VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
ING Presentation - BDI 7/26/11 Social Media Security & Compliance Workshop for Financial Institutions
1. Social Media Best Practices
Navigating the Social Networking Regulatory Requirements in the
Investment Industry
Presented by:
David K.V. Chung
Senior Compliance Officer – Sales and Marketing Practices Compliance
Legal & Compliance Department
ING Investment Management – Americas
July 26, 2011
2. Introduction
1. Background
2. Regulations – Rules can be both complicated and vague
3. Best Practices – How to best operate within the rules
4. Teamwork – Working with your Legal and Compliance Department
5. Resources
Important Note: Unless stated otherwise, the ideas expressed are solely the opinions of the presenter and do not
necessarily represent the opinions of ING Investment Management or its affiliated firms. In addition, the
information provided should not be construed as legal advice, please consult your legal counsel before making
any policy decisions.
2
3. FINRA Regulatory Notice 10-06
• The Financial Industry Regulatory Authority (FINRA) provided it’s first high
level industry guidance for social media activities for investment broker dealer
firms.
• It provided no specific rule changes, but offered clarification in a Q & A format.
Summary Highlights
• Record Keeping Responsibilities
• Suitability Responsibilities
• Types of Interactive Electronic Forums
• Supervision of Social Media Sites
• Third Party Posts
Source: FINRA NTM 10-06
3
4. FINRA Classification of Social Networking Activities
Is it a Public Appearance, Advertisement or Correspondence?
Well, it depends…
• Public Appearances are unscripted participation in an interactive forum
such as a chat room or online seminar.
• Advertisements are the static written content available for access online.
This includes the static content on a blog, FaceBook profile, Twitter
profile and LinkedIn profile. Profile includes any background or wall
information posted.
• Correspondence would be email communications that are sent one-on-
one through the email system of social media sites.
• The different classifications affect whether or not it requires Registered
Principal pre-approval, post-monitoring or possible marketing filings with
FINRA.
Source: FINRA NTM 10-06
4
5. Investment Suitability Issues
• What constitutes as a stock “recommendation”?
• Firms are responsible for their social media messages and are not exempt from
suitability requirements and are liable for non-compliance.
• Facts and circumstances of the communication determines whether or not a
recommendation was made.
• Rule 2310 – Did the author have reasonable grounds to make such a
recommendation based on the reader’s financial situation and needs?
• What investment-related advice can be provided online?
• Access to a library of equity research reports.
• Online tools to indentify an investors risk tolerance.
• Online tools to assist investors with general retirement planning tools and
calculators.
• Stock screeners based on parameters established by the user.
• Opted-in online communications that notifies the user of a pre-scheduled event.
Source: FINRA NTM 01-23
5
6. Recordkeeping Requirements
• What records are required to be kept in social media activities?
• Static Postings
• Discussion threads
• Third Party Postings
• For FINRA member broker dealers:
• 3 years with the last 2 years in an easily accessible place.
[FINRA Rule 2210 (b)(2)(A) and 3110]
• For SEC registered investment advisors:
• 5 years with the last 2 years in an easily accessible place.
[SEC Rule 17a-3 and 17a-4 of the ‘34 Act]
• Regulators do not endorse any particular record keeping technology or
vendor, nor acknowledges that there are adequate technology that exists.
6
7. Risks of Non-Compliance
Regulatory
• Fines can be assessed on investment firms that do not comply with the
rules.
• Cost of running a business goes up.
Reputational
• Regulatory fines damages the reputation of a firm.
• Creates challenges in maintaining existing business relationships.
• Reducing the acquisition of new clients.
Sending Mixed Messages to Clients and Prospects
• “Right hand doesn’t know what the left hand is doing”
• Inconsistent messages being posted.
• Incorrect messages being posted.
7
8. Best Practices - Supervision and Monitoring
• Firms must establish policies that are reasonably designed to ensure their social
media activities do not violate general rules outlined in Regulatory Notice 07-59.
