#FASuccess Ep 441: What It Really Takes To Implement And Scale Compliance As An Independent RIA Grows, With Leila Shaver

Resources Featured In This Episode:

• Leila Shaver: Website | LinkedIn
• Financial Advisor Technology Map
• SEC Risk Alert (2015): Examinations of Advisers and Funds That Outsource Their Chief Compliance Officers
• Hadrius
• Greenboard

Are you a successful financial advisor, or do you know of one that would be a great fit for the Financial Advisor Success podcast? Fill out this form to be considered!

Full Transcript:

Michael: Welcome, Leila Shaver, to the "Financial Advisor Success" Podcast.

Leila: Thank you so much for having me. I'm excited to be here.

Michael: I'm excited to have you on today and dare I say, to get to nerd out on compliance, which I don't say lightly because I know you are a self-professed compliance nerd, and, obviously, we like the nerd thing around here. I realize as I'm saying this out loud the mere fact that I said nerd out on compliance probably has a few listeners already saying, "Peace out," because compliance isn't always the most energizing topic for a lot of us.

But I think there's a lot of room for a really interesting conversation because I find that, especially in the RIA channel, there are a lot of myths, misconceptions I see around compliance, burdens and obligations, like small firms that don't always recognize how you have to adapt as you grow larger. Advisors from large firms who don't actually understand how different compliance is when you're a smaller RIA. Much of which, and at least in my experience, seems to come from the differences sometimes between what compliance regulations say you "have" to do and how compliance officers at certain particularly large companies choose to operationalize those regulations in their firm, which sometimes isn't actually quite what the law said, but is there a version or interpretation that may or may not create some frustration for advisors in the firm?

So, I think I'm looking forward to getting to dig into what does it actually take to handle compliance when you launch an RIA. How does it change as you grow? And how is it actually different from the compliance that so many of us are accustomed to historically when most of us still started out in the broker-dealer channel and are either looking at making a shift or have made a shift and are trying to figure out what's the difference even between broker-dealer compliance and RIA compliance, really?

Leila: Yeah. No. Good questions. Excited, certainly, to jump in and start getting into the details. And I promise this will be fun.

Michael: Promise. Promise. It's a bold promise to make. We're going to nerd out on compliance. It's going to be fun.

Leila: It's going to be fun. I promise. That is a promise I try to stick to, and I think it's one of those things where you're right. Anytime I've done a conference and I've come out and they're like, "Oh, we're going to be talking about compliance next." It always seems like the introduction is "We're talking about compliance. I know. It's a necessary evil. I know. We just got off of this great segment. Now we got to talk about this dull stuff." But however you feel about compliance, it's here to stay, it's a requirement, so let's have fun with it.

Leila’s Career Path To Becoming A Compliance Expert [05:37]

Michael: Let's have fun with it. So, look, actually, to kick off, I think it would be helpful if just you can give a little bit of background about who you are and your firm and what you do, just so we have context to the compliance conversation to come.

Leila: Sure. Sure. So, appreciate that. So, I am a securities attorney. I've been a securities attorney for almost 15 years. Like many of us who got started in the industry, I started in the BD side of the business. While I was in law school, became in-house counsel. I launched My RIA Lawyer in 2017. Frankly, I wasn't planning on being a business owner. Life happened. I had a kid. I was commuting two-three hours a day. So, it was more kind of "What can I do with a four-month-old at home?" is how it started. But between when I started and when I launched the business, I grew to really appreciate and love compliance.

And to your point, these regulations are written just specifically enough so that you know what you kind of have to do, but just vaguely and broadly enough where there's some interpretation and wiggle room. And so, the challenge then is how does this apply to my business? And as someone who loves kind of triaging and problem-solving, and I love puzzles, I love Legos, I love putting things together and breaking them apart, that's something that I've grown to love.

So, within My RIA Lawyer, we are a law firm providing legal and compliance services. While we are called My RIA Lawyer and focus specifically on RIAs, we do work with fund managers, broker-dealers, commodity pools, commodity traders, etc. So, we do work with a variety of financial services companies. In terms of the legal services, we provide kind of the traditional legal services. We draft contracts. We do kind of the transactional legal. We do the M&A work. We do the regulatory defense and arbitration.

And on the compliance side is where I've had a little bit more fun with trying to create services that are a little bit more different, a little robust, a little bit more robust than what I feel like is available in the industry. But really focusing on... Advisors are busy enough. Owners are busy enough. You don't need to spend extra time that you don't have trying to figure out and learn every darn rule that keeps coming out. Plus keeping up with the FAQs, the risk alerts, the guidance, everything. Keeping up with speeches: "Oh, did you go to this conference here from so-and-so? They gave this insight." That's a lot to keep up with. So, my philosophy is you stay in your zone of genius, which may be marketing, may be business development, may just be working with your clients and serving them. Let us handle compliance because that's our zone of genius.

So, that's kind of the firm in a nutshell. In a way, my career, I feel like I'm a bit of a mutt because I came out of school in 2011 when there weren't a lot of jobs around. So, working for a broker-dealer in-house for a few years. Working for a BDC [Business Development Company] fund and their managing broker-dealer. Working for a conservation easement sponsor, a law firm specializing in RIA registration compliance and hedge fund creation. I've been in a few different types of organizations within the industry.

At the time, it wasn't fun because it felt like, "What the hell am I doing? What direction is my career going in?" But looking back now, it's given me exposure to a lot of different parts of the business. So, now within our firm, I'm cross-training our team and our staff. So, it's not just that we can only talk about FINRA rules or only talk about RIA rules. Our goal is to be able to help you understand how all these different parts overlap and work with each other. Because inevitably, in the RIA space, it's incredibly entrepreneurial, and there are not a lot of financial advisors that are just financial advisors. They're also selling insurance. They may also be a registered rep. They're doing a lot of other things as well.

Michael: So, per your comments on team, then how big is the team around you?

Leila: I think we're 12 people at this point in time. A variety of attorneys, compliance support staff, operational support staff. We recently transitioned one of our longer-standing employees into a full-time training and development role. I'm big on the education, and with all the changes that have happened in the last decade, decade and a half, we just felt like we need someone who's constantly training our team so we can make sure we're staying on top of things.

The Differences Between Lawyers And Compliance Consultants [10:41]

Michael: So, then one other question I have in this context, I hear advisors asking this periodically. How do you frame the different...because I'm sure as you explained your services, you explained, "We provide legal and compliance services." You talked about legal. You talked about compliance. So, I feel like from a lot of advisors' end, everything compliance is lawyers and legally by sort of definition. So, can you explain further where the distinction or the dividing line is between legal and compliance or, I guess, between when do I need a lawyer? When do I need a compliance consultant?

Leila: Good question. I would argue that you need a lawyer because, at the end of the day, you are reading regulation, interpreting it, and identifying what applies to your business, and how are you to respond to that regulation? How are you supposed to implement or react to that rule? What operationally, legally, from a compliance perspective do you need to implement to comply with those rules and regulations?

And that might be a bit of a bold statement to make, and I'm okay with that. And that's because, listen, we talk to a ton of advisors, and there are a lot of non-law firms out there providing consulting services. And they are providing templates, resources. They can speak to kind of the mainstream like, "You have to do advertising review. This is how you conduct advertising review." They can speak to those things.

But when you're looking for an interpretation, when you're looking to do something that's in a gray area, when you're looking to do something a little bit different, you really need the support of someone who can kind of lead you and guide you. Because it's not just reading the regulation. It's looking at... I read litigation releases all the time. Right? There's not a whole lot, especially recently, guidance coming out from this "new SEC," right? We're under a new administration. So, I always and I have always read litigation releases because you can read the specific fact patterns. The SEC tells you what was the problem and what they needed to see to resolve that issue. And that informs a lot of how we speak to and guide clients in what they should be implementing or how they should respond to regulations.

