Regulatory Outsource

The compliance chores have never been so onerous.  Fortunately, there has never before been so many outsource solutions.

The financial services profession is going to have to adjust to new Reg BI disclosures, a growing list of cybersecurity requirements and increasingly intrusive inspections from the SEC and some states.  Ugh!  I know of no other profession that has to undergo such intrusive outside supervision of their activities, and particularly not from a regulator that is great at finding tiny foot-faults that have no impact on consumers, while being unable to catch massive fraud right under its nose.  (See: Madoff, Bernie)

But that’s the reality that advisory firms have to live with, which means that somebody on staff has to be responsible for a lot of legalese and compliance with regulatory footnotes.  Most advisors don’t have a staff position to devote entirely to making sure a fussy regulator won’t find something in the books and records or client correspondence, which is why a growing number of firms are leaning on outsource consulting firms to help them stay inside the lines.

How do you find these people?

This article will profile some compliance consultants that were mentioned by Inside Information readers, but I should start with a few resources that were not mentioned.  One is Complect (http://www.complect.com), which crowdsources experts and firms which provide compliance help, including former regulators and private individuals who once served as CCOs of large advisory firms.  You post what you want—anything from filing or updating your ADV to compiling your Reg BI disclosures to having somebody do an on-site audit—and compliance experts offer you pricing to complete the work. 

Complect handles the billing process, ensures that the work has been done to the advisory firm’s satisfaction and takes 10% of the payment.  There is even a rating system that allows advisors to see how satisfied former customers were with the work of each professional.

If you want an ongoing relationship with one of the leading law firms in the compliance space, Tom Giachetti’s firm, Stark & Stark (https://www.stark-stark.com/) in Lawrenceville, NJ, now offers ongoing compliance assistance similar to what you could get from one of the outsource providers, including ongoing maintenance and review of your firm’s Form ADV, preparation and submission of forms U-4 and U-5, updating customized policies and procedures manuals, ongoing reviews of company emails, maintenance of state notice filings and books and records compliance—and, interestingly, the most-often cited problem: it will flag differences between the fee structure posted on your ADV and what your firm is actually charging clients.  The service is customized: you get an initial assessment of your firm’s compliance procedures, and then an estimate of costs based on what you are not doing effectively in-house. 

Another resource, more of a do-it-yourself reference library, is CCO Companion (https://www.digitalcompliance.com/) from Digital Compliance.  Digital Compliance offers a lot of video training courses in very specific compliance areas, but if you want to read up on topics, you can download CCO Companion from the Apple app store and get access to articles and information in 15 key compliance topics, broken down into 75 subcategories for easier searching.  The app is updated with SEC releases, no-action letters, enforcement initiatives and even speeches by key regulatory officials.  There are compliance training newsletters added each quarter, and tools and checklists on digital compliance.

Among the compliance solutions that Inside Information readers recommended, SmartRIA (www.smart-RIA.com), offers a cloud-based repository that automatically creates folders that contain the information that state and SEC auditors will be looking for when they pay you that inevitable visit.  You determine what documents and information will be needed in each folder, and the program automatically checks to make sure each client folder has the documents you need.  Sometimes the documents will be stored in two places: one for the relevant client, another in a master folder, and there is a document forms library that the staff can access when clients need to send a client agreement or custodial form.

Cost: $149 a month for the CCO and $75 a month for advisors who are on the platform.  Compliance consultants use SmartRIA in the background when they provide their own services to RIA firms.

A number of readers reported using RIA in a Box (https://www.riainabox.com/ria-registration-pricing-2), which now has integrations with Black Diamond, Morningstar Office, Redtail, Orion, Salesforce and Docupace.  As COO and CCO of Delta-v Capital (offices in Boulder, CO and Dallas, TX), Kyle Rogers has too many responsibilities to take on full-time compliance responsibilities.  “When I joined the firm, the company had just hired a consultant to prepare the compliance manual, get the firm registered, put in some policies and procedures—and it was all paper-based,” he says.  He looked for a solution that would be as holistic as possible, not only for the SEC RIA compliance, but also for the compliance issues related to Delta-v’s role as a private fund manager.

“When I talked with RIA in a Box, they were able to customize their solution for us, and it was cost-effective, which was great,” says Rogers.  He receives weekly emails that break down the year’s compliance chores into bite-sized pieces, which also show up on a calendar that the firm is able to customize.  “If I know a certain month is going to be very busy, and I don’t want to do something that is going to take a lot of time that month, I can move some of the chores to another month to better fit with my timing,” says Rogers. 

