No industry can compete with wealth management and fintech in regard to accountability. Every step one takes in the field is highly regulated and is subject to legal prosecution, in spite of the fact that one may have no knowledge of it.
Sometimes, when we have a conversation with early-stage startups or companies that have never outsourced development, it turns out that their executives know little about how processes should be organized to comply with the law. When conversations come to this point, they provide us access to sensitive areas that, by law, shouldn’t be exposed to us. Of course, they experienced no negative consequences because we knew about what we could and could not do in this regard. Additionally, because we reacted immediately and explained every aspect of data protection law to them, we ensured the security of the system was maintained.
In this post, we’ll try to outline the basics that every wealthtech executive should be aware of. We will describe the main regulations and bodies to deal with to start a new business, what activities one should do repeatedly to stay compliant, and what types of responsibility breakdown exist for cloud adopters.
What Is Necessary To Start A Robo-advisor?
The journey of a wealthtech startup begins with the U.S. Securities and Exchange Commission (SEC) and Financial Industry Regulatory Authority (FINRA). These organizations aim to protect investors from fraud and misbehavior, so they check all the aspects of a new startup before it starts serving clients. Therefore, the first step to registering a robo-advisor is the submission of Form ADV to the SEC. This form includes a summary of material changes within the firm. It can be supplemented with a brochure describing who will actually serve the investment advisor. For example, on-premises products should also be used in compliance with rule SEC 17a-4, so there are particular laws to comply with based on the system specifics.
Every robo-advisor should be able to explain to regulators how the tool works and how it complies with regulatory requirements. This is to ensure that the outputs the system provides to its customers don’t mislead investors in their financial decisions. In this update on the FINRA’s “Report on Digital Investment Advice,” one can find the best practices of how to validate one’s platform for regulators.
FINRA is the best known nongovernmental organization that manages broker–dealer industry risks and monitors companies that provide investment advice. It encourages investors to check the filings and backgrounds of every firm or professional before starting a collaboration. Thus, it’s crucial for startups to become members of FINRA or some other self-regulatory organization before beginning operations.
Obviously, this list of submissions and partnerships isn’t complete, but at least it can give insight into how much work should be preceding the launching of the platform.
Personally Identifiable Information: What Does It Mean For WealthTechs?
Wealthtech aggregates tons of personally identifiable information (PII) data, which requires harder scrutiny on the part of controlling authorities. For example, last year’s GDPR law became one of the top policies with which startups needed to align their services. It obliged companies to provide users with access to and control over their personal data. Additionally, Regulation S-P and the Red Flags Rule regulate customer data protection and help prevent identity theft.