Digital Diligence: Is Your Tech Tough Enough?

Though John DiCiaccio loves driving, and loves muscling fast cars around a test track even more, he finds himself entranced by how his new Tesla can drive itself. Letting the car’s autopilot handle some mundane aspects of his commute, especially in maddening Los Angeles traffic, makes him a better and more alert driver.

“Technology can react quicker to stop your car than you can, especially if you are tired or distracted,” he says. “Sensors don’t get tired.”

It struck DiCiaccio, a partner and managing director at Snowden Lane Partners, that fellow advisors should note the efficiency of new self-driving cars. After all, their technology is being mirrored in wealth management, even in areas as sophisticated as compliance. Robo advice and data-driven tools are becoming the norm, and it’s becoming imperative to adopt at least some of the latest tech tools, or risk losing clients.

Even more urgently, advisors risk squandering new ways to monitor increasingly sophisticated compliance requirements.

Take, for instance, the challenge of meeting clients’ demands that they be able to access their account anytime, from anywhere — while also protecting and monitoring that information.

Without the support of a custodian’s Web portal, an independent practice needs to pay for building a system capable of handling real-time data requests from clients. Separately, the firm will need data security measures in place that meet the SEC’s new cybersecurity focus, which came out only in September. If regulators knock on the door, can your firm account for any and all remote access to client data from any device?

Learning to steer through the pylons of upgrading your firm’s tech savvy, while also ensuring it can handle new digital compliance demands, is possible, even for small and midsize firms. With a few smart moves, advisors can achieve both goals without extensive costs or onerous overhauls of existing tech infrastructure.

“Upgrading our technology has allowed us to better maintain and organize our data,” says Eric Sontag, chief operating officer of Sontag Advisory in New York. Upgrades allowed the firm to “reduce operational risk and provide information quickly to the regulatory authorities when needed, all while also benefiting the business via increased efficiency and better service to clients,” he adds.

PERSPECTIVE NEEDED

First off, do not be overwhelmed by the prospect of buying new, unfamiliar technology. Understand you are not alone with your possible confusion around new digital compliance requirements.

“There’s a famous saying that you don’t know what you don’t know,” says Carl Choy, a principal at Honolulu-based CKW Financial Group. “When we’re at a big wirehouse, we think we know a lot. But once we go out on our own, there are all these technology and compliance issues to handle. We realize then that we don’t know very much. And that’s a challenge.”

But this is no excuse for turning your back on the numerous tools that can upgrade your practice. The process is an exercise in accepting that costly upgrades may be necessary for the future of the business.

“You need to find your comfort zone with technology and not be afraid of it,” says Scott Horn, president of TFOPhoenix, a fee-only firm. “You have to figure out what is the most important for your practice, what moves the meter the most for your dollar and what you’re willing to allocate.”

This year Horn’s firm will hire an outside firm to perform a cybersecurity audit, even though that measure is not required by regulators. He balances the expense of the decision with the potential cost of suffering a data breach.

“My rationale is simple,” Horn says. “At the end of the day, I don’t want that to happen, and think, ‘If I had only known X, I could’ve done something more to protect client data.’ They trust us and put faith in us, and it’s our job to continue to earn that trust.”

COST CONCERNS

In Financial Planning’s 2015 tech survey, 54% of respondents said cost was the main factor they use to evaluate the ROI of the technology they purchase. It’s a reasonable concern.

Horn estimates that his firm’s tech budget is roughly 10% of its expenses. But he doesn’t call it an expense: “I try to view it as an investment,” he says, “because you’re getting something for it, whether it’s making your practice more efficient and helps you serve your clients better, or makes the client experience more rewarding.”

Sontag says compliance is a major focus at his firm, and employees are evaluated on their use of systems to this end, which is incorporated into their incentive compensation.

“Clearly, you need to consider the direct impacts on cash flow and resources needed for implementation, but attempting to calculate an exact ROI on a new CRM system is sacrificing accuracy for precision,” he says. “Often, the greatest costs and benefits are those that cannot be quantified.”

Advisors warn it’s easy to be seduced by marketing pitches for software, data management systems or enterprise platforms. To cut through the noise, advisors should take a hard look at their client base to determine what their practice lacks already to meet client and compliance demands.

“Foremost, you need to understand the needs of your clients,” says Jeremy Reeves, vice president of technology at Cleary Gull, a wealth manager in Milwaukee. “Making a practice more digital can be done by anyone. But if your clients can’t see the value in what you’re doing, then really you’re just implementing technology to have what everyone else has.”

GET SOME STRUCTURE

Reeves says regular dialogue helps make the upgrading process smarter. He recommends talking to clients about service and different tools, as well as having internal discussions about what technology can help meet compliance needs and which tools work best.

Reeves makes it a practice to bring together people from across departments for their suggestions, and to learn from them which digital tools are most useful to their work.

One such discussion prompted Cleary Gull to treat technology and digital compliance issues as separate expenses. “Information security is such an important aspect of our business, and with increased regulation, the budget for security should go up every year,” he says.

CKW Financial surveys the top clients from the roughly 300 households it serves, looking for feedback on its technology-enhanced services, the firm’s co-founder, Lynne Kinney, says. “Clients expect us to be using the best tools out there. They expect that they’re with a firm not being left behind by technology, but instead one that keeps up with how quickly the world is changing,” she says.