At the end of the day, non-lawyers can do an adequate job. I think when you're a startup, when you're a small firm, especially when you take into consideration the real-life stuff like money and budgets, and so many advisors are bootstrapping it. I bootstrapped my law firm. Going and hiring a law firm may not economically be feasible, but that's where you also want to do your due diligence. You want to look at the different vendors out there.

The other challenge is our industry has kind of always, for a majority of the time, siloed compliance people. It's not uncommon to meet someone and they spent 20 years in registrations. They spent twenty years in ad review. What else do they know? Can they connect all the other dots, all the other pieces of compliance, and be able to guide you appropriately? So, you want to do your due diligence and understand who it is you're working on and working with and be an advocate for yourself.

So, going back to your question. I know this is a very long answer to your original question. I think ideally you want to talk to a lawyer because at the end of the day, if anything leads into a legal interpretation, a legal discussion, you don't have to go find a separate law firm to have that discussion with. You've got it with the lawyer. Some of the complaints we hear from advisors is: "Well, I'm using this firm," but they say, "at some point, the conversation ends because they can't give me legal advice."

Michael: And so, if you're maybe a little smaller or simpler, that's fine because you're doing the more black-and-white things that are pretty straightforward to apply. And when you start getting bigger and life gets more complex, which unfortunately tends to happen as your business gets bigger even if you don't want it to, then you start moving further into the realm of, okay, but your business is getting more complex. And if you really need to apply regulation interpretations to the particular things you're doing in your version of your business, you may want legal counsel to make sure those laws are being interpreted appropriately.

Leila: Yeah. No, I think that's a fair summary. I think the other thing too, it's not just the compliance side. When you're growing, you're adding more human beings, whether it's non-advisory staff, advisory staff, clients. Inevitably, there's going to be a dispute. Inevitably, there's going to be a misinterpretation. Inevitably someone's going to mess something up. So, having counsel that can kind of wear both hats as legal counsel and compliance and help guide those conversations, I think, is extremely helpful as you grow. I tell people all the time, it's not that as you grow your problems go away. They just change and evolve. Problems never go away. You are always going to have problems in business. They just change as you grow.

How RIA Compliance Obligations Differ From The Brokerage World [16:05]

Michael: So, then let me take the conversation back now to a little of where we started about what is compliance really like? What are our obligations in the RIA world? And how do they differ from the brokerage world? Because I experienced this firsthand when I made the change from the broker-dealer channel to the RIA channel years ago, where everyone had basically said to me, "Careful about going RIA. It's like the Wild West, and you'll be crushed by the compliance burden because you won't have your compliance department to do all this stuff for you."

And then I went RIA and really couldn't believe how much easier and simpler it was to be compliant in a small firm because, as I only realized in retrospect, they didn't have all the layers of compliance that I was used to. And it gave me this strange realization. I think I had always envisioned and expected that one of the virtues of being, let's call it, a large platform in general, could be RIA or BD…large platforms were all BD. It gives my expectation: you're this large firm, you have all these resources, you have all these economies of scale because you're so big, and so you've got centralized capabilities to all this compliance stuff, and I'm going to get crushed when I'm out there on my own, without all these resources.

And what I found in practice or realized in retrospect is the larger the firm, the wider the base of advisors. The difference between your best advisor and your worst advisor just gets wider the bigger the firm is because your top advisor is better, and somehow your biggest idiot is even more of a big idiot. And what I hadn't realized until later was if I'm a chief compliance officer in a giant platform business, FINRA is going to fine me, which means my job is on the line for basically whatever the one biggest moron in my entire organization can do and get us all in trouble and bring us all down.

And so compliance would end out writing rules for whoever was the lowest common denominator. All rules had to be written for the one biggest idiot in the firm so that at least they're not going to get us in trouble and get us fined for failure to oversee. And because the bigger the firm, the wider the gap between normal advisors and the worst advisor, I found this phenomenon: the larger the firm, the more compliance tended to be written for this lowest common denominator, and the further they got from "Can we just write compliance rules for normal, reasonably good advisors who do reasonable things?"

And when we ended up in a smaller firm and independent channel, we could just write compliance processes and procedures for what we actually do either on our own or in a partnership. We're like, "Hey. I've known you for a lot of years, so I'm going to not do a thing that screws up our business, and you're going to not do a thing that screws up our business, and we'll have some oversight to make sure that we're keeping our word. But we don't have to write rules for hundreds or thousands of advisors based on what the one biggest idiot can do."

And I don't know if this resonates for you. I know you lived both sides of compliance. I was so thrown by this dynamic that I thought the larger the firm, the more efficient and economies of scale they would have for compliance. And what I found in practice was the larger the firm, the bigger the gap between the average advisor and the lowest advisor, and the more weirdly burdensome compliance rules actually became because they were trying to cover down for, I don't know, loose hiring practices and not always write the best rules for just what normal advisors actually do trying to take reasonable care of their clients.

Leila: Yeah, so I am with you on the RIA space. When I hear Wild West, I'm like, "That sounds lovely. Take me there." Because you're right. In the IA [Investment Adviser] space, there's more up for interpretation. There aren't so many rules. And that's really ultimately the issue with kind of the FINRA broker-dealer rule is there's so many rules and rules and rules and guidance, and it's very incredibly specific. So, then trying to comply with these very specific rules and having to document your WSPs, your written supervisory procedures, it becomes incredibly burdensome, especially when you're a small firm.

And then on top of it, think about it. I'm a CCO on the RIA side, I don't have to have my Series 7 and 24. I'm a CCO on the BD side, I do. So, now I've got to sit and take the 7 and 24, which I've studied for and taken. It sucks. Maybe not as bad as the bar, but it sucked. You're taking those exams. You want to do financial reporting. You want to supervise municipal bonds. All of these different things require a different license. So, it's a lot of work. It's a lot of time. A lot of ongoing continuing education, a lot of rules to keep on top of, which means the margin for error is very slim. And the regulators take advantage of that very razor-thin margin of error. And that's illogical and frankly insane to me.

Whereas I love the IA space. I love that it's not as regulated. I love that, to your point, that you can customize policies and procedures to your business. You can just focus on the ones that are applicable or what works, frankly, for your business. We've heard from the SEC time and time again about how it's different for smaller firms versus larger firms. And we can't expect smaller firms to take on the same responsibility and burden as larger firms because they simply lack the resources. So, I love that the IA side has that flexibility. And I think that's very clear from the numbers of people leaving the broker-dealer world, the consolidation of broker-dealers, how many hybrid advisors there are who are both brokers and financial advisors. So, I think that's a testament.

It is difficult for sure on the broker-dealer side. You would have compliance. You would have supervision, area vice presidents. Everyone had a supervisor conducting reviews. Everything had to be documented and checked. There were a lot of resources that went over compliance and supervision in the BD space. And I think the lovely thing about the IA space is you don't need all the licenses. You can consolidate into one person or fewer people. And there's more flexibility on what is the reasonable basis, right? What is necessary for my firm to ensure that our program is working and that we're catching and fixing any deficiencies in the program?

Michael: So, can you explain that a little bit further? I guess, what the burden is for investment advisers creating their compliance processes and procedures versus what broker-dealers have to go through in designing them?

Leila: Sure. So, first of all, anyone who's actually held and I know it's hard to find people who print anymore, but if you actually held a WSP manual on one hand an RIA compliance manual on the other, they would feel very differently. And that's because generally you can find a firm with a compliance manual that's an RIA, and it could be 50 pages long. WSPs, I haven't seen anything less than a couple hundred pages.

