Historically, advisors haven't had many avenues to manage clients' 401(k) plan accounts, since unlike traditional custodial investment accounts, advisors generally lack discretionary trading authority in employer-sponsored retirement plans. Which wasn't necessarily a big issue back when most clients hired advisors after they had already retired and were able to roll over their employer plans into an IRA managed by the advisor; but as advisors have increasingly taken on working-age clients (and the 401(k) plan itself has taken on greater importance in retirement planning), the friction between 401(k) and non-401(k) plan assets has grown into a bigger issue from an operational and compliance standpoint.
For advisors who want to advise on clients' 401(k) plan assets but who can't manage them directly, there have generally been 2 options. First, the advisor can periodically review the investment statements issued by the 401(k) plan against the client's goals and risk tolerance and make recommendations that the client must then carry out on their own – which can prove frustrating for both the advisor and the client as it involves making multiple requests for information and then executing the trade, and if the client is busy or forgetful, there's the risk that the recommended trades will never actually be carried out. Alternatively, some advisors have instead opted to collect clients' login information so they can execute the trades in their clients' accounts themselves –presenting numerous data security and compliance issues for the advisor (and can lead to the advisor being considered to have custody over client assets).
In this environment, several data aggregation tools, with Pontera being the most prominent, have emerged to enable advisors to more efficiently and securely manage their clients' 401(k) plan accounts by giving the advisor the ability to view and trade in the 401(k) account. Which would seem to be a preferable solution to the old method of logging in with the client's credentials, since the advisor doesn't need to collect the client's login information (as it is entered by the client themselves and stored securely without giving the advisors access to the credentials), and can allow advisors to more efficiently serve clients with 401(k) plan assets (including those who might not have enough non-401(k) plan assets to meet the advisor's minimums).
However, regulators in several states, including Washington and Missouri, have recently begun to scrutinize advisors' use of Pontera and similar technology, citing concerns that recommending clients to share their login credentials with third-party technology may constitute "dishonest and unethical" conduct by potentially violating clients' user agreements with their 401(k) platforms. On the surface, this doesn't necessarily make sense, because many 401(k) plan platforms don't in fact ban such third-party credential sharing. But at the same time, regulators may have some valid concerns, since the amount of client data that can be seen and collected by the technology often exceeds what is actually needed to view and trade in clients' 401(k) accounts, while their ability to manage clients' investments outside of the traditional (and well regulated) custodial framework might also have spurred regulators to find a way to 'pump the brakes' until they can more carefully determine what is or is not an appropriate use of data aggregation technology.
And yet the fact remains that technology like Pontera may still be preferable to the alternatives that exist for advisors to advise on and manage clients' 401(k) assets (e.g., making recommendations for the clients to execute on their own or collecting client login credentials), while it also doesn't make sense from a fiduciary standpoint to simply leave 401(k) assets out of the financial planning conversation entirely. And so, despite the current regulatory friction around held-away asset management, the most sensible path forward does involve some role for technology to manage clients' 401(k) accounts – albeit with more communication between technology providers, financial institutions, regulators, and advisors to build a system that addresses the concerns of each.
In the short term, however, it's uncertain whether states like Washington and Missouri will remain the outliers in scrutinizing Pontera and similar technology or whether other states (or the SEC) will share those issues. Which makes it important for advisors considering whether to use the technology to understand where their own state regulators stand and for those who use it already to explain to their regulators how it allows them to better holistically manage their clients' assets without resorting to collecting client login credentials. Since ultimately, the advisors who use it every day are best positioned to show how held-away asset management technology can truly be used in the client's best interests!