Fidelity to limit 401(k) access by third parties

Fidelity to limit 401(k) access by third parties
The company will shut off access to accounts by third parties that use client credentials to log in, the firm said.
SEP 16, 2024

Fidelity is clamping down on third-party access to 401(k)s, a move that could restrict outside advisors from managing clients’ assets in those accounts.

On Friday, the massive financial services company announced that it would “begin taking steps to prevent platforms reliant on credential sharing from accessing and taking action in customer accounts held at Fidelity.”

That step, the firm stated, “is with customers’ best interests in mind to enhance security and reduce customer data exposure.”

It’s also a major roadblock for fintechs like Pontera that specialize in giving advisors a way to access clients’ accounts without having 401(k) participants give advisors their login credentials directly. That company, which quickly responded to Fidelity’s announcement on Friday, has raised at least $160 million across numerous funding rounds and has clients including SageView Advisory Group, Dynasty Financial, SignatureFD, and Savant.

In May, Stifel announced that it signed on with Pontera to give more than 2,400 advisors access to as many as 200,000 client accounts.

“Safety and security are core to our company. We are committed to helping Americans make the most of their retirement savings,” Pontera said in a statement provided by a company spokesperson. “We maintain strong relationships with record keepers and aim to partner to deliver the best outcomes for our shared customers.”

That firm sent a letter to clients last week, according to a report on Friday by Financial Advisor IQ. It provided suggested language for comments to Fidelity that would urge the company "to explore collaboration," the spokesperson said.

"We can confirm that Fidelity is proactively seeking to engage with those impacted by these changes," a Fidelity spokesperson said in an email. "We have requested more information on how they are working with other record keepers, which we have not yet received. In the meantime, we feel we need to work toward prohibiting access through credential sharing to protect our clients and their assets."

For its part, the company said that the forthcoming restrictions are necessary to help ensure account security.

“Some third-party fintech firms use credential sharing (e.g., username and password) to access, manage, and trade within their clients’ employer-sponsored retirement accounts, including those held at Fidelity, without plan sponsor oversight,” the firm stated in its announcement. “Credential sharing presents security risks to our customers, particularly when it enables third parties to take high-risk actions, such as executing trades within the accounts.”

The firm also said that it expected the change to be “minimally disruptive to clients” but that “they may need to communicate with any outside advisor with whom they work to ensure account transactions are managed as intended given accounts may no longer be accessible by advisors via certain third-party platforms.”

"The financial advisors that have chosen to work with these third-party fintechs have done so independent of their relationship with Fidelity," the company spokesperson said. "This type of credential sharing is misaligned with Fidelity’s core principles and beliefs. Fidelity works in partnership to support many advisors who securely advise on employer-sponsored retirement accounts with plan sponsor oversight."

The halt to third-party credential log ins follows a change Fidelity made last year to eliminate “screen scraping” from its systems, resulting in nearly all consumer data sharing happening through its own application programming interfaces, or APIs, the firm noted. The middleware firm Akoya is a spinoff of Fidelity, the business it uses for APIs, among others.

“Security considerations need to be balanced with consumer access and experiences. Open banking, which enables consumers to securely permission their data to third parties, is built on this premise,” Sima Gandhi, senior advisor at FS Vector, said in an email. “Importantly, when entities take steps that materially impact consumers, those should be done in consultation with industry stakeholders to minimize disruption.”

How important it is for advisors to make transactions in clients’ 401(k) accounts, rather than just viewing them and making recommendations to customers, may vary.

“It is important to understand what the advisor is looking to accomplish with access to the 401(k) platform,” said Chuck Failla, CEO of Sovereign Financial Group, in an email. “Specifically, does the advisor simply want to establish a stable link between the 401(k) platform and their account aggregation system with a goal of having a single point to view all the client holdings? Or does the advisor want to actually have the ability to get into a client’s 401(k) to place trades?”

The former is critical to most, while the latter is nice to have, he said.

Pontera’s service provides the convenience of not having to have clients make their own allocation changes within 401(k)s, though using the service adds costs, he noted.

“For that reason, not all advisors will pursue that solution, which is why I believe it’s less of an issue if ‘trading access’ gets closed down,” he said. “However, it is very important to note that the ideal would be to maintain both types of access, which would give the advisors and their clients choice – that’s always paramount in my book.”

Editor's note: This story was updated to include comments from Fidelity.

Latest News

Social Security trustees see one less year in insolvency countdown, project shortfall to start 2034
Social Security trustees see one less year in insolvency countdown, project shortfall to start 2034

New report shows dimmed outlook for benefits to retirees and disabled Americans, creating further pressure for federal tax hikes or more borrowing.

NY Republican Stefanik presses SEC to probe Harvard bond sale
NY Republican Stefanik presses SEC to probe Harvard bond sale

Open letter to SEC Chair Paul Atkins questions whether the Ivy League university withheld material information prior to its $750 million taxable bond offering.

Ex-LPL leader re-emerges at The Wealth Consulting Group
Ex-LPL leader re-emerges at The Wealth Consulting Group

The Las Vegas-based hybrid RIA overseeing $8.8 billion in assets has named Andy Kalbaugh president to help scale its advisor platform.

Envestnet extends investment offerings with new alts model portfolios
Envestnet extends investment offerings with new alts model portfolios

The wealth tech giant – in collaboration with Fidelity, BlackRock, State Street, and Franklin Templeton – is offering its advisor and wealth firm users more ways to diversify.

Just as wealth industry M&A was picking up, economic uncertainty could kill it again
Just as wealth industry M&A was picking up, economic uncertainty could kill it again

Deal volume increased post-election but now caution has taken over.

SPONSORED RILAs bring stability, growth during volatile markets

Barely a decade old, registered index-linked annuities have quickly surged in popularity, thanks to their unique blend of protection and growth potential—an appealing option for investors looking to chart a steadier course through today's choppy market waters, says Myles Lambert, Brighthouse Financial.

SPONSORED Beyond the dashboard: Making wealth tech human

How intelliflo aims to solve advisors' top tech headaches—without sacrificing the personal touch clients crave