The firm also monitors whenever a member of the staff trades for their own investment accounts.  “When a new employee comes on or an existing employee opens up a new brokerage account,” Rogers explains, “I go to RIA in a Box’s website, enter their brokerage credentials, and the system automatically feeds all their trades into the system, and flags any trades in any securities that we’ve put in the restricted list.”    

Cybersecurity?  “Whenever we bring on a new vendor, we notify RIA in a Box,” says Rogers, “and most of the time they will have the necessary due diligence documents on file, which will then be attached to our system.  They’re in our filing system, should the SEC do an exam.”

Scott Weiss, of Weiss Financial Group in Mahopac, NY, started using RIA in a Box in 2011, when the firm made the transition to fee-only.  “At the time, we didn’t know what we needed to know,” he says.  “They helped us submit our Form ADV and build a compliance program from the ground up, at first though phone calls, and now through the web,” says Weiss.  “They have a central repository of all our information, and a compliance calendar that gives you recommendations and suggestions for how to stay on track throughout the months.  Once you complete a task,” he adds, “it goes into your compliance log, so the system is keeping track of all the things you’ve done to prove that you’re maintaining a good compliance program.”

Weiss is using RIA in a Box to review trades by staff, keep track of social media activity and flag any inappropriate message sent out to clients or prospects.  “Keeping track of all this stuff is burdensome,” Weiss admits.  “But it is not optional.  I’ve talked with advisors who are trying to do all these things on their own, and my compliance program is so much stronger.  They aren’t doing half of what we’re doing.”

I should add that, like SmartRIA, RIA in a Box is used by compliance professionals as their calendar/task engine behind the scenes.

Cost?  Depending on services, it could run anywhere from $250 to $500 a month, with an additional $150 for cybersecurity monitoring and $100 a month for employee trade monitoring.

Other solutions?  Sharlee Cretors, of SC Financial Services in Scottsdale, AZ interviewed a number of compliance outsource firms before engaging Marshfield, MA-based AdvisorAssist (https://advisorassist.com/).  “It was the best fit for us, as we’re a small firm with two of the three of us previous branch managers for Schwab,” says Cretors.  AdvisorAssist creates a compliance calendar that resides online, showing what needs to be done each month, and handles all the filings, provides template agreements and documents, and a customized procedures manual.  “I used to have a procedures manual that we had purchased,” says Cretors.  “But it was in PDF format, so I couldn’t make a lot of changes to it.”

SC Financial has 40 clients, but needs to be SEC registered due to the number of clients out of state.  Cretors says that among the firms she looked at, AdvisorAssist was the least expensive.  Cost: $500 a month.

Bradley Mendel, at Mendel Money Management in Northbrook, IL, has retained Compliance Advisor Professionals (https://www.complianceadv.com/) in Boston.  “They’re on top of everything, and they make sure we don’t miss anything,” Mendel says.  The firm amends Mendel’s ADV annually, reviews the compliance manual, provides monthly update and compliance scheduling calls and is on the company’s account with FINRA, so the compliance people receive all the notifications and requests that FINRA sends out to Mendel’s firm.  “Most of the time, before we’ve even looked at the message, they’re telling us whether an action has to be taken, or there’s no action; it’s just information,” says Mendel.

Mendel needed additional expertise since he was purchasing his firm from his father.  “They asked me: have you sent the negative consent letter to clients?” He says.  “I had not, so they sent a letter for me to edit, that I forwarded on to our clients.” 

He also likes the fact that the firm is willing to accommodate the business operations of an advisory firm.  “Attorneys don’t necessarily always give you practical guidance,” says Mendel.  “For instance, we had been saving all our statements and confirms in our files, paper copies at first, and now electronic copies. They came back to us and said: you really don’t have to do that.  Whereas, with an attorney, just to be careful about it, might have said: just keep doing it anyway.

Cost: $10,000 a year.

Jane Young, of More Than Your Money, Inc. in Colorado Springs, CO, works with Lori Neidel at Advisor Compliance Services (https://advisercompliancesvcs.com/) in Columbia, MO.  “She created a pretty elaborate compliance plan that includes all of our information and all of our documents,” says Young.  “She did an advertising and social media review and helped us with our ADV and state submissions.” 

Young now has disclosures at the bottom of her emails, and a code of ethics that ties back to her compliance manual.  “I didn’t realize that everybody has to sign a copy of the compliance manual and code of ethics every year,” she adds.

Neidel is an attorney, so communications qualify for the attorney-client privilege.  Young recently split her firm from a partnership which, she says, had been audited by the state and came through in good shape.  “I think we had pretty clean records,” she says.  “We weren’t a big challenge like some other firms might be.”

