Schwab Requires Customers to Update Login Credentials Shared with Third-Party Platforms

Sharing is caring … except when it comes to 401(k) credentials, apparently.

Charles Schwab is asking clients, whose advisors use information-sharing fintech tools to access their workplace retirement accounts, to reset their login credentials, citing security concerns. It marks the latest skirmish in the battle between recordkeepers and advisors for access to America’s 401(k)s. “Schwab is honored by the trust our clients place in us to help them achieve their financial goals and protect their personal information and assets, and we take that responsibility very seriously,” the firm said in an emailed statement.

And Stay Out

In order to provide the best financial planning possible, advisors like to have access to the whole of a client’s portfolio, using platforms like Pontera or Future Capital to evaluate client assets held in workplace retirement plans. However, recordkeepers aren’t prepared to hand over the keys to their 401(k) kingdoms. “As part of our security processes, we determined that some clients provided login access to third-party data vendors which may void policies we have in place to protect clients through our Schwab Security Guarantee,” the company said. “We required these clients to update their account information.”

Last month, Fidelity sent customers similar notifications, and some clients were temporarily locked out of their 401(k)s. In a few instances, customers allegedly were required to go through an onerous re-verification process that involved emailing copies of their driver’s license or passport to Fidelity. Pontera CEO Yoav Zurel called it an “anticompetitive power grab” and said Fidelity was “compelling customers to use Fidelity advisors for their own 401(k) accounts, or no advisors at all.”

While Schwab and Fidelity argue these measures are in place to protect customers, advisors say they can be restrictive and keep them from fulfilling their fiduciary responsibilities. “I genuinely don’t understand how any advisor can call themselves comprehensive if they’re not monitoring their clients’ outside accounts,” said Michael Lofley, a CFP at HBKS Wealth Advisors. “If you’re not watching the 401(k), the annuities, the HSAs, the brokerage account at another custodian, or the inherited IRA elsewhere, then you’re not actually giving advice on the whole household.”

More than One Way to Skin a Cat. Credential-sharing platforms are ultimately a convenience to advisors, and even if they can’t be used, there are still ways to gain access to client’s 401(k)s, said Andrew Herzog, a CFP with The Watchman Group. “It’s a bit more legwork, but advisors can screenshare with clients to rebalance or evaluate employer-sponsored retirement accounts, bank accounts, self-directed IRAs, etc.,” he told Advisor Upside.