Coronavirus and Fraud

Be aware that opportunistic criminals are using the coronavirus pandemic to steal people’s money and identities. Here are some of the strategies you should be aware of:

  • ƒ  Outbreak maps. Don’t click on any link that purports to show a map of the COVID-19 outbreak unless you absolutely trust the source. The Johns Hopkins interactive map at https:// is one legitimate source. Some scammers have used bogus online maps to spread malware and capture usernames, passwords, credit card numbers, and other information. Be careful about what you click!
  • ƒ  Email campaigns. Criminals have put a coronavirus spin on email phishing, using infected attachments or downloads to steal information. Remember: The email may look like it is from a legitimate source like a bank, but it’s best to go to the bank website directly or give them a call.
  • ƒ  Charitable giving. Be on the alert for scammers posing as representatives of legitimate charitable organizations. You may also receive an urgent request from someone you know seeking financial help. Make sure to contact the person directly to verify that the request really was from them.
  • ƒ  Testing scams. Finally, officials aren’t likely to knock on your door as part of a coronavirus outreach and response. Instead, it’ll probably be a scammer trying to take advantage of people’s fears by selling them expensive products or otherwise getting their personal information. Don’t let them in the house, and don’t give them information.

    It’s important that we all stay vigilant in these uncertain times. If you have any questions, call
    a local agency or do your research from only legitimate sites on the internet. The Federal Trade Commission has more information on coronavirus- related scams and what you can do.

    Your financial well-being is our priority. We will keep you informed of important developments in the fight against cybersecurity threats.

    In the meantime, we wish you continued health, and we look forward to meeting you in person once more after the outbreak ends.

    Compliments of HC Financial Advisors

Posted in Uncategorized | Tagged , , , | Leave a comment
 I know these are very tough times, with the markets down and towns going into quarantine mode. Here are a few tips from Jen Goldman of Jen Goldman Consulting, most which you all know.
    1. make sure everyone knows how to log into 365 or G Suite online and access their email, calendar and Office software (Excel, Word, PowerPoint) (and email signatures are setup properly with a clickable phone number to call)
    2. have everyone bring home video call devices (webcam, headset)
    3. pre-schedule a daily huddle video call with your team to check on their mental state and help get them into work mode (side benefit: this huddle will build a great habit of getting dressed for work, which calms the nerves as it makes staff feel like they are in control of something and have a purpose beyond worrying about the world and their health)
    4. make sure mobile apps are setup for the online CRM, Document, Video Call, IM, and Project Management tools
    5. for investment management staff, make sure they can log into the custodian and investment management/trading software from home
    6. learn how to setup your phones to forward to cell phones (and be ready to put that into place)
    7. start a group text on mobile devices and ask everyone to keep it on their phones indefinitely and to NOT use it for regular chatter. It is only to be used for urgent messages that everyone needs to know. IM is for the regular intraday chatter.
Posted in Uncategorized | Tagged , , | 1 Comment

Global Investment Performance Standards (GIPS®) Workshop

Don’t miss this opportunity to reserve your seat at an interactive workshop that offers a practitioner’s view of the GIPS® standards. Sessions have been organized covering GIPS compliance fundamentals and how to create and maintain a GIPS compliance program, with an in-depth review of composite construction and calculations, GIPS compliance policies and procedures, GIPS compliant performance reporting and error correction. We hope you can join us and bring a colleague, but don’t delay – space is limited and early bird pricing ends 3/31/2019. Click here for registration details.

April 25, 2019  –  Portland Oregon

This workshop is being co-organized by Amy Jones of Guardian Performance Solutions.  If you are interested in GIPS compliance…this is the workshop to attend.




Posted in Uncategorized | Tagged , , | Leave a comment

Three Compliance Goals You Should Set for Your Financial Planning Firm

Compliments of Scott Gill, XY Planning Network

A new year presents the opportunity to reflect, reevaluate, and refocus for the benefit of our personal and professional lives. When it comes to setting resolutions, many financial planners focus on resetting financial planning goals for their clients, such as debt management or restructuring the household budget.

