suitable" in your earlier days. Furthermore they have been reneging for some years now on the core conservative investor benefits of with-profits contracts, and have created an awful dearth of the regular bonuses which are supposed to be the measure and proof of annual with-profits "smoothing", and instead hiding the performance of funds from investors like me by declaring spurious final bonuses only when we ask for transfer or surrender values or at policy maturity.

Despite the single premium nature of Section 32 Pension Buy Out policies for example, they even declare (but only if you ask) different final bonus percentages on the weird and wonderful "special bonuses" they have dreamed up constantly to suit their own agenda, now that they have declared such a large part of the with-profits funds belongs to their shareholders. So when it suits Aviva to give their shareholders a bonus, that's the only time I get mine, unless I transfer out or risk staying the course and fielding the heaps of paper supposedly detailing every little wheeze they dream up and throw at their policyholders whether it be merging this, or reorganising that or reattributing the other. They also mix up their communications about one special bonus wheeze with their next wheeze, and play with qualification dates in order to give themselves the best chance of not actually having to pay out the same bonuses paid to shareholders e.g. a special bonus declared in March 2008 gave false estimates of % bonuses that would apply to funds invested at 1.1.2008, 1.1.2009, and 1.1.2010 and that exactly blanketed the massive reattribution exercise they did where they successfully bribed 87% of the policyholder base to give up important rights to future bonuses. No doubt they bribed your clients too - or did you advise them against it ? No doubt it was all perfectly fine to you at the time?

It is in fact a complete nightmare for someone like me to try to fathom within 2 years of my retirement date, and with the new pension freedom rules. I am not supposed to need any industry apologist calling themselves an IFA to understand my contract. I as a consumer should be entitled to pick up my original pension policy and expect it to work exactly as said on the tin. I still have all the unopened tins complete with labels and contents in good condition! But no.

The barstewards have changed it beyond all recognition. I as a consumer, conclude in absolute diametrical opposition to your view, that Aviva are in fact the pits.

I slap myself to responding to your foolish troll style posts. You rant and rave about things you know nothing about and despite most posters here seeing you for what you really are, I always fear there will be some misguided fool that reads what you type and takes is seriously.

You should slap yourself for calling me a troll, and for calling any MSE'ers misguided fools.

Pensions should be the most reliable investments that each of us possesses by the time we approach retirement. Sadly they are far, far from it as the threads in this forum confirm. The pensions provision system in the UK is worse than the Wild West. In the Wild West at least the rattlers are recogniseable and the card sharks are generally only found seated in the back of the saloon.

The industry has created a horrible mess of shifting and stinking sands that not even you IFAs understand, so instead of claiming that you do, and daily kidding MSE'ers that it is an orderly market with friendly advice on tap (for a solicitor-sized fee) with which ordinary people can safely navigate, I wish you'd admit you are simply playing with the twiddly bits that massive corporates like Aviva simply allow you to play with up to a point, to make your comfortable livings.

Independent ? My a¤¤.

Edit: So I see you deleted your "I love Aviva/You're a troll post". Good job I quoted most of it.

dunstonh

Oh why so touchy ? I didn't make any allegation - I merely pointed to one reported by a national newspaper ! Sounds like you know far more about it than most of us, but why did you not even name Sesame ?

You made a comment and pointed to an article. The article did not say what you alleged.

Sounds like you know far more about it than most of us

Anyone in financial services knows of them.

I did read however that Sesame was borne out of Misys and that Misys was the market leading insurance intermediary software house (for intermediaries outside the City).

That is not correct. Misys was a later owner. The networks were around decades before Misys.

And having had dealings with insurance intermediary software houses, I am very aware of the risks of how enormous databases can be snaffled in minutes.

And would you like to explain what data they had?

Pensions should be the most reliable investments that each of us possesses by the time we approach retirement.

Pensions are not investments. They are a tax wrapper.

Edit: So I see you deleted your "I love Aviva/You're a troll post". Good job I quoted most of it.

I deleted it as I thought, with hindsight, that giving you any recognition of existence was a bad thing to do. I still do an I apologise to other forum members for engaging with you.

agarnett

dunstonh wrote: »

You made a comment and pointed to an article. The article did not say what you alleged.

First of all, it was not I who alleged. I used the word "allegedly" and linked that word directly to the article where the alleger was quoted. The fact that his allegation was denied and that the Daily Mail decided to name him as both as the alleger and consequently as a liar, is a matter for them, but just for you, I have gone back to my piece and edited it to quote in full the part of the article you are taking issue with - I hope you are happy.

