WHITE PAPER FINRA Social Media Guide For 2012 w w w.socialvolt.com
FINRA GuidanceExecutiveOverviewFINRA GuidanceMore and more people are using social media for businessand personal communications. FINRA has provided somerecent guidance describing how the FINRA rules governingcommunications with the public apply to social media sitesor accounts that are sponsored by a firm or its registeredrepresentatives. In January of 2010, FINRA issued RegulatoryNotice 10-06 providing guidance on the application of FINRArules governing communications with the public to social media “SocialVolt offers asites and reminding firms of the recordkeeping, suitability,supervision and content requirements for such communications. one-stop resource for social mediaFurther guidance and clarification was provided in August of2011 in Regulatory Notice 11-39 entitled, “Social Media Websitesand the Use of Personal Devices for Business Communications– Guidance on Social Networking Websites and BusinessCommunications.” management meet the guidelines set forth by FINRA.” FINRA SOCIAL MEDIA GUIDE FOR 2012 .2.
FINRA GuidanceBackgroundAccording to a report by the Pew Internet and American Life social networking sites. The goal of this Notice is to ensure that—Project, 46% of American adults who use the Internet logged as the use of social media sites increases over time—investors areonto a social networking site in 2009, which is up from 8% in protected from false or misleading claims and representations,2005. Other studies have shown that use of social media sites by and firms are able to effectively and appropriately supervise theirbusinesses to communicate with customers and the public has associated persons’ participation in these sites. At the same time,grown significantly in the past few years. FINRA is seeking to interpret its rules in a flexible manner to allow firms to communicate with clients and investors using this newFINRA has provided guidance concerning particular applications technology.of the communications rules to interactive web sites in the past.For example, in March 1999, FINRA stated that a registered While many firms may find that the guidance in this Notice is usefulrepresentative’s participation in an Internet chat room is subject when establishing their own procedures, each firm must developto the same requirements as a presentation in person before a policies and procedures that are best designed to ensure that thegroup of investors. This guidance was codified in 2003, when firm and its personnel comply with all applicable requirements.FINRA defined the term “public appearance” in NASD Rule 2210 Every firm should consider the guidance provided by this Noticeto include participation in an interactive electronic forum. in the context of its own business and its compliance and supervisory programs.FINRA also has provided guidance regarding the applicationof the communication rules in its Guide to the Internet for This Notice only addresses the use by a firm or its personnel ofRegistered Representatives, and has released podcasts on these social media sites for business purposes. The Notice does notissues to help educate firms and their personnel. Nevertheless, purport to address the use by individuals of social media sites forFINRA staff has continued to receive numerous inquiries from purely personal reasons.firms and others concerning how the FINRA rules governingcommunications with the public apply to the use of social mediasites by firms and their registered representatives. Firms alsohave inquired regarding their recordkeeping responsibilities forcommunications posted on social media sites.In September 2009, FINRA organized a Social Networking Task policies and proceduresForce composed of FINRA staff and industry representativesto discuss how firms and their registered representatives could that are best designed touse social media sites for legitimate business purposes in amanner that ensures investor protection. Based on input from theTask Force and others, and further staff consideration of theseissues, FINRA is issuing this Notice to guide firms on applying the personnel comply with allcommunications rules to social media sites, such as blogs and applicable requirements.” FINRA SOCIAL MEDIA GUIDE FOR 2012 .3.
