We’ve all heard about Wells Fargo and its “duplicate accounts” scandal, in which employees created accounts without customers’ consent to meet sales goals.
But many, less headline-grabbing, bank management failures occur regularly.
In January, for instance, Morgan Stanley was fined $13 million for overbilling clients; a few weeks earlier the company paid a $7.5 million fine for alleged violations of a rule designed to ensure segregation of customer cash and securities in case a firm fails.
The same month, the SEC ordered Citigroup to pay $18.3 million for overcharging at least 60,000 of its investment advisory clients.
And the beat goes on.
Smaller wealth management shops are, perhaps, fortunate that their missteps rarely make the news, lessening reputation damage.
Be assured, however, that fines of five- and six-figures, and sometimes more, are regularly paid by small firms for administrative shortcomings ranging from inadequate supervisory procedures, improper electronic records storage and failure to protect clients’ information from phishing and hacking attacks.
All this can be challenging for those of us in financial services because we're very regulated and rules-based in this industry. We often get very anchored to that fact and try to focus on checklists or steps to take to address these problems.
But that’s impossible.
Every firm is different. Every day is different. Every employee is different.
That said, here are five other, more-realistic, ways for wealth management firms to maintain a handle on their businesses to prevent problems from developing.
Create formal oversight processes: Leaders often get so mired in the regulatory requirements of our industry that they forget to look at the big picture of their day-to-day risks. Firms should both identify key risks and establish processes that keep everyone in the enterprise accountable for addressing and minimizing those risks.
Segregate duties: To minimize the risk of a rogue employee, leadership should identify all areas where the firm lacks segregation (e.g. financial report production and signatory authority), as well as any areas that lack duplication or backup capabilities. Further, it is important to segregate any processes involving client cash, formalizing oversight structures to protect client accounts.
Know your IT vulnerabilities: Cybersecurity has become a major business risk for financial services, and leadership needs to fully understand all of the potential risks they face to minimize their exposure. They should also personally oversee the IT personnel who are managing their digital defense network. Nothing should be beyond your understanding.
Institutionalize client relationships: Every interaction with wealth management client accounts should be standardized, and all activities should be monitored for discrepancies. Oversight should include random testing and auditing of all records.
Take employee complaints seriously: The truth is, in my work auditing wealth management firms, much of the information we receive comes from employees who are telling on other employees. Develop a tool for employees to make anonymous tips and suggestions. Such a system, if used properly, should facilitate the flow of critical information without forcing awkward conversations.
It all comes down to accountability. Who is watching the store? Do you trust and respect those who are watching your business? If not, act now before it’s too late.