More On Legal & Compliancefrom The Advisor's Professional Library
- RIAs and Customer Identification Just as RIAs owe a duty to diligently protect their clients privacy and guard against theft, firms also play a vital role in customer identification. Although RIAs are not subject to an anti-money laundering rule, securities regulators expect advisors to address these issues in their policies and procedures.
- Pay-to-Play Rule Violating the pay-to-play rule can result in serious consequences, and RIAs should adopt robust policies and procedures to prevent and detect contributions made to influence the selection of the firm by a government entity.
Facebook: The “wild, wild west” of social media. Can advisors use it? Of course. Should they? Why not? Are there regulatory issues and considerations that must be addressed? Aren’t there always?
In this short column, let’s consider for discussion purposes the use of Facebook in a financial services firm. I recommend every advisory firm strongly consider doing the following:
- Establish and implement a written policy regarding the firm’s position on the use of social media. The policy should be twofold, covering the use of social media by the firm and the personal use of social media by the firm’s employees and representatives.
- The firm’s written policy should address whether or not the firm shall utilize social media, how it shall be used and any corresponding limitations on that use. A firm’s Facebook page, like its website, is an advertisement, and the content should be subject to ongoing monitoring and review by the firm’s chief compliance officer. As an advertisement, the content is also subject to regulatory recordkeeping requirements. The same content parameters and prohibitions (e.g., use of testimonials, a topic I’ll cover in a future column) that apply to all of a firm’s advertising also apply to the firm’s use of Facebook.
- Just as important (or potentially even more important) is the establishment of a firm’s written policy for its employees’ and representatives’ personal use of social media. Why? Because the firm can monitor and control the content that it posts on its Facebook page, but it cannot exercise such monitoring or control of an employee’s or rep’s personal Facebook content (outside of regularly reviewing an employee’s Facebook page, which, based upon the type of nonsense that is posted on Facebook could be overly intrusive and mutually embarrassing). Employees need to appreciate that the firm does not want to monitor their personal Facebook pages and postings. Rather, the firm is a regulated entity and, as such, it is required to establish and implement a reasonable policy designed to prevent infractions or deviations from the firm’s policy and applicable regulations.
So, what should a firm do short of monitoring an employee’s personal Facebook content (a policy that I do not recommend)? My recommendation is to implement a policy that either prohibits the employee from “friending” firm clients (which may not be realistic); or discourages the “friending” of firm clients while making it clear that if an employee or rep does so, he or she is expressly prohibited from discussing any firm-related business on Facebook or any other social media (or through a personal email account, which is much too often overlooked).
All such business-related communications should be restricted to the firm’s email account. The firm has a supervisory obligation to monitor firm-related communications. Unless they want the firm to monitor their Facebook or personal email content (which, again, could prove mutually embarrassing), employees or reps must agree to abide by the firm’s policy.
I also recommend that the firm reinforce and reconfirm this policy on an annual basis. To do so, the firm can require that each employee acknowledge the policy in writing initially upon establishment (or at the time of hiring) and on an annual basis thereafter. The firm should also include its social media policy as one of the discussion items on its annual compliance meeting agenda. (Yes, the firm should have an annual compliance meeting for all firm personnel, with an agenda and a sign-in sheet to be maintained with the firm’s compliance records. Two of the items on the current SEC exam pertain to how the firm educates its employees and reps.)