List of UK Wealth Management companies that are not secure by default

This is one of several posts of the topic of security of websites. Inspired by my initial post on the security of UK banks.

The reason for splitting this data into multiple posts is to make it more manageable. So that data on one institution is not mixed with data on another type of institution.

This is an updated version of an earlier post. We have added 15 companies since the first version.

The following key is used for the secure status:

Yes	The site is secure, loaded via https
Invalid	The site loads via https, but the security certificate is invalid and thus the site is insecure.
Partial	The site loads via https, but loads some parts of the page without https. The site is insecure.
No	The site is loaded via http, not via https.
Fixed	The site is loaded via https, but at the time of first writing it was loaded via http.
??	We could not find a website to evaluate.

We tested 68 wealth management companies. We found 18 wealth management companies that did not have a secure home page (not https or did have https with an invalid security certificate). That is 27% of UK wealth management companies have security vulnerabilities

Some of the websites shown below no longer have active links. For those websites we have listed the URL but removed the non-working link.

Wealth Management Company	Secure	Home Page
Aberdeen Asset Management	No	http://www.aberdeen-asset.co.uk/
Aberdeen Asset Management Trust Centre	No	http://www.invtrusts.co.uk/investmenttrusts/
Allianz Global Investors	Yes	https://uk.allianzgi.com/role-gate-page
Artemis Investment Management LLP	Yes	https://www.artemisfunds.com/
Baillie Gifford	Yes	https://www.bailliegifford.com/
Barclays Wealth	Yes	https://www.barclays.co.uk/wealth-management/
Blackrock	Yes	https://www.blackrock.com
Brewin Dolphin	Yes	https://www.brewin.co.uk/
Cantab Asset Management	Yes	https://www.cantabam.com/
Capital	Yes	https://www.capital.co.uk/
Capital International	Yes	https://www.capital-iom.com/
CBRE Global Investors	No	http://www.cbreglobalinvestors.com/Pages/default.aspx
CCLA	Yes	https://www.ccla.co.uk/
Charles Stanley	Yes	https://www.charles-stanley.co.uk/
Citi	Yes	https://www.citibank.co.uk/personal/wealth-management-products.do
City Asset Management Plc	No	http://www.city-asset.co.uk/
Clifton asset management	Yes	https://www.clifton-asset.co.uk/
Close Brothers Asset Management	Yes	https://www.closebrothersam.com/
EFG	Yes	https://www.efgam.com/home/Landing-Asset-Management.html
Equester Capital Management	Yes	https://www.neptunefunds.com
Fidelity Worldwide Investment	Yes	https://www.fidelity.co.uk/home
Franklin Templeton	No	http://www.franklintempleton.co.uk/
GAM	Yes	https://www.gam.com/
Hargreaves Lansdowne	No	http://www.hl.co.uk/
Hawksmoor investment management	No	http://www.hawksmoorim.co.uk/
Heartwood investment management	No	http://www.heartwoodgroup.co.uk/
Henderson Global Investors	Yes	https://www.janushenderson.com/ukpi
Hermes Investment Management	Yes	https://www.hermes-investment.com/ukw/
Interactive Investor	No	http://www.iii.co.uk/funds
Investec Bank	Yes	https://www.investec.com/en_gb.html
Invesco Perpetual	Yes	https://www.invescoperpetual.co.uk/uk
Kleinwort Hambros	Yes	https://www.kleinworthambros.com/en/
Lion Trust	No	http://www.liontrust.co.uk/
London and Capital	Yes	https://www.londonandcapital.com/
M&G Securities Ltd	No	http://www.mandg.co.uk/
Majedie	No	http://www.majedie.com/
Mattioli Woods	Yes	https://www.mattioliwoods.com/
Mayfair Capital	Yes	https://www.mayfaircapital.co.uk/
Money Farm	Yes	https://www.moneyfarm.com/uk/
Montanaro	Yes	http://www.montanaro.co.uk/
Morning Star	No	http://www.morningstar.co.uk/uk/
MunnyPot	Yes	https://www.munnypot.com/
Newton Investment Management	Yes	https://www.newtonim.com/
Nova Financial	Yes	https://www.novia-financial.co.uk/
Nutmeg	Yes	https://www.nutmeg.com/
Old Mutual Wealth	Yes	https://www.oldmutualwealth.co.uk/
Prospect Wealth Management	Yes	https://prospectwealth.co.uk/
Psigma investment maangement	No	http://www.psigma.com/pages/psigma-investment-management-landing.aspx
Quilter Cheviot	Yes	https://www.quiltercheviot.com/uk/private-client/
Rathbones	Yes	https://www.rathbones.com/
Sanlam Life and Pensions UK Limited	Yes	https://www.sanlam.co.uk/home.aspx
Saranac Partners	Yes	https://www.saranacpartners.com/
Scalable Capital	Yes	https://uk.scalable.capital/
St. Jame’s Place	Yes	https://www.sjp.co.uk/
Standard Life Investments	Yes	https://www.standardlifeinvestments.com/
State Street Global Advisors	Yes	https://www.ssga.com/home.html
Schroders	No	http://www.schroders.com
SVM Asset Management	No	http://www.svmonline.co.uk/
Swanest	Yes	https://swanest.com/
T Rowe Price	Yes	https://www3.troweprice.com/usis/corporate/en/home.html
TAM	Yes	https://www.tamassetmanagement.com/
Threadneedle Asset Management	Yes	https://www.mythreadneedle.com/
Tilney Group	Yes	https://www.tilney.co.uk/
Troy Asset Management	No	http://www.taml.co.uk/
UBS Global Asset Management	Yes	https://www.ubs.com/global/en/asset-management.html
Unicorn Asset Management	Yes	https://www.unicornam.com/
Vanguard Asset Management	Yes	https://www.vanguardinvestor.co.uk/
Wealth Horizon	No	http://www.wealthhorizon.com/

Commentary

It is interesting that you cannot trust a name or a brand to be secure. For example, Aberdeen Asset Management is probably the one name that is most known in the UK. They are regularly featured on the early morning BBC Radio 4 Today Programme to provide their expert opinion. Unfortunately, their website is not secure.

A number of these companies have names that sound old and established, or strong and reliable. They are names, just that. The reliability is in their behaviour. A key part in that is “are they secure”?

Disclaimer

I shouldn’t need to point this out, but i will, all the same, just to be clear.

The data provided on this page should taken at face value. If you’re not sure about something, please verify it yourself. Nothing reported here should be regarded as a criticism or an endorsement or recommendation of an organisations security effectiveness. I am simply passing comment on whether the home page (whatever that may be) is provided as https on not. Other security concerns are a separate matter.

If your organisation is listed here and is not marked as secure, your best course of action is to fix that, not to complain that someone is reporting a fact anyone with a web browser can discover. The security status of your home page is public information, albeit information that many people don’t understand.

Guest posts

No, we’re not interested in having a guest post about finance related topics. These articles are about security, not finance.