How should high net worth individuals secure their financial accounts?

The best security measure is quite simple. Don't use accounts that allow your money to be easily stolen via the Internet. Happily, high-net worth individuals have used systems like this since before the Internet was a thing, and are in fact particularly likely to choose them regardless. While banks certainly aren't perfect at protecting money from theft, historically, they do a massively better job of it than the individuals who have money to protect, high net-worth or otherwise.

First of all, when you're a billionaire, your money is not in a checking account. Most of it, in fact, isn't liquid at all. It's ownership of corporations, real estate, things that are difficult if not impossible to steal in any but the most convoluted ways.

For the assets that are somewhat liquid, the vast majority of them are still going to be investments. And there's not going to be in an E-Trade account with a web login. They're going to be held by an investment bank that caters specifically to high net worth individuals, managed by private bankers whose job is it to know what's in your portfolio and how its performing at all times. It simply isn't accessible to outside threat actors.

I have a less technical answer but it does play a big role in how they protect themselves. Working at a bank I noticed a trend among our more wealthier customers. The trick to protecting their wealth was dividing it up and investing it.

A typical setup for an account of say a several million dollars worked like this.

• For starters they likely had multiple banks. This would let them have multiple accounts under their name and completely isolate assets from each other. In some cases they would use both banks the same or bank 1 would be their spending bank and bank 2 would be their savings and investment bank. If full account access was breached with one bank the other bank would likely still be safe. And since some banks also only insure up to a certain amount this helps get around this limitation.
• With the occasional exception of a checking account the customer would always opt out of online banking. So if transactions were to take place between accounts they would need to deal directly with the bank.
• Most banks have some sort of hard block on transfer limits. If the transfer is over a certain amount you even have to do extra work to appease the IRS. So while someone might be able to steal $1-2k there is no way they can digitally steal more short of hacking the bank or social engineer against real employees at the bank.
• Then they would have a slightly modest checking account. Possibly two per a bank. In there they would have anywhere from $10,000 - $50,000. If they had a debit card or check book it would only link to a single account. It wouldn't link to multiple and it definitely wouldn't be linked to their savings accounts. If your card accesses the bulk of your wealth then it is much easier to take more from you.
• Then they would have savings accounts that total around $100,000 to $200,000. While this may seem high keep in mind they are multi-millionaires. Sometimes, especially if they were more frugal they would have $10,000 - $50,000 in total among savings accounts. I made mention of multiple savings accounts. You might be wondering what is the point if they can do a single account. This actually enhances security. These funds can only be moved by working directly with the bank. They would need to know the account numbers and two additional security questions of every account they wish to access.
• The last step and most important step is investing in CDs, IRAs or some other form of investment with their bank. Very rare does a customer need a million or so dollars instantly. This makes the money harder to take out and it also makes them money. If they are buying a 2 or 10 million dollar mansion they could literally have only 5-10% in checking savings but still be approved for a loan due to the investments. So investing unused funds is usually a no brainer.
• Additionally they might have a trust fund set up. It could be a charitable remainder unitrust where funds could payout to a charity as the beneficiary. This could give the customer a considerable tax deduction. Or it could be a living trust or marital trust to help one our more beneficiaries in the event of the customers death.
• Any more money is likely as Xander explained not in direct liquid assets. It might be in a company in their name, investments outside the bank, stocks and shares, material items, etc. Large amounts of unused money is just as bad as wasted money if you don't need it.
• Most millionaires have financial advisors. Most of the above I explained is not always a result of the customer's thinking but acting on the advice of their advisor. As a result the above actions are not only a pretty common trend but they have someone focused solely on protecting and maximizing their assets for them.

While this might not cover the technical aspects you wished to read these steps are paramount in protecting their money.

Step Zero: Talk to your banker and ask to speak to the security department and ask for their advice. They may have special programs for you.

Use a dedicated computer for financial transactions

This protects you from malware caught from visiting unsavoury sites.

Buy a new laptop (preferably a mac, because they're nice, and you're rich). Buy a safe if you don't have one. Keep the laptop, mouse, power supply in the safe.

Use this machine for only for financial transactions, and don't do financial transactions on other machines.

Have a trusted expert set your firewall to only allow sites you use for finances. Have them block these sites on your regular computer.

Uninstall Java and Flash, and disable JavaScript if your banking sites don't require it

While you're at it, use an anti-phishing DNS service.

Dedicated Email with U2F keys

Your email is the last stand for password resets and account change notifications. You need to protect it.

Have a dedicated email address for your financial transactions, and watch that account closely. Use Gmail and use the Chrome browser. Buy two Yubikeys. Setup both with Google Accounts, and then put one in a safe-deposit box. Don't keep these in the safe :)

ACH

If you need ACH on some accounts, have an "incoming", "outgoing" and "real" account. Only give the incoming account to people that are going to pay you, then move the money to the real account after receipt. Same for outgoing.

Oddly enough, if you give someone any ACH access, they have in/out privileges on that account.