FINRA GuidanceFINRAAND THE SOCIALVOLT SOLUTIONThe FINRA guidance around social media use are broken down of this workflow and moderation process are written tointo five primary components: a non-destructible audit trail, which is also retained for a minimum of seven (7) years. Additionally, all system changes1. Recordkeeping Responsibilities Firms are required to retain to the any aspect of the review, workflow or moderation records of communications related to the broker-dealer’s system settings are recorded to the audit trail. Data is never business that are made through social media sites. Every permanently deleted from the system and is always available firm that intends to communicate, or permit its associated via system or user audit reports. All of these audit reports are persons to communicate, through social media sites must fully searchable, thus allowing for internal and/or regulator first ensure that it can retain records of those communications research on-demand. as required by Rules 17a-3 and 17a-4 under the Securities Exchange Act of 1934 and NASD rule 3110. SEC and FINRA Finally, all data retained by SocialVolt may be exported and rules require that for record retention purposes, the content retained by our clients. of the communications is determinative and a broker-dealer must retain those electronic communications that relate to its 2. Suitability Responsibilities If a firm or its personnel “business as such.” recommend a security through a social media site, it triggers the requirements of NASD Rule 2310 regarding suitability. FINRA goes on to say that firms or persons associated According to FINRA, whether a particular communication with the firm may not use a communications device or constitutes a “recommendation” for purposes of Rule methodology that automatically deletes or erases content. 2310 will depend on the facts and circumstances of the communication. How SocialVolt Helps You Meet This Responsibility The SocialVolt platform retains your social media data How SocialVolt Helps You Meet This Responsibility for a minimum period of seven (7) years. Data is retained The definition of suitability or whether a particular at Amazon AWS, a secure SAS 70 Type II redundant communication constitutes a “recommendation” may differ storage facility. See SocialVolt document entitled, “Security from one company to another or from one circumstance Certifications, 2012” for further information on data security to another. SocialVolt supports your social media and certifications. The SocialVolt platform has flexible communications with respect to aiding your determination moderation and workflow processes by which content must by enabling our clients several means by which they can be reviewed and approved prior to publishing. All aspects designate a strict moderation process. By default, the FINRA SOCIAL MEDIA GUIDE FOR 2012 .4.
FINRA Guidance SocialVolt platform enforces a policy of requiring all outbound How SocialVolt Helps You Meet This Responsibility content to be reviewed and approved by someone within The SocialVolt platform delivers flexible moderation and your organization designated and authorized to review and workflow capabilities to your social media process thus approve such content. SocialVolt recommends best practices allowing for communications supervision in a variety of ways. of reviewing all content prior to publishing. The SocialVolt Granular controls allow for creation of authorized publishers platform additionally allows for the creation of custom blocked and moderators. Granular account security and supervision is and review word dictionaries whereby a client can add words described in more detail below. or phrases they specifically want to flag or block. Finally, the SocialVolt platform blocks outbound profanity, hate, sexual 4. Supervision of Social Media Sites The content provisions of and racist terms. Attempted use of such terms are written to FINRA’s communications rules apply to interactive electronic the audit trail and retained. communications that the firm or its personnel send through a social media site. While prior principal approval is not required3. Types of Interactive Electronic Forums The definition of under Rule 2210 for interactive electronic forums, firms must “public appearance” in NASD Rule 2210 includes unscripted supervise these interactive electronic communications under participation in an interactive electronic forum such as a NASD Rule 3010 in a manner reasonably designed to ensure chat room or online seminar. Rule 2210 does not require that they do not violate the content requirements of FINRA’s firms to have a registered principle approve in advance the communications rules. extemporaneous remarks of personnel who participate in public appearances. However, according to FINRA, these Firms may adopt supervisory procedures similar to those interactive electronic forums are subject to other supervisory outlined for electronic correspondence in Regulatory Notice requirements and to the content requirements of FINRA’s 07-59 (FINRA Guidance Regarding Review and Supervision communications rule. of Electronic Communications). As set forth in that Notice, firms may employ risk-based principles to determine the According to FINRA, social networking sites such as extent to which the review of incoming, outgoing and internal Facebook, Twitter and LinkedIn, typically include both static electronic communications is necessary for the proper and interactive functions. The static content remains posted supervision of their business. until it is changed by the firm or individual who established the account on the site. Generally, the static content is For example, firms may adopt procedures that require accessible to all visitors to the site. Social networking principal review of some or all interactive electronic accounts also contain non-static, real-time communications, communications prior to use or may adopt various methods such as interactive posts on sites such as Twitter and of post-use review, including sampling and lexicon-based Facebook. The portion of a social networking site that search methodologies as discussed in Regulatory Notice provides for these interactive communications constitutes 07-59. We are aware that technology providers are developing an interactive electronic forum, and firms are not required to or may have developed systems that are intended to have a registered principle approve these communications address both the books and records rules and supervisory prior to use. Of course, firms still must supervise these procedures for social media sites that are similar or equivalent communications, as discussed below. FINRA SOCIAL MEDIA GUIDE FOR 2012 .5.