Anyone in financial services knows of them.

You mean like everyone in financial services knew the names Norwich Union, General Accident, Commercial Union, Misys, Equity and Law, Pearl, Sun Life, Friends Provident etc. etc. (once upon a time when many pension policies now coming up to maturity were issued?), but funnily enough, none had heard of Aviva or Resolution or Friends Life?

That is not correct. Misys was a later owner. The networks were around decades before Misys.

Oh right. Would that be 'IFA networks'? Always was a bit of an oxymoron, that one. I am not sure what you mean about the networks being around before Misys. I think Misys was formed in 1979 at a time when most mortgages were sold by high street building societies and there was no such thing as an IFA and in fact most current day ones were still in nappies. So what you mean is that Misys bought the network (can you buy a network of IFAs??), and the data at some point ?

And would you like to explain what data they had?

Your point being? That they did not have data? / They did have data? It was safe? / It was not safe? What data does Google have? Everything you ever typed into their software, or just some of it? Does it for example have personal data linked to you which belongs to others ? You might be very surprised.

Pensions are not investments. They are a tax wrapper.

Oh! Excuse me! I had no idea! And on that theme I suppose Andrex toilet paper is not to be thought of as a¤¤-wipe but more as a personal hygiene tissue

I deleted it as I thought, with hindsight, that giving you any recognition of existence was a bad thing to do. I still do an I apologise to other forum members for engaging with you.

I am sure they don't mind as much as you do :rotfl:

But seriously, you must surely be embarrassed by the state of the industry and the way it has been well and truly cornered by a few massive corporates whichever way you look, such that you seemingly feel obliged to defend their names ?

mgdavid

dunstonh wrote: »

.........
I deleted it as I thought, with hindsight, that giving you any recognition of existence was a bad thing to do. I still do an I apologise to other forum members for engaging with you.

In extremis there is always the 'Ignore' list; works a treat

agarnett

mgdavid wrote: »

In extremis there is always the 'Ignore' list; works a treat

And yet here you are again - a glutton for it :EasterBun

dunstonh

First of all, it was not I who alleged. I used the word "allegedly" and linked that word directly to the article where the alleger was quoted. The fact that his allegation was denied and that the Daily Mail decided to name him as both as the alleger and consequently as a liar, is a matter for them, but just for you, I have gone back to my piece and edited it to quote in full the part of the article you are taking issue with - I hope you are happy.

The allegation was not just denied. It was independently proven not to be. Yet you use it against that company.

Oh right. Would that be 'IFA networks'? Always was a bit of an oxymoron, that one. I am not sure what you mean about the networks being around before Misys. I think Misys was formed in 1979 at a time when most mortgages were sold by high street building societies and there was no such thing as an IFA and in fact most current day ones were still in nappies. So what you mean is that Misys bought the network (can you buy a network of IFAs??), and the data at some point ?

It doesnt matter when Misys were formed. Misys bought a number of networks that had been around for decades and merged them. It then rebranded them and sold it. And yet again you go on about data despite knowing the truth, you continue to perpetuate a lie.

One of the IFA networks Misys bought was founded in 1983. Misys bought them in 2001.

Oh! Excuse me! I had no idea!

We know you don't. Nice of you to finally admit it.

Daniel54

agarnett wrote: »

And having had dealings with insurance intermediary software houses, I am very aware of the risks of how enormous databases can be snaffled in minutes. .[/I]

I will ignore the rest and address this one point,in case any reader might believe you have specialist knowledge

Not sure what you are talking about re "insurance intermediary software houses" .What are these ?

I work for one of the largest insurance intermediaries in the UK,but am not part of the direct line management for our pensions administration arm

However in one of my roles I am part of the oversight across the UK estate concerning our data protection protocols and the security of our IT network.This is high on our risk register,as it is for the FCA who audit us on an ongoing basis . We devote huge amounts of time.effort and money to protect our customers

Data protection is a constant contest with criminals who might want to access that data ,so 100% security is an aim rather than a certainty

But to suggest from your personal knowledge that insurance intermediaries have data that can be easily stolen is from my more immediate experience quite frankly wrong and a further instance of ignorant scaremongering.