And again, it's because there're so many rules. There are so many specifics to the rule. There're so many layers of supervision that has to happen, cross-referencing checks. Those manuals are longer. They're more burdensome. You have to make sure, for example, even when you start a broker-dealer, if you wanted to go file a new member application, you've got to make sure you have someone who can be a supervisor. So, they have to have a [Series] 7 and 24. You need a FinOps. So, you need someone who's licensed appropriately for that. Depending on the lines of business that you want to do through your broker-dealer, whether it's investment banking, full retail, that's going to require additional licensed persons. So, whether it's an all-in-one person or multiple people or you have to look at outsourcing, there are solutions out there. Similar to the IA space, where you can outsource compliance, you can outsource to vendors that have FINRA-licensed people that can serve in these various roles. That's a lot of damn work, right?

And then you have to have policies and procedures on books and records. So, documenting all of that's happening in your business, whether it's advertising, communications with the public, internal communications. We've got to have vendor due diligence. We have to have alts due diligence. All the same things you do on the IA space in terms of suitability profile. And then you've got to have all the testing in place to make sure the appropriately licensed person is supervising. Have they signed off on it? How often are we supervising or approving certain sales, right? You've got to have...how many forms you have to complete, right? I want to do an annuity switch. I want to do a mutual fund switch. It's so much paperwork.

Michael: Because it's all spelled out in... Does this come down to the essence of broker-dealer....

Leila: Broker regulation.

Michael: Yeah. Broker-dealers have a very rules-based framework, and RAs have a very principles-based framework. And so, the BDs are drowning in their rules, and the RIAs "just follow the principles."

Leila: I think that's a good way to summarize it. It is very heavily rules-based on the FINRA side. Everything has a dang rule. And it's very clear too, because FINRA has been around forever. So, and the industry, the brokerage industry, when you compare, when did RIAs really come out? We're talking the last couple of decades. Broker-dealers have been around longer. So, there's been a lot of time to create and implement regulation, to create essentially a historical record of all the disciplinary actions that take place because you violated this rule, because you violated this rule, because you violated this rule. So, it's become extremely rules-based. There's very little wiggle room. And frankly, regulation takes so darn long to create and implement. These rules aren't effective in keeping up with changing times. So, whether that's changing technology, changing communication methods, how people in general are interacting with one another and sharing information. The rules aren't really great about keeping up with that.

On the IA side, where there's more interpretation, there's more gray, it's not so prescriptive, there aren't so many rules, you can really take what is in place and apply it in a new way. So, as technology has changed, we see this on the IA side with text messaging, instant messaging. How are you communicating with clients or each other internally? These rules that have been around for decades can be reapplied to these new emerging scenarios because they're written in a way in which they can be applied. FINRA rules don't work that way. And it's aggravating. It's really aggravating. And I can tell you from a compliance perspective that's why you see so many outsource providers refusing to provide FINRA compliance services. Because it's almost gotten to the point, it's not if I get fined, it's when.

Michael: In theory, compliance prevents wrongdoing, right? We do all this stuff because we're trying to actually catch bad actors before they hopefully do bad things to consumers because we're responsible for people's life savings. This is legitimately high stakes. So, if there's so much... If there are so fewer rules on the RIA side and so much more flexibility, why don't we see more problems there?

Leila: I think that's where the examinations by regulators are helpful, right? Having the examination staff come in, talk to you about the rules, how they apply to your business. I think that's where the litigation releases come out, where they're applying rules to specific fact patterns so that you can learn from those. It's the FAQs. It's the risk alerts. It's the notice to members. It's the guidance generally that comes out. It's the speeches. It's the virtual and in-person educational conferences they hold.

And I think, too, when you have a little bit more room to kind of interpret, firms generally, they have good intentions, so they do their best in taking a rule and interpreting it and applying it to their business. I think where FINRA has kind of slipped up is when you're so prescriptive and you're so specific, it becomes completely almost debilitating to figure out how a rule applies to a new scenario. So, it's very clear from the language this applies, and this is how it works. But what about this new situation where it's not as clear? Then it really is not up to the CCO of the firm or the owner or supervision to figure out, like, "Okay. Let's tweak." Because I think the SEC, because they know there's room for interpretation, there's a bit more flexibility in terms of how your firm interpreted it and applied it. It can be more of a discussion: "I get where you're coming from, but what we would like to see is you'd also do this." Right? It's more of a back and forth in discussion.

On the FINRA side, it's like, "Nope. You messed up. Fine." And I think that's the challenge. When there is flexibility and there's an openness to interpretation and good faith effort to comply, I think that promotes more of a culture of compliance when you have so many specific rules. It can be incredibly overwhelming. It's hard to keep up with, and you're having to train your staff. You're having to train your advisors. You have to train your compliance and supervision people. That's hard to do when you're dealing with human beings. We all make mistakes. So, I think it actually becomes more prone to error.

Comparing Fiduciary Responsibilities Of RIAs And Broker-Dealers [31:05]

Leila: I think the other part that you mentioned too is the fiduciary standard. So, on the IA side, having the fiduciary standard, requiring that you do what's in the best interest of the client, even if that means putting their interest ahead of your own, I think that's pretty clear. If I have a conflict, if I want to do this, I have to go back to, am I creating a conflict? Am I putting my interest ahead of the client's?

On the brokerage side, historically, the standard has been different. Right? It's a suitability standard. As long as it matches their suitability profile, their risk tolerance, their objectives, liquidity needs, etc., etc., it doesn't matter if it's in their best interest or not. So, that's where we saw, at least when I was in-house for the brokerage firm I was working with, that's where we saw 90-year-olds filling out subscription documents for oil and gas alternative investments. It may have been suitable, but definitely not in their best interest. So, I think that kind of heightened standard also helps.

Michael: So, has that shifted in more recent years since Regulation Best Interest? Does that help close the gap, or did that just compound the rules-on-rules dynamic?

Leila: I think Regulation Best Interest rose the standard for some of the broker-dealer and brokers' conduct to a fiduciary standard, but not all of it. And then remember, you have states to worry about too. So, there are certain states who say that brokers are required to comply with the fiduciary standard. What that creates is inconsistency and confusion. So, I don't know that that's necessarily helped on the BD side.

Michael: So, which parts of conduct didn't get lifted up from your perspective?

Leila: So, DoL [Department of Labor] best interest, we're dealing mostly with retirement accounts. Right? It's a very specific type of account that you're working with and very specific type of advice. There's not similar rules about being a prudent person and doing what's in the best interest of the client when we're talking about alternative investments, for example, or other types of securities, or just buying and selling stocks, or just transaction-based business in general. So, I think that's where we've seen the mutual fund and class share issues come up. "Well, these different classes, they kind of have the same benefits, but I get more compensation with this class share than the other. They're suitable. You didn't say I had to do what's in the best interest." So, I think that's where we find those kinds of issues arise on the brokerage side and less so on the IA side.

Michael: So, I'm struck by some of how you frame this that I think you'd said earlier there are less regulations on the RIA side, but as you're now framing this further, it's not that they're less regulated. It's just that it's not done with a big old list of rules and regulations. It's done with "Here's the underlying rule, and then here's a lot of risk alerts notices, litigation, interpretations, speeches, things that help explain how you probably would interpret that." And now you can take your best shot at doing so. And even if you're a little bit off, your regulatory examiner will probably just say, "Here are things where I don't think it's quite on target. Please adjust this going forward." As opposed to, "Nope. That's not what we meant. Here's your fine."

Leila: Right. And that's correct. It's not that the IA space is not regulated. It's just not as specific, and there's more room for growth. There's more room for interpretation. Now I know that there are certainly more regulations that have gone into effect on the IA side for sure, but I think some of that is just kind of an update, like what we saw with the marketing rule. Is it new regulation? Yes. But it combined the old advertising and solicitor rules into something that's more consistent with what's happening today or maybe the last decade.

