Who is Altoo?
Founded in 2017, Altoo aims to provide optimal and timely management and monitoring capabilities to clients with complex asset structures. So that complexity fades into the background and all relevant information is available in a simple, understandable, meaningful and current way. This market segment consists predominantly of family offices, foundations, trusts, multi family offices, UHNWI (Ultra High Net Worth Individuals) and HNWI (High Net Worth Individuals). In recent years, Altoo has managed to establish itself in this demanding market. Its continually growing client base consists of family offices, multi family offices, trusts, foundations, and ultra and high net worth individuals (UHNWI and HNWI). The client base is global. Altoo’s base and operations are in Switzerland.
Ian Keates, the new CEO, states, “I joined the company as COO in mid-2021 at a stage when product, product-market-fit and sales model had already been proven by market success. Industry acceptance is shown by the high number of banks, with whom we have set up automated data exchanges for account and portfolio data. There is a solid foundation in place at Altoo for scaling the business and we intend to fully take advantage of the tremendous asset we have built.”
The Market
The wealth management market is typically segmented broadly by size of assets under management into three client groups: Retail, Affluent and High Net Worth. The more assets there are, the more complex the asset structures tend to be.
For customers in the Retail and Affluent groups, financial services providers are primarily concerned with improving cost efficiency and margins by digitizing processes and improving user interaction. High net worth individuals (HNWI) and family offices usually have complex asset structures and a large number of bank accounts and portfolio accounts. In addition, they have other assets such as real estate, works of art, antiques, etc. The holistic management and monitoring of such assets is difficult, especially when a full overview should be guaranteed at all times. Digitalization opens up new possibilities, especially those of virtual consolidation and of structuring and processing data in real time.
Since the assets in question are usually multi-bank and multi-country, aggregating the data as well as storing and processing it, is a challenge. Specialized service providers therefore are in a better position in this market segment than individual banks. For individual banks, on the other hand, it is of interest that a complete overview of assets can also lead to asset reallocations and thus trigger transactions. And these in turn lead to revenues for the bank. Cooperation between specialized service providers and banks is therefore advantageous for all parties involved - the client, the specialized service provider and the banks involved.
The service
The Wealth Platform developed by Altoo (https://www.Altoo.io) provides clients with a visually intuitive, holistic overview and monitoring for complex asset structures. Covered are both "bankable" and "non-bankable" assets. The Altoo Wealth Platform is designed to connect people, assets and processes through technology. The platform provides a simple, understandable and complete view of total assets and how they have changed over time. Static data is analyzed and enriched with dynamic data for each display. For automatic monitoring, the customer can define threshold values, which, if exceeded, automatically generate and send a push message.
Furthermore, the Altoo platform enables the secure storage and conditional sharing of sensitive files and documents within a network of partners designated as trusted. Different people can be assigned different access rights. This allows clear boundaries on a need-to-know basis while maintaining an optimal workflow. Even in complex administrative structures, this ensures that individuals have access to the data they effectively need for their job, but not more.
Without automated digital data exchange, it is difficult to aggregate data from different sources in a timely manner because the data must be entered or read in manually, at least in part. An interim solution is bank-specific interfaces. However, these vary from bank to bank and country to country. Altoo automates where possible and compensates where manual interaction is necessary. Clients always have a daily updated wealth overview at their disposal.
Available as B2C and as B2B2C offer
The Altoo Wealth Platform is software-as-service and available as both a B2C and B2B2C solution. For the latter, a white label version is available. This allows third parties to connect it to their own platform and enables the provider's corporate branding to be retained. In both cases, the data is securely located at Altoo, where also its processing takes place.
For whom?
The Altoo Wealth platform should be considered by anyone who has complex wealth structures. This includes high net worth individuals, family offices, foundations, trusts and multi family offices. Banks serving such clientele can easily integrate the Altoo platform with their own platforms and ecosystems to expand their service portfolio.
User interface und user interaction
Since its inception, Altoo has implemented a customer-centric approach in all areas: Service, user interface, user interaction and functionality. The user interface and the user interaction of the wealth platform have set a new standard in terms of usability and providing full transparency. New functionality is constantly being added to cover evolving customer needs. Optimized access is provided for all devices: Desktop, tablet and mobile. The client has the choice. And in addition to digital access, helpful staff are also available.
Modern cloud architecture
The management of complex asset structures places high demands on security and scalability. The latter must be fully guaranteed both in terms of number of customers and in terms of services, locations and interfaces. According to Stefan Thiel, CTO of Altoo, the given goal can best be solved by a symbiosis of architecture with security. For this reason, the company has opted for an architecture based on Akka. Scala is used as the programming language for this Scala-implemented Actor-Model. The basic structure of the architecture is domain-oriented. Each domain is autonomous, has its own data, its own access rules and its own message API. The communication between the individual services (domains) takes place by means of asynchronous messages. As programming paradigm, reactive programming is used, which orients itself at the data flows. For the development of the user interfaces, React is used. This completes the "full stack reactive" architecture. The persistence is ensured using Event sourcing (ES). Here, all state changes are mapped and stored as events. The tool used for this is Apache Cassandra, a NoSQL database that is used as a distributed storage backend and is also highly scalable as a peer-to-peer database.
End-to-end security
In addition to functionality and scalability, the defining factor for the architecture is the specification of end-to-end security. Access rules are implemented separately from the business logic.
For authentication OpenID, a decentralized authentication system, is used. Altoo acts as an identity service provider in this. Three factors are required for authentication: The first is a possession, a certificate issued by Altoo. The second factor is knowledge of a piece of information, in this case a password. The third factor is a PhotoTAN.
Authorization does not use if statements to verify access rights. Instead, asynchronous messages pass through a security check based on the declarative ruleset of the respective service domain. Asynchronous messages are only forwarded after successfully passing this security check.
Within the system, all messages can be protected against manipulation by means of a cryptographic signature and against unauthorized reading by means of encryption. The sensitive data is also encrypted during persistence with a separate key for each business entity. Signature and encryption take place in HSMs (hardware security modules), which are designed as redundant clusters.
The private cloud is housed in two separate FireZones of a Tier4 data center, with the back-up instance having a smaller portion of all data-relevant clusters (including an HSM and a database instance). The two separate instances are connected via a link secured with Llayer 2 encryptors.
The German version of this article is published on MoneyToday.ch