Archive | Compliance RSS feed for this section

FileThis launches document and client portal for financial professionals

FileThis enhances document fetch capabilities with a client portal for financial professionals. Image courtesy of FileThis, Inc.

FileThis enhances document fetch capabilities with a client portal for financial professionals. Image courtesy of FileThis, Inc.

FileThis automates the collection and archiving of clients’ important records

FileThis, a startup based near Silicon Valley, released a version of its electronic document retrieval and storage service for financial professionals.

In a broadcast last year (watch FPPad Bits and Bytes for August 16), I highlighted FileThis Fetch, a service that connects to users’ financial accounts to capture electronic statements and PDF files, routing them to the user’s storage service of choice, including Evernote, Dropbox, Personal, and Google Drive.

FileThis Client Portal

Aimed at reducing lost or undelivered documents by clients, the FileThis Document and Client Portal uses the company’s same Fetch process to capture files from a variety of financial institutions including banks, credit card companies, investment accounts, and more.

The new Document and Client Portal adds on administrative features financial advisers should find very useful. Advisers can invitations to use the FileThis platform from the dashboard.

Once clients activate their accounts, they can begin to link financial accounts to FileThis so the platform can fetch related documents and statements.

Automatic Organization

FileThis attempts to automatically identify and categorize documents fetched by the platform to sort them into meaningful categories.

Documents can be stored in cabinets that correspond to high-level categories such as education, financial, and vital records.

Documents are also identified by accounts using vendor names like AT&T and Bank of America. Finally, individual documents are tagged with metadata to identify the content of the document, including bills, statements, invoices, and more.

Security

Any service that retrieves and stores sensitive financial information must have high security protections in place.

FileThis follows bank-level security procedures to ensure the safety and security of the information it stores.

Data to and from FileThis is sent using 256-bit SSL, and account credentials are encrypted using AES 256-bit encryption. Much more information on the FileThis security features can be found on this page: https://filethis.com/security/

Pricing

With the launch of FileThis Documents and Client Portal, FileThis is offering introductory pricing for new users.

The starter plan is $49 per month for one admin, and the admin account permits up to 50 login accounts for end users, i.e. clients.

Firms that need more accounts for clients should consider the $99 per month plan with two admin accounts and support for up to 400 client logins.

Pricing information for more than 400 client logins can be viewed at the bottom of this page: https://filethis.com/pro/

 

Riskalyze announces Compliance Cloud to pinpoint risky portfolios

Riskalyze announces the launch of Compliance Cloud for broker-dealers and large RIAs

Riskalyze announces the launch of Compliance Cloud for broker-dealers and large RIAs

Riskalyze Compliance Cloud aims to single out portfolios that drift outside a client’s risk tolerance

In a press release today, Riskalyze, the provider of client risk tolerance quantification tools, announced the anticipated launch of Compliance Cloud, a utility that identifies portfolios that are outside their risk tolerance ranges established for individual investors.

Compliance Cloud was first announced by Riskalyze CEO Aaron Klein at the Laser App 2014 conference last month in San Diego. Today’s press release sheds additional light on the benefits Compliance Cloud offers to its institutional users.

Pinpoint Risk

Compliance Cloud aims to reduce the number of unsuitable portfolio allocations applied to client accounts by automatically screening allocations advisors establish for clients and compares the amount of risk in each portfolio with each client’s risk score (likely the Risk Number™ generated by a Riskalyze assessment).

“Fortunately, with Compliance Cloud, the era of the ‘random account spot-check’ is officially over.” Aaron Klein, Riskalyze CEO

“Fortunately, with Compliance Cloud, the era of the ‘random account spot-check’ is officially over.” Aaron Klein, Riskalyze CEO

Any portfolios found to significantly exceed the client’s risk tolerance (or be significantly below) will be flagged by Compliance Cloud for further review. Not only is this automated risk scanning useful to individual advisers and broker-dealer representatives, Compliance Cloud will be a welcome feature for any institutional compliance officer responsible for oversight on thousands of the institution’s representatives.

‘Big Data’ for broker-dealers and institutions

Compliance Cloud is intended for use by broker-dealers and large registered investment advisory firms. Once again, these institutions typically have oversight over thousands, and potentially millions, of investor accounts, and manually identifying risk characteristics of investor portfolios is costly and inefficient.

Riskalyze takes advantage of the general adoption of “big data,” where useful insight and information is extracted by processing large volumes of disparate data spread across multiple systems. In Compliance Cloud, Riskalyze uses risk analytics obtained from millions of individual client portfolios and compares the data with risk tolerance data identified during the client data gathering and on-boarding process.