So, it's not that it's less regulated, but it is also different the experience of going through an audit with FINRA and going through an audit with the SEC. As long as you're able to document that you understand the rule, you've done your due diligence on the rule, you made a best effort in interpreting and applying it, you're doing your testing. Ultimately, if something is found deficient or there's a disagreement, which I have had disagreements with SEC examiners, sometimes it ends up on a we agree to disagree basis. That doesn't happen with FINRA. There's no agree to disagree. It's, "You agree that I'm right as the FINRA examiner, and I don't care what you think."

I've literally had conversations with the SEC where it's like, "I don't think this is right. I don't think it's robust enough, or I don't think..." I'm like, "Okay. Where's the rule that says this isn't adequate? Where's the language that says this doesn't meet the standard? Can you point to a risk alert, an FAQ? No? Okay. You may not like it, but there's nothing that you can specifically point to that says I'm required to do it the way you think I should do it or the way you think the firm should do it." That's not the kind of conversations we would have on the FINRA side.

Michael: Because they would just say, "I am the examiner, and I've made the determination, and you're deficient, and there's a fine."

Leila: Yeah. Because it doesn't matter if you made best efforts. It doesn't matter if you interpret it a certain way. It's like, "Nope. The rule is very clear. This is how we've handled it. This is what's happening. Do better next time. Here's your fine."

Michael: And so is that just a difference in cultures of the regulators? I just realized what you're describing. That's not even just a difference between rules and principles. That it’s just the culture of the examiners is different?

Leila: I do find it is different. Talking to someone from FINRA, it certainly is different from talking to someone from the SEC. I can go to a conference and sit down with someone from the SEC and have a conversation. And I get all the standard disclosures, but we can have a conversation. I can't do that with FINRA folks. Like, "Sorry. Can't talk about it. Sorry. Can't give advice. Sorry. Can't give guidance. Nope. Won't even give you my personal opinion off the record."

How Compliance Burdens Change When Transitioning From A Broker-Dealer To An RIA [37:42]

Michael: So, now help us understand. We only know the reality in which we've lived. And so, I find folks that grew up in the RIA side just don't really have a vision for what broker-dealer compliance is like, and folks that grew up on the broker-dealer side have trouble really envisioning how different the compliance can be on the RIA side. So, I guess how do you explain to someone who's only lived in BD compliance how it's actually different if you decide to operate as an RIA instead or solely, because I guess almost all of us on the BD side are at least dually registered now? But how does it change when you're hanging your own shingle versus what you live in in a broker-dealer environment? Like, as the end advisor.

Leila: Yeah. That's a really good question. Frankly, I think it's great being on the IA side. A lot of the requirements kind of translate. I can say as someone who's hired people that have come from the BD side, and I'm trying to kind of train them on what's the difference, a lot of it is translatable, right? When we're talking about advertising review. From a practical testing perspective, it's very similar. We're looking for the same kinds of issues, the same kind of language. Do you have the appropriate disclosures? All that fun stuff. That's still kind of going to be consistent.

Where we have to tell people about the difference is kind of there aren't as many rules, very specific rules about certain conduct or products or how to do this, this, and this on the IA side as there are on the BD side. And you've got a little bit more room for interpretation. So, when we are talking about advertising, for example, there is very specific processes on the FINRA side, whether you have to submit something into their advertising team. What are the requirements of the rule based on the content of your advertising? On the IA side, I don't have to worry about any of that stuff, right? Because it's really complying with the rules and obligations under the marketing rule, but then also, what does your firm require? What are the policies and procedures of the firm? Do I have to send my advertising to the SEC? No.

And there are a lot of things that have happened traditionally on the BD side that doesn't necessarily happen on the IA side, right? Like, on the BD side, advertising, very common for it to expire after a certain period of time. We're not seeing that kind of hardcore like, "This expires in six months," advertising, and then you have to resubmit it on the IA side.

So, I think it's those little things that, from a practical perspective, are different. So, it's to a certain degree less burdensome on the IA side. So, if you have an advisor that is going off on their own, starting their own RIA, especially if you came from the BD side, there's probably a lot of fear about, "Oh my god. All the rules. And how am I going to comply? And what do I do?" It is a lot easier, actually, to be compliant on the IA side. It's easier to learn all the rules. It's easier to understand the rules because they're not as many but for "Here's an exception, here's an exception to the exception," like there are on the FINRA side.

But that doesn't mean it doesn't still take attention and time and being methodical and thoughtful about it. Compliance should not be something that's like, "Oh, it's the end of the month. Let me go see what I'm supposed to do." Or, "Oh, it's the end of the year. I haven't done any testing all year. Let me see what I'm supposed to do." As long as you're being diligent and thoughtful and consistent, then you'll be successful with compliance when it comes to the IA side.

Time And Money Expenditures On Compliance For Solo Vs Larger Firms [41:35]

Michael: So, when someone is, I guess, hanging a shingle as a solo RIA, like, in the context you've given, you're going out on your own, not as many rules to learn. You have to learn the rules that are there, but it's not as arduous and listy in the rules as it is on the FINRA side. Just help set expectations. How much time should someone expect that it is going to take to still do the things I need to do when I don't have a home office compliance department doing these things for me if I'm doing it on my own?

Leila: So, before I jump into how long does it take, let me address this whole issue or this idea that home office compliance is doing so much for me in the BD world. Compliance departments are traditionally underfunded, don't get enough resources, and are understaffed. So, when we talk about this idea of compliance being the "Department of No", or no one ever wants to help me, it's because, frankly, they don't have the time. They don't have the resources. There's not consistent education or training with the team. It's kind of like, "This is what I was told to do. This is how I was told to do it. This is what we did at our last firm."

So, you're asking people who aren't getting constantly trained and updated on rules and how to interpret or who are being taught, frankly, customer service with advisors. How do you understand their goal? How do you help them understand how to reframe some of their language? How do you work with the advisor to help them understand what the expectations and requirements are?

So, a lot of these brokers are like, "Oh, home office is doing so much." They're not doing as much as you think because they've traditionally underfunded compliance because it's overhead. It's a cost to the business. So, let's just get that. Whatever you think home office is doing, I promise you they're doing less than you think. So, in terms of then going on your own on the IA side, the larger you become, the more people you add, the more time you'll need to spend. The more complex your services, the different ways in which you can be compensated, the different types of services, the more of those you create, the more time you'll have to spend in compliance. As a solo practitioner, you're the only one. Maybe you're state registered, maybe you're SEC registered. In my humble opinion, shouldn't take more than a couple hours a month.

Michael: A couple hours a month?

Leila: Yep.

Michael: So, what am I doing in those hours? What do I actually have to do in a traditional monthly compliance obligation?

Leila: Sure. Sure. So, the solo, you're supervising yourself. So, it's not necessarily that we expect you to go and do email review because you know what emails you sent. But it's, "Hey. Is my archiving tool set up properly? Did I put all the accounts in there that need to be archived? Is archiving working properly? Do I need to approve a new permission for it to continue to archive?"

It's reviewing your client files. "Have I maintained all the books and records required for my clients? Do I have documentation that I have discretion? Do I have updated suitability information around the client?" So, at least once every three years, if not more frequently, you want to be updating suitability information. "Have I documented my calls, my notes? Have I..." I call it the CYA email. Have you sent an email after your call summarizing what you discussed and next steps?

So those are the kinds of things that you would be doing as a solo practitioner. It's not that you're going back and supervising the emails that you sent, but it's more making sure are they being properly archived. If you're SEC registered and you're getting testimonials, "Did I go get testimonials this month? Are there the appropriate disclosures?" So, you're spending more time on those kinds of things.

As you add people, that's where the supervision piece becomes more burdensome because then it's not just you and your emails. You know what you're sending and receiving. Then you've got to check the next person's emails. You add five people. You've got five people worth of emails you have to check. You add 50 people. You have to check all of their emails. You start allowing text messaging and instant messaging. You've got to check all of those communications. You start creating model portfolios, and you create different strategies that range from conservative to super risky. You start adding cryptocurrencies. That all adds complexity to your business that is going to require more compliance time.