Personal lines financial regulation in the UK is not perfect and still much depends on the culture of individuals and individual organisations.You may choose to take your own views and distrust all and everything and then act accordingly,but I believe you are performing a fundamental disservice to MSE readers by advancing your personal subjective views into a distrust of the FCA,PRA,IFAs, FOS,Pension Regulator,pension trustees,corporate pension sponsors and their covenants,actuaries ,accountants and anybody else you care to mention and believe the worst of.

Regulatory protections for the consumer are important.Otherwise you are advocating open season for the real scammers and thieves.

Do you not see that ?

agarnett

dunstonh wrote: »

The allegation was not just denied. It was independently proven not to be.

Proven was it? You read the denial in the Daily Mail so it must be true? I read it too ... I saw the word 'experts' used, and whilst unlike the alleged alleger, they were not named, their view was indeed stated, but OK "proven" if you say so

Yet you use it against that company.

I am against the whole industry, pal, not just bits of it. That's because it is controlled by spivs and gamblers. And I take my lead from the Rt Hon Dr Vince Cable on that.

It doesnt matter when Misys were formed. Misys bought a number of networks that had been around for decades and merged them. It then rebranded them and sold it.

Misys has been around for decades because it marketed THE #1 software for UK insurance brokers at a time when if you were looking for advice on any type of insurance, if you didn't talk to insurance companies directly you went to an insurance broker, or someone who called himself an insurance broker (because the law against anyone calling themselves an insurance broker wasn't particularly effective until a bit later!). No doubt armed with the official lists of registered insurance brokers, Misys set about marketing their original insurance broker software product countrywide (pun on one later IFA network name fully intended!)

It came to pass that every Tom !!!!!! or Harry who could afford it, aspired to a Misys system if they wanted to run a decent insurance brokerage. This was at a time when PC's had only just started to appear on a few desktops, and mobile life insurance salesforces and individuals with pretentions of setting up on their own were in their infancy. More endowment mortgages than any other type were being sold when Misys started, and the profits launched jumped up life insurance salesmen into aspiring to positions in insurance company boardrooms, ousting the conservative general insurance types who had safely held the forts for decades.

There were no IFA networks of any consequence in the late 70s or early 80s, because there were essentially few operating as life insurance and pensions brokers using that precise term. But there were plenty spilling out in the decades following, and if your 2001 date is correct, that no doubt was when the prospect of controlling "the networks" had finally appealed sufficiently to Misys ...

So as with all things in insurance, things develop and covetous eyes behold the developments and eventually think about taking over or selling out or a mixture of both.

In my own words I said Sesame "was borne out of Misys". Misys created the Sesame brand in 2003. No-one else created it before them. I have little doubt that the words "Open Sesame" were on someone's lips when the brand was created, perhaps with a view to magically opening up stuff like pension wrappers in bulk, as opposed anything wrapped up in a sesame seed bun.

And yet again you go on about data despite knowing the truth, you continue to perpetuate a lie.

What ARE you on about? I am perpetuating nothing of the sort and you need to calm down before someone decides you are far so from Independent that it beggars belief.

One of the IFA networks Misys bought was founded in 1983. Misys bought them in 2001.

And this means what particularly? That the network was more important than the software company that bought the network and then gifted shares to the network members when Sesame was launched (by Misys) in 2003/2004 ?

But by 2007 they had "offloaded" it to Friends Provident - which is exactly how it ended up under Friends Life parentage I guess.

In the light of that story about personal data being sold to criminals, and the fact there is an NHS angle to it now, it's quite interesting don't you think to see that in 2007, the Telegraph were stating

[SIZE=-2]The City has criticised Misys for being sprawling, taking in financial services and healthcare in the UK and US. Mr Lawrie said he would focus on certain areas and signalled others might be put up for sale. In the healthcare market, Misys will try to grow its business selling IT systems to doctors. It may exit the market for hospitals.

[/SIZE]

Now I thought I dreamt I saw Misys on my GP's desk pc a few years ago - it seems I was not mistaken. I didn't give him my pension details though!

Oh! Excuse me! I had no idea!

We know you don't. Nice of you to finally admit it.

Please don't be so bloody childish.

So which one of the original networks that Misys turned into Sesame did you join? Get any shares in Sesame as a windfall for network members? Did Friends Provident buy them out ?

