Compliance Considerations in Social Media Initiatives - BDI 5/17/12 Social & Mobile Financial Services Communications: Case Studies and Roundtables


Published on

Case Study: Compliance Considerations in Social Media Initiatives
Presented by: Koa Van (David) Chung, Senior Compliance Officer - Sales and Marketing Practices Compliance, Legal & Compliance Department, ING Investment Management – U.S.
All social media projects in the financial services industry rely heavily on the guidance of in-house compliance staff or outside law firms to provide direction and approval on what can or cannot be implemented based on existing government regulations. This discussion will provide you with some important regulatory considerations and compliance guidance when conceptualizing, designing and implementing your social media-related projects.

Published in: Business, Technology
1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Compliance Considerations in Social Media Initiatives - BDI 5/17/12 Social & Mobile Financial Services Communications: Case Studies and Roundtables

  1. 1. Social & Mobile Financial Services Communications:Navigating the Social Media Regulatory Requirements in the InvestmentIndustryPresented by:David K.V. ChungSenior Compliance Officer – Sales and Marketing Practices Compliance ManagerLegal & Compliance DepartmentING Investment Management – U.S.May 17, 2012
  2. 2. Introduction1. Background2. Regulations – SEC and FINRA3. Misconceptions About the Rules4. Best Practices – How to best operate within the rules5. Teamwork – Working with your Legal and Compliance Department6. ResourcesImportant Note: Unless stated otherwise, the ideas expressed are solely the opinions of the presenter and do notnecessarily represent the opinions of ING Investment Management or its affiliated firms. In addition, theinformation provided should not be construed as legal advice, please consult your legal counsel before makingany policy decisions. 2
  3. 3. SEC vs. FINRA Classification of Social Networking Activities SEC • “It converts the traditional two party, adviser-to-client communication into an interactive, multi-party dialogue among advisers, clients, and prospects, within an open architecture accessible to third-party observers. It also converts a static medium, such as a website, where viewers passively receive content, into a medium where users actively create content.” FINRA • Public Appearances are unscripted participation in an interactive forum such as a chat room or online seminar. • Advertisements are the static written content available for access online. This includes the static content on a blog, FaceBook profile, Twitter profile and LinkedIn profile. Profile includes any background or wall information posted. • Correspondence would be email communications that are sent one-on-one through the email system of social media sites. • The different classifications affect whether or not it requires Registered Principal pre-approval, post-monitoring or possible marketing filings with FINRA.Source: SEC National Examination Risk Alert, Vol. II, Issue 1 and FINRARegulatory Notice 10-06 3
  4. 4. Securities and Exchange Commission - Guidance Highlights from the SEC National Examination Risk Alert – Investment Adviser Use of Social Media 1. Usage Guidelines 2. Content Standards 3. Monitoring 4. Frequency of Monitoring 5. Approval of Content 6. Firm Resources 7. Criteria for Approving Participation 8. Training 9. Certification 10. Functionality 11. Personal / Professional Sites 12. Information Security 13. Enterprise Wide SitesSource: SEC National Examination Risk Alert, Vol. II, Issue 1For Internal Use Only 4
  5. 5. FINRA Regulatory Notice 10-06 and 11-39 10-06 • FINRA provided it’s first high level industry guidance for social media activities for investment broker dealer firms. • It provided no specific rule changes, but offered clarification in a Q & A format. Summary Highlights • Record Keeping Responsibilities • Suitability Responsibilities • Types of Interactive Electronic Forums • Supervision of Social Media Sites • Third Party Posts 11-39 • The Financial Industry Regulatory Authority (FINRA) provided it’s second high level industry guidance for social media activities for investment broker dealer firms. • Clarified first notice where it was unclear • Business content determines whether not records need to be kept. • No automatic deletion technology can be used for business-related communications. • Provided more clarity on third-party posts. (i.e., adoption and entanglement) • No commingling of business and personal communication on smartphones. Recordkeeping must be separate.Source: FINRA Regulatory Notice 10-06 and 11-39 5
  6. 6. Social Media Regulatory Misconception #1 The SEC said the FaceBook “Like” button is a testimonial Well, not exactly… • “Depending on the facts and circumstances, the use of “social plug-ins” such as the “like” button could be a testimonial under the Advisers Act.” • “Third-party use of the “like” feature on an investment adviser’s social media site could be deemed to be a testimonial if it is an explicit or implicit statement of a clients or clients experience with an investment adviser or IAR.” • “For example, the public is invited to “like” an IAR’s biography posted on a social media site, that election could be viewed as a type of testimonial prohibited by rule 206(4)-1(a)(1).”Source: SEC National Examination Risk Alert, Vol. II, Issue 1For Internal Use Only 6
  7. 7. Social Media Regulatory Misconception #2 FINRA said all Twitter tweets need to be filed with them It depends… • Depends on whether or not content is static or interactive. • “Social networking sites also contain non-static, real-time communications, such as interactive posts on sites such as Twitter and FaceBook. The portion of a social networking site that provides for these interactive communications constitutes an interactive electronic forum, and firms are not required to have a registered principal approve these communications prior to use.” • “FINRA considers unscripted participation in an interactive electronic forum to come within the definition of “public appearance” under NASD Rule 2210. Public appearances do not require prior approval by a registered principal.” • Filing is only required if it is static content and it also meets the basic filing criteria for advertisements and sales literature. Otherwise, firm’s main obligations are supervision and recordkeeping.Source: FINRA Regulatory Notice 10-06 and 11-39For Internal Use Only 7
  8. 8. Social Media Regulatory Misconception #3 If our company policy does not allow the use of social media to do business, then I’m safe from the regulators That’s what you think… • Financial firms still need to have a social media policy in place regardless of their activity in this space. • Policy should address any company-sponsored social media initiatives and personal usage; if the employee chooses to disclose the name of their employer. • Consider periodic monitoring of your employees’ social media activity.For Internal Use Only 8