And so I find that most firms can kind of handle compliance on their own through a few hundred million in AUM. And then, depending on who's got the CCO [Chief Compliance Officer] hat on, they are starting to look for more robust outsourced solutions because either they don't have the time anymore, they don't have the desire, or their business has become complex enough where they just can't keep up.

Michael: And so I'm just thinking practically, if I'm a few hundred million of AUM, I'm probably $2, $3, $4 million of revenue. I'm probably 8, 10, coming up on 15 team members. Somewhere around there and just stuff starts getting complex enough that maybe we don't want to do this ourselves anymore.

Leila: Yeah. I think it depends on how your business is structured, right? Are all those advisors allowed to have their own DBAs [Doing Business As]? Do they all have their own locations that they're working from their own offices? Are you allowing all the advisors to bring on their own CRMs, their own financial planning tools? How complex is everything getting? And that really is going to dictate how much resources and time you have to spend on compliance. The simpler and more straightforward, the less time you have to spend because there's less margin for error. There's less likelihood for issues to arise if you're very controlling over how you communicate, what you're communicating, the services you provide, how you are compensated.

But that's not real life. Most firms don't stay super basic their whole life cycle. As they grow, they evolve. They want to attract more advisors. They want to attract more clients. So, inevitably business gets more complicated. So, we go from being a solo practitioner maybe a couple hours a month, and that's really just reviewing documentation, reviewing that tech is working the way it's supposed to. "Oh, I started a new website. Let me make sure that website's been added to the archiving tool and it's being properly archived." To you get to half a billion AUM-plus, compliance can become a full-time job.

Michael: And that's where you start triggering either I need way more external support or just I have to hire up a full-time person to the role.

Leila: Right. That's really where that decision starts happening. I have found around that kind of half a billion, up or down $100-$200 million AUM depending on complexity. But, yeah, that's where we start seeing, "I can't handle this in-house anymore. I'm looking for more support." And that could be because they've got six different people that all are spending a few hours every day on compliance. So, everyone's half-assing it because I'm a financial advisor. That's my day job. I have a book of business. I'm the COO. I'm doing trading. I'm doing research. And then you have six people all putting in a few hours, none of them with a compliance background. How is that better than hiring a full-time career compliance person?

Michael: And so can you help us understand, then, what does is it cost when you start engaging someone externally for support at this level?

Leila: So, one thing I will say is that I feel like a lot of advisors have a very misguided view on how much compliance should cost. And maybe that's because the average age of the advisor is 65-67, depending on the source you look up. And so many of them worked during a time where compliance wasn't expensive, right? There were less rules, less regulations, maybe a little bit less oversight. And I feel like in some ways, sometimes it's talking to my parents. "I walked uphill both ways in 6 feet of snow to school." And it's like, "Oh, back in the day, it used to only cost this much. That's crazy how much you want for compliance."

But the reality is, with all of the archiving, supervision, testing that you do, you need technology. You need some sort of compliance technology. The good news is we're in a time frame where there's a ton of different tools available. I point everyone, Michael, to your tech map. If you want to know what are all the tools out there, I was like, "Michael's already done the work. Here's the link. Go look at all the different tools that are available now."

Michael: That is true. We literally have a compliance category on the tech map.

Leila: Yep. So, there's a ton of tools out there and technology on a full spectrum of very cost-effective to expensive that's available to help. But when we're talking about cost, a full time employee, you've got salary, you've got benefits, you've got to give time off, you've got to do training. That's all cost. It's not just the salary, right? And salaries for compliance people have increased. I know you hire compliance people, Michael. The salaries have grown…almost astronomically in the last five years. It's insane what's happened to compliance salaries.

Michael: Well, anyway, to me, it's always the fascinating thing about the advisory business at its core. Most of us run businesses with mid-to-high 90% retention rates. So, even a fairly modest organic growth rate means you do grow every year, and that's before market growth when most of us are in the AUM model. So, almost any level of positive momentum with referrals and markets means most firms grow at least 10% to 15%, which means they double every 5 to 7 years. So, it's literally just a matter of time before an ever-growing quantity of firms are north of half a billion dollars and start looking for their own full-time compliance team. And since the RIA model has been growing pretty heavily for about 25 years now, it's just a lot of firms that have grown to that size in a fairly narrow time window compared to how long it takes to attract and bring new compliance professionals into the industry.

So, I see all sorts of domains where the sheer compounding of so many RIAs that have been built over the past couple of decades is pushing more over half a billion dollars, so compliance has gotten expensive. It's pushed more over a billion dollars, so finding an experienced COO, which often you're hiring professional management at that point, that becomes extraordinarily expensive. We're growing mid to large-size firms a lot faster than people were coming in a decade ago to get the experience it takes to be able to help firms at that size today.

Leila: Right. So, you have this growth of the number of advisors, and the number of advisors that are growing larger and larger, and you have this group of compliance people that hasn't grown at the same rate. The demand is higher. So, you're looking to bring in those people in-house. Well, if you live in Kentucky, good luck. I'm in Atlanta, in the Atlanta area. We've got a financial services hub of people here. It would be a lot easier for me to go find a qualified career compliance person with experience and skill to hire. If you're in a small town in the Midwest, much more difficult. And then also attracting that person to move from wherever they're located to your town to be in-house.

These are all things that just compound the difficulty of finding an appropriate in-house compliance person, which is why I'm so excited that there're so many outsourced providers out there. And from that perspective, the cost runs the gamut. You can get solutions that are fairly economical, a few hundred dollars a month, mostly technology-driven, where it's a compliance technology tool. It's an automated compliance calendar. You get a reminder: "Hey. We're at the beginning of a new quarter, so it's time to do your 13F filing, or it's time to do your personal security transaction reviews." And you click on the reminder. It takes you to the tech. There's a form you complete to commemorate the testing that you did and document it, and then bada bing, bada boom, you're done.

That works as a smaller firm. The more your firm grows and becomes complex and the more supervision you do, the technology absolutely helps. I know multibillion-dollar firms that are still working off of Excel spreadsheets. It gives me heartburn thinking about it. So, I feel like compliance technology is a necessity at this point, but that's where the compliance cost will increase. And I think it also depends on how much support you want from an outsourced provider. There are solutions now with outsourced providers that run up to and include serving as your chief compliance officer, like being the listed CCO on your ADV. But there's a cost comes with that.

Michael: I thought there was some active discouragement from the SEC of trying to outsource the CCO role a few years ago?

Leila: So, the SEC issued some guidance a few years ago about outsourced CCOs and outsourced compliance in general. And they talked about the issues they saw with outsource providers versus in-house providers. And it's not that they don't like outsource providers. There's just different challenges with an outsource provider versus an in-house person.

So, for an in-house person, for example, they notated that a lot of times firms are tapping the admin or a financial advisor or someone who already has a full-time job managing operations or whatever else in the firm to be the CCO. So, they don't have the adequate time, skill, experience, or resources to adequately serve as CCO. They're not provided additional support. They're not getting technology to help facilitate or streamline some of the supervision and testing that's required.

For external compliance support, the issue is volume, right? There are cases where you have a single person that might be CCO of 15 different firms. How can you tell a regulator that you know and understand the businesses of 15 different firms, that you know their advisors, you're able to adequately support their program and run the program, identify deficiencies, remediate those deficiencies, do training? That's kind of the other end of the spectrum with the issues with outsourced providers is you're essentially hiring a fractional CCO or a fractional compliance provider, and you're sharing that person with other firms. So, do they have the time, frankly, to help you? And would they be able to act adequately as your CCO if they are your CCO, from that perspective?

