Social media has changed the way businesses market their products and services. It has changed the way businesses communicate with their customers, perform customer service and obtain referrals. Some businesses have found it easier than others to jump on the bandwagon.
This blog post looks at the SEC National Examination Risk Alert - Investment Advisor Use of Social Media published January 4, 2012 and it’s effect on Registered Investment Advisors (RIA’s).
The key takeaway, as noted by the SEC is:
Investment advisers that use or permit the use of social media by their representatives, solicitors and/or third parties should consider periodically evaluating the effectiveness of their compliance program as it relates to social media. Factors that might be considered include usage guidelines, content standards, sufficient monitoring, approval of content, training, etc. Particular attention should be paid to third party content (if permitted) and recordkeeping responsibilities.
The Alert reminds us, “The use of social media by the financial services industry is rapidly accelerating. In growing numbers, registered investment advisers (“RIAs” or “firms”) are using social media to communicate with existing and potential clients, promote services, educate investors and recruit new employees.”
Keep in mind too that the Alert “is not intended as a comprehensive summary of all compliance matters pertaining to the use of social media by RIAs. Rather, it discusses measures that may assist RIAs in designing reasonable procedures designed to prevent violations of the Advisers Act and other federal securities laws with respect to firm, investment advisory representative (“IAR”) and solicitor (employees or third parties that solicit or “find” new advisory clients) use of social media.”
What follows is an attempt to very briefly summarize some of the salient points found in the Alert. These issues relate to compliance and the RIA should certainly take the time to read this Alert as well as other SEC and FINRA guidelines and regulations when establishing social media compliance guidelines. The RIA should take special care to make certain that policies regarding social media are specific and are not lumped in with policies that apply to static advertisements, client communications and electronic communications in general. By doing this the RIA may avoid confusion and liability.
The SEC Alert included a non-exhaustive list of factors an RIA may consider, when evaluating the effectiveness of its compliance program with respect to firm, IAR or solicitor use of social media.
- Usage Guidelines - A firm may consider whether to create firm usage guidelines that provide guidance to IARs and solicitors on the appropriate and inappropriate use of social media.
- Content Standards - A firm may consider the risks that content created by the firm or its IARs or solicitors implicates its fiduciary duty or other regulatory issues (e.g., such as content that contains investment recommendations, information on specific investment services or investment performance).
- Monitoring - A firm may consider how to effectively monitor the firm’s social media sites or firm use of third-party sites, taking into account that many third-party sites may not provide complete access to a supervisor or compliance personnel.
- Frequency of Monitoring - A firm may consider the frequency with which it monitors IAR or solicitor activity on a social media site. For example, using a risk-based approach, a firm may conclude that periodic, daily or real-time monitoring of the postings on a site is appropriate.
- Approval of Content - A firm may want to consider the appropriateness of preapproval requirements.
- Firm Resources - A firm may consider whether it has dedicated sufficient compliance resources to adequately monitor IAR or solicitor activity on social media sites, including the ability to monitor the activity of numerous IARs or solicitors. A firm may also consider employing conversation monitoring or similar services from outside vendors.
- Criteria for Approving Participation - In analyzing the risk exposure for a firm and its clients due to the use of a social networking site, the firm’s compliance procedures may consider, without limitation, the reputation of the site, the site’s privacy policy, the ability to remove third-party posts, controls on anonymous posting and the advertising practices of any social media site that the firm, or its IARs or solicitors use to conduct business.
- Training - In establishing or reviewing any training requirements for its IARs, a firm may consider implementing training related to social media that seeks to promote compliance and to prevent potential violations of the federal securities laws and the firm’s internal policies.
- Certification - A firm may consider whether to require a certification by IARs and advisory solicitors confirming that those individuals understand and are complying with the firm’s social media policies and procedures.
- Functionality - A firm may consider the functionality of each social media site approved for use, including the continuing obligation to address any upgrades or modifications to the functionality that affect the risk exposure for the firm or its clients. Such consideration is particularly significant given the rapidly evolving nature of this new media.
- Personal / Professional Sites -A firm may consider whether to adopt policies and procedures to address an IAR or solicitor conducting firm business on personal (non-business) or third-party social media sites. For example, a firm may choose to specify what types of firm communications or content are permitted on a site that is not operated, supervised or sponsored by the firm. While a firm may determine that it is appropriate to permit business card information on a specific personal site or third-party site, it may choose to prohibit conducting firm business on that site.
- Information Security - A firm may consider whether permitting its IARs to have access to social media sites poses any information security risks. Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction is an important risk faced by all firms.
- Enterprise-wide Sites - An RIA that is part of a larger financial services or other corporate enterprise may consider whether to create usage guidelines reasonably designed to prevent the advertising practices of a firm-wide social media site from violations of the Advisers Act.
The Alert also discusses third-party content including testimonials, “Likes,” and recordkeeping responsibilities (The recordkeeping responsibilities that currently apply to other forms of electronic communication, apply to social media content, so be sure you have systems in place to archive).
We are strong proponents of RIAs taking full advantage of the power of social media and work hard to assist RIAs to ensure they are in compliance with all of the regulatory requirements and are aware of the risks associated with using various forms of social media.