But what about goals for themselves?

From a business perspective, the new year is an ideal time for firms to evaluate their internal business practices and set goals accordingly.

Perhaps your goal for the year is to implement a new portfolio management solution by initiating a relationship with a new Custodian or TAMP. Or maybe it’s to grow your financial planning firm by “X” number of clients or “X” dollars of revenue.

There are so many areas of business where resolutions can be made. Let’s not forget about an often overlooked one—compliance.

Here are three important goals—or resolutions—that advisors can adopt to improve their compliance program this year.

#1. I Will Read My Compliance Documents

As strange as it may sound, there is evidence to suggest that countless financial advisors neglect this basic and most necessary task.

Often, compliance documents are drafted with the assistance of a compliance consultant upon initial registration.Then, the registration gets approved and the advisor is off and running.

Unless an audit or regulatory exam occurs, or another materially change is being implemented, an advisor can easily go an entire year without reviewing their compliance documents.

The ADV must be updated annually, so the tendency is to mentally bookmark this as an annual task and not look at or think about it again.

But what about your advisory contracts, compliance manual, or business continuity plan? Does your firm have a social media policy or a cybersecurity or data security policy?

There is no regulatory requirement to review these items annually, so many advisors don’t.

It may seem like a waste of time to review these additional documents, especially if there are no changes that need to be made. But just like every other neglected, seemingly mundane compliance task, there is extreme value in spending time exploring documents that may assist a compliance novice in moving forward towards the education needed to become a competent CCO.

#2. I Will Use My Compliance Task Management System

All firms would be wise to utilize technology to manage their compliance program.

As with every other function in business, be it accounting, client relationship management, trading, or invoicing, use of technology quite simply makes life easier.

For firms that have not yet begun a relationship with a compliance task management provider, this is the year to do so.

For those that have compliance task management software but are not consistently using it to update tasks and track deadlines, this is the year to start.

It is best practice to set aside a bit of time on the same date and time each month to log into the software and check for past due and upcoming tasks. If there are tasks that you don’t understand, spend your time researching and ask questions of regulators and compliance consultants to gain an understanding of the purpose behind the task.

There is no better way to get a grip on a compliance program than by leveraging task management software.

#3. I Will Communicate With My Clients and Business Partners About Compliance

In many ways, running an effective compliance program boils down the willingness and ability of the CCO to communicate about compliance.

Sure, clients hear about the big SEC takedowns of massive Ponzi schemes, and by way of these stories are acutely aware of compliance issues. But most clients have no idea how important compliance is to their financial advisor specifically because there is traditionally little-to-no mention of compliance by advisors.

In many cases, advisors communicate with clients about compliance with a grumble while having a client sign a form, as if they are banding together with the client in opposition to the evil “institutional compliance powers that be.”

When they do so, they are indirectly communicating to the client that compliance is not important to them.

In joining with third-party vendors, some financial planners may apologize for the inconvenience while having the business partner complete a process that is required by their compliance program.

Again, this portrays a general lack of concern about compliance.

These negatively-toned communication methods have been made popular in instances in which the advisor is not also the compliance officer. Then, the advisor can pawn off compliance inconveniences on the CCO of the firm. But when the advisor is the CCO of the firm, it becomes even more important that communication about compliance be made in a tone that is indicative of priority.

As a compliance obligation, each firm is responsible for executing third-party due diligence on all outside entities with which there is a professional relationship. This responsibility presents the opportunity to work on presenting compliance items with a sense of urgency.

This time of year, we frequently hear all types of promises and resolutions. But within just a few short months, this talk subsides and most resolutions have been abandoned. This year, I urge you to make—and keep—these three simple compliance resolutions. In doing so, you will build a stronger financial planning firm .


Scott-Gill-Square-ColorAbout the Author
Scott is a licensed Securities Principal with experience in both RIA and broker-dealer compliance. He began his financial services career in 2006 as a Registered Representative with E*Trade Financial in Alpharetta, GA. He has also worked with J.P. Morgan Private Banking in Chicago, IL and with Wells Fargo Advisors in Chapel Hill, NC.

