Outsourcing Technology: How (and Why) One Advisor Firm Did It

Jul 7, 2015

Last year was the year of the robo-advisor. I suspect that this will be the year of cyber-security and technology outsourcing. It is the topic that a lot of advisors do not know about, really don’t want to know about, but suspect that it is a big deal. They are correct.

This post addresses the topic through the eyes of advisor, Keith Mitcham of Strategic Financial Keith MitchamAdvisors (SFA), who resides in Houston, Texas. As context, SFA is a lean firm with three senior advisors, a paraplanner, and a client service associate. IT support was performed by an external consultant who did a competent job.

Owning technology in-house
If you are a large advisory firm, you probably have a layer of management – the “C” layer, with titles such as COO, CEO and CMO. If you have not reached this size yet, roles and responsibilities have often grown organically, driven by the advisors’ natural capabilities and interests.

Identifying the advisor who is responsible for the technology of the firm is important. Advisors tend to like focusing on the client, sales and marketing. Technology is sometimes not a high priority, as it is seen as an expense and not revenue. When the topic comes up between advisors in a firm, the selection is often a version of “OK, I’ll do it – someone has to.”

In SFA’s case, Keith is that advisor. He jokes that it was a natural selection process; one of the other advisors is asked to keep away from the firm’s computers, as his proximity causes them to die.

The stakes are high
Cybersecurity is often pushed down the priority list. It is a risk and expense issue – rarely at the top of an advisor firm’s active projects. Keith knew that there were some issues in his firm’s technology, adding, “I didn’t know what I didn’t know.”

As he delved into the topic, he found significant issues. It caused him to lift the issue to the top of his queue. He outlines the issues and his firm’s new position on them this way:

Issue: Potential data breaches. Keith never wants to be the person who has to call a client to say that their personal data has been breached. Being an advisor is all about trust, and this would be a way to eradicate years of building it. A client’s personal and financial data is a privilege to have access to.

Position: An advisor should do everything humanly possible to ensure that client data does not get into the wrong hands. Keith puts his own personal information in the same system as his clients, so that he is in the same position as them. To use a technical metaphor, he is “eating his own dog-food.”

Issue: Potential penalties associated with breaches. The SEC is solidifying its position on cybersecurity, issuing cyber-guidance in April 2015. This article suggests that it may be followed up by the penalties for data breaches.

Position: Keith is turning the precaution into a competitive advantage. He is using the opportunity to educate his clients on the risks of cybersecurity. This will allow him to differentiate his firm by highlighting the aggressive steps that SFA has taken to address the issue.

Time to outsource
Keith’s firm is all about outsourcing. He believes that his primary focus should be the financial planning needs of his clients.

So what does it mean when an advisor firm outsources their technology? Keith found that it falls into the following categories:

Technical infrastructure strategy: A technical outsourcing firm will advise you on how your different applications can integrate. It will give insight on all the technical aspects of your business, from your CRM to the laptops you are using. It will then give you advice (or a roadmap) for ways that you can improve.

Technical support: Keith no longer needs any technical support from anyone else but his technical outsource firm. The firm gets back to him on any technical issue within an hour. Any technical issue is either addressed or the firm will “take over” his laptop by remote computer control and fix the problem remotely.

Cybersecurity: SFA now has a documented cybersecurity policy. So much of cybersecurity is about how a firm’s staff conducts themselves, and the outsourcing firm supplies training on webcast and with videos. Also included are how to react to events, such as procedures for when someone leaves the firm.
Audit support: If the SEC should come knocking with an audit, an unlikely event with the policies in place, the outsource firm can support Keith through the process.

Selecting a firm
The next big question – which technology outsource firm to select? It is only recently that there have been options in our market. Now there are several. Keith started off his search with Bill Winterberg’s video blog site, FPPad. Bill recently did a review of the SEC and cybersecurity. From the blog post, Keith identified three possible companies. After conversations with all three, he selected Itegria. He felt all three would have provided good solutions, but he was taken by Itegria’s focus on the RIA market.

The process
Keith felt the process for starting with his new IT partner was fairly painless and educational. Here is his experience:

Step 1: Phone call. The firm mainly listened to what Keith wanted from the collaboration, what he wanted to outsource, and what he wanted to keep within the firm.

Step 2: To cloud or not to cloud? Keith needed to make a decision: was he going to have a server at his office or would he move entirely to the cloud? Keith decided to go the cloud route, as he felt that the cybersecurity monitoring would be more effective – the firm’s disaster recovery approach was impressive. Keith also feels that this is the way our industry is going, so why not be ahead of the curve?

Step 3: Tech assessment. An Itegria technician took an in-depth look at all of the technology SFA had today and planned for the future.

Step 4: Vulnerability report. Itegria gave Keith a vulnerability report and a roadmap of next steps. Also included was a detailed proposal for the cost of their service, customized for Keith’s configuration, and explained in layman’s terms.

Step 5: A final phone call. This call included the technology person and a business person to answer questions and sign the contracts. Keith felt that between the two of them, they could have answered any question and halfway through the process, felt good enough to stop asking questions and really outsource the function.

Step 6: Migration. This was a 60-day period where the entire firm’s technology was moved to the cloud and the service aspect was started.

I asked Keith if there were any surprises in this process. He identified the following:

Vulnerability: The vulnerability report showed more vulnerabilities than he expected. He felt that any firm that went through the process would feel the same way. This was the moment that he felt he was answering his initial feeling: “I didn’t know what I didn’t know.” Now he did.

Cost. Keith has a spreadsheet of the cost of his IT. Although it is in its early days, he calculates that the outsourcing approach increases his monthly IT cost by around a third. This was less than he expected and he felt was good value for his peace of mind. He even found some areas where he was able to cut costs, such as moving his Microsoft and other administrative programs to the cloud versions. The service cost does vary greatly by what is outsourced and the number of employees of the business. Typical costs for a firm about the size of SFA are in the $150 to $250 per month range.

Risk. The process was a huge eye opener. One item was the cost if the security of your clients’ data is breached. The data may be used by criminals for several years. One way to cover this is to take out expensive insurance, so that any costs (either direct or through litigation) of the effects of a breach are covered.

All in. Keith has a warning for advisors starting the process. He feels that when you get into it, there is no going back. What you find out in the assessment of your business ensures that you outsource with a sigh of relief for having dodged a bullet!

Easier than expected. For the initial process, SFA did not upgrade any technology and all the major software applications are staying in place. As they do upgrade in the future, Keith feels that they now have a built-in expert to advise them on any technical enhancement.

Food for thought
I like looking at new services and events in our industry through the eyes of an advisor. It gives a real example of whether something is worth an advisor spending their money or, even more importantly, their precious time on.

Keith is in the vanguard of technology outsourcing. There are many more advisor firms that are going to follow in his footsteps in the coming months.

This is just one area of technology for advisor practices. We’ll also be addressing how advisors can help improve their client-facing technology in an upcoming webinar, Finding Your Inner Techno-Advisor. Register now!



Raef Lee

Raef Lee

Raef Lee is the technology contributor for Practically Speaking and also serves as a managing director for the SEI Advisor Network.

Learn More About Raef Lee



HNW Whitepaper

Recent Tweets