Last week the North American Securities Administrators Association (NASAA) released a statement addressing compliance deficiencies examiners frequently encounter when reviewing investment advisers. For the details of NASAA’s statement, click here to read Coordinated State Exams Identify Top Investment Adviser Deficiencies at nasaa.org.
In addition to citing the top five categories with the greatest number of deficiencies, NASAA recommended a “Best Practices” guide to assist advisers when developing compliance procedures. In today’s post, I’m going to review the first half of NASAA’s Best Practices and share my ideas how each can be addressed through the use of appropriate technology.
My aim is to identify tools, processes, and techniques designed to improve your advisory firm’s compliance practices as well as lower your direct expenses of following regulatory requirements (i.e. increase your profits). Note that not all of the Best Practices are below, since items like “Review and update all contracts” are fairly self-explanatory.
Let’s begin.
Best Practice: Prepare and maintain all required records, including financial records.
Solution: Document Management Software
If your firm has been examined recently, you’re familiar with the lengthy list of documents requested by examiners. They want records ranging from your company’s org chart all the way to your trade blotter for one or two years. While the specific documents requested can vary widely from firm to firm, you need an efficient system that enables you to store, search, and retrieve records. Without question, document management software is the best solution. Don’t only use it for client documents. As NASAA’s best practices say, you need to deliver financial records, too. So when you close your company’s financial books for the year, add in the final records to a company repository in your document management software. Doing so stores it for your later review, but also allows for easy retrieval (by those who have appropriate access rights, e.g. your CCO) during an exam.
Best Practice: Back-up electronic data and protect records.
Solution: IaaS, hosted servers, or online backup
This is not the first time you’ve heard this: you’re an adviser, not an IT person. So why do you continue to switch backup tapes on your server as a part of your morning routine? It’s time to adopt more progressive, cost-effective, and automated solutions to back up and protect your data. If you’re tired of managing your own infrastructure altogether, consider leveraging Infrastructure-as-a-Service (IaaS) platforms where you can “rent” servers, install your custom financial planning or portfolio software, and operate as if the server was located in your office. Services from Rackspace, Amazon, IBM and more give you this flexibility. There are also providers that cater specifically to the needs of advisers like you, including True North Networks that I featured in this Morningstar Advisor column.
If you’re not comfortable with moving your entire infrastructure off-site, then online backup solutions may be a compelling alternative. You can still maintain your servers in-house, but you can back up critical data to online providers. Carbonite, Egnyte, Mozy, and CrashPlan are just a handful of the many providers that support online backup.
But a word of caution: even if you successfully back up all your data to an online solution, you’re not backing up your applications installed on your server. Realistically, you need some kind of mirroring or imaging solution for your primary server so that you can bring up a secondary server on demand that features all the same programs and applications you use. Data backed up online is useless if you don’t have the software program required to open it.
Best Practice: Document all forwarded checks.
Solution: Document Management Software
What do you do with checks sent in by clients? Photocopy them and file paper in a binder? Stop it!
Instead, scan all the checks you receive to an electronic document, then file that document in your document management software, indexed and labeled with appropriate information. May I suggest Document Type = Client Check? Then you can retrieve all checks you’ve received by clients for any date range with a quick search in your document management software.
Best Practice: Prepare and maintain client profiles.
Solution: CRM
Most advisers know the value of a properly-implemented CRM system. But I suspect NASAA comes across a few firms that still don’t have a CRM, and thus, have a hard time delivering any kind of systematized profile information regarding the clients they serve. With CRM, so much of a client’s characteristics are captured and recorded, making them easy to access every time an exam rolls around.
Best Practice: Prepare a written compliance and supervisory procedures manual relevant to the type of business to include business continuity plan.
Solution: Document Management Software
Still have a paper-based compliance manual that sits in the CCO’s office? And what about your spreadsheets that show when your firm last tested its business continuity plan? On a server somewhere?
Consolidate all of your compliance-related paperwork and workflow into a central repository stored in document management software. Better yet, make sure that you have access to that compliance repository when away from the office and in the event your office loses power. Remember online backup and hosted servers I mentioned earlier? Your business continuity plan won’t do you much good if you can’t get in to your building to read it. Move it into a secure system that gives you the ability to access it remotely and quickly retrieve those documents you created to prove you’ve tested your procedures. Another solution to consider for documenting compliance testing is Compliance11, covered in this Morningstar Advisor column.
More Best Practices in Part 2
That’s the first half of NASAA’s Best Practices. Check back later for Part 2 of this series where I finish the list with additional tools and techniques to simplify your regulatory compliance.