The whole bloody thing is so loaded and incestuous it makes some of us observers and customers sick.

agarnett

Daniel54 wrote: »

However in one of my roles I am part of the oversight across the UK estate concerning our data protection protocols and the security of our IT network.This is high on our risk register,as it is for the FCA who audit us on an ongoing basis . We devote huge amounts of time.effort and money to protect our customers

You talk about security protocols and risk registers but how do you think that organisations like Towergate, a very large insurance intermediary of my slight acquaintance, was formed? It was formed by a crazy rash of acquisitions of around 100 other intermediaries, many with weird and wonderful systems. How do you think that data in those weird and wonderful systems got migrated to whatever Towergate use? Was it all done by specially vetted men and women in white overalls and no underwear each checking each others pockets and lines of code and memory sticks?

And even if that were the case, do you really imagine that the hoards of people who are left on the outside of such acquisitions are minded to walk away waving goodbye to all the data they laboriously collected if one option for their future livings is to try to poach their customers back or something a bit more tricky? That's when the data leaks occur. Old data is still data. It is quite amazing what can be done with it. If you have enough of it, and you know what to do with it, it is bit like a ginger beer plant. You can create some pretty good new beer from it.

Regulatory protections for the consumer are important. Otherwise you are advocating open season for the real scammers and thieves.

Do you not see that ?

You effectively state you work in part of the asylum. In far too many cases, the real scammers and thieves are running the asylum. Can you not see that?
Do you proudly dine out on stories of how wonderful your industry is?

jamesd

Daniel54 wrote: »

But to suggest from your personal knowledge that insurance intermediaries have data that can be easily stolen is from my more immediate experience quite frankly wrong and a further instance of ignorant scaremongering.

Please confirm that:

1. your firm has no individuals like sysadmins who have direct file access to the database files.
2. no intermediary or hosting company has such access, including via such mechanisms as installing disk mirroring software or hardware then removing the mirrored disk after the copy is made.
3. no database administrators have access sufficient to select all rows into a log file or backup file of their choice.
4. that all potential database files and the disks that may hold data from them have at least a logical security wipe at the hardware level done before removal from production service, and that similar things are done under your firm's direct supervision when a disk is removed from a non-functioning server that can't itself issue the destroy data instruction.
5. that individuals with marketing roles do not have sufficient access to data including personally identifiable information to compile client lists that include any contact information or names and that this protection extends to firms preparing bulk mailings for your business, such as mail merge activities.
6. that it is impossible for individuals with access to backups to get data out of the backups, whether that data is stored in a cave or elsewhere.
7. what means are taken to prevent the use of hardware or software keyloggers or screen loggers for data extraction by customer service representatives, either acting as individuals or with one or more individuals compromising many client machines. Include home computers for remote workers.
8. that developers do not have access to copies of procduction data with personally identifiable information.
9. what measures are taken to prevent screen reading from remote locations via the electromagnetic emissions from screens, tempest protection.
10. what measures are taken to make it impossible to insert cable taps on your firms network cables, either purely electromagnetic or via insertion of wired or wireless (including on non-standard wavelengths) hubs in say elevator shafts or individual desks. Or, alternatively, to ensure that all potentially valuable data is strongly encrypted on the wire, including that for remote terminal access.
11. that your firm regularly has penetration testing using individuals granted the same physical and logical access as the most trusted employees and those with most informal access, from DBAs and sysadmins or marketing individuals to janitors and lift engineers.
12. that similar and effective protections are in place for quoting systems, including those used in conjunction with third party resellers.
13. ditto for regulatory reporting, for example, the potential of interception of physical mail in a post room by a low level employee who might otherwise steal and/or copy backup media.
14. no need to assume attacks like scanning and retaining the front and back images of every letter sent in a whole country or region then using that to trace letters or build lists based on matching return addresses.

If you assert 3 please also explain how you protect your data from loss that would be recoverable from a backup. If you assert 5 please explain how you do bulk mailings.

If you assert 7 please explain how, including measures like no home workers, gluing all USB sockets shut, effectively preventing access to computer internals that would allow circumvention of that, and soldering all keyboard connections permanently in place, with physical controls sufficient to prevent entry of soldering irons and/or wire cutters and splicing tools.

Now, much of that is not methods that would be called easy but most of them are probably viable at your firm and well within the capability of organised criminal gangs who can use measures from bribery to threats of physical violence against family members to obtain cooperation.

It's entirely possible that I have design review responsibility for the software of more database server installations than your firm has customers. Unfortunately this also means that I know the limits of what I can get done in that software. I don't doubt that you go to a lot of effort and expense but you face a lot of threats and the data value may make some attacks viable on a cost-benefit basis.