Historically, financial institutions and compliance officers lacked the tools to programmatically assess millions of holdings each day. Instead, client portfolios were selected at random and then spot-checked against the client’s (often incomplete or outdated) risk tolerance information.

Orion Advisor Services Integration

According to the Klein, Compliance Cloud has been in beta testing for several months with the general release of the product anticipated in October this year.  In addition, Orion Advisor Services, the nation’s largest privately held portfolio accounting service bureau, was identified by Riskalyze as “the premier launch partner” of the Compliance Cloud solution.

Compliance Cloud will be made available directly to Orion Advisor Services’ RIA clients where advisers can take advantage of the integration of reconciled portfolio accounting data, avoiding duplicate or manual entry of client holding information into Compliance Cloud.

Pricing for Compliance Cloud was not disclosed in the company press release, so check back in here at FPPad for more updates as this product enters the market.

Who supports two factor authentication? Find out in this awesome chart

Find out who supports two factor authentication in this awesome chart

Two factor authentication significantly boosts the security of online accounts. Find out who supports the technique.

The damage to your business can be significant if hackers get a hold of your username and password to an online account. Once inside your program, whether it be your online CRM, portfolio accounting software, bookkeeping service, or even custodial dashboard, hackers can perform any number of nefarious activities.

So how do you increase your defenses against attacks and increase the security of your online accounts?

Use two factor authentication (see Boost your online security with two-factor authentication at FPPad)

Where is two factor authentication supported?

Sure, you understand how important two factor authentication is in protecting your online accounts from unauthorized access.

But WHICH online account providers actually support the technique?

I came across a terrific new resource online that spells out, industry by industry, who does and does not support two factor authentication.

The site is twofactorauth.org and it’s worth checking out when you have a moment.

You may discover several services you already use today that support two factor authentication, but you’re not yet using it.

So go visit twofactorauth.org and boost your online account security.

How Vestorly transforms advisers’ web presence into qualified leads

Vestorly uses “smart data” techniques to convert advisers’ online audience into qualified leads

I recently met with Justin Wisz, co-founder of Vestorly, to learn more about the company’s technology offering to financial advisers.

Vestorly is a content marketing platform designed to enhance client acquisition for financial professionals. What does that mean in plain English? Wisz explains in the video interview above.

“Smart Data”

Vestorly helps financial advisers publish content online from a variety of aggregated sources (all compliance approved!) targeted to the interests of clients and prospects. Featured sources include personal finance content from Kiplinger.

As the adviser’s online audience grows, Vestorly captures lead information such as names and email addresses and then uses “smart data” techniques in the background to further associate leads with demographic information.

One goal of Vestorly is generate measurable ROI from the online efforts pursued by advisers.

Any activity in digital communications without a lead generation aspect is, frankly, a little bit of a waste of time and resources

– Justin Wisz, Vestorly co-founder

Vestorly is Free

Vestorly offers curated content from a variety of sources, smart data aggregation techniques, and compliance tools all in one platform, so how much does it all cost?

For individual advisers, Vestorly is free.

So why is Vestorly free for individual advisers? Watch the follow up video below to hear from Wisz.

According to Wisz, Vestorly combines a number of existing technologies common in online marketing, but not yet present among the financial services industry.

“Much of Vestorly is what we call status quo technology,” said Wisz.

“We think [that technology] should be free, especially for advisers who are just getting started with marketing in financial services,” he added.

Vestorly for the Financial Enterprise

But beyond individual adviser use, Vestorly is also built to suit the needs of large financial enterprises.

Vestorly’s enterprise relationships focus on integrations and expanding the utility of the content generation and lead generation functions.

In the extended interview below, Wisz describes how financial enterprises (e.g. broker-dealers and large RIAs) can compliment existing archiving and social media systems by tapping the Vestorly API for expanded features.

“I would see Vestorly as a major compliment to all the things that [broker-dealers] already have in place,” said Wisz.

“They’re now allowing reps to blog, send out email marketing, or do some social media marketing, but now it’s time to find out what they can get back,” Wisz added.

Client spoofing strikes again, RIA loses $290,000 of client funds

An RIA’s poor compliance procedures let hackers steal $290,000 of client funds

Financial advisers who aren’t prepared to defend against client spoofing attacks not only stand to lose client funds, but also face steep penalties from regulators.

FPPad readers have known since April 2012 that hackers are targeting financial advisers, masquerading as clients via email in a ruse to steal client funds.

Go read Why advisers can’t trust their clients anymore for a refresher of what spoofing attacks are and steps to defend them.

