Rely on counterparties to secure systems and data or tackle cybersecurity in-house?
Interview with Rob Seidman,
Offering Manager at Watson Financial Services
Technology moves exponentially—not only in managing wealth, but overall. To keep up with the savviness of people who might have malicious intent, an exponential increase in a firm’s focus on keeping them out is required. But a question remains: What is your value proposition as a wealth management firm?
“I think at some point a firm needs to get introspective and ask themselves – are we trying to help people manage their money, or we trying to be a cybersecurity firm? Usually, trying to do both can stretch your resources thin if you want to achieve both to their fullest extent.”
Rob sees an eventual shift toward standardization and letting those who specialize in it take care of cybersecurity. There are increasingly more IaaS products managed by teams of people whose sole responsibility is to make sure that these products are secure, compliant, and always up and running.
“Trying to manage cybersecurity yourself – something often perpendicular to your core competencies – seems imprudent in retrospect. Let the experts take care of what they’re best at, and focus on what you’re best at.”
Data security has no borders
The role of data in WealthTech companies’ cybersecurity is an overriding concern. There is a lag in the financial service industry due to the extra-sensitive nature of data. Whether it’s on a third-floor on-premise server, or it’s externally stored on a third-party file system, it’s still data that needs to be protected and safeguarded. In this regard, regulatory compliance comes into action.
Many of WealthTech’s core business models involve satisfying financial regulation, which is not the same as technology compliance and regulation. If one manages physical hardware as well as the persons and processes around it, the first thing one has to ensure is ISO compliance. With the advent of GDPR, which protects and defines how companies need to treat European clients’ personally identifying information, there’s now a tremendous amount of work across the entire technology and software center to serve clients.
“The technology doesn’t necessarily care about geographic borders. Anyone who has a global client base or wants to do any business in Europe winds up having to make their entire global infrastructure GDPR compliant.”
Rob says GDPR assures clients that the company is doing things not only in a regulatory correct way but also in a morally correct way. Having to meet GDPR’s capabilities cannot be physically transferred outside of the borders, which brings the cloud back down to earth.
“You have to respect the borders of a country like Switzerland, for example. Often data that you want to store on Swiss clients has to reside on Swiss servers, so it’s an extra layer of complexity from the data management perspective.”
It’s worth noting that in addition to GDPR, there’s a handful of regulations around data residency in specific countries across Europe. Because of this, making an infrastructure able to adhere to all such regulations is crucial if one wants to expand business.
The bottom line
The most important thing that advisors have to worry about is the delta—whatever they build on top of cloud infrastructure. Given that new threats are evolving and new regulations are arising in response, one won’t be able to avoid incorporating these concerns and protections into wealth management products and solutions. The world of finance meanwhile has enough options to focus on. Companies can use the cloud infrastructure built to meet their specific needs. This eliminates effort waste, enhances security that one cannot provide in-house, and increases the speed of launching to the global market.
Rob Seidman started his career as a financial engineer at Algorithmics, a financial risk management company that was one of the first major FinTech firms, established over 30 years ago. The company was acquired by IBM in 2011, and Rob was present pre- and post-acquisition. After leaving IBM in 2013, Rob worked as a quantitative strategist at Quantifi and later as a senior presales consultant for S&P Capital IQ. In March 2016, Rob returned to IBM. His responsibilities are split between development, product management, and sales to bring financial services solutions to the cloud.
Interviewed by Vasyl Soloshchuk, CEO and co-owner at INSART, FinTech engineering company. Vasyl is also the author of WealthTech Club, which conducts research into Fortune and Startup Robo-advisor and Wealth Management companies in terms of the technology ecosystem.