General Requirements
1. Written Policy and Procedures that are disseminated throughout the firm.
2. Identify what types of communications require review.
3. Identify which person(s) are responsible for supervision. This should include business
employees because certain functions may be performed by non-compliance employees.
4. Outline the method of review.
5. Frequency of the review.
6. Documentation that reviews were carried out.
• Conduct compliance training.
• Identify how complaints are handled.
• Identify which employees have access to social media sites via the firm’s
network.
• Continually evaluate social media activities for compliance.
Source: FINRA NTM 07-59
8
9. Best Practices - General SM Content Guidelines
Dos
• Discuss macro economic concepts.
• Discuss various sectors or industries.
• Discuss retirement concepts.
• Educate the public on financial markets and products.
• Post company non-product or services related announcements.
• Post messages that have a broad appeal. (i.e., charity events or good will
activities)
• Post generic responses to third-party postings.
Don’ts
• Don’t mention a name of a stock.
• Don’t provide investment advice.
• Don’t promote your products and services.
• Don’t make provocative or promissory statements regarding the direction of the
markets or prices of commodities.
• No re-tweets on Twitter.
• No unauthorized employee postings.
9
10. Best Practices – Corporate Policy
The policy must address employee social media usage during
working hours and at home
a) At Work Policy
• What are the company’s polices regarding SM usage through the firm’s own computer
network?
• What SM applications are authorized for use and by what type of employees?
• What features of each SM application are accessible and which ones are disabled?
• What are the approval processes for gaining access to SM applications?
• What are the content approval process with legal or compliance areas?
b) At Home Policy
• What are the general standards of conduct for posting personal information?
• How much employee-employer information can be divulged?
• Do you require compliance officers to be “connected” to your employees’ SM applications?
c) Incorporate into Existing Policies
• Code of Conduct, Privacy and Handling of Confidential information
• Media Relations policy
• Establishing a working group or committee regarding firm wide social media policy
10
11. Best Practices – Training
Training Must Be Firm Wide
• Policies and procedures when initiating SM projects.
• General policies regarding access to SM applications at work.
• General policies regarding access to SM applications at home.
• Specialized training for those employees that have access to SM
applications at work.
• Outline remedial actions for employees that violate SM policies.
• Address various risks to the firm for non-compliance.
• Escalation process for complaints or issues related to SM.
• Designated legal or compliance contacts for dealing with SM activites.
11
12. Other Regulatory and Business Considerations
Devoting new resources and creating processes
to address SM usage
Privacy Concerns
• Need to keep customer information private.
SM applications increases security threats
• Spam
• Malware
• Viruses
• Data loss
• Cyber crime
• Drains I.T. support networks and resources.
• I.T. security for company-issued smartphones.
12
13. Working with your Legal & Compliance Department
Don’t assume your legal or compliance colleagues…
1. …“get it” or immediately think it’s a great idea.
2. …understands social media concepts or even likes it.
3. …understands your social media business plans.
4. …are fully versed in social media regulations. They are still learning…
Do:
1. Educate them on social networking sites. Start with the bare basics!
2. Provide them with a comfort level with the technology.
3. Provide them with articles and research related to social media compliance.
4. Inform them what your competitors are doing in this space.
5. Invite the I.T. department to be part of the conversation.
6. Request to a pilot project to test the waters.
13
14. Compliance Resources
1. FINRA Regulatory Notice 10-06
Social Media Web Sites
[http://www.finra.org/Industry/Regulation/Notices/2010/P120760]
2. FINRA Regulatory Notice 01-23
Online Suitability
[http://www.finra.org/Industry/Regulation/Notices/2001/P003886]
3. FINRA Regulatory Notice 07-59
Supervision of Electronic Communications
[http://www.finra.org/Industry/Regulation/Notices/2007/P037554]
4. FINRA Advertising Compliance Resource
[http://www.finra.org/Industry/Issues/Advertising/]
14