Joot and Alles Technology — Where Compliance Meets Cybersecurity

How an RIA compliance consultant relies on Alles Technology to safeguard its own systems and strengthen clients’ cybersecurity foundations.

Charles Black has spent his career helping RIAs stay on the right side of regulation. As Managing Director and Head of Compliance Services at Joot, a compliance consulting firm, he’s seen nearly every flavor of advisory firm, from highly disciplined operators to those learning painful lessons the hard way. And through it all, one truth has stood out: when it comes to cybersecurity and IT infrastructure, domain expertise matters.

Joot is a compliance consulting company built for the RIA and fund space. Founded in 2019, the firm quickly discovered that even the smartest compliance frameworks can’t protect advisors from weak technology foundations. Data retention, email archiving, password management, and endpoint security all play directly into SEC expectations. And if they’re not configured properly, it can be both an operational issue as well as a regulatory one.

“We use Alles Technology for our own firm,” says Black. “We eat our own cooking, the same stringent requirements we advise clients to follow, we hold ourselves to as well.”

Joot first partnered with Alles in search of a vendor who could manage the firm’s IT needs. What they found instead was a collaborator who understood the nuances of running a regulated advisory business. Unlike generic managed service providers (MSPs), Alles didn’t present a cookie-cutter package or a “one-size-fits-all” cybersecurity checklist. They came in asking the right questions, about retention policies, Books and Records obligations, encryption, and the everyday realities of RIA supervision.

“A general MSP might tell you they’ll automatically delete emails after a certain number of days,” Black explains. “That’s fine for most businesses, but a serious violation for an RIA. Alles understands why those settings matter.”

For Joot, that difference is both technical and cultural. Both firms share a high-touch, boutique philosophy. Joot’s compliance consultants don’t just check boxes; they tailor programs around each client’s operating model. Alles does the same for technology, aligning cybersecurity architecture with each firm’s structure, workflows, and regulatory risk profile.

“We have the same clientele and the same mindset,” says Black. “Our clients engage us because we’re accessible, thoughtful, and not black-and-white in our approach. That’s how Max and his team work as well, they listen, they’re responsive, and they find solutions instead of hiding behind a ticketing system.”

Over the years, Black has seen what happens when RIAs cut corners with IT. Firms that rely on generic providers often miss critical compliance details. He recalls instances where advisors were cited for not archiving emails long enough, not out of negligence, but because their technology provider didn’t know the rules. “Alles prevents that,” he says. “They build the compliance logic right into the infrastructure.”

The relationship between Joot and Alles has become mutually reinforcing. Joot continues to refer its RIA clients to Alles for IT and cybersecurity support, knowing they’ll be handled by a team fluent in SEC expectations and the operational demands of fiduciary firms. Alles, in turn, supports Joot’s mission by ensuring the technology behind those compliance programs is rock-solid.

“If you don’t know what you don’t know, it’s easy to get caught,” Black reflects. “Alles helps eliminate that risk. They’re protecting data as well as reputations.”

In the end, Joot’s own experience with Alles underscores a message Black shares with every RIA he advises: choose partners who understand your business. “Alles isn’t the cheapest option, but that’s because they’re specialists,” says Black. “They know what regulators expect, they know how advisors operate, and they make sure they line up. That’s worth every penny.”