More On Legal & Compliancefrom The Advisor's Professional Library
- Whistleblowers A whistleblower is any individual providing the SEC with original information related to a possible violation of federal securities law. The Dodd-Frank Act established a whistleblower program that enables the SEC to reward individuals who voluntarily provide such information.
- Disaster Recovery Plans and Succession Planning RIAs owe a fiduciary duty to clients to prepare for disasters and other contingencies. If an RIA does not have a disaster recovery plan, clients financial well-being may be jeopardized. RIAs should also engage in succession planning, ensuring a smooth transaction if an owner or principal leaves.
Facebook: The “wild, wild west” of social media. Can advisors use it? Of course. Should they? Why not? Are there regulatory issues and considerations that must be addressed? Aren’t there always?
In this short column, let’s consider for discussion purposes the use of Facebook in a financial services firm. I recommend every advisory firm strongly consider doing the following:
- Establish and implement a written policy regarding the firm’s position on the use of social media. The policy should be twofold, covering the use of social media by the firm and the personal use of social media by the firm’s employees and representatives.
- The firm’s written policy should address whether or not the firm shall utilize social media, how it shall be used and any corresponding limitations on that use. A firm’s Facebook page, like its website, is an advertisement, and the content should be subject to ongoing monitoring and review by the firm’s chief compliance officer. As an advertisement, the content is also subject to regulatory recordkeeping requirements. The same content parameters and prohibitions (e.g., use of testimonials, a topic I’ll cover in a future column) that apply to all of a firm’s advertising also apply to the firm’s use of Facebook.
- Just as important (or potentially even more important) is the establishment of a firm’s written policy for its employees’ and representatives’ personal use of social media. Why? Because the firm can monitor and control the content that it posts on its Facebook page, but it cannot exercise such monitoring or control of an employee’s or rep’s personal Facebook content (outside of regularly reviewing an employee’s Facebook page, which, based upon the type of nonsense that is posted on Facebook could be overly intrusive and mutually embarrassing). Employees need to appreciate that the firm does not want to monitor their personal Facebook pages and postings. Rather, the firm is a regulated entity and, as such, it is required to establish and implement a reasonable policy designed to prevent infractions or deviations from the firm’s policy and applicable regulations.
So, what should a firm do short of monitoring an employee’s personal Facebook content (a policy that I do not recommend)? My recommendation is to implement a policy that either prohibits the employee from “friending” firm clients (which may not be realistic); or discourages the “friending” of firm clients while making it clear that if an employee or rep does so, he or she is expressly prohibited from discussing any firm-related business on Facebook or any other social media (or through a personal email account, which is much too often overlooked).
All such business-related communications should be restricted to the firm’s email account. The firm has a supervisory obligation to monitor firm-related communications. Unless they want the firm to monitor their Facebook or personal email content (which, again, could prove mutually embarrassing), employees or reps must agree to abide by the firm’s policy.
I also recommend that the firm reinforce and reconfirm this policy on an annual basis. To do so, the firm can require that each employee acknowledge the policy in writing initially upon establishment (or at the time of hiring) and on an annual basis thereafter. The firm should also include its social media policy as one of the discussion items on its annual compliance meeting agenda. (Yes, the firm should have an annual compliance meeting for all firm personnel, with an agenda and a sign-in sheet to be maintained with the firm’s compliance records. Two of the items on the current SEC exam pertain to how the firm educates its employees and reps.)