  9. 9. Best Practices – Corporate Policy The policy must address employee social media usage during working hours and at homea) At Work Policy • What are the company’s polices regarding SM usage through the firm’s own computer network? • What SM applications are authorized for use and by what type of employees? • What features of each SM application are accessible and which ones are disabled? • What are the approval processes for gaining access to SM applications? • What are the content approval process with legal or compliance areas?b) At Home Policy • What are the general standards of conduct for posting personal information? • How much employee-employer information can be divulged? • Do you require compliance officers to be “connected” to your employees’ SM applications?c) Incorporate into Existing Policies • Code of Conduct, Privacy and Handling of Confidential information • Media Relations policy • Establishing a working group or committee regarding firm wide social media policy 9
  10. 10. Best Practices - Supervision and Monitoring • Firms must establish policies that are reasonably designed to ensure their social media activities do not violate federal securities regulations and other self- regulatory organizations rules. General Requirements 1. Written Policy and Procedures that are disseminated throughout the firm. 2. Identify what types of communications require review. 3. Identify which person(s) are responsible for supervision. This should include business employees because certain functions may be performed by non-compliance employees. 4. Outline the method of review. 5. Determine the frequency of the review and conduct periodic testing. 6. Documentation that reviews were carried out. • Conduct compliance training. • Identify how complaints are handled. • Identify which employees have access to social media sites via the firm’s network. • Continually evaluate social media activities for compliance.Source: FINRA NTM 07-59 10
  11. 11. Best Practices – Training Training Must Be Firm Wide• Policies and procedures when initiating SM projects.• General policies regarding access to SM applications at work.• General policies regarding access to SM applications at home.• Specialized training for those employees that have access to SM applications at work.• Outline remedial actions for employees that violate SM policies.• Address various risks to the firm for non-compliance.• Escalation process for complaints or issues related to SM.• Designated legal or compliance contacts for dealing with SM activities. 11
  12. 12. Recordkeeping Requirements• What records are required to be kept in social media activities? • Electronic communications (i.e., emails exchanged on social media applications) • Static Postings • Discussion threads • Third Party Postings• For SEC registered investment advisors: • 5 years with the last 2 years in an easily accessible place. [SEC Rule 17a-3 and 17a-4 of the ‘34 Act]• For FINRA member broker dealers: • 3 years with the last 2 years in an easily accessible place. [FINRA Rule 2210 (b)(2)(A) and 3110]• Regulators do not endorse any particular record keeping technology or vendor, nor acknowledges that there are adequate technology that exists. 12
  13. 13. Other Regulatory and Business Considerations Devoting new resources and creating processes to address SM usagePrivacy Concerns • Need to keep customer information private.SM applications increases security threats • Spam • Malware • Viruses • Data loss • Cyber crime • Drains I.T. support networks and resources. • I.T. security for company-issued smartphones. 13
  14. 14. Investment Suitability Issues • What constitutes as a stock “recommendation”? • Firms are responsible for their social media messages and are not exempt from suitability requirements and are liable for non-compliance. • Facts and circumstances of the communication determines whether or not a recommendation was made. • FINRA Rule 2310 – Did the author have reasonable grounds to make such a recommendation based on the reader’s financial situation and needs? • What investment-related advice can be provided online? • Access to a library of equity research reports. • Online tools to indentify an investors risk tolerance. • Online tools to assist investors with general retirement planning tools and calculators. • Stock screeners based on parameters established by the user. • Opted-in online communications that notifies the user of a pre-scheduled event.Source: FINRA NTM 01-23 14
  15. 15. Best Practices - General SM Content GuidelinesDos• Discuss macro economic concepts.• Discuss various sectors or industries.• Discuss retirement concepts.• Educate the public on financial markets and products.• Post company non-product or services related announcements.• Post messages that have a broad appeal. (i.e., charity events or good will activities)• Post generic responses to third-party postings.Don’ts• No unauthorized employee postings.• Don’t mention a name of a stock.• Don’t provide investment advice.• Don’t promote your investment products and services unless you have robust oversight.• Don’t make provocative or promissory statements regarding the direction of the markets or prices of commodities.• Avoid re-tweeting questionable posts on Twitter. Use your best judgment.• Don’t solicit your clients to re-tweet your postings.• Don’t solicit your clients to provide anything that would resemble a testimonial. 15
  16. 16. Working with your Legal & Compliance DepartmentDon’t assume your legal or compliance colleagues…1. …“get it” or think it’s a great idea. Surprisingly, a lot of people still don’t “get it.”2. …understands social media applications and functionality.3. …understands your social media business plans without reliable ROI.4. …are fully versed in social media regulations. They are still learning…Do:1. Educate them on social networking sites. Start with the bare basics!2. Provide them with a comfort level with the technology.3. Provide them with articles and research related to social media compliance.4. Inform them what your competitors are doing in this space.5. Invite the I.T. department to be part of the conversation.6. Request to a pilot project to test the waters. 16
  17. 17. Compliance Resources• SEC National Risk Examination Alert Investment Advisory Use of Social Media []• SEC Investor Alert Social Media and Investing - Avoid Fraud []• SEC Investor Alert Social Media and Investing - Understanding Your Accounts []• FINRA Regulatory Notice 11-39 Social Media Web Sites and the Use of Personal Devices for Business Communications []• FINRA Regulatory Notice 10-06 Social Media Web Sites []• FINRA Regulatory Notice 01-23 Online Suitability []• FINRA Regulatory Notice 07-59 Supervision of Electronic Communications []• FINRA Advertising Compliance Resource [] 17