Advisors using social media: Find out what the SEC has to say
By Amy McIlwain
Financial Social Media Marketing
As you may or may not know, the SEC recently released a National Examination Risk Alert regarding investment advisor use of social media.
Don’t be alarmed, compliance and regulation parameters have not changed. The SEC is simply offering financial professionals some valuable advice that is definitely worth and reading and considering.
Broken down into three sections (staff observations, third-party content and recordkeeping responsibilities), the report encourages investment advisors to constantly gauge the effectiveness of their compliance programs and offers a variety of key factors to consider regarding the firm, IAR and solicitor use of social media.
With respect to time (the SEC report is quite lengthy), I will only highlight section one: Staff Observations. Many firms have policies and procedures within their compliance programs that address the use of social media by the firm and its IARs; however, when asked, the staff observed variations and discrepancies in the policies and procedures. Here are four of the key observations:
1. “Overlapping protocols that apply to advertisements, client communications or electronic communications, which may or may not specifically include social media use.”
2. “Confusion about which procedures or standards apply to social media.”
3. Lack of clarity about the types of social networking activity that are permitted or prohibited by the firm.
4. Lack of addressing the use of social media by solicitors.
Usage guidelines: Clear the fog. Create firm usage guidelines that offer guidance to IARs and solicitors about the appropriate and inappropriate use of social media. Also include restrictions and prohibitions regarding social media based on the level of risk to the firm and clients.
Content standards: Consider the risks of social media content created by the firm, its IARs or solicitors. Does it violate its fiduciary duty or other regulatory issues? Articulate clear guidelines with respect to such content, and whether to prohibit specific content or impose content restrictions.
Examples of violations: Posting investment recommendations on a Facebook page; commenting on information about investment services; or tweeting about certain investment performances.
Monitoring: Self-explanatory: monitor your social media sites. How will your firm effectively monitor its social networking sites? How will the firm monitor the use of third-party sites? Remember, many third-party sites may not provide complete access to a supervisor or compliance personnel.
Frequency of monitoring: How much does your firm monitor IAR or solicitor activity on social media sites? If you employ a risk-based approach, your firm may include periodic, daily or real-time monitoring of the postings on sites. The frequency of monitoring may depend on the volume and pace of communications posted on a site or the nature and probability of having misleading subject matter in conversation streams.
Training: Implement training related to social media that seeks to promote compliance and to prevent potential violations of the federal securities laws and the firm’s internal policies.
Certification: Consider requiring a certification by IARs and advisory solicitors confirming that those individuals understand and are complying with the firm’s social media policies and procedures.
Functionality: Social media changes all the time. It’s important to stay current and informed about all of the nooks and crannies on social media platforms to ensure their optimal business functionality. Consider each social media site approved for use, and address any upgrades or modifications that affect the risk exposure for the firm or its clients.
Personal/professional sites: Adopt policies and procedures to address an IAR or solicitor conducting firm business on personal (non-business) or third-party social media sites. Firms must specify what types of firm communications or content are permitted on a site that is not operated, supervised or sponsored by the firm.
Example: A firm may determine that it is appropriate to permit business card information on a specific personal site or third-party site, but choose to prohibit conducting business on that site.
Information security: Does IAR access to social media sites pose any security risks? Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction is an important risk faced by all firms. Although hacking and other breaches of information can be posed in multiple ways, the use of social media (especially 3rd party sites) may pose elevated risks. Enforce policies that create appropriate firewalls between sensitive customer information, proprietary information and any social media site to the extent that the firm permits access to such sites by its IARs.
Enterprise wide sites: An RIA belonging to larger financial services or corporate enterprise should determine whether to create usage guidelines reasonably designed to prevent the advertising practices of a firm-wide social media site from violations of the Advisers Act.