Your client data is the lifeblood of your business. If it gets cut off, it can be fatal to your business. That’s exactly what happened a couple of weeks ago to an advisor we work with who was terminated and unable to access her client data.
This Website Is For Financial Professionals Only
The advisor—let’s call her Mary—is very successful with revenues of about $3 million. She called us because we had previously been her IT consultant. She was in a panic.
Mary had more than 20 years of client data on computer systems and in paper files. Three years ago, her administrative assistant upgraded the firm’s license to their CRM system.
When the assistant signed up for the upgrade, she gave the CRM company her name and contact information—not Mary’s name.
About two years ago, Mary moved her firm into a large accounting firm. She was going to lead the accounting firm’s wealth management team and split fees with that firm on new business that she would bring in. (The accounting firm used their own IT consultant and we stopped working with Mary at that point.) The arrangement with the accounting firm did not work out, and Mary was terminated a few weeks ago. That’s when the data-storm hit the fan.
The assistant, who had administrator access to Mary’s client data and who is an employee of the accounting firm as well as Mary’s wealth management firm, locked Mary out of the client database. Once terminated, Mary could not access her CRM—client accounts, documents related to accounts or even client phone numbers and email addresses.
Mary was beside herself. She had lost control of all work product that she had built during a hugely successful 20-year career! And she was not even allowed into her former firm’s office after being terminated.
Making matters worse, Mary’s clients in short order received account transfer documents, which would change the advisor from Mary to an advisor who was an employee of the accounting firm.
Carelessness and naiveté are to blame. As an independent advisor, you owe it to yourself to make certain that your data is stored on applications licensed under your name and your firm name. Don’t cavalierly allow people who work for you to own your software licenses, whether it’s a desktop or web-based application.
Mary’s story has spiraled into an ugly legal tussle. After several weeks, Mary was provided with contact information for her clients, but not their account data, access to their accounts, or access to her CRM database.
Meanwhile, her clients received notices saying that they must change the advisor on their accounts or become “orphaned” accounts, which are retail accounts that have no specified advisor and that revert to the custodial firm housing their assets.
Mary is contacting her clients one-by-one to track down their new account numbers and deal with the mess.
Some tips on how to avoid this situation:
Own Your Software Licenses. Be sure your software is licensed under your name or your firm’s name and not the name of anyone else—unless you have an agreement with the person or entity licensing software that clearly states your client data belong to you.
Pay For Your Software Licenses. Be sure you personally or your company paid the software vendor directly. All initial license fees and ongoing annual fees should be carefully checked. This can be critical to proving who owns the database.
Name Your Data Administrator Carefully. Check the user rights and roles of all software systems to make sure you can never be locked out by any other user. You want to be an administrator on your systems.
Backup Your Data Remotely. You want to either back up your data using a Web-based system or make a copy of it regularly and take it with you. Web based backups are preferred because it does not require you do anything and can be automated. But you must test the backup once a quarter to make sure your data can be restored on another computer when it is needed.
Please feel free to comment.
Let us know if you’ve ever been through anything like this.
Let us know if you can think of any other steps advisors must take to safeguard their data.