As part of our Cybersecurity Awareness Month coverage, we asked frequent Wealth Solutions Report columnist Sid Yenamandra to moderate a panel with some of his colleagues across the wealth management and regtech space to gather their insights into cybersecurity challenges and opportunities. Here is the first part of their discussion.
- Sid Yenamandra is Founder and CEO of Surge Ventures, a FinTech Venture Studio, and CEO of RegVerse, a regtech firm that aims to revolutionize the regulatory landscape by providing financial firms with AI solutions.
- Aaron Spradlin is Chief Information Officer, United Planners, a national wealth management firm that provides financial planning, investment management and insurance services.
- Melinda “Mimi” LeGaye is President and Founder of MGL Consulting, a financial services compliance consulting firm with more than 40 years’ operating history helping clients minimize regulatory threats and capitalize on business opportunities with ongoing compliance services, professional development programs, and strategic consulting services covering a broad spectrum of managerial, financial, regulatory and business expansion challenges.
- Srikanth Chavali is Co-Founder and Chief Product Officer of Kitecyber, a provider of protection technologies working with service providers to support customers with a hyper-converged endpoint management, security and compliance solution.
Yenamandra: Thank you for joining us today to celebrate Cybersecurity Awareness Month. I want to kick things off with Aaron and ask how the evolving regulatory landscape shapes data security. With the SEC and other regulators continually updating their rules, how are you managing the increasing demands for compliance, especially when it comes to data security?
Spradlin: Great question, Sid. We’ve had to adapt quickly. The frequent regulatory updates have pushed us to re-evaluate our workflows. We’ve had to implement systems that can track regulation changes and ensure that our compliance practices, especially those around data protection, are always up to date. We rely heavily on automated systems that integrate compliance with our operational workflows.
Yenamandra: Mimi, how are you helping firms you consult with navigate the growing complexity of these regulatory changes, especially in sectors like financial services, where compliance and data security are intertwined?
LeGaye: It’s become more about having “smart workflows” in place than ever before. We work with firms to implement automated compliance systems that track regulatory updates and adjust their compliance and supervisory processes in real time. The goal is to build a continuously compliant system rather than scrambling every time a new rule comes into play. Data integration is a huge part of this, as it allows us to pull together information from various departments and apply the proper compliance measures efficiently in order to help our clients address their regulatory obligations and minimize litigation risk.
Chavali: I agree with Mimi. From a tech perspective, we’ve been working to build compliance workflows directly into our SaaS solutions. Risk management is often fragmented across business objectives, compliance and security controls, making it challenging as data regulations evolve. A major hurdle is ensuring that data security is built into workflows, not treated as an afterthought. If new regulations demand stronger encryption or access controls, our systems must automatically detect these changes and adjust workflows to stay compliant.
Yenamandra: This leads perfectly to the concept of data integration. Integration is becoming a critical aspect with so many systems involved, from compliance to data security. Srikanth, how are SaaS platforms like yours managing the flow of data securely across these different systems?
Chavali: We’ve implemented what we call a data integration hub. This allows different systems – whether they’re compliance tools, CRM systems or security platforms – to communicate seamlessly. The hub ensures that data moves securely between systems without gaps. For example, if a compliance tool detects a potential security risk, that information is immediately shared with our security systems, allowing for rapid mitigation. This integration is also crucial for regulatory reporting, ensuring we meet all compliance obligations while keeping data safe.
Spradlin: That’s exactly the kind of system we’re looking for. With the regulatory rules constantly shifting, especially around data privacy and protection, we need a solution that ensures our workflows are compliant without us having to manually update them each time a new rule comes out. Automating those workflows and integrating data security into them is critical.
Yenamandra: That’s where I see the value of a smart compliance platform that integrates with data security protocols at every level. Investors like me are looking at platforms that don’t just solve today’s problems but are adaptable to future regulatory changes. Mimi, how do you see firms using these capabilities to stay ahead of compliance and security risks?
LeGaye: Firms are increasingly searching for platforms that have integrated data lakes, smart workflows and real-time regulatory updates. The platforms we recommend track compliance obligations and workflows, can automate audits and advertising reviews, as well as manage attestations and approval processes, to ensure that firms remain compliant as rules governing their business change. By tying this into a central data hub, firms get a 360-degree view of their compliance and supervisory program, as well as their security posture, thus ensuring, to the best of their ability, no blind spots in their compliance efforts.
Chavali: And let’s not forget that with integrated hubs, we’re also reducing the risk of data silos. Security breaches often happen because information isn’t shared promptly between different systems. A well-designed data integration hub ensures that all parts of the system communicate effectively, which is essential for security and compliance. The ultimate goal of effective risk management is achieving the 3 Ts: a single source of “Truth” for data, which fosters “Transparency” among all stakeholders and, in turn, builds “Trust.”
Yenamandra: Exactly. At Surge, we’ve invested in developing solutions that merge data integration with regulatory intelligence. These platforms, like our ComplyMesh, don’t just focus on compliance – they combine regulatory rule tracking with smart workflows and data security in a seamless, low-code platform.
Look for Part 2 of Sid Yenamandra’s panel discussion with his colleagues in the coming weeks.
Janeesa Hollingshead, Contributing Editor at Wealth Solutions Report, can be reached at editor@wealthsolutionsreport.com.
