Envestnet’s Data Promise

Envestnet adopts a best interest standard of care with respect to our fiduciary clients and their data

Investment advisors act as fiduciaries, operating in good faith and with integrity to achieve results that are in the best interest of their clients. We use these same principles as our guide for safeguarding the financial data fueling our wealth management platform and data analytics.

When an investor engages with an advisor, the investor permissions the advisor and the supporting institution(s) to see their data as it pertains to the fiduciary’s providing unified financial advice; client-specific data is not shared with any other parties. This aggregated data empowers advisors to provide a higher level of service and help their clients achieve financial wellness.

Envestnet safeguards Personal Information

Investor clients can be assured that identifying information is only provided directly to their advisory firm and supporting institution(s) in order to leverage wealth management technology to provide unified advice and related services; Personal Information is not shared with any other parties.

Envestnet is not a Personal Information broker and does not sell information that identifies investor clients.

In providing data analytics, Envestnet uses aggregated, unidentifiable, statistical data points from a broad base of accounts to present trend analysis to its users. As an interactive advisor platform, Envestnet makes advisor information available to asset managers and fund companies when a financial advisor selects a fund or strategy.

Envestnet is a Data Steward

Envestnet is a conduit for consumer-permissioned data for use within our WealthTech platform. Our data management best practices include implementing continuously monitored systems and processes, and extensive use of transmission encryption. We monitor our wealth management platform via ongoing risk-based compliance measures that can quickly identify and remediate any compliance issues or potential failures.

When fiduciaries are not involved, we remain a data steward with respect to our data analytics offerings by utilizing de-identified consumer information and employ proprietary and third-party technical systems that monitor and remove all known identifiers from data elements that are collected.

Envestnet employs threat-driven risk-based management practices and security measures 

Envestnet’s information security program is aligned with industry standards, global regulations, and best practices. Envestnet takes precautions to safeguard information by embracing world-class security measures in the delivery of our services. We achieve this through a layered approach that includes top-tier defenses and partnerships spanning people, processes, and technology. These defenses are composed of physical, logical, and technical safeguards to protect sensitive information, aligning with the National Institute of Standards and Technology standards in our policy and control frameworks. 

We validate adherence to our policies and standards through annual independent audits by both internal and third-party assessors.  We have developed a security culture across Envestnet through our human firewall program that delivers ongoing mandatory information security awareness and knowledge training for all employees thereby reinforcing that information security is the daily responsibility and an ongoing priority for all employees. The program commences with an employee’s new hire orientation training and continues with monthly training on relevant topics as well as extensive annual training.

We are continuously exploring ways to improve the security of our services and to ensure we are prepared for the ever-changing threat landscape. The robustness of our program helps us to minimize the risks to the data entrusted to us by our customers both today and well into the future.