From the March 2013 issue of Investment Advisor • Subscribe!

3 Keys to a Strong Facebook Policy

A solid social media policy can protect your firm from unnecessary regulations

More On Legal & Compliance

from The Advisor's Professional Library
  • Updating Form ADV and Form U4 When it comes to disclosure on Form ADV, RIAs should assume information would be material to investors.  When in doubt, RIAs should disclose information rather than arguing later with securities regulators that it was not material.
  • Privacy Policies and Rules Whether an RIA is SEC or state-registered, the firm must have policies and procedures in effect to protect clients’ privacy. Policies and procedures should explicitly require an RIA to send out its privacy notice each year.

Facebook: The “wild, wild west” of social media. Can advisors use it? Of course. Should they? Why not? Are there regulatory issues and considerations that must be addressed? Aren’t there always?

In this short column, let’s consider for discussion purposes the use of Facebook in a financial services firm. I recommend every advisory firm strongly consider doing the following:

  1. Establish and implement a written policy regarding the firm’s position on the use of social media. The policy should be twofold, covering the use of social media by the firm and the personal use of social media by the firm’s employees and representatives.
  2. The firm’s written policy should address whether or not the firm shall utilize social media, how it shall be used and any corresponding limitations on that use. A firm’s Facebook page, like its website, is an advertisement, and the content should be subject to ongoing monitoring and review by the firm’s chief compliance officer. As an advertisement, the content is also subject to regulatory recordkeeping requirements. The same content parameters and prohibitions (e.g., use of testimonials, a topic I’ll cover in a future column) that apply to all of a firm’s advertising also apply to the firm’s use of Facebook.
  3. Just as important (or potentially even more important) is the establishment of a firm’s written policy for its employees’ and representatives’ personal use of social media. Why? Because the firm can monitor and control the content that it posts on its Facebook page, but it cannot exercise such monitoring or control of an employee’s or rep’s personal Facebook content (outside of regularly reviewing an employee’s Facebook page, which, based upon the type of nonsense that is posted on Facebook could be overly intrusive and mutually embarrassing). Employees need to appreciate that the firm does not want to monitor their personal Facebook pages and postings. Rather, the firm is a regulated entity and, as such, it is required to establish and implement a reasonable policy designed to prevent infractions or deviations from the firm’s policy and applicable regulations.

So, what should a firm do short of monitoring an employee’s personal Facebook content (a policy that I do not recommend)? My recommendation is to implement a policy that either prohibits the employee from “friending” firm clients (which may not be realistic); or discourages the “friending” of firm clients while making it clear that if an employee or rep does so, he or she is expressly prohibited from discussing any firm-related business on Facebook or any other social media (or through a personal email account, which is much too often overlooked).

All such business-related communications should be restricted to the firm’s email account. The firm has a supervisory obligation to monitor firm-related communications. Unless they want the firm to monitor their Facebook or personal email content (which, again, could prove mutually embarrassing), employees or reps must agree to abide by the firm’s policy.

I also recommend that the firm reinforce and reconfirm this policy on an annual basis. To do so, the firm can require that each employee acknowledge the policy in writing initially upon establishment (or at the time of hiring) and on an annual basis thereafter. The firm should also include its social media policy as one of the discussion items on its annual compliance meeting agenda. (Yes, the firm should have an annual compliance meeting for all firm personnel, with an agenda and a sign-in sheet to be maintained with the firm’s compliance records. Two of the items on the current SEC exam pertain to how the firm educates its employees and reps.)

Reprints Discuss this story
This is where the comments go.