Among highly regulated verticals that offer potential for MSPs, the finance market is full of opportunities that are often overlooked. By understanding the primary drivers behind this market, IT managed services providers can earn new recurring revenue streams as well as long-term customer relationships.
The average lifespan of a PC or server is about five years. When a company’s profits are down that number may reach seven years, but at some point the cost to maintain outdated IT assets becomes greater than performing an IT upgrade. When companies’ IT assets reach the end of their lifecycle, VARs and MSPs get to find out what their customers really think about them as they may have to once again bid against competitors to keep their customers’ business. Customer stickiness is never guaranteed in any vertical. However, in highly regulated vertical markets such as healthcare, banking, and finance, customers have more to worry about than simply acquiring IT equipment and software at the cheapest possible price: They have to ensure ongoing compliance with industry standards.
Even though there’s much written about the booming healthcare market and a fair amount written about the banking industry, the finance market is full of opportunities that are overlooked by many MSPs. By understanding the primary drivers behind this market, IT managed services providers can earn new recurring revenue streams as well as long-term customer relationships.
The Shortcut to Becoming an SEC and FINRA Expert
According to data published on the FINRA (Financial Industry Regulatory Authority) website, there are approximately 1.3 million current and former FINRA-registered brokers and 17,400 current and former FINRA-registered brokerage firms in the United States. Additionally, there are 441,000 current and former investment advisor representatives and 45,700 current and former investment advisor firms according to data provided by the Securities and Exchange Commission’s (SEC’s) Investment Adviser Public Disclosure (IAPD) database. Although these firms and individual advisors have different areas of financial expertise, what they all share in common is that they are governed by the SEC and FINRA.
With that thought in mind, one of the first steps to selling backup and disaster recovery solutions — as well as other complementary IT solutions and services — to this market is becoming very familiar with SEC and FINRA guidelines. Even though in theory the backup and recovery solution you sell to a healthcare client could be the exact same solution you would sell to a customer in the financial sector, it’s important that you’re able to address the specific needs finance clients have, using the terminology they use. Without this foundation, prospects may feel that you just don’t have enough experience in their market and that you may overlook a specific mandate that could harm their business.
While it might be helpful to have a high-level understanding of all the SEC’s and FINRA’s rules, you need to become very well versed in these four rules:
- SEC 17a-3. This section of the SEC’s guidelines addresses records requirements for certain exchange members, brokers, and dealers.
- SEC 17a-4. This section defines books and records retention and archiving requirements.
- FINRA rule 3510. This section of FINRA’s rules outlines business continuity planning requirements.
- FINRA rule 3010. This section of FINRA’s rules details the requirements for the supervision of member firms. After you become well versed in these four rules, you’ll be ready for the next prerequisite necessary to win business in this market.
Identify and Engage the Decision Maker
As is the case with any market, identifying the decision maker is important to your success. One nice thing about working with customers in a regulated industry like finance is that everyone’s affiliated with the governing organizations. Through FINRA, for example, you can obtain a list of all the broker-dealer firms in the United States, including their mailing addresses and email addresses. In addition to targeting the business owners, compliance officers are important titles you should address your sales and marketing pitches to.
After identifying the decision makers, it’s important to engage your audience with the right message. This is not an audience that’s going to be responsive to lots of tech talk that emphasizes low costs per gigabyte. The most successful VARs and MSPs take an educational/thought leadership role, using concise messages. For example, keeping the four rules mentioned earlier top of mind, you might consider conducting an educational campaign (using direct mail, email, your website, and social media) that educates prospects about a couple of the most important points from SEC rule 17a-4, which has very specific guidelines for the retention of electronic records, including email, instant messaging, and social media. You could address, for example, the importance of archiving data using non-rewriteable media, and emphasize the importance of being able to retrieve data within a 48-hour period should the firm ever be audited. (Note: This advice assumes that your current BDR solution — including your local and cloud backup components —meet these criteria, which you would obviously want to ensure ahead of time).
Another tip you might want to consider heeding is educating prospects about what FINRA calls a D3P (designated third party), which is the designated storage provider a firm uses to store and archive its data. FINRA rules 17a-3 and 17a-4 outline these requirements as well as the consequences for noncompliance. One point that’s important to emphasize when discussing these rules is the importance of end-to-end encryption, which means data in transit between the firm’s facility and the off-site location (i.e. cloud) as well as data residing on a local or off-site server.
One of the reasons it’s important to educate prospects about selecting a D3P is because, unlike many other industries, selecting a D3P is a near-permanent relationship among a financial firm, the IT solution provider, and the governing bodies. After a firm signs an agreement with an IT solution provider (i.e. D3P), if the firm decides to switch to another D3P down the road, it has to overcome two large hurdles. First, the firm has to follow meticulous steps to move its data from one location to another ensuring no data breaches occur. And second, even if the firm properly documents every step, it’s almost assured of being audited. While an audit doesn’t necessarily mean that a fine will be issued, it’s a major event that the vast majority would not risk just to save a little money by switching to a cheaper BDR solution provider.
By investing the time necessary to learn the terminology and requirements of the financial market, and sharing that knowledge with prospects in this space, you’ll put yourself in a much better position to win business in this lucrative market. Not only are the recurring revenue opportunities every bit as good in this market as they are with the others you’re currently serving, the opportunity for winning customers for life is probably much greater.
For information on a recent disaster recovery advisement from the SEC, read our blog post, “SEC joins call for financial firms to improve disaster recovery.” You can subscribe to receive our blog updates right in your email by going to bit.ly/intronisblog.