Moving to a work-from-home environment has exacerbated the financial industry’s compliance and cybersecurity concerns, and according to one fintech executive, advisors are exhausted.
“The alternative is—what? It’s not like most of them are going to go on vacation or take off and go to the beach in the middle of a pandemic,” said Robert Cruz, vice president, information governance at Smarsh. “For us it’s been quite good. There’s a lot of demand right now around new ways of communicating and collaborating. The whole phenomenon around Zoom and Slack has directly impacted our business in a new way.
As advisors went virtual in the spring, demand for Smarsh’s cybersecurity and compliance services increased, said Cruz.
Then the regulators stepped in.
At the end of May, Finra issued Regulatory Notice 20-16 in response to the number of advisors newly working from home. The notice provided general guidance that advisory firms should follow in the new environment, especially around trading activity.
“There’s legitimate concern about individuals using home computers, sharing their wifi with their three kids (like I’m doing), or using unauthorized apps or freeware,” said Cruz. “Some firms have not properly outfitted their remote workers with the right tools, and all kinds of things were happening.”
Cruze said that while many advisors’ clients are already familiar with working remotely and using tools for remote communication, the industry was behind when the pandemic’s disruption began.
Smaller firms may have an easier time adapting to the new normal of conducting more work remotely than large firms.
“Smaller firms seem to have been more nimble in deploying some of these tools sooner, so they have a head start,” he said. “A large firm may have 80 advisors or reps, 95% of whom are suddenly, almost overnight, working from home. It’s a scale versus complexity conundrum.”
Finra’s guidelines included: how to transition to a remote environment, maintain supervision in a work environment, and preserving compliance for the archiving of all customer communications.
“When working remotely, it’s as if there’s a greater surface area for vulnerabilities,” Cruz said. “There are many more places that people can do stupid things.”
FInra’s notice mentioned that in recent exams, it found that firms that had been making continuous updates to their continuity plans and maintained live, connected disaster recovery sites were also more likely to report having a smooth transition to work-from-home.