FINRA Guidanceto those currently in use for emails and other electronic As firms develop their policies, they should considercommunications. FINRA does not endorse any particular prohibiting or placing restrictions on any associatedtechnology. Whatever procedures firms adopt, however, must person who has presented compliance risks in the past,be reasonably designed to ensure that interactive electronic particularly compliance risks concerning sales practices, fromcommunications do not violate FINRA or SEC rules. establishing accounts for business purposes with a social media site. In its supervision of social networking sites, eachFirms are also reminded that they must have policies and firm must monitor the extent to which associated persons areprocedures, as described in Regulatory Notice 07-59, for complying with the firm’s policies and procedures governingthe review by a supervisor of employees’ incoming, outgoing the use of these sites. Firms also should consider policies thatand internal electronic communications that are of a specific address associated persons’ continued use of such sites ifsubject matter that require review under FINRA rules and the firm’s supervisory systems demonstrate compliance risks.federal securities laws, including: Firms should take disciplinary action if the firm’s policies are violated. require that a firm’s legal and compliance department Regulatory Notice 11-39 further illuminates firms’ supervision be copied on communications between non-research requirements by stating that firms must conduct appropriate and research departments concerning the content of a training and education concerning its policies, including research report; those relating to social media. Firms must also follow up on “red flags” that may indicate that an associated person is not complying with firm policies. FINRA further intimates that firms the identification and reporting of customer complaints; may require each associated person to certify on an annual or more frequent basis that the associated person is acting complaint be acknowledged by the firm to the customer in a manner consistent with such policies, adding that firms within 15 business days. may choose to randomly spot check social media activities of associates in order to monitor compliance with firm policies.Firms must adopt policies and procedures reasonablydesigned to ensure that their associated persons who How SocialVolt Helps You Meet This Responsibilityparticipate in social media sites for business purposes are The SocialVolt platform’s flexible access control, review &appropriately supervised, have the necessary training and moderation controls and security features allow supervision ofbackground to engage in such activities, and do not present all accounts managed within the system. SocialVolt can alsoundue risks to investors. Firms must have a general policy monitor for relevant topics and people outside of accountsprohibiting any associated person from engaging in business managed within the platform. Additionally, SocialVolt has ancommunications in a social media site that is not subject option for enforcing dual control of publishing moderation.to the firm’s supervision. Firms also must require that only SocialVolt dual control settings require two approvals priorthose associated persons who have received appropriate to publishing content. This setting makes it impossible for atraining on the firm’s policies and procedures regarding reviewer to approve his or her own content.interactive electronic communications may engage in suchcommunications. FINRA SOCIAL MEDIA GUIDE FOR 2012 .6.
