Financial Services Compliance

Evolving Marketing Regulations Trigger Ongoing RIA Social Media Compliance

by Smarsh

Subscribe to the Smarsh Blog Digest

Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

In the past, registered investment advisers (RIAs) typically only had a website and little else in terms of marketing their services. However, with the increasing popularity of social media, they are now relying more on these platforms to communicate and advertise their firms. This shift has caused a significant increase in compliance responsibilities for Chief Compliance Officers (CCOs) at RIAs.

The most recent version of the Form ADV, which RIAs are required to fill out, includes the requirement for firms to disclose all websites and social media platforms they use. These disclosures must also be updated as any changes occur.

General RIA advertising rules may not cover all circumstances

While RIAs generally understand the broad compliance principles for advertising, there are new developments to the rules that may be overlooked. For example, the Securities and Exchange Commission (SEC) has provided guidance on using testimonials in social media advertisements. RIAs are allowed to advertise using public commentary about their services posted on independent social media sites, as long as every review is included in the firm's advertisement. However, RIAs cannot influence the third-party sites or offer subjective analysis of the opinions.

Even if RIAs comply with general guidance from the SEC, their specific use of social media can create compliance problems. For example, although one adviser’s reviews on Yelp did not raise red flags, the firm provided a short bio, which boasted that the firm ‘is the most trusted,’ and its ‘financial services are flawless.’ It is impossible for an adviser to prove with objective evidence that the firm is the most trusted. Furthermore, words like “flawless” are viewed as marketing hype, which is inherently misleading.

compliance quick hits 900x220

Blogs raise additional compliance requirements

While blogs are an effective marketing tool, they also raise additional compliance requirements. Some RIAs require blog posts be preapproved by the firm’s CCO or a designee, which can slow down the posting process. Other firms set blog posting guidelines for personnel to follow and monitor posts after the fact.

Interactive blogs require regular review by the CCO to ensure that any noncompliant content posted by third parties is promptly removed. For example, a client might post a testimonial for the adviser. If that occurs, it must be removed promptly or else the firm is taking ownership of the testimonial.

A firm’s compliance manual should specify who is authorized to blog on behalf of the firm. Policies and procedures should articulate whether Investment Adviser Representatives (IARs) and solicitors may post on blogs and what type of content is allowed. RIAs must also implement a process to make certain that all blog posts are retained in the firm’s books and records. Companies such as Smarsh can assist RIA firms with archiving blogs and all types of social media.

If RIAs allow IARs to host their own blogs or to post on other sites, the firm should establish restrictions on what may be discussed. In addition to preapproving all posts, the firm’s CCO or a designee must supervise and monitor these blogs. Occasionally, IARs make the mistake of referencing past specific recommendations of the adviser, which were profitable to clients.

Rule 206(4)-1(a)(2) under the Investment Advisers Act of 1940, and similar state rules, prohibit references to past specific recommendations that were profitable to anyone unless the ad sets forth or offers to provide a list of all securities recommended during the immediately preceding period of not less than one year. The list must also contain specific disclosures. Examiners are concerned that RIAs will only mention the securities that soared in value, not those that performed poorly.

RIA social media compliance includes personal Facebook pages

When it comes to personal Facebook pages, RIAs need to make it clear that they should not be used to market the firm. Furthermore, a RIA’s social media policy should stipulate who may post on social media sites used for business purposes.

CCOs must be vigilant in supervising the firm's Facebook page and ensure that no noncompliant content, such as testimonials is allowed to remain. For example, one RIA’s Facebook page contained a post from a client who expressed his euphoria over how well the adviser had managed his portfolio. Another client posted his gratitude for making his dream vacation possible.

RIAs that permit noncompliant content to remain on their Facebook page are likely to receive a deficiency letter when examiners conduct an examination. There is also the risk that a competitor will tip off regulators regarding the RIA’s noncompliant activities.

When it comes to personal Facebook pages, RIAs need to make it clear that they should not be used to market the firm. While CCOs do not owe a duty to supervise employees’

personal Facebook pages–if they do post business-related content, the CCO must take action after learning that a social media site is being used inappropriately.

For instance, CCOs must act decisively if they learn that an IAR is touting the firm’s performance or services on a personal Facebook page. In some cases, activities and statements on an associated person’s personal Facebook page can reflect badly upon the firm and indirectly hurt its image. Associated persons should be warned that Facebook posts are not always private and may harm the firm’s reputation.

Conclusion

By staying proactive with the SEC Marketing Rule now in full effect and FINRA Advertising Rule mandates, RIAs will not only mitigate the risks associated with social media use, but also protect the reputation and credibility of their firms in an increasingly digital world.

CCOs play a crucial role in ensuring compliance with changing marketing and advertising practices and should update and enforce policies and procedures that directly address RIA social media usage while staying consistent with advertising guidelines.

Share this post!

Smarsh
Smarsh Blog

Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.

Ready to enable compliant productivity?

Join the 6,500+ customers using Smarsh to drive their business forward.

Contact Us

Tell us about yourself, and we’ll be in touch right away.