OCIE Risk Alert – Recent examination focuses on advisor violations of Books and Records and other Regulatory Compliance Rules.
Submitted by: Randy Randall, Senior Compliance Consultant, Red Oak Compliance Solutions
The SECs exam division, the Office of Compliance Inspections and Examinations (OCIE) has recently conducted an examination of registered investment advisers (advisers) to better understand the various forms of electronic messaging used. Considered long overdue by most since there are so many types of electronic messaging that are generally prohibited from use (by firms, not regulation) because of supervisory concerns.
SEC Rule 204-2(a)(11) requires firms to keep copies of and to supervise all notices, circulars, advertisements, newspaper articles, investment letters, bulletins or other communications that the adviser circulates or distributes (directly or indirectly) to ten or more persons. Additionally, Rule 206(4)-7 requires advisers to adopt and implement written policies and procedures designed to prevent violations of the Advisers Act.
An obvious concern is how to capture (for document retention requirements) and supervise real-time communications like text (SMS), private messaging, instant messaging, chat rooms and forums, not to mention third-party apps or communications sent using the adviser’s personal computer or mobile devices.
While not a complete list, the following are some of the main points that the OCIE recommends:
Policies and Procedures:
- Permitting only those forms of electronic communication for business purposes that the adviser determines can be used in compliance with the books and records requirements of the Advisers Act.
- Specifically prohibiting business use of apps and other technologies that can be readily misused by allowing an employee to send messages or otherwise communicate anonymously, allowing for automatic destruction of messages, or prohibiting third-party viewing or back-up.
- For advisers that permit use of social media, personal email, or personal websites for business purposes, contracting with software vendors to (i) monitor the social media posts, emails, or websites, (ii) archive such business communications to ensure compliance with record retention rules, and (iii) ensure that they have the capability to identify any changes to content and compare postings to a lexicon of keywords and phrases.
- Regularly reviewing popular social media sites to identify if employees are using the media in a way not permitted by the adviser’s policies. Such policies include prohibitions on using personal social media for business purposes or using it outside of the vendor services the adviser uses for monitoring and record retention.
- Running regular Internet searches or setting up automated alerts to notify the adviser when an employee’s name or the adviser’s name appears on a website
Click here to read the full OCIE alert.
The OCIE encourages advisers to review their risks, practices, policies and procedures regarding electronic messaging and to consider any improvements to their compliance programs. It is your responsibility to know, understand and evidence the communications being sent on your behalf. If you have any question or concerns about how to accomplish this, the consultants at Red Oak are ready and willing to help…without the $600,000 fine from the SEC! We help broker-dealers, advisors, investment firms, and hedge funds meet regulatory requirements, improve their compliance programs and increase ROI. We provide customized services to get your firm up and running, on-going compliance assistance, workflow software solutions and much more to keep your compliance program on track.
For more information about Red Oak Compliance software and services solutions, partnership and/or integration opportunities or to schedule a demonstration, please visit us online, email us firstname.lastname@example.org or give us a call at 888-302-4594.
About Red Oak Compliance Solutions
Red Oak Compliance Solutions is the global advertising review software of choice in the financial services industry. It is a comprehensive suite of SEC 17A-4 compliant features that are 100% books and records compliant and provides clients with 35% faster approvals and 70% fewer touches or better. We also offer Smart Review(SM), which solves for the storage and maintenance of disclosures, helping firms reduce risk, decrease review times, and increase the speed of distribution of marketing materials. Smart Registration(SM) automates the licensing and registration management process to help reduce regulatory risk and time spent on manual processes. Overall, Red Oak allows firms to minimize risk, reduce costs, and increase compliance review process effectiveness and efficiencies.