Fintech Corner: RIAs Stay Nimble in the Face of Cyber and COVID Headwinds


By: Gerelyn Terzo 

Practifi chief commercial officer and co-founder Adrian Johnstone recently joined Dara Albright on the DWealth Muse podcast to discuss the role of CRMs in RIAs. In Part Three of that series, we will explore cybersecurity for advisors and how COVID has impacted the relationship between advisors and tech, especially considering the rise of the delta variant. 

As financial advisors increasingly rely on the cloud to store sensitive client data, strong cyber hygiene has never been more important. And yet cybersecurity remains a “huge issue,” one that is “very easy for RIAs to overlook,” explained Johnstone.  Advisors might think that cybercriminals are too busy targeting big enterprises to be bothered by family offices. But they couldn’t be more wrong, considering that bad actors “trade in the identities…of high-net-worth individuals,” who are the clients of RIAs and where the cybercriminals find the biggest prize, Johnstone said. He added:  

“There is a lot of risk from an RIA perspective, and there are a lot of simple things that can just tighten the kind of control framework that they have, [even if] that is just good password control.” 

For its part, Practifi has implemented multi-factor authentication into the fabric of the CRM, requiring every login into the system to authenticate the user’s identity in multiple ways. Advisors still get a say and maintain control over where the systems are accessible from, and Practifi takes it from there with layers of control over the data, covering how data is stored and shipped and whether it’s encrypted.

Practifi’s portal system makes it so that clients never have to send documents by email. Instead, they can simply drop them into a secure environment, which is becoming the industry standard. An exception is legacy systems, which are often installed in offices, networks servers that are not secure. 

“I think for RIAs, it’s really about taking a step back and understanding it’s not just the risk to their business, but it’s the risk to their clients and their clients’ livelihoods as well,” said Johnstone.  

He is also quick to point out that simple steps go a long way, such as knowing how data is being accessed and who is accessing it: 

“You know, one of the biggest risks to data security is around rogue employees. Do you have evidence of who’s accessing and changing records? Do you have a history of who you’ve blocked? So, there are a lot of layers. And certainly, I’d encourage everyone to make sure that they’ve had a conversation with their product provider, just to make sure that they are at the very least making use of the tools available in the systems that they have,” said Johnstone. 

Value Proposition

When COVID came on the scene in 2020, it took away the in-person experience between the RIA and the client. Many advisors went into full panic mode as a result. There was so much uncertainty in the air, and advisors weren’t sure how they would access records and fulfill upcoming client meetings. Fortunately for Practifi and its clients, everything is in the cloud. 

“We were able to reassure them that they had security controls and that we could whitelist IP addresses for their staff’s locations. We could ensure that only the right people had access to systems,” explained Johnstone. 

Unfortunately, this is not always the case with legacy platforms, where paper files are known to be common. 

As it turns out, the shift to Zoom or Microsoft Team calls rather than face-to-face meetings actually made things easier for RIAs from a compliance standpoint, considering calls can be recorded and there are no meeting notes to take. All of this hinges on a client’s willingness to have the video calls recorded, of course. 

This new on-demand dynamic has also transformed the client-advisor relationship considering everyone is more comfortable with the virtual setting than they otherwise might have been. This has placed more demand on the advisor to respond to a client’s needs more quickly and proactively. 

“No longer is it good enough to talk about how the market moves or how a portfolio is performing because clients have broader needs, and they’re looking for that information in a more real-time context…They want more outreach…So I think the whole value proposition around how servicing models work has had to change quite dramatically,” explained Johnstone.   

If you missed Part 1 and Part 2 of this series, they can be accessed here and here.