More On Legal & Compliancefrom The Advisor's Professional Library
- Disaster Recovery Plans and Succession Planning RIAs owe a fiduciary duty to clients to prepare for disasters and other contingencies. If an RIA does not have a disaster recovery plan, clients financial well-being may be jeopardized. RIAs should also engage in succession planning, ensuring a smooth transaction if an owner or principal leaves.
- The New and Improved Form ADV Whether an RIA is describing its investment strategy in advertisements or in the new Form ADV Part 2, it is important the firm articulates material risks faced by advisory clients and avoids language that might be construed as a guarantee.
Firms recruiting breakaway brokers need to be wary in the wake of a very stern administrative law judge's decision sanctioning NEXT Financial Group, Inc. for violating the SEC's customer privacy provisions even while the industry awaits expanded provisions that may allow more liberal customer information sharing.
Lawyers contacted on the case advise caution and say a literal reading of the NEXT case would actually prohibit the taking of basic contact information from clients, but also say that they don't expect the SEC to start cracking the whip right now.
In a June 18 decision, an administrative law judge verbally upbraided and financially sanctioned NEXT's behavior to the tune of $125,000 in supporting the transfer of customer information during the account transition process from previous firms to NEXT for several years leading up to February 2006. The ALJ, James Kelly, also found the firm acted negligently on the other side--allowing departing NEXT reps to take client information with them to a new firm. The decision cuts to the very heart of the independent broker/dealer community, which has consistently held that the client of a rep is "owned" by the rep, not the firm, and thus has the right to ask that client to follow him or her when the rep leaves a firm.
Brian Rubin, of the Sutherland law firm in Washington, who represented NEXT in the case, said the broker/dealer is "obviously disappointed with the decision," and that NEXT, "along with countless other firms, believed it was complying with Regulation S-P. The judge unfortunately disagreed. Going forward, the firm will, of course, comply with this decision." NEXT is not appealing the decision, so it will stand as precedent until the SEC issues its finalized rule on the new Reg S-P. In the meantime, compliance officers and lawyers are treading through a minefield of legal issues.
Yes, the SEC can conceivably whip up an enforcement action against firms' common practices now, but "practically speaking, I doubt there would be an enforcement case based on taking basic client info. The Reg S-P proposal is moving to allow such data to be taken with reps and it would seriously impede all reps from moving to any firm," said Patrick Burns, a lawyer in Beverly Hills where he represents financial advisors looking to go independent.
Burns concedes that what constitutes standard practice now is unclear. But the ALJ claimed that NEXT went too far, saying NEXT sat side-by-side with recruits to access computer systems of the recruits' brokerage firms and download customers' personal information, and in some cases even used the competing brokerage's password to access the system of its customer information there so NEXT could "pre-populate" customer account and transfer forms (www.sec.gov/litigation/aljdec/2008/id349jtk.pdf).
The ALJ agreed with the SEC that all categories of information that migrated from the previous firm into a NEXT customer account spreadsheet constituted "personally identifiable financial information." The ALJ stated that NEXT did not determine whether the customers had even consented to the transfer of information before the recruits joined NEXT. Customers were also not given a reasonable opportunity to opt out of this information sharing, among other cited failures.
Even agreement between firms cannot prevent enforcement action: the ALJ found that "protocol signatories cannot place themselves beyond the reach of Regulation S-P by signing a contract" to immunize themselves from possible enforcement action under Regulation S-P. "In these circumstances, the permissive sharing of information between contracting brokerage firms does not supersede the GLB [Gramm Leach Bliley] Act right of customers to opt out from the sharing of their nonpublic personal information," ruled ALJ Kelly.
So what should brokers be doing?
"It depends how safe they want to be--if they want to follow the letter of the law, as interpreted by the SEC presently, or if they want to take a stab at what the SEC will come out with," says Knut Rostad, deputy chief compliance officer with Rembert Pendleton Jackson in Falls Church, Virginia.
The proposed SEC expansion of Regulation S-P would permit an exception from the notice and opt-out requirements to permit limited disclosures to a nonaffiliated third party without the required notice and opt-out when reps move from one broker/dealer or RIA to another, as the Financial Services Institute and the SEC explains it.
To protect against identity theft and fraud, basic contact information is limited to the customer's name, address, telephone number, e-mail address, and "general description" of the account and products in it.
Under the proposal, departing reps would have to provide to their firm a written record of the information to be disclosed. But the data exception proposed by the SEC doesn't even have to be adopted by firms. Policies prohibiting any sharing of customer information whatsoever with departing brokers, other than at the customer's specific request, could remain.
The FSI, in an advocacy statement, claims that the proposal does not provide the "legal certainty" the SEC believes it to have. "Most notably, the exception is available at the broker/dealer's option. Therefore, by choosing not to take advantage of the exception, a broker/dealer could deny a departing advisor even the most basic contact information about their clients," the FSI--and others in the independent B/D world--worry.
David Tittsworth, executive director of the Investment Adviser Association, is concerned that the proposed rule is overly broad and effectively requires a new compliance program or even necessitates a privacy czar, and the cost analysis, for big and small firms alike, points to a high cost to comply with the new Reg S-P. He asks, rhetorically, if in the future firms will need a best-execution officer or a code of ethics officer.
Tittsworth and others expect SEC Chairman Christopher Cox, who has stated that reform of Regulation S-P is one of his priorities, will act to finalize the expansion before he leaves the Commission after a new President is elected.
While some are worried that the SEC proposal is overly restrictive, Rostad is concerned that the language may be too broad as well. He thinks the "general description" of the account could be used as a "blank check" to even include legal or financial documents a planning client owns.
Elizabeth D. Festa is a freelance business writer based in Washington, D.C. She can be reached by e-mail at email@example.com.