List of UK Wealth Management companies that are not secure by default

By Stephen Kellett
15 December, 2017

This is one of several posts of the topic of security of websites. Inspired by my initial post on the security of UK banks.

The reason for splitting this data into multiple posts is to make it more manageable. So that data on one institution is not mixed with data on another type of institution.

This is an updated version of an earlier post. We have added 15 companies since the first version.

The following key is used for the secure status:

YesThe site is secure, loaded via https
InvalidThe site loads via https, but the security certificate is invalid and thus the site is insecure.
PartialThe site loads via https, but loads some parts of the page without https. The site is insecure.
NoThe site is loaded via http, not via https.
FixedThe site is loaded via https, but at the time of first writing it was loaded via http.
??We could not find a website to evaluate.

We tested 68 wealth management companies. We found 18 wealth management companies that did not have a secure home page (not https or did have https with an invalid security certificate). That is 27% of UK wealth management companies have security vulnerabilities

Wealth Management CompanySecureHome Page
Aberdeen Asset ManagementNohttp://www.aberdeen-asset.co.uk/
Aberdeen Asset Management Trust CentreNohttp://www.invtrusts.co.uk/investmenttrusts/
Allianz Global InvestorsYeshttps://uk.allianzgi.com/role-gate-page
Artemis Investment Management LLPYeshttps://www.artemisfunds.com/
Baillie GiffordYeshttps://www.bailliegifford.com/
Barclays WealthYeshttps://www.barclays.co.uk/wealth-management/
BlackrockYeshttps://www.blackrock.com
Brewin DolphinYeshttps://www.brewin.co.uk/
Cantab Asset ManagementYeshttps://www.cantabam.com/
CapitalYeshttps://www.capital.co.uk/
Capital InternationalYeshttps://www.capital-iom.com/
CBRE Global InvestorsNohttp://www.cbreglobalinvestors.com/Pages/default.aspx
CCLAYeshttps://www.ccla.co.uk/
Charles StanleyYeshttps://www.charles-stanley.co.uk/
CitiYeshttps://www.citibank.co.uk/personal/wealth-management-products.do
City Asset Management PlcNohttp://www.city-asset.co.uk/
Clifton asset managementYeshttps://www.clifton-asset.co.uk/
Close Brothers Asset ManagementYeshttps://www.closebrothersam.com/
EFGYeshttps://www.efgam.com/home/Landing-Asset-Management.html
Equester Capital ManagementYeshttps://www.neptunefunds.com
Fidelity Worldwide InvestmentYeshttps://www.fidelity.co.uk/home
Franklin TempletonNohttp://www.franklintempleton.co.uk/
GAMYeshttps://www.gam.com/
Hargreaves LansdowneNohttp://www.hl.co.uk/
Hawksmoor investment managementNohttp://www.hawksmoorim.co.uk/
Heartwood investment managementNohttp://www.heartwoodgroup.co.uk/
Henderson Global InvestorsYeshttps://www.janushenderson.com/ukpi
Hermes Investment ManagementYeshttps://www.hermes-investment.com/ukw/
Interactive InvestorNohttp://www.iii.co.uk/funds
Investec BankYeshttps://www.investec.com/en_gb.html
Invesco PerpetualYeshttps://www.invescoperpetual.co.uk/uk
Kleinwort HambrosYeshttps://www.kleinworthambros.com/en/
Lion TrustNohttp://www.liontrust.co.uk/
London and CapitalYeshttps://www.londonandcapital.com/
M&G Securities LtdNohttp://www.mandg.co.uk/
MajedieNohttp://www.majedie.com/
Mattioli WoodsYeshttps://www.mattioliwoods.com/
Mayfair CapitalYeshttps://www.mayfaircapital.co.uk/
Money FarmYeshttps://www.moneyfarm.com/uk/
MontanaroYeshttp://www.montanaro.co.uk/
Morning StarNohttp://www.morningstar.co.uk/uk/
MunnyPotYeshttps://www.munnypot.com/
Newton Investment ManagementYeshttps://www.newtonim.com/
Nova FinancialYeshttps://www.novia-financial.co.uk/
NutmegYeshttps://www.nutmeg.com/
Old Mutual WealthYeshttps://www.oldmutualwealth.co.uk/
Prospect Wealth ManagementYeshttps://prospectwealth.co.uk/
Psigma investment maangementNohttp://www.psigma.com/pages/psigma-investment-management-landing.aspx
Quilter CheviotYeshttps://www.quiltercheviot.com/uk/private-client/
RathbonesYeshttps://www.rathbones.com/
Sanlam Life and Pensions UK LimitedYeshttps://www.sanlam.co.uk/home.aspx
Saranac PartnersYeshttps://www.saranacpartners.com/
Scalable CapitalYeshttps://uk.scalable.capital/
St. Jame’s PlaceYeshttps://www.sjp.co.uk/
Standard Life InvestmentsYeshttps://www.standardlifeinvestments.com/
State Street Global AdvisorsYeshttps://www.ssga.com/home.html
SchrodersNohttp://www.schroders.com
SVM Asset ManagementNohttp://www.svmonline.co.uk/
SwanestYeshttps://swanest.com/
T Rowe PriceYeshttps://www3.troweprice.com/usis/corporate/en/home.html
TAMYeshttps://www.tamassetmanagement.com/
Threadneedle Asset ManagementYeshttps://www.mythreadneedle.com/
Tilney GroupYeshttps://www.tilney.co.uk/
Troy Asset ManagementNohttp://www.taml.co.uk/
UBS Global Asset ManagementYeshttps://www.ubs.com/global/en/asset-management.html
Unicorn Asset ManagementYeshttps://www.unicornam.com/
Vanguard Asset ManagementYeshttps://www.vanguardinvestor.co.uk/
Wealth HorizonNohttp://www.wealthhorizon.com/

Commentary

It is interesting that you cannot trust a name or a brand to be secure. For example, Aberdeen Asset Management is probably the one name that is most known in the UK. They are regularly featured on the early morning BBC Radio 4 Today Programme to provide their expert opinion. Unfortunately, their website is not secure.

A number of these companies have names that sound old and established, or strong and reliable. They are names, just that. The reliability is in their behaviour. A key part in that is “are they secure”?

Disclaimer

I shouldn’t need to point this out, but i will, all the same, just to be clear.

The data provided on this page should taken at face value. If you’re not sure about something, please verify it yourself. Nothing reported here should be regarded as a criticism or an endorsement or recommendation of an organisations security effectiveness. I am simply passing comment on whether the home page (whatever that may be) is provided as https on not. Other security concerns are a separate matter.

If your organisation is listed here and is not marked as secure, your best course of action is to fix that, not to complain that someone is reporting a fact anyone with a web browser can discover. The security status of your home page is public information, albeit information that many people don’t understand.

Fully functional, free for 30 days