Spoofing Strikes Again

This week, several of the industry trade magazines broke the story about GW & Wade, a registered investment adviser based in Wellesley, Mass., regarding how hackers were able to steal $290,000 of client funds from the company. See RIA Fined By SEC After Hacker Uses E-Mails To Steal Client Funds from Financial Advisor magazine and SEC Sanctions 3 RIAs for Custody Rule Violations from Financial Planning magazine.

The lapse in compliance policies and procedures at the company also resulted in a civil penalty assessed by the SEC in the amount of $250,000.

Full details of the SEC Administrative Proceeding can be viewed here (opens a PDF in a new window).

Hackers Target Advisers

Hackers continue to target investment advisers because they’re the ones with the ability to direct fund transfers.

Solo advisers might not fall victim to a client spoofing attack so easily because they may detect right away that something about the client’s communication is just “not right.”

But when the same attack is deployed in a multi-billion dollar RIA with dozens of administrative employees, hackers have much better odds of success.

Convenience Creates Risk

Once again, according to the Administrative Proceeding, GW & Wade had hundreds of blank Letters of Authorization (“LOAs”) forms on file with only client signatures.

Only after a request was received would the company fill in the pertinent details on a pre-signed LOA and route it for processing.

The convenience of pre-signed LOA forms decreased the chances the company would suspect something wasn’t right with a client wire request. Instead of verifying the authenticity of the request, the company simply routed the pre-signed LOA forms with wire instructions included.

Although, one could argue that if GW & Wade DID try to obtain a client signature via email, following the spoofed client’s instructions, the attack still would have succeeded.

So assume for a moment that no pre-signed LOA forms existed, GW & Wade likely still would have fallen prey to client spoofing because the company would have tried to obtain a client signature via email. The hacker likely would have quickly complied using a signature cut and pasted from another document in the hacked email account.

Clearly, a separate factor of authentication is required to properly authenticate wire requests from clients (a secret phrase, a video chat, Why advisers can’t trust their clients anymore has more details).

Calculating Fees With Spreadsheets Is Hard

Also buried in the Administrative Proceeding is a note about excess fees charged by GW & Wade.

Allegedly since January 1, 2005, the company failed to exclude mutual fund class C share holdings in assets subject to the company’s advisory fee schedule.

The company likely was already receiving 12b-1 fees from the C share holdings, but evidently was “double dipping” by charging the firm’s advisory fee on the same C shares once again.

I have no additional details on the matter, but let’s assume that advisory fees were calculated using a spreadsheet loaded with the value of client holdings for each quarter.

If that spreadsheet isn’t designed to specifically recognize C share mutual fund holdings (which, quite frankly, opens up a Pandora’s box of trouble on its own) and exclude them from the advisory fee calculation, then it’s far too easy to roll up those C share holdings among all the other assets and calculate the fee due.

For GW & Wade, the company now has one year to reimburse in full every client affected by the excess advisory fees charged. That means going back over more than eight years of billing history to determine what the amount of excess fee was charged to each client, quarter by quarter, and credit each client accordingly. That applies to both current and former clients!

So for former clients, how many of you retain holding balances and pricing information indefinitely?

Talk about a huge big data challenge.

Live chat for advisers: chat your way to business growth

Financial advisers can use live chat tools provided they first address compliance and productivity issues

Financial advisers can use live chat tools provided they first address compliance and productivity issues

Financial adviser websites can offer live chat tools for client and prospect communication.

As you visit more business websites online, you’ve likely noticed those pop-up windows in the bottom corner inviting you to a live chat. You can use live chat features for all sorts of things, including asking questions about a product, getting help from customer service, or simply submitting general feedback about a recent service experience.

Financial advisers can also leverage this trend in live chat communication with website visitors of all kinds, including clients and prospects.

This month’s column at Morningstar Advisor covers this trend that few advisers are taking advantage of today, but has the potential to be used by a much larger audience in the near future.

Read Live Chat for New Clients now to learn about out the compliance concerns of live chat as well as the issues of maintaining personal productivity in the face of potential distractions.

ShareFile adds SEC and FINRA compliance capabilities with Archiving for Financial Services

The popular online file sharing service meets regulatory record-keeping requirements with latest archiving functionality

ShareFile Archiving for Financial Services

In a press release today, ShareFile, the online file sharing service owned by Citrix, announced the availability of its Archiving for Financial Services compliance feature.

ShareFile, my 2012 Morningstar Advisor Best Back-Office Technology award winner, has been popular among financial advisers for its online file storage functionality much like Dropbox, Box, SugarSync, Google Drive, Microsoft SkyDrive, and many more.