So, that's kind of what was in the guidance from the SEC. It's not that they necessarily don't want you to outsource. Frankly, a lot of firms have to. They don't have the homegrown talent. They are having difficulty attracting people to come be their in-house CCO. They can't meet the salary demands. So, you go to an outsource provider that's a fraction of the cost, and that's just what you have to do. So, that's where you have to do your due diligence. And you've got to weigh, what is it I can afford and budget? What is it I need, and what are the service providers out there that can give me the service I need?

Michael: So, then help us, I guess, just get a little bit more practical to numbers expectations. By the time I'm a half-billion firm and I have to start outsourcing, what should I expect as a cost if I need to go full-on CCO outsourcing? What should I expect? I don't even know where that starts.

Leila: It is a huge spectrum, actually, because when I talk to prospects, I ask. I'm like, "So who did you talk to? What are they pricing you at?" And there's no consistency. I'll start there. There is absolutely no consistency because there are those people who were former state examiners. There are former SEC examiners. They become solo practitioners providing consulting service, and they could be fairly economical. I know some of these solo practitioners are doing a ton of compliance work, serving as CCO for a few grand a month.

On the other hand, there are challenges with having someone who's a solo practitioner. They get sick. They might have kids who demand their attention. They want to take some vacation time. They may have another client that's going through an audit and is demanding more time from them short term, which means you may not be getting as much response or attention as you're used to. So, there is a challenge with that kind of model of working with a solo practitioner.

Then you have on the other end of the spectrum someone like a Comply or an RIA in a Box. Well, they're the same now. ACA, kind of these bigger firms with many, many people. So, that if someone isn't there anymore or has to turn their attention elsewhere, you have an opportunity to have someone else step in their place. But those business models, they tend to be high volume, low cost. So, you're not necessarily getting the attention that you may need. But that's where you've got to balance the service model versus the cost, and what are you willing to pay for and receive from an outsourced provider, and what can you do internally?

But on the other end of the spectrum in terms of full-on CCO services, taking over your compliance program, "I'll show up for the audit" kind of thing, depending on your size, the complexity of your business, that's where you can get five, six digits, a month or year in service cost for that. But if you think about it, we had a client where five people left, and our team replaced five people, five full-time people for a firm. So, there's still usually a net savings going to the outsource provider even if you are a multibillion-dollar firm because the expectation from the regulator's perspective is you have multiple people working on compliance, doing the work. And I know a lot of multibillion AUM firms, there's one person.

Michael: I know the regulators wouldn't specify this directly, but is there a percentage of revenue that you find firms typically have or spend or need to earmark for handling their compliance, fulfilling their compliance obligations?

Leila: I think it depends. I had someone once tell me 10%. I had someone else tell me 5%. I'm sure there're some people who just went big eyed, mouths open, gaping, "What the hell do you mean 10% of my revenue on compliance?" But I think what you ultimately spend is dependent on your business model, right?

We have some clients, they're managing their own pooled investment vehicles. They're doing valuations. They're doing proxy voting. They've got cryptocurrency they're recommending. They're doing a bit more aggressive financial advisory services. So, that's going to require a lot more supervision versus someone that's just doing financial planning and then outsourcing asset management to a third party. That's going to be two different levels of compliance. They could be the same AUM, same number of clients, vastly different amounts of time on compliance.

Michael: What I find that striking, and even if we "just" think about a number like 5% of revenue, if I'm a half-billion firm, if I'm a $500 million AUM firm, charging my proverbial 1%, and I'm $5 million of revenue, that's still $250,000 on compliance, which essentially means I'm a half-billion-dollar firm, I've probably got a full-timer, and another part-timer in there for a little bit of additional support. So, even if I'm spending only 5% of revenue, you start adding that up at the firm sizes, it’s like, "By the time you're a half-billion-dollar firm, that would be more than a full-time person's salary plus some supporting tech. You'd already be past that point."

Leila: Yeah. And I think, again, that's where it's like, what's the complexity of your business? Right? You can get away with using a more simple technology and having maybe one person if you're a more straightforward business. Even if you're growing in numbers, if all you do is financial planning, that's going to be a lot easier to manage with one person and some technology. Versus if you're a TAMP [Turnkey Asset Management Platform] and you allow independents to come on your platform, and then you have your own IARs, and you allow DBAs, and then you allow them to use their own CRMs and their own financial planning tools.

That all compounds, and it's like, "Well, crap. Now I got to make sure we're archiving all of those books and records. I've got to make sure I'm supervising all of those. I've got to make sure my DBA list is up to date. I've got to list out all the social media accounts and websites that all these different DBAs are using, making sure those are properly archived and supervised." So, you've just made more complex and more cumbersome that compliance oversight and supervision. So, I think it's part of the challenge too, I hear all the time from people, "I'm simple. My business is simple."

Michael: Well, as any business owner has learned the first thing you say whenever you call a lawyer or an accountant is, "My situation is pretty simple, but I have a question."

Leila: It's funny though because it always starts out like, "Listen. My business is super simple." Then I start digging in, and it's like, "No. It's not as simple as you think." Because a lot of times there are things that are missing. There are things that you haven't done consistently or reviewed or updated consistently. So, inevitably, a lot of the firms we work with, they have a backlog. So, while their business could, in fact, be simple, we're having to clean up a backlog and then implement a compliance program.

And I think the other thing advisors forget about is there's kind of what consulting firms kind of call your core compliance program, right? We're going to have your policies and procedures. We're going to do your annual amendments. Other than annual amendments, U4s, 2Bs, all of that stuff. But what firms forget is that there is going to be specific testing you have to implement because of the unique blend of your firm's personnel, location, technology, services, compensation, etc. So, there's going to be testing outside of the normal things that you know of, like ad review and email review and things like that that you'll have to implement because of the unique structure of your business. And those are the things that the ball gets dropped on.

Considering Compliance When Engaging In Business Planning [1:05:16]

Michael: One of the things that strikes me just around the conversation is, and I appreciate you come with a compliance lens, and so all the things that we as business owners and founders love to do, we get all these ideas: "Oh, we could do this, and we can also offer that, and we can also offer that." And just my takeaway from how you're framing it is every time we do that as a business owner, you're just like, "And that made you more complex. And that made you more complex. And that made you more complex." Or, "That's going to cost you in the compliance time. That's going to cost you compliance time."

And not in a negative way, but just I think allows the business owner, and we just sort of see, "I've got an idea, and here's the cost to do the thing or to get the staff to deliver the service." And we think in that frame, "As long as I can charge more than it costs to deliver me the service, this is a profitable thing to offer." And we don't necessarily come with the lens of, "Well, and there's additional cost for the compliance of this, and there's an extra, extra cost because this isn't going to fit my standard compliance processes. I'm actually going to have to expand my compliance process and then have a more complex, multifaceted compliance process. So, that actually added a bit more cost than I realized."

Leila: Yeah. I feel like CCOs are one of the executive officers in the industry that doesn't get included in business planning. And I meet so many firms where it's like, "Hey, CCO. Do you know what's going on with the financial records? Do you know the goals of the business? Do you know what the business plan is for the next 12 to 60 months? Do you know what they're trying to achieve? Have you been participating in conversations about how they're looking to grow the business, whether it's by acquisition or organically? How organically are they going to accomplish growth? Are they considering changing services or fees?" And a lot of CCOs are just cut out of those discussions, and they need to be part of it because there is an impact from an operational and compliance perspective, but also a legal perspective.

So, these conversations need to happen with your CCOs. So, if you're like, "I've got the golden ticket. This is the thing that's going to make us triple in size in the next 12 months." And then you realize you're going to have to invest a multi-six-digit amount of money in building out the operational and compliance infrastructure to accomplish your goal, and it's not going to be in 12 months. It may, at a minimum, have you pivot and take a different approach to your goal. But I think it's super important to include your compliance officers in those business discussions so they can not only understand your goal, but help you understand, okay, from an operational and compliance perspective, what will we need to do to make sure we're meeting the regulatory requirements with you launching this new service or launching this new idea or creating whatever it is you're doing in the business?