Scott’s most recent role before joining Team XYPN was as Compliance Officer of Carolinas Investment Consulting, in Charlotte NC. He’s a graduate of The University of North Carolina at Chapel Hill and holds FINRA Series 63, 65, 24, 4 and 53 Licenses.

Scott lives in Charlotte, NC with his wife Meredith, and their two sons Tyson and Jackson and daughter Eva. In his free time, Scott enjoys watching sports, exercising, and operating the charitable organization he created upon his father’s passing.

Posted in Uncategorized | Leave a comment

New Hacking Incident – be VERY Aware

A client recently sent me an email asking about a blank form he received in the mail. It was a MA-W Notice of Withdrawal form (it is a form for withdrawing registration as a municipal advisor).  It was sent without any cover letter or explanation.  Since he isn’t registered as a municipal advisor, I told him not to do anything with the form. However…it was all part of a very sophisticated attempt to defraud him.

I’m telling you all the details so that you can be on the lookout for something similar. The form arrived via USPS Priority Mail in a Flat Rate Mailing Envelope.  Don’t accept this delivery, if you have an opportunity to do so. More than likely it will be left in your mailbox.  The envelope was sent to the client’s home address with a legitimate tracking number from William Waters of Denison TX.

The day after he received the envelope he received an email from PayPal with details of his shipment (which he didn’t pay much attention to as he thought it was spam or a spoof).

The following day he was reconciling his financial information and noticed a strange charge of $577 to his American Express (AMEX) card.  He call AMEX to report the strange charge.  He was told that any investigation would have to come from AMEX’s back office and PayPay, but this can take up to 30 days.

He began to dig to see how this happened.  In doing so he noticed an email from Waterilliam (very similar to the weird form that had been mailed from William Waters (the blank MA-W Notice of Withdrawal form).

He checked the USPS tracking number from the envelope.  The envelope originated in Flint MI.  Once USPS sends notification of the delivery, the thieves show proof of delivery to PayPal and his AMEX is charged.

This is a sophisticated hacking incident where they are hiding behind PayPal.  At this point, my client isn’t clear as to how he was targeted.  He is thinking it could be a result of the Marriott data breach as this was the most recent AMEX purchase.

Suggestion – do NOT use the same password for anything.  I know that I have had a tendency in the past to use the same one for things that don’t seem to be a security issue…like say a hotel rewards card.  Use a password manager and review it for any duplicates…then change them.

Lastly, be on the alert for any emails from PayPal.  Review them before deleting to be sure they aren’t about a shipment coming your way.

Posted in Uncategorized | Tagged , , | Leave a comment

SEC Exams and the DOL Rule

If your Policies and Procedures Manual says you do ‘X’ then you should be doing it.  In the past year I have added a policy for the DOL Rule to client Policies and Procedures Manuals.  Examiners have been asking about those policies and what the firms have done to meet the requirements of those policies.

Many people believe the that DOL Rule is dead.  The 5th Circuit has not vacated the Rule, so it is still in effect.  What has become clear during the SEC examinations is that the examiners are using the Policies and Procedures Manual to determine if firms are meeting their DOL Rule requirements.

Be sure that you are doing what your Manual says you are doing, especially regarding the DOL Rule.

Posted in Uncategorized | Tagged , , | Leave a comment

DOL Fiduciary Rule – update

Although it appears that the federal court decision vacating the DOL Fiduciary Rule was supposed to take effect on May 7, 2018, the DOL releases a statement continuing its policy of non-enforcement given “uncertainty about fiduciary obligations.”

Firms that have compliance P&Ps to comply with the DOL’s impartial conduct standards are wise to keep them.  These standards seem to be similar to what may be required with the SEC’s proposed investment adviser fiduciary duty interpretation.

My recommendation is to maintain compliance with your firm’s P&P regarding the DOL Rule until there is official word.

Posted in Uncategorized | Tagged , , , | Leave a comment