To ensure upgrade conversations happen consistently, Modera Wealth Management created a committee of compliance, technology and operations heads to research and analyze potential vendors, purchases and information security policies, explains Mark Willoughby, Modera’s chief operating officer, and Kevin Sweeney, its chief compliance officer.

The committee was convened just a year ago, prompted by the increased concerns about data security and compliance issues. The 40-member firm has already relied on the committees’ expertise to decide to pursue an upgrade of its network firewalls.

The committee has also kept the firm from potential purchases it deemed of little value. “The initial part of the strategy is to figure out what the best options are,” Willoughby says. “The committee doesn’t change the decision-making process, but it increases coordination.”

DATA SECURITY

In a recent survey of cybersecurity practices at 440 small and midsize RIA firms, the North American Securities Administrators Association noted that 66% reported their IT expenses, which include network and data measures, represented just 3% of their firm’s overall expenses.

Though cybersecurity has received a lot of attention, regulators are not asking firms to add a new practice, says MarketCounsel CEO Brian Hamburger. “They’re not changing the rules of the road,” he says.

“Whether or not an advisor is in a cloud, the rules regarding privacy are exactly the same,” Hamburger adds.

That doesn’t mean firms can overlook the need, however.

The first steps should include developing a data security plan tailored to your firm, whether it is setting policy, exercising vendor due diligence or scheduling training for employees. “Protections cannot be an afterthought,” Hamburger says.

If a firm doesn’t have enough resources to research and review technology and compliance-related decisions, Snowden Lane’s DiCiaccio says it should allocate for a specialist to help out.

“People sometimes try too much at once, and they get lost in it. The focus is off the client and on technology,” DiCiaccio says. “Hire a tech person and ask that person to form a budget for the coming year. If they can implement one thing, I guarantee the return on investment will make the firm happy.”

For firms numbering more than 20 people, Sontag says he would not recommend implementing more than one major system (portfolio management, CRM, trade/rebalancing) in a given year. “Even if you have the resources available to implement the software and populate the data, user adoption and culture change can pose a significant challenge to successful execution. The more change that you force upon your system users in a year, the more challenging this becomes, and the more likely that errors can occur.”

EXPENSIVE ERRORS

Despite the best intentions, advisors should understand it’s inevitable that errors or misfires in technology will occur in the implementation process, says Horn from TFOPhoenix. Compliance issues might go missed. And these can be expensive errors.

“You suck it up and deal with mistakes,” Horn says, describing how his firm had to switch providers early on when they realized a company they’d hired to move some processes to the cloud wasn’t working out. “It was the right decision, but not the right firm. After several months it was clear, and our people knew it.”

Horn says a firm gains credibility when it’s willing to try new processes and learn from trial and error. But there has to be support from its stakeholders and advisors. “We didn’t love spending a whole lot of money and time when what we planned didn’t happen,” he says. “That wasn’t much fun at all.”

Caution and emphasizing meeting compliance issues has been the focus for Modera, Sweeney says. For instance, the firm adopted portfolio rebalancing software several years ago, but hasn’t brought instant information apps for clients into practice yet. “Our first reaction is not to jump into something new,” he says. “The concern is that we don’t want to get caught up [with] bright, shiny objects. We want to determine first if a technology can meaningfully augment the relationship with the client.”

To find some peace of mind, Choy and Kinney decided to outsource many of their technology issues to External IT, a provider of cloud-based tech solutions for financial firms.

“You have to analyze the option of either setting up tech yourself or outsourcing that,” Choy says.

“Look at the time and effort involved in doing things yourselves — building a portal, data security — these are the basic nuts and bolts now. We would highly recommend that firms not do
that, because of the regulatory environment,” Choy notes.

“Firms can save themselves a lot of time and effort if they don’t produce statements,” he adds. “It will get rid of custody and control issues, and get rid of a lot of compliance concerns.”

Even if you elect to get outside help, Sontag recommends that there still should be someone from inside the firm overseeing the implementation. “The team that you work with from the vendor does not know your firm or your data, so relying on them to handle everything and leave you with a perfect solution will result
in failure.”

It is worth remembering that outsourcing tech issues doesn’t absolve your firm of its responsibility to
protect client data, says MarketCounsel’s Hamburger.

“There’s no easy buying decision that allows you to avoid these difficult issues,” he says. “This is a highly regulated business. You cannot stick your head in the sand and expect these demands will go away. Cybersecurity issues are at the forefront, and technology has a compounding effect. Use this time to learn and fortify protections and controls.”

Thinking about the road ahead, standards of control and protection in the financial industry are accelerating, whether we like it or not.

That’s why it’s worth paying attention to the rise of autonomous cars, DiCiaccio says. “The ability to drive your car manually will be greatly curtailed due to mounting evidence that autonomous driving saves lives.”

Ceding certain controls to a computer will take some time getting used to. But already, the efficiencies and better protections gained from complicance tools are enough that, sooner rather than later, technology in your practice will take the wheel.

Read more:

For reprint and licensing requests for this article, click here.
Compliance Law and regulation RIAs Technology Financial planning
MORE FROM FINANCIAL PLANNING