One RIA's bid to make the technology that makes it possible to use one password
Beverly Hills Wealth Management wants to eliminate the downside of open architecture
Brooke’s Note: There is an implicit trade-off that advisors confront as they seek to serve and protect clients. The more services or products that they make available to clients, the more they open them up to security risks. The more they close off security risks by going to a closed system, the less they can deliver upon using the open architecture that is at the heart of being a fiduciary advisor. This article is about the technology officer at a small roll-up making some big moves to change this equation to the benefit of RIAs. See: FRC report: Merrill Lynch, Morgan Stanley, UBS, Wells Fargo are undergoing a radical transformation to a brighter future.
Andy Fass, an advisor in the Roseville, Calif., office of Beverly Hills Wealth Management LLC, used to have to log-in to each application he wanted to use separately on different screens and with different passwords. Sometimes the applications timed out and he’d get bumped off the system and have to log back in to each application. Sometimes, passwords or usernames would be forgotten or lost.
“It was a void in the technology,” says Fass.
“We had to give each person 18 passwords and links. If they forgot, they had to call the help desk. There were too many holes in our security plan,” says BHWM’s chief information officer John Stuart.
With more and more advisors wanting to break away from wirehouses but not wanting to engage in the exercise of managing multiple passwords that protect hundreds of millions of dollars in managed assets, BHWM, a roll-up-like venture, has decided to take matters into its own hands and has now achieved an initial milestone. The firm has spent the last year developing and building an enterprise computing security system to solve this problem. It previously launched a pilot/beta version of a much smaller and less-sophisticated system last year. See: Mag Black-Scott partners with Intel and brings aboard serious MSSB talent in quest to.
Spearheading the effort is Stuart. “We’re replicating the wirehouse portal.”
BHWM, which has $350 million in assets under management and five satellite offices, built the platform, Maestro, in-house with some McAfee security embedded in it. McAfee is owned by Intel. What is different about what the Maestro does is to address how one “cloud federation” interacts with another so that the positive integrations don’t also serve as openings to hackers, according to Stuart.
Scott Graflund, a partner at FallLine Strategic Advisors LLC, a company that worked to become a roll-up before becoming a consultant to other roll-ups and large wealth managers in the industry, says the single sign-on issue is top of mind for many advisors looking at leaving a safe and cozy corporate brokerage setting. See: How a Chicago RIA grew to more than $700 million by carving out a client niche of wirehouse execs.
The need to minimize passwords has become incredibly important for RIAs, he says. “Single sign-on is a really important thing in the independent space.
It was the same kind of enterprise-secure server that larger advisors leaving wirehouses and joining BHWM were accustomed to. Because wirehouses and large firms have enterprise computer servers that provide one secure log-in for all things an advisor needs, an advisor never thinks about it — until it’s not there anymore, Graflund adds.
As BHWM, founded by Mag Black-Scott, has grown, it has added applications for compliance, operations, sales and alternatives, making the overall system simultaneously more complicated and less secure. Each advisor needed a separate password and log-in for each application, says Stuart. See: Advisor spotlight: A trailblazer at Morgan Stanley, Mag Black-Scott has a new RIA and an ambitious plan.
BHWM previously unveiled a beta version, called Wealth Management Maestro, a year ago. It has spent the last 12 months building out that initial offering with enhanced security and more mobile capabilities. While BHWM originally worked with Intel to build the system, after Intel bought McAfee in 2011 many of its security tools were eventually moved to McAfee and expanded. BHWM now works with McAfee to provide some of the security built into its system.
Maestro is now available to all BHWM advisors and is currently being rolled out to them. Stuart is hoping institutional-level advisors will see it as a reason to join the firm. At wirehouses and large companies, an enterprise server — where an advisor logs in with one password and is able to access securely everything they need — is standard. By making that available to RIAs, Stuart is hoping to eliminate that deficiency in advisor technology.
In addition, BHWM will sell Maestro to other advisors via Maestro Advisory Services, a company formed by, and under the ownership of, BHWM. An advisor can purchase a license and be set up for $50 to $100 per month.
Eventually, “it’ll be readily available to all RIAs,” says Stuart, who notes that a number of people have expressed interest and are in the pipeline already. The first version of Maestro will be available only to “qualified RIAs,” says Stuart, based on their assets, users, and strategic goals. There will be no advertising of the product. Fass says BHWM is also adding a turnkey marketing plan to Maestro for advisors to use later this year. In an interview, when RIABIz reeled off the names of some large outsourcing platforms and roll-ups, Stuart said he had received inquiries from some of them.
Customized on a cloud
The primary difference between the expanded final version announced earlier this month and the beta version that premiered a year ago is the ability of the software to scale — use with large numbers of advisors — which, of course, also complicates security. See: Mag Black-Scott partners with Intel and brings aboard serious MSSB talent in quest to disrupt.
