We asked Tessa Lee, managing director of UK-based private client portal provider moneyinfo, to provide us with some insights into what wealth management firms should be focusing on and prepared for around GDPR.
1. What’s the most important single step you can do to help ensure Personal Data is protected?
There’s the basic stuff that you should have done for GDPR. These would include:
- Checking that your technology systems such as your workflow, CRM, investment systems and platforms that provide access to your client’s data are properly encrypted, especially if these are accessiblet through the cloud. Ideally, your data will be separately encrypted from other clients of your software provider, ensuring that even if someone had the encryption keys for one company they cannot access the data of another.
- Updating your client, supplier and staff agreements to ensure, as Data Controller, you have adequate protection in place with third-parties to protect Personal Data.
- Checking your existing systems and procedures comply with the new rights of individuals to Subject Access Requests and Data Portability and you’ve carried out Data Impact Assessments where your processing highly sensitive data, which is most of the stuff you hold.
Assuming you’ve done the basics, then the most important step a firm can take is to use secure messaging rather than email. The key requirement of GDPR is that you take appropriate steps to ensure your client’s data is always protected. Sending highly confidential financial information over unencrypted email is not compatible with GDPR. A portal providing access to messaging and documents in a secure environment is a minimum requirement for any modern wealth management firm.
2. You mention the risk of email. That has become an everyday part of our lives so how can you get staff and clients to stop using it?
It is hard to wean staff and clients off email. The only way to make this possible is to make the communications as easy (if not easier) than email for both the client and their advisers. We access most of our email via our smart-phone, using laptops or desktops when the information is too complex to view easily on mobile. The success of communication portals such as WhatsApp, Facebook Messenger and Facetime is their ease of use and convenience. Your secure messaging portal must make communications this easy for clients to access and respond too. Push notifications on mobile, biometric and/or pin login, help to make secure messaging easy for clients to access but importantly very secure.
Ultimately, the goal for all firms is to go completely paper-less. This should include not only your communications with clients but also your staff.
Going paperless, means getting rid of all paper and that includes forms that need to be completed and documents requiring a signature. Electronic signatures from companies such as DocuSign are increasingly acceptable to most third-parties you will deal with. Incorporating, documents with electronic signatures can avoid the need for paper and postage for almost all elements of your client on-boarding and ongoing servicing.
3. What other areas will pose a challenge for wealth managers? Are there more complex areas to consider?
The biggest challenge with any client portal is adoption. Having a great portal that your clients don’t use will provide no benefits to your firm, and your staff and clients will quickly move back to using their existing forms of communications. You need to think about the problem from a client’s perspective and solve the challenges they have, not just building a portal to make your business more efficient.
Think about what problem your client wants to solve and aim your technology to solve this problem first. Your clients have two major concerns when it comes to their financial data:
- Keeping track of all their finances and where to find the important information when they need it, which is often in an emergency
- Security given all the recent attacks on Talk Talk, the NHS, TSB etc
If you could design the ultimate application to manage your finances for you, what would it do for you?
- Track your investments, savings and pensions
- Track your property and related insurances
- Track your income and spending
- Store all the paperwork so you can find it easily, especially in an emergency.
- Remind you when you need to do things and help you to do them.
Your clients want pretty much the same thing. Financial peace of mind. Ultimately, we’d all like a private office to manage our finances so we don’t have to. In the absence of this, make you client app deliver a solution to your client’s problems not just yours.
4. What is your remedy to these challenges and what are the benefits?
moneyinfo works by bringing together all of your client’s finances with all of the associated paperwork. It tracks their investments, savings, pensions, property, insurances, banking, credit cards, mortgages and loans. Added to this are tools for them to be able to analyse their spending, get reminded of key financial events, renewals, maturities, income and other events they may need to be reminded of such as tax returns, car MOTs etc. and store their in case of emergency documents – passports, wills, etc to provide complete financial peace of mind.
Add to this, tools to make your business more efficient for on-boarding, factfinding, planning, automating, enhancing and protecting your business and we think it’s a no-brainer for wealth firms to implement a client portal integrated with their existing investment in tech such as their Investment Platform, CRM and Workflow.
5. Modern technology is great but wealth managers are not necessarily technicians. How does your technology work with a wealth firm's existing stack?
Once you’ve implemented a secure client portal to handle your client communications, one of the challenges remaining is how this can be successfully integrated with the other systems you use. If a message is sent from a client through your portal, it needs to pop-up as activity in your workflow system and be recorded as part of the audit trail of client correspondence.
Modern systems connect to each other through single-sign on (SSO) and an application programming interface (API) which can make systems appear to seamlessly integrate from a user perspective and share data so that information entered on one system is automatically replicated in the other, where relevant.
From a user perspective, we want to enter data once and have one-list of items to-do so things don’t get missed. As technology providers it is important that we concentrate on building best-of-breed technology and making sure they can connect to the other systems being used.