SEC stresses importance of social media guidelines and compliance

The SEC has released new "risk alerts" that outline how financial firms can use social media guidelines to protect their business from fraud and comply with federal regulations.

This Content Component encountered an error

The Securities and Exchange Commission (SEC) is emphasizing the importance of enterprise-wide social media guidelines and compliance, soon after the agency charged an investment adviser with offering fictitious securities through social media sites.

Earlier this month, the SEC's Division of Enforcement alleges that Anthony Fields, of Lyons, Ill., offered more than $500 billion in fictitious securities through various social media websites, including professional networking site LinkedIn. Fields provided false and misleading information concerning his assets, failed to maintain required books and records and did not implement adequate compliance policies and procedures, according to the SEC.

"Fraudsters are quick to adapt to new technologies to exploit them for unlawful purposes," said Robert B. Kaplan, co-chief of the SEC enforcement division's Asset Management Unit, in a statement announcing the charges. "Social media is no exception, and today's enforcement action reflects our determination to pursue fraudulent activity on new and evolving platforms."

Shortly after charging Fields, the SEC released a risk alert titled "Investment Adviser Use of Social Media." The alert reviews concerns that may arise from social media use, and offers suggestions for complying with the antifraud, compliance and recordkeeping provisions of federal security laws. The alert further notes that firms should consider how to implement new social media guidelines, or revisit their existing programs as technology evolves.

Stephen Marsh, founder and CEO of electronic communications archiving provider Smarsh Inc., said between the risk alert and the charges against Fields, the SEC is sending a clear message: Registered investment advisors (RIAs) need to extend their recordkeeping initiatives to social media and consider the complexities of social networks when crafting and enforcing social media guidelines.

"The biggest takeaway to me is that every firm -- whether it's using social media or not -- needs to take proactive steps to address it," Marsh said. "Hopefully, the alert will spur those firms that haven't already done so to get serious about determining their policies for social media usage."

The SEC noted that financial service firms are increasingly using social media to communicate with existing and potential clients, promote services, educate investors and recruit new employees. Given this shift, the agency also issued an Investor Alert titled "Social Media and Investing: Avoiding Fraud" that aims to help investors be better aware of fraudulent investment schemes that use social media, and provides tips for checking the backgrounds of advisers and brokers.

"More and more, investors are using social media to help them with investment decisions," said Lori J. Schock, director of the office of Investor Education and Advocacy, in a statement. "While social media can provide many benefits for investors, it also makes an attractive target for fraudsters."

The SEC notes that many firms have policies and procedures within their compliance programs that specifically apply to social media use. However, many firms have multiple overlapping procedures that may or may not specifically include social media use, and this lack of specificity may cause confusion as to what procedures or standards apply, according to the SEC.

The risk alert offers suggestions investment advisors should consider when evaluating the effectiveness of their social media compliance program, including usage guidelines, content standards, training and social media monitoring.

Marsh said that because networks are evolving rapidly and have multiple types of communication within them, governance and oversight are increasingly complex. For example, Facebook allows every user to develop a profile, post comments, comment on friends' posts, follow organizations, send private messages and talk over instant message.

As a result, a well-defined company policy on what is permissible and what is not in social media is crucial, Marsh said.

"The SEC has stated that 'lack of specificity may cause confusion as to what procedures or standards apply to social media use,' so firms need to be very specific in their policies and oversight procedures," Marsh said.

The biggest takeaway to me is that every firm -- whether it's using social media or not -- needs to take proactive steps to address it.

Stephen Marsh, CEO, Smarsh Inc.

The SEC also suggests that firms that allow for third-party postings on their social media sites consider relevant policies and procedures. This could include guidelines surrounding the posting of testimonials about the firm, as well as reasonable safeguards in place to avoid any violation of the federal securities laws.

The risk alert reminds investment advisors that RIAs communicating through social media must retain records of those communications if they contain information that satisfies an investment adviser's recordkeeping obligations under the Advisers Act.

In addition, the SEC notes that RIAs should consider reviewing their document retention policies to ensure that any required records generated by social media communications are retained. This should be done in compliance with federal securities laws and in a manner that is easily accessible for a period not less than five years.

"At the heart of the risk alert is the principle that content is determinative when it comes to electronic recordkeeping," Marsh said. "It doesn't matter what the channel is. If the content relates to business, then firms are obligated to retain the communication and make sure that it is in compliance with the established policy."

Let us know what you think about the story; email Ben Cole, Associate Editor.

Dig deeper on Vulnerability assessment for compliance

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchHealthIT

SearchCloudComputing

SearchDataCenter

SearchDataManagement

SearchSecurity

Close