Overview
For wealth management firms, client records contain some of the most sensitive financial and personal information your firm handles. Security Check gives you a structured, auditable way to control who can access Household, Organization, and Individual records in Practifi and why. When a user opens one of these Key Entity records, a verification prompt appears before access is granted, creating a consistent access-control process and a complete audit trail that supports your firm’s compliance and oversight requirements.
- Understanding Security Check
- Enabling Security Check
- Customization Considerations
Understanding Security Check
Security Check works by presenting a pop-up window to users before they can access a Key Entity record. The window prompts the user to identify their reason for accessing the record and, where relevant, to verify the identity of the person they are speaking with. Every access request, whether successful or flagged as suspicious, is logged against the Entity record, giving your compliance and operations teams full visibility into who accessed a record and under what circumstances.
When Security Check Appears
When enabled, Security Check appears whenever a Household, Organization, or Individual record is opened. This applies in all contexts:
When the Entity record is opened directly as the parent tab (learn more about tabs here)
When a related record is opened as a subtab of the Entity parent tab
When the Entity record is opened as a subtab
In that third scenario, the Entity record may occasionally open as a subtab of another Entity. This happens when the Entity in the subtab is an Individual, and the one in the parent tab is the Primary Entity. In this case, Security Check is performed for the Individual. If the check is passed, access is granted to both the Individual and their Primary Entity, and the Access Request record appears for both.
Security Check Questions
When the Security Check window appears, the user is asked: What’s your reason for accessing this record? The drop-down presents three options:
- Handling an online or phone-based inquiry
- Supporting material for an in-person meeting
- Other
Handling an Online or Phone-Based Inquiry
When this option is selected, the Security Check will first ask Who are you speaking with? which is a required field that provides a list of specific people within the Household or Organization to select. If the Security Check is for an Individual, this field doesn’t appear.
Based on the person who’s been selected, a set of verification questions appears with that person’s designated answers. Questions are defined by your firm and only appear if an answer exists for the selected person.
Each question displays its answer and point value. The caller must provide 100 points’ worth of correct answers before the Open button becomes clickable and access is granted. A Notes field also appears; it is required and allows the user to explain the reason for accessing the record, and it must contain a value before Open becomes clickable.
To record the person’s response to each question, use the and
buttons next to the answer. If one or more incorrect answers are provided, the following prompt appears to warn the team member that incorrect answers are suspicious:
| An incorrect answer was provided to one or more questions above. If this means the person has failed the security check, click the Close button below to close this workspace tab, and log the access request as suspicious. You can leave any additional notes in the field below. |
Supporting Material for an In-Person Meeting
When this option is selected, the following fields appear for the user to complete:
Which meeting is it?: An optional field that allows the team member to specify the Event record the access request relates to (if one exists).
Who are you speaking with?: A required field that provides a list of specific people within the household or organization to select. If the Security Check is for an Individual, then this field doesn’t appear.
Notes: A required field for explaining the reason for opening the record.
Once the required fields are completed, the Open button at the bottom of the Security Check becomes clickable, granting access to the record.
Other
The Notes field appears below the initial question, where the team member explains the reason for opening the record. Once this field is completed, the Open button at the bottom of the Security Check becomes clickable, granting access to the record.
Setting Verification Questions
Verification questions are managed on the Questions page in the Settings app, which also supports Risk Profile questions. Each question has a Type value that determines what information it requires.
Your firm defines the questions presented during Security Check, which means you can tailor verification to the specific data points most meaningful to your practice — whether that’s a date of birth, an account number, or a referral contact’s name.
To create a question for Security Check, complete the fields below:
Description -The question as it appears in the Security Check window.
Active - A checkbox that, if checked, means the question is available for Security Check to use.
Order - Defines where the question appears within the question set, using a numerical value.
Type - Select Security Check.
Points - The number of points a successful answer is worth, given that 100 points are required to open the record.
Answer - Specify the field path from the Contact record of the person the team member is talking to, when handling the Security Check, to where the answer resides, using Salesforce formula syntax.
For example, if your question asks about the person’s date of birth, the API name for the Answer field is Birthdate. If your question asks about the First Name of the person who referred them, then the Answer value is practifi__Primary_Entity__r.practifi__Referrer__r.practifi__Primary_Member__r.FirstName.
Questions will appear only during the Security Check if a value exists in the specified field for the person the team member is talking to. Only Text, Number, Currency, and Date fields are supported.
Adding Personal Security Questions
In addition to firm-wide questions, you can add security questions specific to a particular Entity. These are configured directly on the Entity record rather than in the Settings app — useful for situations where a client has unique verification preferences or arrangements.
To add a personal security question:
- From the Overview of the desired Entity record, click the Specifics tab.
- Scroll down to the Personal Security Questions section and click New. A new tab opens.
- On the New Question tab, the Entity field in the System Information section is pre-populated with the name of the Entity where you are adding the question. Fill out the information, then click Save to add the question, or Save & New to add another question.
Once added, these questions appear in the Security Check window for the Entity with a person icon next to them to indicate that they are personal questions.
Adjusting the Who are you speaking with? Picklist
People are made available in this picklist for one of three reasons:
They are the Primary Member as defined by the Entity lookup field
They are the Spouse as defined by the Entity lookup field
They are an Authorized Representative as defined by the Relationship checkbox
To designate someone as an Authorized Representative, update their Relationship record directly, or check the Authorized Representative box available in the Add to Household/Organization and Create a Household/Organization actions.
Viewing an Entity Record’s Access History
The History tab in the Overview on the Client record page lists both successful and suspicious Access Requests. This gives your team a clear record of every access event for each Entity, supporting audit and compliance reviews.
Users of the Compliance app also see Failed access requests in the last 30 days as a tile on their Home page, spanning all Entities where they are a nominated Compliance team member.
Additional Features
Security Check can also block access to record list actions, such as Edit and Start a Process. Record lists allow users to interact with record-specific functionality without opening the record page, which can create a gap in access control enforcement. An optional setting closes that gap by extending Security Check’s protection to these actions as well.
Enabling Security Check
To enable Security Check, navigate to the Additional Features page in the Settings app and click the 👤 button next to the Security Check feature. From there, you can assign it to individual users or to permission set groups.
If you want to block access to record list actions as described above, then you’ll need to add the Security Check User - Block Record List Actions & Fields custom permission to the Additional Features - Security Check permission set.
If you want users to see the Authorized Representative field on record pages and in actions, but not to be presented with the Security Check, then you’ll need to add the Objects, fields & system - Authorized Representative permission set to the relevant users or permission set groups.
If you want users to see the Access Requests list on Entity record pages, but not present the Security Check to them, then you’ll need to add the Objects, fields & system - Access History permission set to the relevant users or permission set groups.
Customization Considerations
|
🛠 Implementation Details This feature has modified the following items. If your firm has customized them, you'll need to either copy the changes into your customized version or switch to the default version and redo your changes:
|
Comments
Article is closed for comments.