“We dedicated 12 months of resources to bring a production version of Maestro that can scale from single individual seats to thousands of financial advisors that acts in a true private cloud environment,” says Stuart.
Along with Maestro providing a single sign-on — allowing advisors and staff to login to one system and access all the applications they need — it also allows what the advisor to customize what they can access.
Maestro also manages the data end-points, meaning each of the applications being used is secure and protected from viruses and spyware, and it provides a private cloud for each firm, which allows advisors to keep all their information online but behind a secure firewall. See: Greg Friedman is set to finally bring Junxure to the cloud and beat back the Salesforce-ification of the industry.
Most important, says Stuart, it provides a heightened level of digital data security for independent RIAs that have historically been at the mercy of third-party providers. See: Schwab CEO issues 'sincere’ apology, reassures on data security and calls attacks a 'fact of life’ after website goes down.
“There’s nothing like this in the market that exists today,” he claims.
Available to all
That may be true. While single sign-on systems and password managers exist, BHWM says Maestro provides a secure private infrastructure to support them — ideally allowing advisors to outsource their IT worries. See: How the breakaway movement is driving the outsourcing trend.
“I think it is unique,” says Peter Giza, co-founder of RedBlack Software LLC, and who is now engaged in independent consulting. “The implementation as a trusted vendor ecosystem not tied specifically to a custodial or TAMP platform appears to be new.”
What also makes it unique is that it’s available to all advisors. Traditionally, some wirehouses or large firms or even custodians have offered these kinds of systems, but only under their umbrella with the technology providers they offer. Maestro will allow independent advisors to use the same kind of security, but with whatever application providers they want.
“The flexibility is incredible,” says Fass, who was shown demos of the beta system when he joined BHWM in July 2012 (he previously worked at Robert W. Baird and, before that, Morgan Stanley). “Maestro was equal, if not better, than what they had on the wirehouse side.” See: Mag Black-Scott plans for an LA-based 'mini-Morgan Stanley’ advance with the hire of a R.W. Baird team to handle public agency assets.
But a roadblock for BHWM could be that advisors may not even know this kind of security is something they need, or understand all the things Maestro provides. And, the framing of the press release announcing Maestro’s debut isn’t going to help that.
“It’s really meaningless jargon — cloud hoopla,” says Giza of the press release.
“There are not enough details [in the press release] to draw any conclusions,” agrees Joel Bruckenstein, publisher of Technology Tools for Today. “My first impression is that it offers some benefits, but they may be overhyping it.”
Semantics aside, Maestro doesn’t do a great many things; for instance, it doesn’t integrate with the different applications, notes Bruckenstein.
Furthermore, however good the overall security is, Maestro can’t guarantee that the security within each of the applications will be flawless, says Giza. “The system is only as good as the weakest partner link,” he says.
Also, plenty of advisors are using existing systems, like the one designed by Fidelity, or getting by without, and haven’t had any security problems — yet. See: Tech Review: ByAllAccounts has built its company brick by brick and the result is a solid product.
The technology isn’t incredibly complicated, says Graflund, but that doesn’t mean putting it all together in a package that advisors need and want isn’t still valuable. “It’s not a huge feat of engineering, but single sign-on is a top priority for [advisors transitioning to independence],” he says.
Not going anywhere
Even as it begins to offer this technology to other advisors, Stuart says, the RIA will still continue to focus on being an advisory firm. “We’re not going in a different direction,” says Stuart. “Beverly Hills Wealth Management is not going anywhere.”
In fact, he says, the firm is adding more advisors this summer and he believes Maestro will help it continue to acquire advisors. Having Maestro makes it easier to onboard advisors by simply providing them with just one log-in to the system, instead of 18 different passwords and security protocols. Stuart also think it will be an attraction for large, complex advisors looking to move into the independent space. See: RIA items of interest: Mag Black-Scott expands beyond Beverly Hills and BAM adds an advisor who contributes to The New York Times.
“If an institutional-level advisor moves to the independent space, I would want to know why they wouldn’t choose Maestro,” says Stuart.
Stuart allows that some advisors, such as ones who use just one custodian and so can operate under that custodian’s enterprise secure server, won’t need Maestro. But he’s optimistic Maestro will find a wealth of takers.
“We’re not reselling technology that’s readily available,” he says.
Final note: For people, like me, feeling a sense of despair about web security, I was heartened a bit by this article in The Economist on the subject.
Pete Giza and Damon Deru go for Holy Grail of portfolio rebalancing with software that shuffles stocks, bonds... and asset classes; Believe it?
The RedBlack and TradeWarrior executives see old systems as 'archaic' yet know that the Black Diamonds, Morningstars, Orions and Tamaracs see rebalancing as a loss leader