And it's hard when I see that a lot of these compliance officers are included after the decision's been made, which creates challenges, right? Because then it's like, "Well, I didn't know it was going to take that long to implement something, or I didn't know it was going to be that expensive." That's where the butting of heads comes up. That's where those arguments about money come up. "We've got to invest in what technology? We've got to invest in what people?"

Michael: Well, I'm going to admit you compliance folks do have a little bit of a "Department of No" reputation sometimes that can be a little bit of a downer in certain business planning conversations. Right? I do feel like that is a tension sometimes, right? "Yes, I need to be compliant, but hey, we're just trying to grow the business here. Don't be such a downer." That discussion does sometimes crop up, and then firms say, "Well, let's just do our business planning to achieve the goals we want to achieve in the business, and then we'll come back and talk to the compliance folks and figure out what we're going to have to do to make this compliant."

Leila: Yeah. And I think a lot of firms take that approach. I think sometimes it just would work better if they were included. And I get it. Not everyone has the experience or kind of the skill set to kind of move away from just compliance and think more kind of what is the practical business application we're trying to do this. Where on the spectrum can I fall between minimum requirement and best practice, and what makes sense for the firm?

But again, I kind of go back to where we started with the conversation of that's why I think lawyers just do a better job of it, right? Because we're trained, and that's our job is to do the interpretation, to do the analysis, and find a solution that meets your requirement but also helps you achieve your business goal. Maybe not necessarily in the way you thought you were going to do it, but once we understand it, helping you figure out a way to get there.

And I think that's where I talked about earlier as you grow and we start seeing kind of that half a billion AUM, where there's more desire for more robust service is because that's where these companies start getting the technology and the staff where the owner can start taking off some of their hats and they can focus on the development of their business, the growth of their business. They can start letting those creative juices flow and start daydreaming about all the things they can do.

Key Compliance Technology Tools For RIAs [1:10:40]

Michael: And as firms get into that stage where you get to reinvest into the compliance staff, where you get to invest in the compliance tech, are there particular compliance tech or tools that you like to use, that you find easier for managing the compliance burden?

Leila: So, we as a firm, we require all our clients to use some sort of compliance technology. We're flexible on what the technology is. We're flexible on archiving tools. For the most part, we've worked with a lot of different tools. Now that doesn't mean we won't make recommendations like, "This one sucks. This one has really horrible features. This doesn't integrate well with your other tools and applications." So, we'll make recommendations from that perspective.

But I'll be honest, I've actually gotten to the point where we as a firm are building our own tech. And it's because I've become quite unsatisfied with some of the different tools out there and the capabilities that they have. Because firms inevitably get to a position that as they grow, they bring on a lot of tech, staff, and they kind of bloat, right? They put on all this stuff. And then they go through a transition where they kind of slim down. It's like, "Okay, we've got three tools now that do archiving. Which of these can we get rid of? Where is the duplication or overlap between them? Let's get this streamlined and kind of tighten the belt, so to speak."

So, we've actually started creating our own software to make us more efficient internally that we can build to integrate with our clients' tools. Because it's a lot. When you're talking about we've got to review the CRM, we've got to review the custodial, we've got to pull 13F data, we've got to look at emails, and then text messaging.

I am not a tech person. I am not a coder. I don't pretend to be one. So, we have a professional group of people building that out for us. But I think there's a real opportunity with AI, AI-driven tools, kind of all the technological advancements we've seen to implement that and find ways in which you can customize or use different tools to make things work together.

Michael: Yeah. I've been fascinated with some of the new compliance tools that are starting to come up from the AI end, like Hadrius, Greenboard. There's a few out there that I think are doing some interesting AI things. And I'm still, I know I'm both very excited about AI and a huge skeptic about the level of hype there is around AI right now, just having lived through, I don't know, robo and smartphones and cloud and internet, all the things that were supposed to completely change and alter the industry and what advisors do. And I'm like, "I still basically do the same things for my clients that I did 20 years ago." Now, it's pretty cool because I can do it from a laptop on the beach with a virtual background and be like, "Oh, that's good. Look what the internet allowed us to do." But I'm still basically providing substantially similar services to my clients.

But there is something to me fascinating about AI's ability to comb huge amounts of natural language that historically in an email archiving context, I archive the emails, and then I have to do keyword searches for words that would imply problems. And if I'm a big firm, I can't even do keyword searches on all the emails because it would be too many. I randomly sample a selection of emails and then do keyword searches on that.

I'm like, "Okay. If I've got limited staff, resources to do this, that might be a reasonable process to provide oversight." I'm like, "Or in the modern era, or I can literally just give every message to an AI tool and have it read all of them and just tell me anything that sounds suspicious, malicious, or like a client complaint. And it doesn't even have to search for keywords. It can read the messages and understand the messages because most people doing bad things have learned what keywords not to use because they know what compliance search is for."

And so I'm like, "Great. Now the AI tech can search literally every message and not just have to find the keywords. They can find anything questionable." So, if I'm a firm that actually, God bless, I try to hire good people, but if you're a firm of a certain size, you always have that nagging fear of what would I do if one of my advisors actually went rogue and did really bad, fraudulent things? It's really nice to think about a tool that could literally just read everything and find any suspicious behavior. And a CCO is still going to review, I hope, because I don't actually want to take action on my advisors based only on AI. But it can read everything.

Leila: No, and the SEC has been very clear. Yeah. If you're using AI, there has to be someone, a human being, reviewing the output. That's been very clear from the regulators.

Michael: Oh, yes. Yes. But it can just look at so much more. I'd rather have a CCO look at an AI that scanned every message to find anything questionable than review 7% of my emails and look for these 13 questionable keywords.

Leila: Agreed.

Michael: I think it's cool technology potential to take this to the next level. But my impression, I guess, is sort of related, it sounds like your concern on a lot of the compliance tech that's out there isn't its ability to archive and capture the books and records and other information. It's that the tools are not built well to fulfill the supervisory function you actually need to fulfill as a CCO to look at said books and records of all the different things that get captured.

Leila: I agree. I think that's the challenge. It's the supervisory part of it, right? Everyone's got a tool where you can document, you can add documents, you can create tasks, you can create workflows, you can calendar stuff, but it's being able to pull reports. One of the things that we have a challenge now with a lot of our clients is DoL rollovers. We've got to review DoL rollovers, and we do it on a monthly basis with most of our clients where we want to review the documentation these advisors put together. We want to make sure they appropriately and thoroughly met the standard of what they're documenting, what they've reviewed, what's the basis for the recommendation.

Some of these CRMs, it's like, "Well, how do I know which account or which client there was a rollover recommendation for?" Right? Is there a separate folder that all the rollover forms go into? You know what I mean? So, it's been a challenge operationally, like, "Okay. How do we figure out how, from a supervisory standpoint, we can pull this data effectively and easily?" And that, I think, is the shortcoming with a lot of these tools. Even the ones that are using AI, they're using AI to, "Here's a suggested email that we wrote for you." It's like, "Great. How about you do my job? How about you use AI to instead of create this template email for me, why don't you go and find all of this data I need and put it into a report for me?"

Michael: It strikes me because it really feels like, out of my interpretation, you're describing the difference between compliance technology to help advisors be compliant and compliance technology for CCOs that actually have to supervise all this stuff that is being captured in said compliance tool.

Leila: Yeah. They're having to supervise it. And when you're looking back to my earlier point, where a lot of these firms, it's one person they're relying on. It's they've grown quite quickly with that one person at the helm. There's so much going. They can't keep up with it. Creating technology that'll kind of take over some of these manual processes and streamline it makes it so that one person can do even more.