One area of uncertainty for Young was making sure that her vendors adhered to a cybersecurity policy.  “I said, well, how would you know?” says Young.  “They basically came back and said, if you’re using a larger company like Redtail, they probably already have everything they need in place.  If you’re working with a much smaller firm, you have to be more careful to get the documentation.”

Cost: $4,800 a year.

Of course, a number of advisors are working with smaller legal entities and former state or federal compliance officers.  Randy Brunson, of Centurion Advisory Group in Duluth, GA has a great relationship with Hope Newsome, of Virtus, LLP in Orlando, FL (https://www.virtus.law/)—formerly the Director of Business Practices and Controls for AXA Advisors.  “We have a monthly compliance call with Hope, where she tells us what we need,” he says.  “She’ll ask to see copies of five random service agreements and the related billing details.”

Centurian is state-regulated (roughly $700,000 in annual revenues) and Brunson has endured two state audits.  Both times, he says, the first thing the auditor asked for was copies of five engagement letters and the corresponding fee calculation methodology.   Newsome also updates Centurion’s ADV and service agreement together, to make sure they remain consistent, and as an attorney, she provides attorney-client privilege to the conversations and questions that Brunson poses. 

Cost is $6,000 a year.

Randy White, of TriCapital Wealth Management in Charlotte, NC uses Kyle Weeks of Securities Compliance Management (https://mastercompliance.com/) in Alpharetta, GA for outsourced compliance services.  Weeks was a former NASD (now FINRA) examiner, who was primarily engaged in visiting the offices of broker-dealers.  The firm provides a calendar of compliance items and conference call training programs—plus the annual ADV update.    

Cost: $800 a quarter, with discounts for advisory firms that are able to keep up with the compliance calendar.

Gary Gardner, of LifeAndWealth Advisors in Walnut Creek, CA works with attorney Paul Cox of Business Compliance Partners in San Diego (http://www.bizcompliancepartners.com/). “He gives you a workbook every month that you go through,” says Gardner, who is state-registered.  “It breaks all the things we have to have ready in a state audit into bite-sized chunks, so it doesn’t disrupt your business operations.  If I don’t understand anything,” Gardner adds, “I’ll send him questions, and have an answer by the next morning.” 

Cost: $200 a month.

As an addendum, Gardner adds that he was nervous about giving me Cox’s contact information.  “The guy is so good that people should know about him,” he says.  “But my trepidation is that he might get so inundated that he won’t be able to give me this level of attention.”

Brooke Salvini, of Salvini Financial Planning in Avila Beach, CA, works with Ellen Bruno, of Compliance Advisor Professionals (https://www.complianceadv.com/), who happens to be a former auditor who moved into compliance and oversight. 

“She reviewed and upgraded all my compliance documents,” says Salvini.  “My ADV is now friendlier, my privacy policy has more legalese, and my compliance manual is a bit longer.  While her compliance program does use templates as the foundation,” Salvini adds, “it is very customized to my business.  Her service is not boilerplate.”

A number of advisors recommended Neala Moore at Sapphire Compliance Management (http://www.sapphirecompliance.com/) in San Antonio, who works with Garrett Network advisors, both personally and as a group with quarterly compliance webinars.  She’s an attorney who also, early in her career, worked as a financial advisor for UBS Financial Services, and as Chief Compliance Officer for Matterhorn Capital Management.

Evan Levine, of Complete Advisors in Valley Stream, NY outsources compliance chores to John Shields of Advisor Guidance (https://advisorguidance.com/) in New Castle, NH—a CPA with 44 years of compliance experience.  “He normally works with much larger firms,” says Levine, who originally hired Shields when he was state-registered.  “When I left my broker-dealer in 2009, he walked me through the registration process, helped me prepare my ADV and brochure and private statement and all that.”

In the eleven years since, Shields helped Levine move Advisor Guidance over to SEC registration, provided a quarterly checklist of compliance activities that need to be completed, and guided Levine through an SEC audit.  “Every time they asked a question, I would forward it to him, and he would help me answer it,” says Levine.  “I came through with flying colors.  He even wrote the response letter for me on the one thing they found.  He’s very accessible,” Levine adds.  “If we have a question, we just pick up the phone.”

Cost to register a new entity: $3,100, and ongoing regulatory and compliance maintenance is $600 a quarter. 

Sharon Bloodworth at White Oaks Wealth Advisors in Minneapolis has 20 years of experience using Financial Planners Assistance (https://www.fpacompliance.com/) in Barrington, RI.  “They send out newsletters updating our understanding of compliance developments, help us maintain our ADV, and they will come out and do a mock audit every two or three years,” says Bloodworth.  “More recently, they’ve provided a compliance calendar.  If there is something I’m not comfortable with, like a marketing question, I’ll send that to them for a response.”

