Case Study: Compliance Considerations in Social Media Initiatives
Presented by: Koa Van (David) Chung, Senior Compliance Officer - Sales and Marketing Practices Compliance, Legal & Compliance Department, ING Investment Management – U.S.
All social media projects in the financial services industry rely heavily on the guidance of in-house compliance staff or outside law firms to provide direction and approval on what can or cannot be implemented based on existing government regulations. This discussion will provide you with some important regulatory considerations and compliance guidance when conceptualizing, designing and implementing your social media-related projects.
www.bdionline.com
How a B2B SaaS platform is transforming itself into a media company - BDI 1/3...
Semelhante a Compliance Considerations in Social Media Initiatives - BDI 5/17/12 Social & Mobile Financial Services Communications: Case Studies and Roundtables
Semelhante a Compliance Considerations in Social Media Initiatives - BDI 5/17/12 Social & Mobile Financial Services Communications: Case Studies and Roundtables (20)
Youth Involvement in an Innovative Coconut Value Chain by Mwalimu Menza
Compliance Considerations in Social Media Initiatives - BDI 5/17/12 Social & Mobile Financial Services Communications: Case Studies and Roundtables
1. Social & Mobile Financial Services Communications:
Navigating the Social Media Regulatory Requirements in the Investment
Industry
Presented by:
David K.V. Chung
Senior Compliance Officer – Sales and Marketing Practices Compliance Manager
Legal & Compliance Department
ING Investment Management – U.S.
May 17, 2012
2. Introduction
1. Background
2. Regulations – SEC and FINRA
3. Misconceptions About the Rules
4. Best Practices – How to best operate within the rules
5. Teamwork – Working with your Legal and Compliance Department
6. Resources
Important Note: Unless stated otherwise, the ideas expressed are solely the opinions of the presenter and do not
necessarily represent the opinions of ING Investment Management or its affiliated firms. In addition, the
information provided should not be construed as legal advice, please consult your legal counsel before making
any policy decisions.
2
3. SEC vs. FINRA Classification of Social Networking Activities
SEC
• “It converts the traditional two party, adviser-to-client communication into an
interactive, multi-party dialogue among advisers, clients, and prospects, within an
open architecture accessible to third-party observers. It also converts a static
medium, such as a website, where viewers passively receive content, into a
medium where users actively create content.”
FINRA
• Public Appearances are unscripted participation in an interactive forum such as a
chat room or online seminar.
• Advertisements are the static written content available for access online. This
includes the static content on a blog, FaceBook profile, Twitter profile and LinkedIn
profile. Profile includes any background or wall information posted.
• Correspondence would be email communications that are sent one-on-one
through the email system of social media sites.
• The different classifications affect whether or not it requires Registered Principal
pre-approval, post-monitoring or possible marketing filings with FINRA.
Source: SEC National Examination Risk Alert, Vol. II, Issue 1 and FINRA
Regulatory Notice 10-06
3
4. Securities and Exchange Commission - Guidance
Highlights from the SEC National Examination Risk Alert – Investment Adviser Use of
Social Media
1. Usage Guidelines
2. Content Standards
3. Monitoring
4. Frequency of Monitoring
5. Approval of Content
6. Firm Resources
7. Criteria for Approving Participation
8. Training
9. Certification
10. Functionality
11. Personal / Professional Sites
12. Information Security
13. Enterprise Wide Sites
Source: SEC National Examination Risk Alert, Vol. II, Issue 1
For Internal Use Only 4
5. FINRA Regulatory Notice 10-06 and 11-39
10-06
• FINRA provided it’s first high level industry guidance for social media activities for investment broker
dealer firms.
• It provided no specific rule changes, but offered clarification in a Q & A format.
Summary Highlights
• Record Keeping Responsibilities
• Suitability Responsibilities
• Types of Interactive Electronic Forums
• Supervision of Social Media Sites
• Third Party Posts
11-39
• The Financial Industry Regulatory Authority (FINRA) provided it’s second high level industry
guidance for social media activities for investment broker dealer firms.
• Clarified first notice where it was unclear
• Business content determines whether not records need to be kept.
• No automatic deletion technology can be used for business-related communications.
• Provided more clarity on third-party posts. (i.e., adoption and entanglement)
• No commingling of business and personal communication on smartphones. Recordkeeping must be separate.
