While advice firms can outsource activities, they cannot outsource their responsibilities
Advice firms are busier than ever, leading an increasing amount to turn to third parties to undertake activities that would have once been dealt with in-house.
Outsourcing can provide a solution for those under pressure to deliver on long-term objectives, while juggling the day to day demands of managing a business and striving to operate more efficiently.
One key area it can help with is compliance. Many advice firms have a small number of staff focused on this aspect of the business. But these individuals are often spread thinly, leaving knowledge and resources stretched.
An external third party can work with the advice firm to enhance its existing processes and controls. By securing access to an additional pool of dedicated resources, firms can obtain the support they need to deliver the right outcomes for clients.
In this instance, the warning was primarily in relation to IT (not surprising given the huge sensitivity around holding and using client data) but the issues extend to other areas of outsourcing too.
The most important thing to remember is that, as the regulated entity, it is the advice firm which is ultimately responsible. While you can outsource your activities, you cannot outsource your responsibilities. So, due diligence is key.
When taking into consideration the level and type of support, all parties should be mindful of the FCA’s handbook, specifically SYSC 8.1: general outsourcing requirements.
Any contract should be classified as material outsourcing. To support the advice firm’s oversight needs, the outsourced company should include details of the management information that will be provided, together with confirmation of the accompanying service level agreements.
It is crucial both parties build a mutual understanding around the advice firm’s business needs and objectives as soon as possible. An initial fact-finding meeting will help. This should involve looking at how the business is structured, how the teams operate and what activities are undertaken.
Following these discussions, a formal plan of action can be created based on areas of highest priority.
A robust due diligence process will ensure the outsourcing partner has the requisite scale and expertise, along with the flexibility to tailor its support to the advice firm’s specific requirements.
Examining its existing client base and requesting references can be a useful way of establishing its credentials and ability to deal with certain demands.
Advisers may want to look for an outsourcing partner with a big team or they might want something a bit smaller. Either way, ensure it holds the appropriate industry qualifications, covering a broad range of subjects and specialist areas, and that it can evidence it is up to speed on the latest regulatory developments.
These are just some of the points to consider but the key thing to remember is that, providing they do their homework and follow a robust process, advice firms will reap the many benefits of finding a perfect outsourced match.
Linda Preston-Todd is head of bespoke solutions at Bankhall
What to think about when engaging third parties:
- Is the basis of the arrangement clearly defined within the service level agreement?
- Has the management information required from a third party been defined and agreed?
- What onsite monitoring activity will be conducted?
- What monitoring activity will be conducted by the outsourcer?
- Does the third-party firm have the right culture? Does it align with yours?
- Where the third party is dealing with clients, are appropriate controls in place?
- Does the third party take its data protection responsibilities seriously?
- What disaster recovery arrangements are in place?
- Is there a clear exit strategy for if/when the relationship comes to an end?
Simon Collins is managing director, regulatory, at Eversheds Consulting