itSynergy: Blog
New Compliance Suite: Created for and by CCOs of Registered Investment Adviser Firms
Background
Shelli first worked with the itSynergy team in 2012 and maintained a professional relationship with them as her compliance career progressed. In 2017, as Chief Compliance Officer (CCO) for a local registered investment adviser (RIA) firm, she brought in itSynergy for managed IT services, explaining that she sought them out for their demonstrated industry knowledge.
“itSynergy understands the unique issues financial services firms face,” she said, “and they have proven willing to work with RIAs to find both security and compliance solutions.”
Compliance Challenges
As Shelli was reviewing cybersecurity plan details for her firm, when it came to the tech-related aspects of compliance, she asked itSynergy for information regarding the policies and applications in place.
Previously, itSynergy had similar conversations with other clients. After several discussions with Shelli, itSynergy realized how RIA firms would benefit from having a full-service compliance package. Instead of seeking answers to one-off questions, the RIA could sign up for an all-encompassing solution to handle the technology aspects of compliance.
itSynergy contacted Shelli to see if they could collaborate with her and her firm to develop a prototype program that would eventually lead to a new compliance solution for financial services firms.
Meticulous Planning and Research
Assistance with compliance was already one of itSynergy’s offerings, but they knew more was required to offer a full compliance package suitable for the regulations guiding the finance industry. itSynergy conducted a robust analysis of requirements. This involved reading SEC documentation and a point-by-point evaluation of the National Institute of Standards and Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity.
Throughout this process, Shelli was an invaluable resource. She is Investment Adviser Certified Compliance Professional (IACCP®) certified and has spent her career managing compliance and operations for multiple businesses. During regular check-ins, Shelli’s knowledge helped shape new compliance solutions tailored to her firm’s needs, following best practices for RIAs.
An Easier Way to Manage Cybersecurity Compliance
During the evaluation phase, itSynergy realized that many of technology compliance requirements were already covered by its standard offerings. Managed IT services is the foundational base of the new product, and clients can add an Enhanced Security and Compliance Suite designed to meet the SEC’s Office of Compliance Inspections and Examinations (OCIE) guidance. Together, the services create a comprehensive cybersecurity compliance solution for RIAs.
Now, instead of stitching together bits of information about remote backup systems and email encryption, financial firms can access a service that documents and reviews each technology-related compliance item for them that also adheres to each point of the NIST framework.
The Benefits
As Shelli consulted with itSynergy, she emphasized the colossal task that cybersecurity compliance can present to CCOs at small- and medium-sized financial services firms. Technology is particularly challenging because the cybersecurity requirements don’t always directly relate to the rules and regulations that compliance officers know best. itSynergy was determined to alleviate these concerns and created an offering for which firms can simply sign up and manage in a straightforward technology package that tracks the industry-accepted NIST framework.
The new offering encompasses RIA and broker/dealer regulatory and audit requirements.
Since it is part of a package that comes with managed IT services, tech support is built in as well. itSynergy knows even a minor computer glitch on the trading desk can result in a trade error and potential loss of time and money. When issues arise, itSynergy promptly responds to resolve the problem. The end result is a service for the highest level of support and compliance.
If you want to learn more or would like a review of your current compliance strategy, please contact us at 602-297-2400 or online.