Galvin fine on Summit Equities raises questions over all adviser technology

Massachusetts Secretary of the Commonwealth cites violation of state law requiring firms to protect investors' private information

Jan 4, 2019 @ 2:24 pm

By Ryan W. Neal

Broker-dealers may need to re-evaluate policies regarding third-party adviser technology following a recent action by Massachusetts Secretary of the Commonwealth William Galvin.

Mr. Galvin's securities division fined Summit Equities, a New Jersey-based broker-dealer, $100,000 on Dec. 27, for failing to supervise registered representatives who mishandled information of Massachusetts clients held within third-party customer relations management software.

According to a consent order, Summit allowed advisers affiliated with the firm to select their own third-party CRM system. Four advisers opted to use Redtail CRM to store clients' private information, including names, addresses, phone numbers, dates of birth, social security numbers, account details, communication histories and adviser notes.

(More:Finra updates cybersecurity best practices report)

Summit had no access to or control over the data that advisers put into Redtail and the firm was unable to monitor the data and who had access to it. After the advisers terminated their relationship to Summit, they were still able to access the client data through their CRM.

Though Summit has a policy to wipe all client personal data from a departing rep's devices, the policy was not in place for third-party technologies like Redtail. Mr. Galvin's office decided this violated the Massachusetts law requiring firms to protect investors' private information.

"The security of personal information is a very serious issue for me and my office," Mr. Galvin said. "It is more important than ever that companies gathering personal information keep that information as secure as possible."

Summit Equities did not respond to a request for comment.

Terry Lister, a legal consultant and former Waddell & Reed chief regulatory officer, believes this is the first enforcement action of its kind, and is a "shot across the bow" to IBDs to re-evaluate how policies regarding client data are being applied to third-party technologies.

Most IBDs allow for, and even encourage, advisers to select their own CRM systems, Mr. Lister said. But the technology is ultimately owned by the adviser and not the firm. As a result, there is no oversight in place for what data goes into the technology and no plan for an adviser leaving firm.

"In the current environment we work in, the reps are going to have to recognize the fact that they can't just automatically assume that they can take that CRM data with them," Mr. Lister said.

(More: Retirement plans see rise in cyberattacks)

Mr. Lister recommends firms take time to inventory every third-party technology used by advisers, what data those platforms store, and whether or not the data will need to be retrieved if an adviser leaves the firm. Part of the reason Summit was fined was the firm simply wasn't following its own rules, he said.

If this is the first case of its kind, Mr. Lister wonders if it'll slow technology adoption in the IBD space.

"Instead of having a plethora of different CRM systems … rethink that business model and think more about providing a CRM system for the firm that all reps will use and the firm will control," Mr. Lister said.

For Paul Ewing, CEO of Prosperity Advisory Group, the case raises questions about who ultimately has sovereignty over client data.

"In the IBD space, it's a long held tradition that it's owned by the adviser," Mr. Ewing said.

The CRM has more than just identifying information, he said. It also contains meeting notes, financial planning information and records of client interactions, so how can the broker-dealer demand that information gets deleted, Mr. Ewing asked.

"Advisers have to ask the question: what are the rules at my firm?" Mr. Ewing said. "What does Cetera require? What does LPL require? Could we be in violation of the same rule?"

But what's most interesting to Mr. Ewing is that the broker-dealer has authority over information on a technology paid for and owned by the adviser, not the firm. What does this mean for third-party technologies like Redtail and how it works with IBD advisers going forward?

Redtail said it doesn't comment on client engagements.

Mr. Lister said he expects this is only the first case of regulators looking at how firms are governing advisers' third-party technologies.

"You're going to see more of this. Advisers either don't know or chose not to pay attention," Mr. Lister added. "Firms need to make sure that their advisers understand what the policies are in these areas and how it applied in all situations."

0
Comments

What do you think?

View comments

Recommended for you

Upcoming Event

Nov 19

Conference

New York Women Adviser Summit

The InvestmentNews Women Adviser Summit, a one-day workshop now held in six cities due to popular demand, is uniquely designed for the sophisticated female adviser who wants to take her personal and professional self to the next level.... Learn more

Featured video

Events

How are broker-dealers helping 401(k) advisers adapt to a changing market?

Bryan Hodgens, co-head of LPL Financial's Retirement Partners group, says the industry is getting much better at connecting advisers to wealth management opportunities and helping scale their businesses.

Latest news & opinion

Centerbridge said to be in talks to buy Advisor Group

Advisor Group's independent broker-dealer network in the U.S. has more than 7,000 advisers.

The drawback of Richard Thaler's 401(k)-Social Security idea? Social Security itself

Observers think Congress would need to address Social Security's funding levels and offer enhanced protections for the concept to work

Social Security funding outlook improves slightly

Retirement reserves extended one year; disability fund by 20 years

IBD report: Another impressive year

Despite a stock market decline, revenue is up. And the streak isn't expected to end anytime soon.

IBDs with the most CFPs

How many of the more than 83,000 certified financial planners are employed by the big independent broker-dealers?

X

Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting investmentnews.com? It'll help us continue to serve you.

Yes, show me how to whitelist investmentnews.com

Ad blocker detected. Please whitelist us or give premium a try.

X

Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print