No doubt the compliance units at securities firms are scurrying to come up with policies and procedures to address new guidance on the use of social media, issued by the Financial Industry Regulatory Authority (FINRA Regulatory Notice 10-06.
It’s a much-needed response to the new regulatory challenges raised by social networking sites and blogs, particularly in the areas of supervision, advertising, and books and records requirements. But organizations in other industries would do well to listen up as they begin to take steps to develop their own policies and procedures for the use of social media – particularly as they begin to make use of these tools for communicating with customers and partners.
In this post, I’ll provide an overview of the guidance and the major issues it’s intended to address.
The FINRA guidance applies specifically to securities firms and brokers doing business in the U.S., and is intended to address the changes in usage as workers spend more time on social networking sites in a business context (e.g. LinkedIn, Twitter, and Facebook, as well as enterprise social media). It explains how the FINRA rules governing how firms communicate with the public are to be applied to social media platforms that have been created by a firm or its registered representatives – and this is where it has some applicability to any organization that’s looking to develop policies and procedures in this area.
Policy:FINRA recommends that covered firms create, distribute, and adhere to an online privacy and social media policy. Specific to securities firms are policies and procedures designed to address communications recommending specific investment products. But FINRA also mentions the need for policies and procedures designed to ensure appropriate supervision of persons who participate in social media sites for business purposes, as well as appropriate training on the organization’s policies and procedures regarding social media. A best practice is to prohibit all interactive electronic communications that recommend a specific investment product unless a registered principal has previously approved the content
Recordkeeping:Firms are required to retain and archive records of communications related to the broker-dealer’s business that are made through social media sites (although the rules are technology-neutral). This is a compliance issue because recommending a security through a social media site triggers NASD Rule 2310 regarding suitability and thus liability.
A firm must first ensure that it can retain records as required by SEC Rules 17a-3 and 17a-4 and NASD Rule 3110. Among the issues likely to arise are the ability to apply retention to content generated from social media, the ability to review this content (like email), and the offsite use of social media by broker-dealers (yet another issue that policies and procedures must address; see above). But it’s the firm’s responsibility to procure and implement technology that’s capable of providing the retention and retrieval functions necessary to comply with the industry’s books and records rules.
Next time: Part 2, FINRA’s guidance regarding static vs. interactive content and functionality and what FINRA calls “interactive public forums”.
James Watson, Jr. PhD can be reached at 312-881-1620, firstname.lastname@example.org, or tweet me @jameswatsonjr
#electronic records management #ElectronicRecordsManagement