To meet client needs for comprehensive, personalised advice, Wealth Management Firms (“Wealth Managers”) are increasingly turning to technology to access information, conduct research, and analysis.
Article 1.0 - Focus on The Engagement Phase
By Jon Scheele and Alpa Parekh, Blue Connector
To meet client needs for comprehensive, personalised advice, Wealth Management Firms (“Wealth Managers”) are increasingly turning to technology to access information, conduct research, and analysis. A key to automating and tailoring this information access, from in-house and third-party sources, is Application Programming Interfaces (APIs). With this comes risks that the firm’s Risk Management must address particularly around data integrity and security of all information sources.
Wealth Management is driven by building strong, trusting relationships between client and advisor. Clients engage Wealth Managers to grow and protect their wealth. The value that the Wealth Manager brings is trusted and holistic advice to enable clients to make informed financial decisions at that point in their lives.
As the “face of the firm”, Advisors must bring all the resources that the firm can marshal to this critical Client Prospecting and Risk Analysis phases (“Engagement phase”). Advisors need to have an informed conversation on topics ranging from life goals, savings, existing financial commitments, risk appetite, investment options across different asset classes, and wealth protection and preservation. Moreover, it needs to be conducted in the context of the broader economy, economic cycles, and the client’s investment horizon.
How can APIs help assemble information?
APIs simplify the connection between information consumers (i.e. Advisors and Clients) and their providers (i.e. sources of data). An API is a specification that defines what data is transferred between systems, and how. It is not a computer language. By defining the data to be requested and transferred, a data provider can make their product (the data) available to the users without complicating it with details of how the system was created.
Software developers in the Wealth Management firm can use APIs to create tools for both clients and advisors, focusing on the user experience. Some APIs are simple enough for non-technical professionals to extract data and download into another application or spreadsheet for analysis.
To show clients a range of investment options and risk/reward characteristics, Wealth Managers need to gather data from multiple sources. As a trusted Advisor, they also facilitate throughout the client lifecycle process:
In this article, we consider the role of APIs in the client engagement phase. We also consider the risks and controls required to ensure the integrity and security of information transferred through APIs. In subsequent articles, we will look at the benefits and risks of APIs in other phases of the Client lifecycle.
Early in their financial journey, clients seek to discover and evaluate the Wealth Manager who can best meet their needs and can be trusted. At this stage in their relationship, the Advisor needs to show that they understand the client’s objectives, can be trusted with confidential information, and can knowledgeably explain various investment options and their advantages in a way that the client can understand. The client will very often want to assess all these things before submitting to Client Onboarding.
From Capgemini World Wealth Report 2019: "With a new generation of tech-savvy HNWIs, technology will help wealth managers become more transparent, improve user interfaces, and beef up client engagement."
The Advisor therefore needs to draw on information from a wide range of sources, and present them in a logical, intuitive format. This information could include:
While the Wealth Managers may choose to develop some tools themselves (e.g. calculators, simulators), gathering the data from external reliable sources may be more time and cost effective. In this instance, the Wealth Manager could access data via APIs from Data owners and providers.
Accessing Data from APIs
To identify the risks, and controls that need to be applied, we need to first explain how data is accessed via an API.
We will do this with a simple example: accessing stock price data. We will do this using the free stock price API from Alpha Vantage. You can see the full example at: https://www.alphavantage.co/documentation/
This is not a programming guide, simply an explanation of the data that is passed from the “consumer” of the API (the user making the request) and the “producer” (the provider of the service delivered through the API).
This query returns time series intraday stock prices for a requested stock ticker.
The parameters that need to be passed to this particular API are:
This is what the request looks like when it’s all put together:
This is what the first few rows of a CSV output from the API looks like:
The first row lists the field (or column) names.
Subsequent rows show the values of each field, separated by a comma.
Risk Management of APIs and Third-Party Data
Here we specifically focus on some of the risks around APIs and data collection from third-party providers:
API design and review particularly for a private API and new service with a key partner
Collecting too much, not enough data or incorrect data fields
Frequency of data collection
Data accuracy and validation / testing
SSL certification validation
API key validation
Cyber-attack (incl. phishing attack) & your normal system outages
Clarity around data ownership
Protection of data at rest, and in-transit (encryption) and storing
Data retention length (per each country’s minimum regulatory requirement)
Cross border use of certain data – check regulations in each country on use and storage
Security, tracking and access monitoring of the API key
Updates, retirement, and change notification of the API design thru Change Management governance
It is vital to clarify ownership of data and APIs. Generally, RASCI or RACI (Responsibility, Accountability, (Support), Consulted, Informed) can be a useful tool for this purpose. Risk assessment, risk rating and mitigation actions would be based on the type of data being collected. Is it packaged and provides the Wealth Management company an edge or is it generally available traded data for e.g.? If the APIs are written specifically (i.e. not open API) then how is it stored and protected is also a key question to consider ensuring you retain the edge.
The Role of Artificial Intelligence (AI)
The role of AI in data analysis is important for concise content presentation to the clients. AI, also referred as Machine Learning, is a branch of computer science containing pre-determined algorithms and rules to be able to take the data, analyse, and produce reports or decision paper. Ultimately, this is the main report necessary for a client-facing meeting. One of the key risks that need to be considered around AI is the business case or purpose for it and the algorithms. The algorithms need to be thoroughly tested to ensure that you have quality reports generated for that critical Client Engagement meeting, otherwise you have the adage of garbage in and garbage out.
In this article, we introduced the concept of APIs, touched upon AI and how they can enhance the client/advisor relationship through gathering and presenting relevant quality information. We looked at the role of APIs in client engagement. We also discussed the risks, and mitigations to consider for the integrity, security, and governance of information transferred through APIs and using AI. As mentioned earlier, in subsequent articles we will look at the benefits and risks of APIs in other phases of the Client lifecycle; and as relevant we will also embed other applicable technological concepts.
This is Part 1 of our series on APIs in Wealth Management. Part 2 is now available here: APIs and RPA in Client Onboarding
Jon Scheele formed blue connector with the sole purpose of leveraging digital technologies such as APIs to fast track and enable medium sized and growing businesses to meet their strategic objectives. He helps companies build customer value propositions and streamline processes using Application Programming Interfaces (APIs). Jon's experience spans the Financial Services, Fintech, and Telecommunications industries. He has an MBA, a Bachelor’s degree in Electronic Engineering, and Graduate Diplomas in Applied Finance and Digital Communications.
Alpa Parekh has worked for several years in Risk Management which includes the disciplines of Operational, IT, Credit and Compliance in Financial Service industry. She has also worked in Internal Audit and conducted a variety of audits in FinTech, Financial Service and Consulting industries. She has an MBA from the UK, CIA from Australia, CPA from the US, and CA from Australia.