We work hard to earn your trust by keeping dreams, data, and dollars secure
Strict password protocols, identity verification, and automatic log outs.
All data is encrypted at rest and in transit. BrightPlan requires the latest Transport Layer Security (TLS) for authentication and encryption.
BrightPlan Investment Accounts are protected by TD Ameritrade’s Asset Protection Guarantee. Cash is FDIC insured up to $250,000 per account, and investments are SIPC insured up to $500,000.
We volunteer for annual audits to comply with the highest fiduciary standards, including SEC cybersecurity regulations.
No BrightPlan employee has access to account credentials. Login information for linked accounts is never saved or stored.
We do not sell or trade data. We only use personal information to provide our services. Read our privacy policy.
BrightPlan leverages the security expertise of industry leaders to keep information safe
We built our platform on Salesforce so clients can benefit from all their security measures, including Salesforce's secure data centers, strict employee access controls, and disaster recovery architecture.
Salesforce maintains a comprehensive set of compliance certifications and attestations to validate their #1 value of Trust.2 This commitment has earned the trust of more than 150,000 businesses, including 97% of Fortune 100 Companies.3
BrightPlan Managed Investment Accounts are opened at TD Ameritrade in the client's name. Accounts are client owned, TD
Ameritrade safeguarded, and BrightPlan managed.
TD Ameritrade is a big deal, providing investing and trading services for 11 million client accounts totaling more than $1 trillion in assets, and serving more than 6,000 independent registered investment advisors as a trusted custodian.1 Through TD Ameritrade, cash and securities in BrightPlan Investment Accounts are each protected by $500,000 of insurance.
Our partnership with Envestnet | Yodlee provides fast, secure account verification for more than
16,000 financial sources. Linked financial account credentials are never stored or saved in BrightPlan.
Tens of millions of consumers around the world link accounts through Yodlee, including clients of 13 of the top 20 US Banks. Envestnet | Yodlee maintains bank level security and is audited like a bank. All account credentials stored are hardware encrypted using FIPS 140-2 level 2 HSM and the keys used for encryption cannot be accessed by anyone, including Yodlee employees.
The BrightPlan client/advisor relationship is with the employee. BrightPlan does not share employee financial details with employers.
We maintain strict internal controls, limiting visibility to only employees and advisors who need it for the short time that they need it.
We've taken many steps to secure personal data including:
SSL Encryption. When entering personal information on a site, it's important to have it encrypted. When accessing BrightPlan from a browser, clients should see a Green Lock and "Secure" in the browser bar.
Identity Verification. Prior to opening investment accounts at TD Ameritrade a client's identity is checked through multiple channels.
Password Protocols. To set and reset a password a client must verify ownership of their email account. Passwords must be strong and updated annually.
Automatic Signouts. Client's are automatically signed out if BrightPlan has been open in a browser for a long time.
BrightPlan Employee Access. Access to account information is limited to what is required for a BrightPlan employee to perform his/her job. If an employee needs access to a masked field for troubleshooting an issue, time-limited access must receive permission from multiple executives. All employees are required to use strong passwords and 2-factor authentication.
Finally, we never sell or trade client data, and will never share personal data without a client's permission pursuant to our Privacy Policy.
Here’s exactly what account linking means, what account linking allows, and (maybe even more importantly) what it does not allow.
How account linking works
BrightPlan supports secure account linking of checking, savings, investments, credit cards, loans, and other financial accounts with 16,000 financial institutions. To link an account, search for the financial institution name (e.g. “TD Ameritrade”) and then enter the username and password used to access that account for online access.
Login data for linked accounts is never saved or stored. Once login credentials are entered, our account linking provider verifies the account owner, and then creates a secure, read only link to that account. Depending on the institution being linked, the connection may expire at times and need to be renewed.
What account linking allows and does not allow
Linking accounts allows read only access:
Review data from linked accounts like transactions, account valuations, holdings for investments, and credit card due dates and statement balances.
See all accounts together with one login, and to connect existing financial resources to goals for the future in BrightPlan (e.g. link a 401(k) to a Retirement Goal, or a Savings account to an Emergency Fund Goal).
Linking account does not allow money movement:
Read only access means just that, all anyone can do is read this data. BrightPlan cannot pay bills or move money into, out of, or between linked accounts.
Does linking a financial account allow BrightPlan or anyone else to manage money in that account?
No. BrightPlan cannot manage money in linked accounts. To allow BrightPlan to manage investments, or to automate investing towards goals, open a BrightPlan Investment Account for a goal.
To move money to and from this account, set up one funding source (typically a checking account) that will make deposits and withdrawals to this account.
BrightPlan Investment Accounts are held at TD Ameritrade and protected by the TD Ameritrade Asset Protection Guarantee.
Securities in each BrightPlan Investment account are protected by $500,000 of SIPC Insurance. Cash in BrightPlan Investment Accounts is protected by $250,000 of FDIC Insurance per depositor per account.
That means TD Ameritrade will reimburse for the cash or shares of securities from an account that are lost as a result of unauthorized activity. This protection adds to the provisions that already govern an account, in case unauthorized activity ever occurs and we determine it was through no fault of the client.
BrightPlan Investment Accounts are opened in your name at TD Ameritrade, an independent custodian safeguarding over $1.1 trillion for clients. Clients can deposit or withdraw money to their account at any time.
This account is owned by the client, and BrightPlan manages all of the investment decisions and trading.
If a client ever decides to stop having BrightPlan manage their money, they can keep this account open at TD Ameritrade or roll it over to another institution.
BrightPlan is the first digital advisor to be certified by the Centre for Fiduciary Excellence (CEFEX). CEFEX Certification means we uphold to the highest standards to act in clients best interests.
While all Registered Investment Advisors are held to a fiduciary standard by the Securities and Exchange Commission, the SEC has a lot of advisors to monitor. The average RIA is on a 13-14 year audit cycle. Our ongoing commitment to putting clients first means BrightPlan volunteers for an annual audit that covers things like:
Handling personally identifiable information
Avoiding conflicts of interest
Selecting and monitoring investments
Communicating investment objectives to clients
Data protection and cybersecurity
Controlling and accounting for investment expenses
Trading client accounts
BrightPlan LLC is an SEC-registered investment adviser that only offers digital investment advice. Plancorp LLC is an affiliated SEC-registered investment adviser. Registration does not imply a certain level of skill or training nor does it imply endorsement by the SEC. All investing involves risk, including the loss of principal. Past performance does not guarantee future results. BrightPlan is a trademark of BrightPlan LLC, registered in the U.S. Patent and Trademark Office.
© 2019 BrightPlan LLC
This material has been prepared for informational purposes only and should not be used as investment, tax, legal or accounting advice. All investing involves risk. Past performance is no guarantee of future results. Diversification does not ensure a profit or guarantee against a loss. You should consult your own investment, tax, legal and accounting advisors. BrightPlan LLC is an SEC-registered investment adviser that only offers digital investment advice. Plancorp LLC is an affiliated SEC-registered investment adviser. Registration does not imply a certain level of skill or training nor does it imply endorsement by the SEC. BrightPlan is a trademark of BrightPlan LLC, Plancorp is a registered trademark of Plancorp LLC, both registered in the U.S. Patent and Trademark Office. Please see BrightPlan's and Plancorp's ADV Brochures for more important information. By using this website, you accept our Terms of Use and Privacy Policy.