How to end a fintech vendor relationship and protect your data
It’s often easier going into a relationship than it is to end one.
The same goes for vendor relationships in which advisory firms can have several to dozens of partners, whether it’s operating off a third-party platform or using a single tool from a software provider. But as more advanced technologies have entered the space, such as AI, there are also more vendors to choose from, creating a greater likelihood that a firm might end a vendor relationship.
READ MORE:
This is especially more common when
“We had a case with a vendor where we tried for the better part of nine months of working on a project that was just not going very well,” said Brian Carter, vice president of technology at Axtella, a financial network of two broker-dealers and an RIA. “They had new management. They had new priorities. They had a lot of turnover. And we had multiple conversations with them.”
Carter, who recalled ending that vendor relationship in early 2023, said one of the biggest lessons learned was how to handle communication, especially when it came to handling the data between parties.
“We really worked on the language because it’s easy to write with a negative tone, especially when you’re frustrated with something,” he said. “If our letter had a nasty tone, we might have had more trouble getting our data. We tried to leave the relationship at such a point that we were both left with an open door.”
Getting to a mutual end, however, did take months of meetings with the vendor, and sending updates about deadlines that were not met and offering extensions.
“It’s almost like ending a marriage in a way in that you’ve had a level of commitment. And at first, you try to make it work. You don’t end a relationship lightly,” he said.
But in order to end a vendor relationship, Carter and others said firms have to go back to the beginning: the contract terms.
Data sharing, cybersecurity and always have an out
“The first thing you should look at is look at who owns the data,” said John O’Connell, founder and CEO of The Oasis Group, a software provider for wealth managers and financial technology firms based in Monroe Township, New Jersey. “The second is, can I get my data out of this vendor when I want it? … If it’s not in the contract, you want to negotiate it into the contract so that you can get your data back.”
Depending on the type of vendor, there are some who will store data and can deny or charge a firm if it requests to pull their data out. Some vendors also store data in a cloud, which might allow other parties to have access to it. And then there are CRM platform providers like Practifi that do not hold, retain or have access to the data without the client permitting a log-in.
“In technology contracts, often the thing that people go to is: How painful will the breakup be? How do I get my data if I want to leave you? …We explain to them that there’s a link in the contract where they can click that link and it will download their data for them,” Practifi’s CEO Adrian Johnstone said.
“They don’t need us in that process because it’s their data. We’ve given them that control,” he said. “It takes explaining because there’s skepticism that this can actually be the reality because they’re so used to living in a world where there needs to be a lot of legal terms and conditions around what it looks like to get their data.”
READ MORE:
This coincides with the next most critical factor that firms look for in vendor contracts: cybersecurity.
For the most part, the advisory firm is often held responsible for data breaches, regardless of whether they occurred through a vendor. Federal regulators have ramped up responsibilities of firms, including wealth managers and broker-dealers in both vendor oversight and reporting data breaches. In May, the U.S. Securities and Exchange Commission (SEC) amended a rule that requires certain financial institutions to notify impacted individuals within 30 days of a breach.
“There’s been growing expectations from the SEC about what [firms are] doing to manage their vendors, to have securities in place around any of their sharing of information about their clients,” said Mike Capelle, co-founder and co-CEO of Modern Wealth Management. “This really goes to your vendor selection. …The vendor should be able to describe to you what their information security program is to give you some comfort that they invest in this area and that they’re going to be protecting any data that you’re sharing with them. That’s a critical element these days.”
This also leads to another point that several firms emphasized as key to a contract: having an out.
O’Connell advised firms to look at the cancellation clause and the timeline for when a firm must notify the vendor that they don’t intend to renew at the end of the term.
“A lot of firms have a one-year renewal. So if I’ve got 60 days to tell you I don’t want to renew anymore — and if I don’t do it within that 60 days — I’m renewed for an entire year, and I can’t get out of that contract,” he said.
Cappelle also said they look for adding a clause in the contract, like a 90-day window from when the contract first starts, that provides an exit if the relationship is not meeting expectations in the beginning.
“We always try to be careful that we’ve done our diligence, we’ve reviewed multiple vendors, we think this is the right one for us. But we also try to be realistic in that we’re not actually using it yet, and so we want to be prepared that things may not turn out as expected,” he said. “Because the worst thing you want to get into is like a five-year commitment with a vendor that is new to you, and then not have things play out as you expect.”
But Cappelle also acknowledged that it’s not common or easy to negotiate vendor contracts, especially with larger firms that have standard contracts the industry has long accepted.
“If it’s a new firm that’s eager for new customers and business, they’ll tend to be a lot more flexible on negotiating terms of the agreement. But established players that have precedents in place with a lot of existing customers are going to be less likely,” he said. “It’s always worth asking, but you just need to kind of have some real, realistic expectations.”