LiveOffice Email Archiving & Compliance 101

Electronic Communications Compliance 101
Fundamentals to Regulatory Requirements
Presented by
Core Compliance & Legal Services, Inc.
November 18, 2008
Slide 2

3
Introduction
Definition and Scope of Electronic Communications
Current Regulations
SEC and FINRA Expectations
How to Conduct Electronic Communications Review
Slide 3

4
Definition of Electronic Communication
Two types of communication: oral and written
“Oral” means real-time communications to a live audience
“Written” means any written, printed, or graphic (electronic) media
Use of electronic devices and systems for transferring, processing, storing, displaying, analyzing, protecting, and disposing of information
Source: 18 U.S.C. § 2510(12) (2007)
Slide 4

5
Scope of Electronic Communication
Regulators use the terms “electronic communications,” “e-mail” and “electronic correspondence” inter-changeably
Includes:
E-mail, E-faxes
Web Sites
Bloomberg
Blogs, Chat Rooms, Instant Messaging
Text Messaging
Slide 5

6
How to Capture Electronic Communications
E-mail
E-faxes
Instant and Text Messaging
Blogs
Chat Rooms
Message Boards
Slide 6

7
How to Capture Electronic Communications
Web sites
Regulation FD
18 U.S.C. § 2510(12)(a) does not include telephone conversations in the definition of electronic communications
Oral communications are not within definition of written or graphic communications unless broadly disseminated (e.g. blast voice mail)
Slide 7

8
Rules Governing Electronic Communications
Communications with the Public (FINRA Rule 2210)
Includes advertisements, sales literature, correspondence, institutional sales material, public appearances, and independently prepared reprints
Must be fair & balanced, not false/misleading, not exaggerated/unwarranted, no material omissions, no projections/predictions
Slide 8

9
Institutional Sales Material and Correspondence (FINRA Rule 2211)
Correspondence means any written or electronic message sent to one or more current retail customers and fewer than 25 prospective retail customers within any 30-day period
Includes:
Business cards, letterhead, written letters, form letters sent to existing customers, instant messages, and emails sent to less than 25 prospective customers within 30 days
Slide 9

10
Books and Records (FINRA Rule 3110) requires books and records to be made and kept in conformity with SEC Rules 17a-3 and 17a-4
Includes:
Originals of everything received
Copies of everything sent
Received written customer complaints
Communications supervision compliance records
Duration: 3 years (first 2 in “easily accessible” place)
Use of micro and electronic storage media permitted in non-erasable, non-rewritable format
Format: “legible, true, complete and current”
Slide 10

11
Books and Records Requirements for Brokers and Dealers under Securities Exchange Act of 1934 Rules 17a-3 & 17a-4 (Cont.)
Storage with Third Parties Permitted SEC Rule 17a-4(i)
Third party vendor must file written undertaking with SEC, signed by duly authorized person
Undertaking must include an SEC-required provision permitting examiners to access records
Slide 11

12
Books and Records to Be Maintained by Investment Advisers under Rule 204-2(a)(7)
Includes:
Originals of all written communications received and copies of all written communications sent by an IA
Regarding recommendations, advice, funds, or placing an order
Slide 12

13
Books and Records to be maintained by Investment Advisers under Rule 204-2(e)-(g)
Storage requirements: 5 years (first 2 years in an “easily accessible” place)
General requirements:
Arranged and indexed for easy location, access, and retrieval;
Legible, true, and complete printout or copy of the record and the means to access, view, and print the records; and
Keep a separately stored duplicate copy of the record in any permissible format.
Slide 13

14
Books and Records to be maintained by Investment Advisers under Rule 204-2(g)(3)
Special requirements for electronic storage :
Reasonably protect against loss, alteration, or destruction;
Limit access to the records to properly authorized personnel and the Commission (including examiners and representatives); and
Reasonably ensure that any reproduction of a hard copy original record that is stored electronically is complete, true, and legible when retrieved.
Slide 14

15
Interpretive Releases on Electronic Communications
Guidance on the Review and Supervision of Electronic Communications (NTM 07-59)
Electronic communications requiring review :
External (outside email platforms (e.g. Yahoo!), message boards, and e-faxes)
Internal methods (e.g. inter-office MS Outlook)
Suggested methods of review include:
Lexicon-based
Random-percentage sampling
Combination method
Slide 15

16
Interpretive Releases on Electronic Communications
Guidance on the Review and Supervision of Electronic Communications (NTM 07-59) (Cont.)
Include policies and procedures to address new and emerging technologies
Include ongoing evaluation procedures to check for loopholes or problems
Specify any additional reviews to address any loopholes or problems
If using an automated tool or system, understand system limitations and specify any further reviews needed to address limitations
Slide 16

17
Regulatory Expectations
FINRA Expects Brokers and Dealers to:
Apply flexible risk-based approach based on nature of individual business
Consider the content of the e-mail or IM and who the e-mail or IM is directed towards (audience)
Ensure records are “legible, true, complete, and current”
Slide 17

18
Regulatory Expectations
SEC Expects Investment Advisers to:
Consider the nature of the firm's operations (risk-based)
Have effective policies and procedures for electronic communication
Capture, compile, maintain, and report relevant and timely information in e-mail and instant messages
Expectation: Save everything
Prevent, detect and correct violations
Safeguard records from unauthorized access or destruction
Slide 18

19
Recent Enforcement Actions
Three General Deficiencies Found:
Failure to retain required electronic communications
Failure to timely produce electronic communications
Failure to supervise electronic communications
Cases/Hearings:
Bear Stearns, Morgan Stanley, Banc of America
U.S. Financial Investments censured and fined $40,000
Argosy Capital Securities censured and fined $10,000
Registered Principal fined additional $10,000
Chicago Investment Group, LLC fined $75,000
Registered Principal fined $15,000
Another Registered Principal fined $20,000
Slide 19

20
Questions?
Please contact us if you have any additional questions
Core Compliance & Legal Services, Inc.
Tel: (619) 278-0020
Email: christina.rovira@corecls.com Website: www.corecls.com
Slide 20

Email Compliance 101R. Anthony Seyboth11.18.08
Slide 21

Key Takeaways
You need to understand:
Requirements apply, regardless of firm size
Types of communications you have
Value of saving everything
How to produce communications quickly
Review, supervision and chain of custody procedures
How to recover lost communications in the event of a disaster
Slide 22

Overview: Experience
The leading provider of email compliance solutions
Who We Are
What We Do
Who We Serve