Do single-family offices have the technology to provide the privacy and confidentiality that families desire? The simple answer is, not likely.

To be fair to SFOs, however, it is important to explain why. Financial service organizations such as multi-family offices, banks and investment firms are also challenged in this regard. But these organizations usually have deeper staffing and more money to invest in technology. Additionally, these organizations are subject to regulations and oversight that force them to have stronger controls. SFOs are not subject to this level of scrutiny.

Many wealthy families establish single-family offices for both investment and non-investment services. Another key objective is to put various services under strict family control so financial and personal affairs can be managed in a professional and confidential manner. In a 2007 Wharton Global Family Alliance Study of 138 SFOs of $100 million or more in the U.S. and Europe, confidentiality was tied for second with conflict-free advice as an important benefit to family clients. Trans-generational wealth management services were the most important.

Why is protecting privacy and confidentiality such a challenge? In an open architecture environment, it is extremely difficult for any organization to control every potential point where a breach of privacy and confidentiality may occur. Some may suggest that the task is easier for SFOs since they support only a single client and have a smaller infrastructure. On the flip side, however, SFOs typically have fewer people and capital resources than larger organizations. A smaller infrastructure does not necessarily mean fewer key control points, although it could mean less activity through the same amount of control points.

Moreover, SFOs usually support multiple generations and family branches, each with its own set of relationships, needs and service requirements. This creates operating inconsistencies and additional complexity.

There are three key areas that SFOs must consider when determining if they are adequately protecting their client:
External service providers
Internal technology
The workplace

External Service Providers
External service providers need access to private and confidential information in order to do their job. They, in turn, have their own third-party service providers to support various aspects of their business. Some of these firms may have overseas offices and/or outsource work to low-cost companies in countries such as India or the Philippines. A typical family office will have relationships with a dozen or more external service providers, including custodian banks, brokers, investment firms, CPA firms, law firms and technology companies. The more external service providers a family office has, the more magnified the challenge of protecting privacy and confidentiality.

For an SFO, managing and overseeing the activities of external services providers are key functions.

SFOs should be asking themselves this question: To what extent are our external service providers going to protect our privacy and confidentiality.
To assess the ability of a third-party provider to secure confidential information, here is what an SFO should look for:   

1. A privacy statement. In accordance with the Gramm-Leach-Bliley Act of 1999, financial institutions are required to provide their clients with a statement that describes their privacy policy concerning the disclosure of non-public, private information (NPPI). The statement should describe how the organization will go about protecting your information and what they typically disclose to and require of their third-party providers.