Todays’ blog is from Joanna Belbey, Social Media and Compliance Specialist, Actiance. You maybe follow her @Belbey on Twitter.
Yesterday, Victor Gaxiola (@victorgaxiola) my colleague at Actiance, and I attended and live tweeted at BDI Financial Services Social Business Leadership Forum in Boston.
We also presented “Leveraging Social Business Amid the Changing Regulatory Landscape”. We know that staying compliant with regulations continues to be a major source of concern for financial services firms, however, there is now a wealth of guidance we have seen from the regulators. (See the end of this blog for details.) In response, the conversation is slowly shifting from “no!” to “how?”.
Whether your firm is regulated by the Securities and Exchange Commission (SEC), the Financial Industry Regulatory Authority (FINRA), Investment Industry Regulatory Organization of Canada (IIROC), or Federal Financial Institutions Examination Council (FFIEC), there are five major areas of regulations that firms need consider when crafting social media policies:
1) Recordkeeping
Firms need to preserve and be able to produce records of written business communications for specific time periods. To clarify, if you type it out, it’s “written”. This includes Updates and InMail on LinkedIn; Tweets and Direct Messages on Twitter; Posts and Messages on Facebook. Although regulators only are interested in business communications, firms face challenges in segmenting personal from business communications on social media. Third party content must also be captured. The regulators are indifferent to the source of the communication, so the recordkeeping requirement includes communications from personal devices, as the content, not the source, is determinative.
Best practices
Work with third parties to capture, archive and make e-discoverable all written communications. Many firms prohibit retweets to avoid appearance of “adoption and entanglement” with resulting recordkeeping and advertising requirements.
2) Testimonials
Client testimonials or endorsements are prohibited for Investment Advisors (IAs) and need to meet certain qualifications to be allowed for Registered Representatives (RRs).
Best practices
Most firms prohibit “Recommendations” and “Skills & Endorsements” on LinkedIn, “Retweets” on Twitter. Some also prohibit “Likes” on Facebook to avoid the appearance of an endorsement.
3) Suitability
Depending on whether financial advisors are registered representatives or investment advisors, they have a varying degree of responsibility for making appropriate investing recommendations to their customers. In other words, they are challenged to “Know Your Customer” and must understand their clients’ investing goals and risk tolerance in order to make recommendations.
Best practices
As it is impossible for recommendations made on social media to be suitable for every investor, most firms prohibit product recommendations and investment strategies unless preapproved by a registered principle of the firm.
4) Advertising
There are well established content standards that now apply to social media. Communications with the public must be accurate, fair, balanced and not misleading. Factors that would impact investment decisions must be disclosed. Firms are also responsible for both suitability of third party content (links, posts).
Best practices
Static content, such as a LinkedIn Profile, that contains more than standard business card information, is considered an advertisement and requires pre-approval by a registered principal of the firm. Interactive communications do not require pre-approval, however firms must demonstrate that they have supervised a pre-determined percentage of electronic communications from registered persons. LinkedIn, Facebook and Twitter have both static and interactive content.
5) Supervision
Firms must “evidence”, or prove, that they are supervising communications. Lack of supervision is a major regulatory risk for firms that create processes that are not followed or polices that are unenforceable. Note, due to new FINRA Supervision rules approved by SEC in December, you can assume that supervision will continue to be priority for the regulators.
Best Practices
Many firms adapt written supervisory procedures already in place. Rather than block the use of social media, firms are increasingly taking the approach of enabling its compliant use. Firms adapt existing workflow approvals to include pre-approval of static content to be used on social media. Principle-based employee social media polices that are enforceable, demonstrate a thoughtful approach to the regulators. Firms also limit access to social media unless registered persons are supervised and trained in advance.
To take a deeper dive on concepts covered here, please see the links below:
FINRA Regulatory Guidance 10-06: Social Media Web Sites Guidance on Blogs and Social Networking Web Sites
FINRA Regulatory Guidance 11-39: Social Media Websites Use of Personal Devices for Business Communications
FINRA Regulatory Guidance 11-39: Communications With the Public
SEC: National Examination Risk Alert, Investment Adviser Use of Social Media
FFIEC: Consumer Compliance Risk Management Guidance
IIROC: Guidelines for the review, supervision and retention of advertisements, sales literature and correspondence