Bloodworth, whose firm currently has 260 clients, is one of the few advisors I have talked with who is willing to admit that she, personally, enjoys compliance work.  “My personal bias is that it is not an outsourceable thing,” she says.  “I like to be on top of what people are thinking and where the issues are,” she continues.  “When the SEC tells you what they are looking for and what they’ve found at other places, it gives you a roadmap to what you have to do for your own firm.”

Scott Hamilton, of Hamilton Financial Planning (locations in Austin, Houston and Dallas, TX) works with RIA Compliance Consultants (https://www.riacc.io/) in Leander, TX.  “After I was laid off from Dell, I got my CFP and started this firm in 2009,” he says.  A former financial examiner with the Texas State Securities Board’s Inspection and Compliance Division named Ivan Barretto helped him file his ADV and reviewed his contracts.  When Barretto left to start RIA Compliance Consultants, Hamilton followed him. 

What attracted him to Barretto?  “He knows the regulators,” says Hamilton.  “When I was audited last year, I called him, and he said, yeah, I know this fellow.  I’m not sure why, but I find that comforting.”

Hamilton has endured two state audits—and interestingly, the first took place while he was doing pure financial planning without taking on assets to manage.  “It was really awkward, because they didn’t know what to ask me,” he says with a laugh.  “We talked about scotch a lot.”

The ongoing relationship involves updating the ADV, providing monthly compliance tasks conveniently in Google Forms, and being able to answer compliance questions as they come up.  “They also helped me register in South Carolina, Florida and Louisiana,” says Hamilton.  “I’ve made it through two audits and no big deal.  We had an elder abuse case where I was a potential witness, which was new territory for me, and it was helpful for me to have somebody to talk with about the ins and outs of elder abuse.”

Cost: $125 a month.

John Purrington, of Armor Investment Advisors in Charlotte, NC is using Fairview Investment Services (https://www.fairviewinvest.com/) in Raleigh, NC.  “Their services go well beyond the traditional consultant who comes in, reviews your operations and leaves you with a list of tasks to do,” he says.  “They integrate their services into our ongoing operations.”

What, exactly, does that mean?  “We’ve had different consultants during my time here,” says Purrington.  “But what we have now is very different.  They have built the ability for us to share files securely.  They send all the stuff to make sure the quarterly code of ethics are done.  They make sure we have the 13F done, and help us with the ADV updates.  The time savings I’ve gotten knowing I don’t have to read all the new things about Reg BI and how the new ADV form is going to affect us and what we need to do—is awesome.”

There’s an ongoing compliance calendar, and the firm is connected with Armor through Global Relay, so Fairvew staff can audit the emails and write a compliance report every year.  “They also come to our offices and do training,” says Purrington.  After Armor conducted a client survey, Fairview was consulted, and cautioned against saying that the firm had received great reviews from the survey, which might be construed as a client testimonial.

What have they found in the emails?  “In all the years they’ve been doing it, there was only one incident,” says Purrington.  “We had a person who was telling clients that we can do better than a money fund.” 

The proof, as always, is when the SEC knocks on the door.  “The SEC came in and said, you look good.  Don’t do anything different,” says Purrington.  “We didn’t even have a typo to fix.  Fairview really is a partner, not just a consultant,” he adds.  “I don’t have to drive my compliance calendar, because they’re constantly checking in and making sure things are done.”

Several other service providers that were mentioned by Inside Information readers:

Compliance Works (https://www.cwicompliance.com/) in Palos Verdes Estates, CA.

Beach Street Legal (https://beachstreetlegal.com/) in University City, MO.

Attorney Pat Burns, Attorney (https://www.pjblawoffice.com/) in Beverly Hills, CA.

Core Compliance (https://www.corecls.com/) in San Diego and San Francisco.

Cindi Hill, Hill Compliance Advisors (no longer taking on new clients).

Focus 1 Associates (https://focus1associates.com/) in Medford, OR. 

Scott Gottlieb of U.S. Compliance Consultants and Digital Compliance (https://p2pcompliance.com/), in Greenwich, CT.

I’m going to go out on a limb and guess that most of you had no idea there were so many compliance resources in today’s financial services marketplace, or that you could outsource a lot of the record-keeping and monitoring hassles for less than the cost of an intern.  With regulation becoming a bigger time burden for advisory firms, the outsource option never looked better—and never before have so many providers been available to take these chores off your plate.