Source: FINRA Regulatory Notice 10-06 and 11-39
5
6. Social Media Regulatory Misconception #1
The SEC said the FaceBook “Like” button is a testimonial
Well, not exactly…
• “Depending on the facts and circumstances, the use of “social plug-ins” such
as the “like” button could be a testimonial under the Advisers Act.”
• “Third-party use of the “like” feature on an investment adviser’s social media
site could be deemed to be a testimonial if it is an explicit or implicit
statement of a client's or clients' experience with an investment adviser or
IAR.”
• “For example, the public is invited to “like” an IAR’s biography posted on a
social media site, that election could be viewed as a type of testimonial
prohibited by rule 206(4)-1(a)(1).”
Source: SEC National Examination Risk Alert, Vol. II, Issue 1
For Internal Use Only 6
7. Social Media Regulatory Misconception #2
FINRA said all Twitter tweets need to be filed with them
It depends…
• Depends on whether or not content is static or interactive.
• “Social networking sites also contain non-static, real-time communications, such as
interactive posts on sites such as Twitter and FaceBook. The portion of a social
networking site that provides for these interactive communications constitutes an
interactive electronic forum, and firms are not required to have a registered principal
approve these communications prior to use.”
• “FINRA considers unscripted participation in an interactive electronic forum to come
within the definition of “public appearance” under NASD Rule 2210. Public appearances
do not require prior approval by a registered principal.”
• Filing is only required if it is static content and it also meets the basic filing criteria for
advertisements and sales literature. Otherwise, firm’s main obligations are supervision
and recordkeeping.
Source: FINRA Regulatory Notice 10-06 and 11-39
For Internal Use Only 7
8. Social Media Regulatory Misconception #3
If our company policy does not allow the use of social media
to do business, then I’m safe from the regulators
That’s what you think…
• Financial firms still need to have a social media policy in place regardless of their
activity in this space.
• Policy should address any company-sponsored social media initiatives and
personal usage; if the employee chooses to disclose the name of their employer.
• Consider periodic monitoring of your employees’ social media activity.
For Internal Use Only 8
9. Best Practices – Corporate Policy
The policy must address employee social media usage during
working hours and at home
a) At Work Policy
• What are the company’s polices regarding SM usage through the firm’s own computer
network?
• What SM applications are authorized for use and by what type of employees?
• What features of each SM application are accessible and which ones are disabled?
• What are the approval processes for gaining access to SM applications?
• What are the content approval process with legal or compliance areas?
b) At Home Policy
• What are the general standards of conduct for posting personal information?
• How much employee-employer information can be divulged?
• Do you require compliance officers to be “connected” to your employees’ SM applications?
c) Incorporate into Existing Policies
• Code of Conduct, Privacy and Handling of Confidential information
• Media Relations policy
• Establishing a working group or committee regarding firm wide social media policy
9
10. Best Practices - Supervision and Monitoring
• Firms must establish policies that are reasonably designed to ensure their social
media activities do not violate federal securities regulations and other self-
regulatory organizations rules.
General Requirements
1. Written Policy and Procedures that are disseminated throughout the firm.
2. Identify what types of communications require review.
3. Identify which person(s) are responsible for supervision. This should include business
employees because certain functions may be performed by non-compliance employees.
4. Outline the method of review.
5. Determine the frequency of the review and conduct periodic testing.
6. Documentation that reviews were carried out.
• Conduct compliance training.
• Identify how complaints are handled.
• Identify which employees have access to social media sites via the firm’s
network.
• Continually evaluate social media activities for compliance.
Source: FINRA NTM 07-59
10
11. Best Practices – Training
Training Must Be Firm Wide
• Policies and procedures when initiating SM projects.
• General policies regarding access to SM applications at work.
• General policies regarding access to SM applications at home.
• Specialized training for those employees that have access to SM
applications at work.
• Outline remedial actions for employees that violate SM policies.
• Address various risks to the firm for non-compliance.
• Escalation process for complaints or issues related to SM.
• Designated legal or compliance contacts for dealing with SM activities.
11
12. Recordkeeping Requirements
• What records are required to be kept in social media activities?
• Electronic communications (i.e., emails exchanged on social media applications)
• Static Postings
• Discussion threads
• Third Party Postings
• For SEC registered investment advisors:
• 5 years with the last 2 years in an easily accessible place.