But ShareFile’s focus on the specific needs and regulatory requirements of professionals in financial services has helped the company gain a sizable following relative to the generic competition.

According to the press release, ShareFile Archiving for Financial Services helps financial advisers satisfy SEC and FINRA record-keeping requirements “by offering retained, indexed, auditable and searchable records of client communications for the period required or longer.”

Below is a video from ShareFile with an overview of Archiving for Financial Services.

(Click to watch on YouTube)

Consolidating Two Systems

Typically, advisers who use online file sharing services to exchange documents with clients and prospects maintain two separate systems in their back office.

One system is the online file sharing service that does just that; facilitates file sharing with individuals outside the adviser’s network infrastructure.

But most advisers then maintain a second system that satisfies the record-keeping requirements imposed by the SEC and FINRA. Two systems are necessary, because consumer file sharing services (i.e. Dropbox) just aren’t built with the regulatory record-keeping requirements in mind.

For advisers using ShareFile Archiving for Financial Services, two systems should no longer be necessary to satisfy the record-keeping requirements.

A Document Management Solution?

With the addition of Archiving for Financial Services, is ShareFile now a contender among document management providers?

I believe the answer is no.

Archiving for Financial Services is a very useful addition, and it will eliminate the need to run two separate systems to facilitate file sharing and to maintain adequate record-keeping systems. But document management requires more than just indexed, auditable, and searchable records of client communications.

Document management systems offer metadata tagging and document profiling for every record stored in the system, and automated workflow is also frequently supported.

So for advisers who lack a true document management system (and surveys consistently show that there are a large number of such firms), ShareFile combined with Archiving for Financial Services is a convenient way to get two features from the same product.

But for firms already using document management systems with native record-keeping compliance, Archiving for Financial Services is unnecessary.

Nevertheless, ShareFile’s ease of use and mobile device compatibility still makes it a strong contender for online file sharing with clients, prospects, and colleagues.

For more details about Archiving for Financial Services, visit the ShareFile Blog and read New feature allows ShareFile to help financial firms achieve compliance

How to hide LinkedIn Endorsements on the new LinkedIn profile design

Financial advisers now have two easy ways to hide LinkedIn Endorsements and reduce compliance risks.

Several weeks ago I raised concern over the new LinkedIn profile design, as there appeared to be no way to hide LinkedIn Endorsements from your public profile (see: New LinkedIn profiles raise compliance concerns as there appears to be no way to hide endorsements).

This was especially problematic for my audience of financial advisers, as FINRA and SEC regulations prohibit the use of information that can be construed as a testimonial.

Fortunately, LinkedIn’s new profile design now offers two options to hide endorsements from your public profile. Watch the 2:00 screencast below to see how it’s done.

(click to watch on YouTube)

ArchiveSocial delivers authentic social media capture for financial advisers

When you get asked by the SEC, FINRA, or your broker-dealer for the last six months of your social media posts, what are you going to provide? How will your auditor make heads or tails out of your social media posts if they look nothing like the ones posted on public sites like Facebook, LinkedIn, or Twitter?

Anil Chawla, founder and CEO of ArchiveSocial

One company wants to simplify the way social media messages are captured and displayed, giving advisers peace of mind knowing their archives can be reviewed easily by auditors.

That company is ArchiveSocial, and I recently connected with ArchiveSocial founder and CEO Anil Chawla to learn more about how they capture social media updates in what Chawla calls their “natural, authentic form.”

Click here to learn more about ArchiveSocial’s solutions for financial services.

In the podcast below, hear Chawla discuss the drawbacks of several existing solutions from vendors, the benefits of a “carbon copy” approach to archives, and an overview of ArchiveSocial pricing.

If you decide to purchase a full-year subscription, you can save 10% by using the code FPPAD12 (not an affiliate code).

New LinkedIn profiles raise compliance concerns as there appears to be no way to hide endorsements

LinkedIn rolled out its new Endorsements feature several months ago to all users. Since then, financial advisers have been worried about publicly displaying Endorsements on their profile, since they can be construed as testimonials which are strictly prohibited by FINRA and the SEC.

Fortunately, hiding Endorsements from one’s public profile is a fairly straightforward process (see: How to hide endorsements from your LinkedIn profile)

But now, LinkedIn is slowly rolling out redesigned profile pages worldwide that appears to remove the “Hide Endorsement” functionality.

Watch the screencast below to see a sample of the new profile design rolled out to one adviser’s account and how the “Hide Endorsement” button is missing.

I’ve reached out to LinkedIn for comment and have not yet received a reply. I’ll update this post accordingly.

(click here to watch on YouTube)