Last week I posted How to address compliance deficiencies with technology: Part 1, covering the first half of “Best Practices” provided by the North American Securities Administrators Association (NASAA) for investment advisers. NASAA’s full statement appears in Coordinated State Exams Identify Top Investment Adviser Deficiencies at nasaa.org.
Read Part 1 first, then continue with Part 2 below to see my thoughts on how to address each practice with technology.
Best Practice: Prepare and distribute a privacy policy initially and annually.
Solution: Document management software, Workflow, Email Newsletter Service, Document Valut
Imagine that, something so simple as delivering a privacy policy resulting in not one, but four technology solutions! You’re required to give new clients your privacy policy and deliver one to all clients annually. First, where do you keep the original copy of your privacy policy? A good place to keep it is in document management software. Not only can the software help you locate your current privacy policy, it also should maintain a history of previous versions of your policy should you ever need to review changes.
With respect to the steps you follow for new clients, workflow can eliminate the times you might forget to deliver the required document. Workflow for the new client process should define all the steps needed to bring on the client, including the delivery of your privacy policy. You’ll find workflow tools in some CRMs, document management software, or specific workflow applications.
Physical (or virtual) delivery of your privacy policy is fairly straightforward. For clients who elect to receive your privacy policy electronically, you can deliver your document via email or by uploading it to a client document vault. You can lighten the load of email delivery by using email newsletter services, allowing you to create just one email with custom mail merge fields for client names that includes your privacy policy as an attachment. A few, but not many, client document vaults allow you to upload your privacy policy once and then copy it to all of your clients’ folders.
For those clients who do not want electronic delivery, I suppose you’ll just have to print hard copies and send them the old fashioned way by mail.
Best Practice: Keep accurate financials. File timely with the jurisdiction.
Solution: Accounting software, Document management software, Compliance calendar
This best practice is straightforward, but enough advisers fail to do this NASAA feels compelled to address it. First of all, you likely already generate company financials out of your accounting and bookkeeping software (Quickbooks in most cases). When you generate your reports, why not file them to document management software in their own repository? That way you’ll have a secure, backed up location where financials are kept, spanning all the years you’ve been in business.
Add to that a compliance calendar system so that your Chief Compliance Officer receives gentle reminders regarding due dates for the submission of your financials. Compliance11 is one example of such calendar systems you can use to keep tabs on things (covered in Morningstar Advisor).
Best Practice: Maintain surety bond if required.
Solution: Document management software, Compliance calendar
There’s not a lot of technology needed to follow this best practice, but once you purchase your surety bond (when required), scan and file a copy of it into your document management software. You can also set a reminder in your compliance calendar to renew the bond when it reaches its due date.
Best Practice: Calculate and document fees correctly in accordance with contracts and ADV.
Solution: Portfolio accounting software, Custodian Accounting software
Calculating fees can be a simple or convoluted process for an advisory firm. Some firms charge a flat percentage of AUM with no breakpoints or discounts. Just value the client’s portfolio once a quarter, multiply by the fee percentage, send a fee debit request to the custodian, and copy the client with an invoice.
But for those who provide asset breakpoints, exclude certain investments from fee calculations, or aggregate households together to qualify for reduced fees, things get complicated. The lesson here is to leverage high-quality portfolio accounting software that can be programmed with your specific fee structure and be customized for the special discounts you offer. I’ve seen complicated fee structures implemented with Excel spreadsheets, but these are so fragile and susceptible to innocent errors that can result in embarrassing calls when the wrong fees are calculated.
In addition, a few of the portfolio accounting systems will also reconcile fee distributions received from custodians and cross-reference them with the original debits requested. Doing this manually is extremely time consuming, so adding automation wherever possible is desired.
Best Practice: Review all advertisements, including website and performance advertising, for accuracy.
Solution: Diligence, Compliance calendar
No technology solution can solve all your compliance requirements. Here, just ensure that any material you publish publicly featuring your firm and/or its investment performance is accurate and complies with reporting requirements.
Best Practice: Implement appropriate custody safeguards, if applicable.
Solution: Account aggregation services
You have custody of client assets when you have the ability to direct fund distributions or change an account’s address of record without requiring client approval. Not many advisers have custody, but some unknowingly do when they ask clients for their login and password to a held-away account like a 401(k) or 529 plan. Login credentials are typically used to access holding and transaction information in the accounts to provide performance reporting and comprehensive net worth reports for clients.
Instead, you should use account aggregation services to obtain balance, holding, and transaction information from held-away accounts without needed any knowledge of client login credentials. Keep those credentials out of your hands. Account aggregation delivers daily information on held-away accounts to most popular portfolio accounting systems. You can still report on those held-away assets, but you don’t need to tiptoe the line of custody by gathering clients’ login credentials.
Best Practice: Review solicitor agreements, disclosure, and delivery procedures.
Solution: Diligence, Compliance calendar
Again, there really isn’t a technology solution that can facilitate this best practice, but should an adviser engage with solicitors, one must have procedures in place to follow regulatory requirements.
I hope you took a few pointers away from this two-part series. If you have alternate approaches to tackling compliance with technology, feel free to share them below or email me privately if your compliance department prohibits public posting!