[SEC Rule 17a-3 and 17a-4 of the ‘34 Act]
• For FINRA member broker dealers:
• 3 years with the last 2 years in an easily accessible place.
[FINRA Rule 2210 (b)(2)(A) and 3110]
• Regulators do not endorse any particular record keeping technology or
vendor, nor acknowledges that there are adequate technology that exists.
12
13. Other Regulatory and Business Considerations
Devoting new resources and creating processes
to address SM usage
Privacy Concerns
• Need to keep customer information private.
SM applications increases security threats
• Spam
• Malware
• Viruses
• Data loss
• Cyber crime
• Drains I.T. support networks and resources.
• I.T. security for company-issued smartphones.
13
14. Investment Suitability Issues
• What constitutes as a stock “recommendation”?
• Firms are responsible for their social media messages and are not exempt from
suitability requirements and are liable for non-compliance.
• Facts and circumstances of the communication determines whether or not a
recommendation was made.
• FINRA Rule 2310 – Did the author have reasonable grounds to make such a
recommendation based on the reader’s financial situation and needs?
• What investment-related advice can be provided online?
• Access to a library of equity research reports.
• Online tools to indentify an investors risk tolerance.
• Online tools to assist investors with general retirement planning tools and
calculators.
• Stock screeners based on parameters established by the user.
• Opted-in online communications that notifies the user of a pre-scheduled event.
Source: FINRA NTM 01-23
14
15. Best Practices - General SM Content Guidelines
Dos
• Discuss macro economic concepts.
• Discuss various sectors or industries.
• Discuss retirement concepts.
• Educate the public on financial markets and products.
• Post company non-product or services related announcements.
• Post messages that have a broad appeal. (i.e., charity events or good will activities)
• Post generic responses to third-party postings.
Don’ts
• No unauthorized employee postings.
• Don’t mention a name of a stock.
• Don’t provide investment advice.
• Don’t promote your investment products and services unless you have robust oversight.
• Don’t make provocative or promissory statements regarding the direction of the markets
or prices of commodities.
• Avoid re-tweeting questionable posts on Twitter. Use your best judgment.
• Don’t solicit your clients to re-tweet your postings.
• Don’t solicit your clients to provide anything that would resemble a testimonial.
15
16. Working with your Legal & Compliance Department
Don’t assume your legal or compliance colleagues…
1. …“get it” or think it’s a great idea. Surprisingly, a lot of people still don’t “get it.”
2. …understands social media applications and functionality.
3. …understands your social media business plans without reliable ROI.
4. …are fully versed in social media regulations. They are still learning…
Do:
1. Educate them on social networking sites. Start with the bare basics!
2. Provide them with a comfort level with the technology.
3. Provide them with articles and research related to social media compliance.
4. Inform them what your competitors are doing in this space.
5. Invite the I.T. department to be part of the conversation.
6. Request to a pilot project to test the waters.
16
17. Compliance Resources
• SEC National Risk Examination Alert
Investment Advisory Use of Social Media
[http://www.sec.gov/about/offices/ocie/riskalert-socialmedia.pdf]
• SEC Investor Alert
Social Media and Investing - Avoid Fraud
[http://www.sec.gov/investor/alerts/socialmediaandfraud.pdf]
• SEC Investor Alert
Social Media and Investing - Understanding Your Accounts
[http://www.sec.gov/investor/alerts/socialmediaandinvesting.pdf]
• FINRA Regulatory Notice 11-39
Social Media Web Sites and the Use of Personal Devices for Business Communications
[http://www.finra.org/web/groups/industry/@ip/@reg/@notice/documents/notices/p124186.pdf]
• FINRA Regulatory Notice 10-06
Social Media Web Sites
[http://www.finra.org/Industry/Regulation/Notices/2010/P120760]
• FINRA Regulatory Notice 01-23
Online Suitability
[http://www.finra.org/Industry/Regulation/Notices/2001/P003886]
• FINRA Regulatory Notice 07-59
Supervision of Electronic Communications
[http://www.finra.org/Industry/Regulation/Notices/2007/P037554]
• FINRA Advertising Compliance Resource
[http://www.finra.org/Industry/Issues/Advertising/]
17