The BrightPlan client/advisor relationship is with the employee. BrightPlan does not share employee financial details with employers. 

We maintain strict internal controls, limiting visibility to only employees and advisors who need it for the short time that they need it.

We've taken many steps to secure personal data including:

• SSL Encryption. When entering personal information on a site, it's important to have it encrypted. When accessing BrightPlan from a browser, clients should see a Green Lock and "Secure" in the browser bar.

• Identity Verification. Prior to opening investment accounts at TD Ameritrade a client's identity is checked through multiple channels.

• Password Protocols. To set and reset a password a client must verify ownership of their email account. Passwords must be strong and updated annually.

• Automatic Signouts. Client's are automatically signed out if BrightPlan has been open in a browser for a long time.

• BrightPlan Employee Access. Access to account information is limited to what is required for a BrightPlan employee to perform his/her job. If an employee needs access to a masked field for troubleshooting an issue, time-limited access must receive permission from multiple executives. All employees are required to use strong passwords and 2-factor authentication.

Finally, we never sell or trade client data, and will never share personal data without a client's permission pursuant to our Privacy Policy.

Here’s exactly what account linking means, what account linking allows, and (maybe even more importantly) what it does not allow. 

How account linking works 

BrightPlan supports secure account linking of checking, savings, investments, credit cards, loans, and other financial accounts with 16,000 financial institutions. To link an account, search for the financial institution name (e.g. “TD Ameritrade”) and then enter the username and password used to access that account for online access. 

Login data for linked accounts is never saved or stored. Once login credentials are entered, our account linking provider verifies the account owner, and then creates a secure, read only link to that account. Depending on the institution being linked, the connection may expire at times and need to be renewed. 

What account linking allows and does not allow 

Linking accounts allows read only access:

• Review data from linked accounts like transactions, account valuations, holdings for investments, and credit card due dates and statement balances.

• See all accounts together with one login, and to connect existing financial resources to goals for the future in BrightPlan (e.g. link a 401(k) to a Retirement Goal, or a Savings account to an Emergency Fund Goal).

Linking account does not allow money movement:

• Read only access means just that, all anyone can do is read this data. BrightPlan cannot pay bills or move money into, out of, or between linked accounts.

Does linking a financial account allow BrightPlan or anyone else to manage money in that account? 

No. BrightPlan cannot manage money in linked accounts. To allow BrightPlan to manage investments, or to automate investing towards goals, open a BrightPlan Investment Account for a goal. 

To move money to and from this account,  set up one funding source (typically a checking account) that will make deposits and withdrawals to this account.

BrightPlan Investment Accounts are held at TD Ameritrade and protected by the TD Ameritrade Asset Protection Guarantee. 

Securities in each BrightPlan Investment account are protected by $500,000 of SIPC Insurance. Cash in BrightPlan Investment Accounts is protected by $250,000 of FDIC Insurance per depositor per account.

That means TD Ameritrade will reimburse for the cash or shares of securities from an account that are lost as a result of unauthorized activity. This protection adds to the provisions that already govern an account, in case unauthorized activity ever occurs and we determine it was through no fault of the client.

Learn more about the Asset Protection Guarantee

BrightPlan Investment Accounts are opened in your name at TD Ameritrade, an independent custodian safeguarding over $1.1 trillion for clients. Clients can deposit or withdraw money to their account at any time.

This account is owned by the client, and BrightPlan manages all of the investment decisions and trading.

If a client ever decides to stop having BrightPlan manage their money, they can keep this account open at TD Ameritrade or roll it over to another institution.

BrightPlan is the first digital advisor to be certified by the Centre for Fiduciary Excellence (CEFEX). CEFEX Certification means we uphold to the highest standards to act in clients best interests. 

While all Registered Investment Advisors are held to a fiduciary standard by the Securities and Exchange Commission, the SEC has a lot of advisors to monitor. The average RIA is on a 13-14 year audit cycle. Our ongoing commitment to putting clients first means BrightPlan volunteers for an annual audit that covers things like:

• Handling personally identifiable information

• Avoiding conflicts of interest

• Selecting and monitoring investments

• Communicating investment objectives to clients

• Data protection and cybersecurity

• Controlling and accounting for investment expenses

• Trading client accounts