So, instead of sitting here and being like, "Hey, firms, go spend more money, go do more training, go give your compliance team more resources, and go hire more people." We're saying, "Listen. Y'all don't want to spend the money, or you don't have the resources, or you're spending it somewhere else that makes potentially more sense for your business to do that. Fine. Let's find a solution that'll help them." And that's kind of what we're working on internally. It's like we created a mini app for 13F filings. We were doing them manually for a long time. We built a little mini app where we can literally upload your raw data, push a button, and bada bing, bada boom, you got the XML, a final Excel spreadsheet, a report that tells you everything to input into the 13F filing in less than five minutes.

What Surprised Leila The Most On Her Business-Building Journey [1:19:12]

Michael: So, as you've gone on this journey, building tech for your own firm now to make your compliance work more efficient, what surprised you the most about building a law firm to provide compliance and legal services to advisors? What are you surprised the most about your own I'm building a professional services business journey?

Leila: It's funny. I went to a Nitrogen Conference a couple years ago, and one of the keynote speakers was talking about creating the million-dollar advisory firm. Right? So, how do I get to that first million dollars in revenue? And the funny thing is when I first started my business, I was part of a coaching program for law firms, and that was their whole thing. How do you become the million-dollar law firm? How do you get to a point where you're bringing in a million dollars in revenue from legal services?

And what I have found is we're just selling different things, but what it takes to grow the business is pretty much the same. It's identifying what is it I'm doing? What is my brand identity? Who the hell am I in this business? Right? In terms of all the technology and resources, Schwab's got a robust third-party asset management platform. If you don't want to do portfolio management, you don't have to. But what is distinguishing you from everybody else? Right? And understanding that and leaning into it and being an authentic person and letting people see you as you are, because at the end of the day, you're a human being and people want to connect with other human beings.

So, a lot of the same things that go into kind of marketing and figuring out who I am, figuring out what are the services I want to provide. And at the time I had a 4-month-old child when I started the business. It was also like, how do I juggle my personal life, still in shock from creating and having this child come out of my body that I am now responsible for, and then growing and managing a business? It was a lot, and there were a lot of tears, a lot of "I'm just going to quit. A lot of why is it taking so long? What am I missing?" And it just takes time. But it's continuous effort, and it builds and it builds and it builds and it builds. And at some point, it starts working. But it takes time. And I think the biggest challenge I have is comparing myself to others.

Michael: How long did it take before it grew to the point where you actually felt like it was working? "I think I'm going to make it. This thing's going to stick."

Leila: It probably took a solid year and a half where before I was getting consistent revenue in, but it was still just me. So, everything was dependent on my efforts still. And then I got pregnant with baby number two. And none of my pregnancies have been easy, so I was very sick. I just couldn't put in the kind of time that I had before. So, my business essentially dried up. And in a lot of ways, I had to start over again.

Michael: Ouch.

Leila: So, yeah. It sucked. Oh, it sucked. There were a lot of thoughts that went through my mind, lots of tears. So, I had to kind of rebuild, and then I was rebuilding now with two children. Two kids under two. So, that was definitely a challenge. And from there, it probably took another two years to rebuild.

Michael: Wow.

Leila: There was a lot of therapy happening during that time.

Michael: Was there a point where you considered saying, "Forget it. I can just get a salaried job."?

Leila: Every day.

Michael: "There's a lot of compliance jobs out there."

Leila: Every day.

Michael: So, then why didn't you go get said salaried job?

Leila: I'm a horrible employee. No, my first job working as in-house in the broker-dealer. I'm someone who speaks my mind. I also take the fact that I paid for my education through student loans. I hustled my butt through law school while maintaining a full-time job. I take that very seriously, and I wasn't going to jeopardize that hard-earned and hard-fought-for bar license for anybody. And I find a lot of times in these bigger companies, there's a political kind of feel to it. You've got to say and do the right things and sacrifice this and that or kiss some booties. And that's just not who I am as a person. I am going to speak my mind. If I think something's wrong, I'm going to say so. And I think that's...

So when I joke that I say I'm a bad employee, that's probably it. If you're a firm that loves people who are willing to fight, and they're loyal, and they speak their mind, then, yeah, I'd probably be a great employee. But frankly, too, it's I have three kids now. So, when I started the business, it was baby number one at four months. I have three kids. And I couldn't have been the mom I wanted to be, the spouse I wanted to be, create kind of the relationship I have with my family, or built the family I want if I was an employee. Because I'm in the Atlanta area too. Anything I would do would require me to commute. And none of that was consistent with what I wanted personally.

Leila’s Advice For Her Younger Self [1:24:22]

Michael: So, what else do you know now you wish you'd known ten years ago as you were starting and launching the business?

Leila: I don't know that I'd want to go back to myself ten years ago and give myself a secret because I think I needed to go through the trials and tribulations that I did to get to the place where I feel as confident and secure in who I am and what I'm doing as I do now.

I don't know about everybody else, but I didn't have a great childhood. It was a very kind of tumultuous childhood. So, for me, a lot of my business journey forced me to address a lot of the childhood trauma I had and deal with a lot of those issues because it affected my confidence. It affected my sense of value and worth. It affected how I priced my services, for example, or what I thought what I was doing was worth, or how I thought people would think I was worth. So, I had to go through those trials and tribulations.

And I mean it when I say I went through a lot of therapy because I had to build myself back up. And I had to learn that I did have something of value. I think some of it was my age too. I was 30 when I started the business. I felt like no one was going to trust a 30-year-old to be their CCO or general counsel. No one would think I had the requisite experience or skill. But I hustled my butt off. I worked hard. And I was incredibly driven. I'm still incredibly driven.

But, yeah, there were things like my age, my gender, just childhood issues I was working through that all impacted how I viewed myself, how I viewed the value of what I was providing as a service, the value of my business, the value that felt received by clients. All of that played into one another. So, if I had to go back and tell myself from ten years ago anything, it would just be, "Stay the course. Keep going. Keep trying. Don't give up on you. You're your greatest investment. Your family is the greatest investment. Stay the course, but put in the work. This is not sit and pray and then do nothing. This is sit and pray and then go do everything you can and get what you need to get to where you want to go. And sometimes that means addressing the personal stuff."

What Success Means To Leila [1:26:46]

Michael: So, as we wrap up, this is a podcast about success, and even the word success just means different things to different people. So, you built this successful law firm and cleared the million-dollar law firm hurdle and continuing to grow from there. And so the business seems in a wonderful place now. How do you define success for yourself at this point?

Leila: I'm glad it seems that way too because it doesn't always feel like it. I think success for me now at this point is staying true to what my goal is and what I'm looking to accomplish. I think it's really easy to get diverted, to get distracted by people who will say, "That's not right. That's not how you do it. That's never going to work. No one's ever going to pay you for that." It seems like there's no shortage of people that will tell you you can't do something, which, frankly, being a little bit of the rebel that I am, I love it when people tell me no because then I'm like, "Let me prove you wrong."

But success for me is staying true to who I am as a person, what I've worked so long and hard on personally to achieve to get to where I am, where I'm a healthy, balanced person, and I've dealt with all these challenges that I've had. So, for me, success is staying true and authentic to that. And that means sometimes, yeah, going through turnover, dealing with upset clients, pulling all-nighters, and missing events with my kids. I hate it. But I know at the end of the day, I'm staying true to what I believe.

What I hope success will look like for me in the future is more time with my family. Because time is not anything you can get more of. And once it's gone, it's gone. So, for me right now, success is kind of evolving and changing as the business grows and develops, and I'm finding really great people to come in, and I'm able to hand off my hat one at a time to them. And I think success should evolve with time. I think it's an ever-changing definition as you grow and evolve as a human.

Michael: I love it. I love it. Well, thank you so much, Leila, for joining us on the "Financial Advisor Success Podcast."

Leila: Well, thank you for having me. I have enjoyed it.

Michael: Thank you.