How firms document risk management and suitability practices needs to change

Having worked as an institutional financial adviser as well as a direct service provider for the past 50 years, I have seen our space adapt and grow in countless ways. As an industry, we have met new client demands, evolved along with technological advancements and adapted to an expanding array of financial products. That said, I think regulators’ recent work to standardize our fiduciary code has been one of the most interesting developments to watch. With every new regulation passed, clarification provided and upcoming “sweep” warning issued, our industry is left to ask, how do we document our fiduciary duty?

The heart of suitability

The SEC-approved Finra Rule 2111 requires a firm or associated person to “have a reasonable basis to believe that a recommended transaction or investment strategy involving a security or securities is suitable for the customer, based on the information obtained through the reasonable diligence of the member or associated person to ascertain the customer’s investment profile.” I strongly suggest that everyone look to the Financial Industry Regulatory Authority Inc.’s Regulatory Notice 13-31, released in September 2013, for a full breakdown and refresher on the examination approach and necessary documentation. For the purposes of this article, I will be focusing on the heart of suitability — risk profiling and management.

Through my work in the industry, I’ve found that advisory firms are lacking in firm-wide implementation and documentation of risk management practices. Most financial service firms evaluate the risk and liability aspects of client portfolios in a manner that is un-scalable and non-standardized. Given that recent regulatory movements have underscored and heightened the importance of risk management, this occurrence is alarming and needs to be addressed.

Comprehensive and scalable systems

Creating a comprehensive risk management system that is scalable, standardized and easily supervised is not a simple task. At a minimum, an advisory firm needs a system that enables it to analyze the composition and risk of client portfolios and determine if they conform to a client’s actual risk and investment profile that is tailored to their specific situation on a just-in-time basis. Additionally, the system needs to let advisers know when client investment accounts, combined accounts (e.g. household), model allocations and/or individual investments are not in compliance with the firm’s guidelines and pose a serious risk of loss to the client and a financial liability to the institution. Broker-dealers, banks, insurance companies, RIAs and individual advisers spend billions of dollars and millions of man hours in just one year on compliance, risk management, legal fees and investor compensation, and still fail to create a comprehensive and scalable risk management system.

Advisory firms need to look outside of their firms for help. Finra Regulatory Notice 13-31 referenced above notes the use of portfolio analytical tools and asks firms to provide documentation on usage, the users (e.g., advisers or clients), the developer, how the firm supervises any suitability recommendations made by the tools, and how and how often the firm vets its chosen tools. This is important to keep in mind when looking outside your firm — make sure you review the tools’ models and methods for establishing client risk profiles, analyzing portfolio and security risk, and calculating requisite performance metrics, and are able to justify and support your choices.

When choosing and vetting portfolio analytic and risk management tools, advisers need to look for a timely batch risk analysis system that permits users to monitor specified compliance issues on a daily, weekly or monthly basis across the firm’s entire book of business. The system needs to be capable of determining when portfolios are incompatible with a firm’s or adviser’s compliance standards, and it should have a comprehensive and practical method for establishing, calculating and analyzing the requisite metrics for risk, liquidity, and performance characteristics and for communicating that information to the financial service firm and its representatives. The batch risk analysis system needs to be customizable so that each firm can establish its own set of criteria to determine whether a portfolio of investible assets is categorized as being out of compliance with a client’s risk profile, liquidity and performance requirements and poses a liability of financial risk to the client and the institution.

Advisers will also need to review and approve the output, analysis and proposal generation reports provided by the tools and make sure that they will be able to easily and quickly evaluate client investment accounts, combined accounts (e.g. household), model allocations and/or individual investments for risk and compliance.

With the SEC retirement sweep looming, it’s time for us to get our houses in order for the benefit of our industry and, as always, the benefit of our clients.

Phillip Wilson is the president and CEO of AdvisoryWorld.

Related Topics: Financial Industry Regulatory Authority, Risk Management, Securities and Exchange Commission