Last year, Robert Isbitts, who runs Weston, Fla.-based RIA Emerald Asset Advisors, decided he had to take drastic action. Legal and regulatory compliance issues were spreading his employees thin. Everyone at the firm was responsible for his or her own paperwork, and they were finding that this arrangement had become a significant burden that interfered with their ability to effectively serve clients.

So Isbitts created a new position: chief compliance officer. He moved one of his primary operations employees, a 20-year veteran in that field, into the job, and hired someone else to replace her. At the same time, however, Emerald also contracted with a third-party firm, ACA Compliance Group, to essentially serve as its new compliance head's backup — on call to answer any questions she had, as well as provide regular updates about new regulations and industry rules. It wasn't an easy move: The combined costs of outsourcing, and beefing up its in-house compliance forced Emerald to raise the fees it charges clients. Emerald prided itself on the fact that its fees were below market averages, but Isbitts felt he needed the extra cash to cover the firm's new compliance-related expenses (along with some technology-related costs).

The result was a short-term hit to productivity. “We took a staff person out — our top operations person, and isolated her on compliance, and brought in someone else in her place — that's quite a cost right there,” Isbitts says. Yet the alternative — burying all his employees under increasingly complex and voluminous paperwork — was far worse. “We understand compliance is vital, and it was an area we were determined to stay ahead of the curve on. We took those measures to do just that.”

Emerald Asset is just one of many independent advisory firms that have faced the challenge of how to address their growing compliance burden, with the great majority realizing that they can no longer go it alone. The main question indie reps face these days is not whether to outsource compliance functions to third-party providers (like ACA, Automated Business Development, Regulatory Compliance, ComplianceMax, National Regulation Services), but to what degree.

“I'm hard pressed to think of any fee- or commission-based advisors who keep compliance entirely in house,” says Katherine Vessenes, president of Shorewood, Minn.-based Vestment Advisors.

A hybrid model, in which an in-house official is supplemented by outsourcers, seems to be the industry ideal. For most indie reps, completely outsourcing all aspects of compliance is neither financially viable nor desirable. SEC officials, for one thing, have informally told advisors at industry seminars that while the SEC has no actual rule prohibiting such a practice, it is not comfortable with a firm outsourcing the entirety of its compliance functions to a third party. (The SEC did not return calls for comment.)

Oddly enough, compliance outsourcing is a fairly unregulated industry, and remains without set standards. That's why it's crucial that when a firm selects an outsourcing candidate, the firm does some serious due diligence, says Vesseness. (For instance, it's good to find out if anyone at the outsourcing firm has SEC or NASD experience.)

Hybrid Life

Many independents try to keep the most critical decision-making compliance functions in house, such as running the SEC-mandated annual self-audit, developing a compliance manual, or setting internal standards like disclaimers in emails. If these functions are conducted by outsourcers, an in-house compliance head generally edits or oversees their efforts.

Outsourcing is most popular for time-intensive and mundane tasks, such as compiling and collating data from a host of client databases, or, in some cases, monitoring functions like portfolio management, trading activity, and other day-to-day activities to make sure they meet regulations.

Some of the smallest independent firms, who can't afford to hire compliance officers, simply retain the services of local law firms to handle such functions as making sure advertisements and emails conform with regulations, or to run their self-audits. Fees for this kind of service are pretty low, tending to range between $4,000 and $6,000 a year. The downside is that your local law firm probably doesn't specialize in new SEC requirements, or know how to handle conflicting state regulations (if the RIA has clients in multiple states, for example).

Derek Hoyt, a portfolio manager with Minneapolis-based KDV Wealth Management, says his firm keeps most compliance functions in house, but uses the outsourcing firm Regulatory Compliance primarily to write and update its customs and practice manual. On an annual basis, Regulatory Compliance will look over the manual, revise it to include any new regulatory changes or new laws, and then send it to KDV for review. “We use Regulatory Compliance as a platform to make sure we're doing what we need to be doing,” he says.

KDV chose Regulatory Compliance on the advice of a local attorney the firm had been using for various compliance functions. “In theory we could do it all ourselves, but we might as well have someone more knowledgeable,” Hoyt says. “We don't need complete hand-holding, but it's nice to have an outside source to make sure we're not missing anything major.”

Large compliance outsourcing firms typically offer a tiered approach to their services. ACA, for example, offers everything from its C Solution, which provides ongoing compliance support, including mock audits and ongoing Form ADV supervision, to its Compliance Assistant, a more bare-bones offering that mainly consists of telephone consulting, and access to ACA's databases.

Emerald chose ACA's bare-bones offering after it found that its new full-time compliance officer, Donna Naitove, didn't have the time or resources to keep abreast of new regulations while also making the final call on a number of detail-heavy functions, such as ensuring that an advertisement was properly worded, or determining the best way to file an invoice. Hiring another full-time employee would have been too costly, so Emerald contracted ACA to serve as a backup consultant, working directly with Naitove.

With ACA on call, Naitove “always has a source to go to,” says Allan Budelman, an Emerald principal. Emerald has no plans to outsource further compliance functions, wanting to keep as much of it as possible in house. “I have more of a comfort zone because I have someone on staff. Outsourcing is great, but they're not part of your firm,” he says.

Albridge Solutions, a data-consolidation and portfolio-accounting firm with roughly 50 RIA clients, also offers several tiers of service. Its most standard application is an enterprise data-consolidation function, which pulls data from as many sources as needed, and compiles them into one database. Other offerings, which are costlier, include tax lot reporting (consolidating gains and losses on behalf of the client).

“Advisors are looking to potentially outsource a lot of these functions, because let's face it, they're not experts in technology — they have businesses to run, they have to focus on spending time with their clients,” says Tony Johnson, vice president of strategic alliances at Albridge. “Leveraging a third party for data management helps you deal with compliance on an exception basis, rather than looking at every single thing you do with your customer.”