FINRA Guidance Our comprehensive security includes account-level consider a third party post to be a communication with the and brand-level permissions. Only SocialVolt account public by the firm or its personnel under the adoption theory if, administrators have access to social media account after the content is posted, the firm or its personnel explicitly credentials. Publishers and reviewers can be granted access or implicitly endorses or approves the post. without ever revealing account credentials. This feature ensures that users cannot attempt to publish content through How SocialVolt Helps You Meet This Responsibility other means such as from a home computer or mobile device User management and moderation settings allow companies unless they use the SocialVolt platform. to enable publishers and/or reviewers within third party entities. Using the SocialVolt platform, the company can SocialVolt offers several levels of professional services maintain account supervision and moderation control. All packages that deliver training, education and news to your content created, whether published or not, is kept in the audit staff on a regularly scheduled basis to help meet FINRA trail for archival purposes. Security controls ensure that third guidelines. SocialVolt offers both training and professional parties don’t have administrative access to the social media services to help develop and implement social media policy accounts being managed in the system and that content and compliance strategy. cannot be published to those accounts without authorized approvals.5. Third Party Posts Under certain circumstances, however, third-party posts may become attributable to the firm. Whether third-party content is attributable to a firm depends on whether the firm has (1) involved itself in the preparation of the content or (2) explicitly or implicitly endorsed or approved the content. The SEC has referred to circumstance (1) above as the “entanglement” theory (i.e., the firm or its personnel is entangled with the preparation of the third-party post) and (2) as the “adoption” theory (i.e., the firm or its personnel has adopted its content). Although the SEC has employed these theories as a basis for a company’s responsibility for third- party information that is hyperlinked to its Web site, a similar analysis would apply to third-party posts on a social media site established by the firm or its personnel. For example, FINRA would consider such a third-party post to be a communication with the public by the firm or its personnel under the entanglement theory if the firm or its personnel paid for or otherwise was involved with the preparation of the content prior to posting. FINRA also would FINRA SOCIAL MEDIA GUIDE FOR 2012 .7.
FINRA GuidanceIn conclusion, SocialVolt offers a one-stop resource for social includes basic account setup, user roles and permissions, brandmedia management solutions specifically tailored to help firms architecture, channel configuration and workflow settings.meet the guidelines set forth by FINRA. We offer the following Social Program Development SocialVolt can help you map yourproducts and services to help you meet and exceed FINRA existing social media processes to our platform capabilities. Weguidelines for social media use: apply a classic consulting process, integrating with your teamSocialVolt Platform The industries number one social media to define your current state, assess your program maturity andrisk management platform satisfies the needs of a wide variety develop a plan to move your social program forward. We’ve builtof stakeholders within the organization from marketing and flexibility into this offering to support the spectrum of social mediacustomer service to compliance and the c-suite. programs, from the emerging strategy to the advanced social media machine.Administrator Training SocialVolt administrator training coversthe entire SocialVolt platform including compliance, moderation Social Strategy Consulting Our team can advise on leadingand audit settings, reporting, user and account management, practices, social campaign development, metrics and reporting,security features and more. and content development solutions. We bring a compelling, results-driven perspective to help shape your social media strategyUser Training SocialVolt can deliver online or onsite training to and impact core social objectives.user groups of any size, helping to ensure broad user adoption.Our user training covers platform functionality and best practices Business Integration Services We offer business integrationand can be tailored to address specific policy topics set out by services to ensure a smooth transition onto the SocialVoltyour firm. platform. Our services team conducts an assessment of the systems supporting your social media program, ranging fromWeb-Based Training Web-based training is the most scalable spreadsheets and email, to native social network platforms toway to train hundreds or thousands of users in a short period niche third-party solutions. We then build a solution diagram,of time without disrupting work schedules or incurring travel identify data migration requirements and work with your team toexpenses. Our standard web-based training courses are build an implementation plan.available on regularly scheduled intervals or can be scheduled tomeet your specific needs. Custom Integration Services Our social media management platform thrives in complex business environments and can workRapid Launch Methodology Our Rapid Launch service gets with adjacent business support systems. SocialVolt’s servicesyour team up and running quickly. Our team conducts a short team is ready to tackle your data challenges. We work with yourassessment of your social media program, then completes staff to understand system integration requirements and designsystem setup and configuration to unlock our platform’s and build solutions to meet your needs.capabilities for your organization. Our Rapid Launch service FINRA SOCIAL MEDIA GUIDE FOR 2012 .8.